p2p: Don't consider blocks mutated if they don't connect to known prev block

Github-Pull: #29524
Rebased-From: a1fbde0ef7
This commit is contained in:
Greg Sanders 2024-02-29 16:38:58 -05:00 committed by Ava Chow
parent 3eaaafa225
commit cf7d3a8cd0
No known key found for this signature in database
GPG key ID: 17565732E08E5E41
2 changed files with 23 additions and 2 deletions

View file

@ -4631,7 +4631,8 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
const CBlockIndex* prev_block{WITH_LOCK(m_chainman.GetMutex(), return m_chainman.m_blockman.LookupBlockIndex(pblock->hashPrevBlock))}; const CBlockIndex* prev_block{WITH_LOCK(m_chainman.GetMutex(), return m_chainman.m_blockman.LookupBlockIndex(pblock->hashPrevBlock))};
if (IsBlockMutated(/*block=*/*pblock, // Check for possible mutation if it connects to something we know so we can check for DEPLOYMENT_SEGWIT being active
if (prev_block && IsBlockMutated(/*block=*/*pblock,
/*check_witness_root=*/DeploymentActiveAfter(prev_block, m_chainman, Consensus::DEPLOYMENT_SEGWIT))) { /*check_witness_root=*/DeploymentActiveAfter(prev_block, m_chainman, Consensus::DEPLOYMENT_SEGWIT))) {
LogPrint(BCLog::NET, "Received mutated block from peer=%d\n", peer->m_id); LogPrint(BCLog::NET, "Received mutated block from peer=%d\n", peer->m_id);
Misbehaving(*peer, 100, "mutated block"); Misbehaving(*peer, 100, "mutated block");

View file

@ -31,6 +31,11 @@ class MutatedBlocksTest(BitcoinTestFramework):
def set_test_params(self): def set_test_params(self):
self.setup_clean_chain = True self.setup_clean_chain = True
self.num_nodes = 1 self.num_nodes = 1
self.extra_args = [
[
"-testactivationheight=segwit@1", # causes unconnected headers/blocks to not have segwit considered deployed
],
]
def run_test(self): def run_test(self):
self.wallet = MiniWallet(self.nodes[0]) self.wallet = MiniWallet(self.nodes[0])
@ -74,7 +79,7 @@ class MutatedBlocksTest(BitcoinTestFramework):
# Attempt to clear the honest relayer's download request by sending the # Attempt to clear the honest relayer's download request by sending the
# mutated block (as the attacker). # mutated block (as the attacker).
with self.nodes[0].assert_debug_log(expected_msgs=["bad-txnmrklroot, hashMerkleRoot mismatch"]): with self.nodes[0].assert_debug_log(expected_msgs=["Block mutated: bad-txnmrklroot, hashMerkleRoot mismatch"]):
attacker.send_message(msg_block(mutated_block)) attacker.send_message(msg_block(mutated_block))
# Attacker should get disconnected for sending a mutated block # Attacker should get disconnected for sending a mutated block
attacker.wait_for_disconnect(timeout=5) attacker.wait_for_disconnect(timeout=5)
@ -92,5 +97,20 @@ class MutatedBlocksTest(BitcoinTestFramework):
honest_relayer.send_and_ping(block_txn) honest_relayer.send_and_ping(block_txn)
assert_equal(self.nodes[0].getbestblockhash(), block.hash) assert_equal(self.nodes[0].getbestblockhash(), block.hash)
# Check that unexpected-witness mutation check doesn't trigger on a header that doesn't connect to anything
assert_equal(len(self.nodes[0].getpeerinfo()), 1)
attacker = self.nodes[0].add_p2p_connection(P2PInterface())
block_missing_prev = copy.deepcopy(block)
block_missing_prev.hashPrevBlock = 123
block_missing_prev.solve()
# Attacker gets a DoS score of 10, not immediately disconnected, so we do it 10 times to get to 100
for _ in range(10):
assert_equal(len(self.nodes[0].getpeerinfo()), 2)
with self.nodes[0].assert_debug_log(expected_msgs=["AcceptBlock FAILED (prev-blk-not-found)"]):
attacker.send_message(msg_block(block_missing_prev))
attacker.wait_for_disconnect(timeout=5)
if __name__ == '__main__': if __name__ == '__main__':
MutatedBlocksTest().main() MutatedBlocksTest().main()