Skip to content

Instantly share code, notes, and snippets.

@ChihChengLiang

ChihChengLiang/Casper_Contingency_plan.md

Created May 7, 2018 12:33
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ChihChengLiang/3f138c896721a519b9d438e9d75e77d4 to your computer and use it in GitHub Desktop.
Save ChihChengLiang/3f138c896721a519b9d438e9d75e77d4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Casper_Contingency_plan.md

Casper Contingency Plan

[toc]

Scenarios that trigger the plan

  • Contract bug that can increase arbitrary deposit to a validator.
    • Fix:
      • [R] Need to adding an assert line in a function.
      • [W] Need to add a new varible in validator struct to track new info.
  • Some malicious behavior detected, it's a game theoretic attack
    • Fix:
      • [P] Change parameters to incentivize desirable behaviors.
      • [D] Fallback to pow
  • Attacker is able to withdraw a validator's funds. Slow (can change withdrawal addr but still has to logout and wait) or quick (can immediately withdraw to attacker addr)

    • Fix (slow):

      • [R] and [P] patch contract and reconfigure storage with appropriate balances
      • Have 4 months to fix, probably would [D]isable FFG on clients in the meantime

    • Fix (quick):

      • Way worse... A lot of money would be displaced and very difficult to recover. Would probably require a chain reversion to a finalized block and patch the code.
  • Attacker is able to issue ether beyond the standard reward mechanisms. Ex: miner getting vote inclusion rewards more than once per vote, slasher getting slashing finder fee more than once per slash
    • fix:
      • [R] add assert or something
      • Probably could not get the drained funds back without a chain reversion.
    • limits:
      • if double vote inclusion, miner would be limited by vote_gas_limit and the rate of successfully mining blocks
      • if double slash, slasher would be limited in needing to find a slashing condition to submit.

Measures

[D]isable --casper-fork-choice, fallback to pow

$ ./your-favorite-eth-client --casper-fork-choice=false

Hard fork and [p]atch the storage

Strategy

If block.number == FORK_BLKNUM:
    casper_account.storage_trie.update("variable") = new_value

Hard fork and [r]euse the storage

Strategy

Copy previous state root to the new fixed and deployed contract.

If block.number == FORK_BLKNUM:
    config["CASPER_ADDR"] = new_casper_addr
    new_casper_account.storage_trie.root_hash = old_casper_account.storage_trie.root_hash

Required conditions

This requires storage of previous contract reusable, so

  1. the patch not changing the order of variable declarations
  2. TBD ...

Hard fork and [w]rite the storage

Strategy

Need somehow dump the states down, and populate the data required to the new contract.

If block.number == FORK_BLKNUM:
    config["CASPER_ADDR"] = new_casper_addr
    new_casper_account.storage_trie = open("dumped_and_parsed_trie.bin").read()

Hard fork and re[V]ert to a previously finalized block

Strategy

There has been so much ETH stolen and subsequently moved to other accounts that hardforking an irregular state change won't cut it. This re[V]ert strategy is a worst case, and should be avoided at almost all cost.

Rollback clients then...

If block.number == REVERT_BLKNUM:
    config["CASPER_ADDR"] = new_casper_addr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment