go-spacemesh icon indicating copy to clipboard operation
go-spacemesh copied to clipboard

Published 20 hours ago verified publisher icon spacemeshos

Hare broker buffer for early messages is unlimited

Open gavraz opened this issue 5 years ago • 2 comments

The buffer for early messages is limited. Upon reaching the buffer limit, the consensus process associated with this buffer is canceled and the messages are dropped. The vulnerability is that malicious nodes can make honest node not participate in the Hare protocol.

gavraz avatar Jun 26 '19 07:06 gavraz

Related code block:

https://github.com/spacemeshos/go-spacemesh/blob/0cb3732b0796ed442366f39ef8cf3909a0c2b48d/hare/broker.go#L280-L302

jonZlotnik avatar Sep 21 '22 18:09 jonZlotnik

If we can answer this question (https://github.com/spacemeshos/pm/issues/178) with a "no". Then we can simply cap the buffers to slightly more than the expected committee sizes and drop/replace messages from the same sender. The broker already drops messages that don't validate with the oracle.

jonZlotnik avatar Sep 21 '22 18:09 jonZlotnik