WIP fix: check state root for buffered blocks

[fgimenez]

When connecting buffered blocks state root validation does not occur. As state root validation does not occur later except for the tip when a new canonical head is chosen.

The proposed solution is to use exhaustive validation when inserting buffered blocks in try_insert_validated_block(). This will increase the processing time as state roots must be checked however, it will prevent unvalidated blocks from being added to the chain.

[emhane]

do you have an example showing that being optimistic about validation here has caused problems? I'm not familiar enough with this part of the code to say what the source for blocks that go into the buffer is, assuming they are not validated before they are put in the buffer?

[fgimenez]

do you have an example showing that being optimistic about validation here has caused problems?

nope, the fix here is trying to prevent the situation from happening, no idea if it has already happened

I'm not familiar enough with this part of the code to say what the source for blocks that go into the buffer is, assuming they are not validated before they are put in the buffer?

not very familiar either, as I understand it blocks are buffered when they are received and the block they build upon is not yet available, they are stored for later. the issue is, state root is only validated for blocks building on top of the canonical chain or for the last one in a set of buffered blocks, not for the ones in the middle (these are only executed).

this makes it possible to introduce blocks in the chain with a malicious state root in the header, would require building several slots in a row though, but still possible.

[fgimenez]

this approach has a big impact on performance and won't be followed to fix this issue, closing