snarkOS icon indicating copy to clipboard operation
snarkOS copied to clipboard
verified publisher icon AleoNet

An out-of-synced validator may not catch up the consensus in the extreme case

Open feezybabee opened this issue 2 years ago • 0 comments

https://hackerone.com/reports/2226529

Summary

An out-of-synced validator may not catch up the consensus in the extream case

Steps To Reproduce:

No steps to reproduce

Proof-of-Concept (PoC)

1. Assume that the `global_current_round = 1000`, and the out-of-synced validator is at `round = 100`. 
2. When the staled validator syncing with the peers, it will check `is_authorized_validator_address` (https://github.com/AleoHQ/snarkOS/blob/testnet3/node/bft/src/primary.rs#L488) when receives `Event`.If the check fails, the peer will disconnect.However, the peer may not be a validator in `round=100`. And validators in `round=100` may be already unbond.
3. In this case, the validator can not catch up the consensus anymore.

Supporting Material/References:

No supporting material

Impact

It's not reasonable to assume that the validators in round=100 have overlap with validators in round=1000, and it may cause some consensus problem.

feezybabee avatar Nov 30 '23 03:11 feezybabee