Miner `createBlock` with Arbitrary Tip Causes Bad Template

[tynes]

If the miner.createBlock function is called without the tip argument, it will mine on top of the chain's tip. In the case where a tip is passed in and its a ChainEntry that was created during a different Tree Root period (an epoch), it will template the block incorrectly because it uses the current tree root, this.chain.db.treeRoot() (scroll down in the snippet)

https://github.com/handshake-org/hsd/blob/bd1ba3dfca841655ada5ab96e70619112721c049/lib/mining/miner.js#L121-L138

I would expect the miner to roll back the state appropriately so that the correct treeRoot is calculated correctly irrespective of the height of the ChainEntry passed in or just use the previous block header's treeRoot field if its not a block height that starts the next epoch (which needs to calculate the epoch's root).

Its still possible to create reorgs but it would require the miner's chain to be at its local tip which is at a lesser height than the global tip. The function miner.createBlock can accept an arbitrary tip to mine on top of, which is why I think this function needs to be updated.

You can argue that its not worth time working on code that makes it easier to create reorgs, but then its security by obscurity.

[chjj]

I think this is left-over code from bcoin. It's actually possible to do this on bcoin, but HSD adds a lot more state. In theory we could get a snapshot of the previous tree state, but maybe better to just remove this.

[pinheadmz]

@tynes didn't you patch this? I remember you working on it.

[pinheadmz]

@tynes didn't you patch this? I remember you working on it.

pingy ping ping! @tynes