Comments (10)
➤ comh commented:
skale-sec-ops triaged report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11660531 ) on HackerOne
{panel}
Hello [@Rumata|/rumata]
Thank you for your submission! We were able to validate your report, and have submitted it to the libBLS team for review.
A fix is now in process. Please note that the status and severity are subject to change.
Best,
[@skale-sec-ops|/skale-sec-ops]
{panel}
from libbls.
➤ comh commented:
hackbot suggested, CWE-697, MITRE ( https://cwe.mitre.org/data/definitions/697.html ) for remediation guidance on HackerOne
from libbls.
➤ comh commented:
skale-sec-ops posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11661894 ) on HackerOne
{panel}
[@Rumata|/rumata] the libBLS team would like to use your code and integrate it into the libBLS repo for testing and further investigation.
The team kindly asks that you open a PR in libBLS and place your .sage script under /scripts and your .cpp under /test and finally please sign the CLA in the PR. If you have any questions, please let us know.
{panel}
from libbls.
➤ comh commented:
rumata posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11666288 ) on HackerOne
{panel}
I made a PR and tried to sign in with github at cla.skale.network. If that is what it means to sign the CLA, then I completed it. I slightly changed the dkg_attack.cpp in comaprison to what I submitted here, because I saw a misleading request that was left over from an earlier version. Please tell me if there are any issues.
{panel}
from libbls.
➤ comh commented:
rumata posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11666607 ) on HackerOne
{panel}
Ok, I signed the CLA in PR. (Had to do another PR because of commit name/email configuration)
{panel}
from libbls.
➤ comh commented:
skale-sec-ops posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11666693 ) on HackerOne
{panel}
[@Rumata|/rumata]
Fantastic, the team appreciates your PR and signing the CLA. The team provide another update on Monday. In the meantime, feel free to reach out if you have any concerns or other questions.
{panel}
from libbls.
➤ comh commented:
skale-sec-ops posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11685787 ) on HackerOne
{panel}
[@Rumata|/rumata] can you please clarify and further explain how you arrived at the conclusion "that the probability that the equations are not linearly independent is 1/10069”?
{panel}
from libbls.
➤ comh commented:
rumata posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11685935 ) on HackerOne
{panel}
This is a rough estimate, it will actually be a bit more than that. I should have written "~1/10069", since I am using subgroup of order 10069. For a bigger subgroup it will obviously be smaller. The idea is pretty simple: let's say we have a matrix:[
[ [ a ,x_0_1, x_0_2 ], [ a ,x_1_1, x_1_2 ], [ a ,x_2_1, x_2_2 ] ]. Let's say that the 0th and 1st and 0th and 2nd rows are linearly independent (the way we construct from i to the power of j that will be the case). We take the 0th row and reduce the first and second row, after which we are left with 0th row definitely independent of first and second. First and second now consist of 0 at position 1 and two elements:
[[0, y_1_1,y_1_2], [0, y_2_1, y_2_2 ]]. They are linearly dependent when y_1_2/y_1_1=y_2_2/y_2_1. If we pick a uniform random k=y_2_2/y_2_1, then the probability that y_1_2/y_1_1=k is ~1/(order of field). so for rank of matrix=n-1 the probability is ~1/(order of field). For rank=n-2 it will be somewhere around square of that. So the sum of probabilities will be ~1/(order of field).
{panel}
from libbls.
➤ comh commented:
skale-sec-ops posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11704972 ) on HackerOne
{panel}
[@Rumata|/rumata] The libBLS team questions your conclusion. Please kindly see the attached PDF regarding linear dependency, review, and provide comments.
{panel}
from libbls.
➤ comh commented:
rumata posted a comment on report 1186912 ( https://hackerone.com/bugs?report_id=1186912&subject=skale_network#activity-11720925 ) on HackerOne
{panel}
Wow. Thanks for teaching me about the Vandermonde matrix, I didn't know about that. Yes, it seems that in the case when there are less than subgroup order participants it is impossible, so my probability is wrong here. However I just thought of a new attack).
Requirements:
- Number of participants n> subgroup_order
- The adversary controls all participants with indexes i=k*subgroup_order, where k is a positive integer
- The adversary controls at least one i=j+k*subgroup_order, such that there is no honest participant with i'=j+k'*p (or the attacker controls all indexes with the same j)
The minimum number of attacker-controlled nodes to fulfill this requirement can be 2 ( for example, the attacker controls nodes 10068 and 10069 and there are less than 20137 nodes in total). In this case even for (t,n)=(10069, 20137) the attacker will be able to perform the attack. 2 is much smaller than 20137-10069=10068.
{panel}
from libbls.
Related Issues (20)
- libBLS unit tests fail randonmly HOT 1
- make newest libBLS compatible with consensus HOT 4
- create threshold encryption sample app HOT 2
- add MAGIC_STRING to support threshold encryption HOT 1
- Linking error 'undefined reference to '__gmp_printf'' with the dependency 'libff.a' HOT 2
- Error serializing libff::alt_bn128_Fr during DKG HOT 4
- Function `DKGBLSWrapper::CreateTEPublicKey` declared but not defined HOT 1
- update threshold encryption implementation according to docs
- create npm package for threshold encryption client side
- "cmake --build build -- -j$(sysctl -n hw.ncpu) " Error HOT 5
- potential segmentation fault when serializing to string HOT 2
- Got empty common public key while invoking BLSPrivateKeyShare::generateSampleKeys HOT 3
- init_alt_bn128_params() HOT 1
- serialing TEPrivatekeyShare and TEPublickeyShare HOT 2
- cross compile HOT 1
- add BLS aggregated signatures functionality HOT 1
- Enable linter
- Support of Ubuntu 20.04 HOT 2
- Investigate gnark
- Please add flags to cmake file of libbls to disable warnings
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libbls.