An error occurred while fetching folder content.
Select Git revision
util
-
-
- Open in your IDE
- Download source code
- Download this directory
Alessandro Sorniotti
authored
The aim of this change set is to apply the well-established "Secure by
default" security principle to the way the validator validates transactions
in a block.
The current code behaves as follows: create an array of validation codes, set
by default to "all transactions are valid"; then perform validation which may
mark transactions as invalid. Furthermore, in other parts of the code, if no
array of validation codes is yet persent in the block, a new one is
indiscriminately created (again, marking all transactions as valid). This
approach is a security anti-pattern because it opens up to attacks where an
adversary may force the code through a path where the default "tx is valid"
validation code is maintained even for invalid txes.
This change set ensures that validation code arrays are created and set to a
new value (TxValidationCode_NOT_VALIDATED) which ensures that a transaction
that hasn't been validated cannot be mistaken for a valid one.
Change-Id: I5dbb18dd77af3cd14b168042ae660e4e27bf29dd
Signed-off-by:
Alessandro Sorniotti <ale.linux@sopit.net>
Name | Last commit | Last update |
---|---|---|
.. |