Skip to content

Verify SignedIP.Timestamp from PeerList messages #2587

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Jan 18, 2024
Merged

Verify SignedIP.Timestamp from PeerList messages #2587

merged 15 commits into from
Jan 18, 2024

Conversation

danlaine
Copy link

@danlaine danlaine commented Jan 4, 2024
edited by StephenButtolph
Loading

Why this should be merged

Currently signed IP timestamps aren't verified to be reasonable upon receipt of a peerlist. This is an unusual discrepancy compared to the handling during the Handshake message. This check was intended to prevent a validator from accidentally signing an invalid IP with an unreasonable timestamp and then being unable to connect to the network forever.

How this works

Move check that a (prospective) peer's timestamp on their signature isn't too far in the future to SignedIP.Verify

How this was tested

New UT.

@danlaine danlaine self-assigned this Jan 4, 2024
danlaine
danlaine commented Jan 4, 2024
View reviewed changes
network/peer/ip.go
cert,
ip.UnsignedIP.bytes(),
ip.Signature,
)
); err != nil {
return fmt.Errorf("%w: %w", errInvalidSignature, err)
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed to make test assertions possible

danlaine
danlaine commented Jan 4, 2024
View reviewed changes
network/peer/peer.go
// Note that it is expected that the [ipSigningTime] can be in the past. We
// are just verifying that the claimed signing time isn't too far in the
// future here.
if float64(msg.IpSigningTime)-float64(myTime) > p.MaxClockDifference.Seconds() {
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now done in p.ip.Verify

@danlaine danlaine marked this pull request as ready for review January 8, 2024 18:04
@StephenButtolph StephenButtolph changed the base branch from dev to master January 18, 2024 22:29
@StephenButtolph StephenButtolph added this to the v1.10.19 milestone Jan 18, 2024
@StephenButtolph StephenButtolph added networking This involves networking cleanup Code quality improvement labels Jan 18, 2024
@StephenButtolph StephenButtolph changed the title Move peer timestamp diff check Verify SignedIP.Timestamp from PeerList messages Jan 18, 2024
@StephenButtolph StephenButtolph added this pull request to the merge queue Jan 18, 2024
Merged via the queue into master with commit 1a99a1e Jan 18, 2024
@StephenButtolph StephenButtolph deleted the move-peer-timestamp-check branch January 18, 2024 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhrubabasu dhrubabasu dhrubabasu approved these changes

@StephenButtolph StephenButtolph StephenButtolph approved these changes

@joshua-kim joshua-kim Awaiting requested review from joshua-kim

Assignees

@danlaine danlaine

Labels
cleanup Code quality improvement networking This involves networking
Projects
Platform Engineering Group
Archived in project
Milestone
v1.10.19
Development

Successfully merging this pull request may close these issues.
3 participants
@danlaine @dhrubabasu @StephenButtolph