Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix CLSAG verification. #552

Merged
merged 1 commit into from
Apr 10, 2024
Merged

fix CLSAG verification. #552

merged 1 commit into from
Apr 10, 2024

Conversation

Boog900
Copy link
Contributor

@Boog900 Boog900 commented Apr 9, 2024

We were not setting c1 to the last calculated c during verification, instead keeping it set to the one provided in the signature, allowing forgeries.

@kayabaNerve I did message you on matrix but it seems there are still issues so I decided just to open this PR, although this is bad AFAIK no one relies on this ATM.

@Boog900
fix CLSAG verification.
0b22aa7 
We were not setting c1 to the last calculated c during verification, instead keeping it set to the one provided in the signature.
@kayabaNerve kayabaNerve added bug Something isn't working critical This is critical monero An issue with the Monero library/integration labels Apr 10, 2024
@kayabaNerve kayabaNerve merged commit ab4d796 into serai-dex:develop Apr 10, 2024
17 of 18 checks passed
@kayabaNerve kayabaNerve deleted the fix-clsag branch April 10, 2024 09:59
@kayabaNerve
Copy link
Member

No. This is a critical in not only monero-serai yet in the multisig functionality specifically. This would cause invalid participants in the FROST process to not be flagged as it'd think the signature is still (wrongly) valid.

On the one hand, monero-serai wasn't audited (queued), I haven't done my final pass, and it's not a 1.0. On the other, I'm fucking pissed this made it through and horrified. At best, I can be proud monero-serai did enough right it caught enough other people this was itself caught.

Matrix is acting up and I don't have any messages from you. Please reach out on Discord (Serai Discord to find me) or Telegram (kayabaNerve), or let me know if I need to make a new Matrix account on monero.social so we can sync on this.

@kayabaNerve
Copy link
Member

All versions of monero-serai are currently yanked for an independent reason (several months ago). I never re-published after (I don't even think I've published the audited bitcoin-serai), so no yanking needed due to this. Still outrageous.

@kayabaNerve
Copy link
Member

Expansion of basic tests, as even those would've caught this (further emphasizing the fault here), fuzz tests, and prioritizing #549? That's my immediate thoughts on the matter. Possibly addition of code coverage evaluators? That'd highlight such missing cases...

@kayabaNerve
Copy link
Member

Also, to be perfectly clear, only myself is to blame here. All my frustration is self-directed.

@Boog900
Copy link
Contributor Author

Boog900 commented Apr 10, 2024

I don't use any of those other platforms. If the Matrix issues are causing problems in other chats, it might be best to make a monero.social account otherwise I could make a matrix.org account.

@Boog900
Copy link
Contributor Author

Boog900 commented Apr 10, 2024

+1 for more tests

@Boog900
Copy link
Contributor Author

Boog900 commented Apr 11, 2024
edited
Loading

I ended up making a matrix.org account: boog900:matrix.org

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Something isn't working critical This is critical monero An issue with the Monero library/integration
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Boog900 @kayabaNerve