You can test this entry and submit issues during the testing period of the Blockchain Contest contest.
Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.
Info
Testing and Issues
Voting
Comments
In the multisig folder you can find some FunC implementation of multisignature wallet smartcontract and fift scripts useful for interacting with it.
For more information please read the README document. Run the scripts by typing fift -s <script-name>.fif command. Launched with no arguments, a script will show the usage with some more details related to it.
Please ignore the __MACOSX folder, it got into the archive accidentally.
For more information please read the README document. Run the scripts by typing fift -s <script-name>.fif command. Launched with no arguments, a script will show the usage with some more details related to it.
Please ignore the __MACOSX folder, it got into the archive accidentally.
(See the Chic Dolphin's issue) The proper way to protect against the attack (attacker can replace signatures list) is to check not only the authenticity of the order itself, but also the authenticity of signature list before accepting the message. This issue can be fixed in two ways. The simplest is just to require to additionally sign the order along with the list of other signatures right before creating the external message and sending it. And accept a message only if the additional signature is correct. The create-external-message.fif script can be naturally modified to require a private key and add the additional signature. And some slight changes are to be made in the signature check code.
Another way is more complicated and it allows user to create external message with no need in additional signature. But the comment is too narrow to contain the description.
Another way is more complicated and it allows user to create external message with no need in additional signature. But the comment is too narrow to contain the description.
You have not added any comments yet...
by rating
Issues
plus:
Very fast (0.035G for a transfer with n=16, k=10)
Garbage collect scans only expired entries.
All required features are implemented
accept_message() is called only after one signature was verified.
Catches exceptions to avoid fail after accept_message.
minus:
Works only after a minor bugfix.
One signature repeated multiple times is enough to execute an order.
Very fast (0.035G for a transfer with n=16, k=10)
Garbage collect scans only expired entries.
All required features are implemented
accept_message() is called only after one signature was verified.
Catches exceptions to avoid fail after accept_message.
minus:
Works only after a minor bugfix.
One signature repeated multiple times is enough to execute an order.
> just processing internal messages in the way described in guidelines
Where did you got those?
That additional i < k is really nice. It prevents attacker from simply copying your signature 1000 times. Forcing you to do unnecessary checks after you accepted the message.
But you simply send the message if i == k. I don't need other signatures, I can simply sign it three times with a single key.
Where did you got those?
That additional i < k is really nice. It prevents attacker from simply copying your signature 1000 times. Forcing you to do unnecessary checks after you accepted the message.
But you simply send the message if i == k. I don't need other signatures, I can simply sign it three times with a single key.
Maybe I am doing something wrong? I am trying to create a wallet with n=16, k=10.
fift -s generate-keypairs.fif pubkeys p{1..16}
fift -s new-multiwallet.fif 16 10 0 pubkeys pubkeys
Then a create a wallet. This part is OK.
After it, I am trying to get key index with
runmethod <addr> pubkey_index <pubkey_int>.
For some keys I got a valid index, but for more than a half of keys, I got -1.
fift -s generate-keypairs.fif pubkeys p{1..16}
fift -s new-multiwallet.fif 16 10 0 pubkeys pubkeys
Then a create a wallet. This part is OK.
After it, I am trying to get key index with
runmethod <addr> pubkey_index <pubkey_int>.
For some keys I got a valid index, but for more than a half of keys, I got -1.
I can launch DoS attack with exception handler and drain some funds in the process. So upon seeing your message, I send a copy of it with modified signature list, leaving only the first one valid. It will pass through accept, and then crash, and then increment seqno. You'll be forced to sign another one. And I can repeat the process.
Nobody added any issues yet...