Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DOS attack on tessera network #649

Closed
ymlbright opened this issue Mar 1, 2019 · 1 comment
Closed

DOS attack on tessera network #649

ymlbright opened this issue Mar 1, 2019 · 1 comment
Assignees
@melowe
Labels
0.10.0 backlog No current timeline, on the to-do list bug Something isn't working
Milestone
QE - May Deliverable

Comments

@ymlbright
Copy link

ymlbright commented Mar 1, 2019
edited by Krish1979
Loading

Tessera provided an API named /partyinfo on tessera P2P port to discover all peers in network. Attackers can inject malicious address to tessera node with certain tessera public key, that could case private transaction failed if it's privateFor contains that public key. What's worse, there is no way to recover from this violation unless all tessera nodes down, because of each tessera node will push all recipients what they known.

In current implementation, Tessera is vulnerable if follow conditions satisfied:
1. Attacker can access the tessera node P2P port
2. Tessera node discovery is on
3. Tessera Config sslConfig.tls isn't "STRICT", or is "STRICT" but trust module isn't "WHITELIST" or "CA"

The reason of vulnerability is tessera choose remote tessera node randomly in it's recipients listSource Code, and everyone can override recipients list if they can access API /partyinfo(if tessera node discovery is on)Source Code.I have wrote an python PoC of this vulnerability, and I'm willing to share it with the contributor of the tessera project.

In my view, tessera node discovery service should be tamperproof enough to handle this issue. Or if we have a way to update peer node list(keep it sync with config file in disk) without restart tessera.
@prd-fox prd-fox added the bug Something isn't working label Mar 4, 2019
@cucrisis
Copy link
Contributor

cucrisis commented Mar 4, 2019

Hi @ymlbright thanks sharing the finding with us. We are triaging it right now.

@Krish1979 Krish1979 added this to the QE - April Deliverable milestone Mar 14, 2019
@Krish1979 Krish1979 added the backlog No current timeline, on the to-do list label Mar 15, 2019
@melowe melowe mentioned this issue Apr 26, 2019
Merged
@prd-fox prd-fox mentioned this issue May 16, 2019
Merged
@Krish1979 Krish1979 mentioned this issue May 17, 2019
Merged
@prd-fox prd-fox added the 0.10.0 label May 17, 2019
@prd-fox prd-fox mentioned this issue May 21, 2019
Merged
@prd-fox prd-fox mentioned this issue Aug 7, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@melowe melowe

Labels
0.10.0 backlog No current timeline, on the to-do list bug Something isn't working
Projects
None yet
Milestone
QE - May Deliverable
Development

No branches or pull requests
5 participants
@cucrisis @ymlbright @melowe @prd-fox @Krish1979