Hi, Jose!
Please see the review for your submission.
Most part of review will be conveyed in terms of validating criteria.
Review process is designed to be interactive, so that we will point you to mistakes you made in your submission and propose you to resolve some of these. Criteria will be checked in blocks, you'll get rundown along with descriptions as result of each iteration.
Also, please note that from now on, latest test task description (along with archive) can be found here.
- Regarding comment in code:
should use all fields in transaction if attacker have the ability to send any data on the net, but is ok in this case
Well, attacker can initiate conversation with any node :). See latest description, Security model description is still messy, but at least elaborated.
- Could you elaborate on your blockchain solution, are forks deeper than
1
possible? (It's hard for me to determine it from code)?
- If some hash function is used, it should be strong one.
- If no hash is used, equivallent solution should be sufficiently secure
Note, that signature of transaction by ed25519
is not considered a secure solution unless you provide strong argument about that (that signature is unique, resulting value uncorrelated).
Typically, transaction is secured by signature of Sender. If it is not being done or is being done in wrong way, this will allow Adversary to construct arbitrary transaction and abuse Ledger.
If an adversary eavesdrops transaction T = (ReceiverAddress, SenderAddress, Amount)
from the conversation, he can send T
to network again and this will cause T
to be executed second time without intention by Sender (which will lead obviously to decrease of funds on Sender's account).
Assume all nodes remain online, network parameters (CONC, DELAY) not set, stabilityTimeot=60000
.
Some valid transaction is submitted to a single node in cluster. After stabilityTimeout
every node returns 0
on QUERY txId
.
This criterion is validated by test: few transactions operating with different accounts A1, A2, A3, ..
are simultaneously submitted to few different nodes of 8-node cluster (in potentially different order).
As a result at least one of submitted transactions is completely lost after stabilityTimeout
.
Hi George,
about your first concern, the security model stated that “Each node in the system behaves honestly at any given moment”, so Adversary should not be able to impersonate a node, so I only need to hide the SK from Adversary during the conversation, so sending the transfer amount encrypted is good enough, that and the fact I wanted to make it as fast as possible let me to that solution. Again, this solution is no good for a real case on open Internet where correct security should be use, I took this program as a toy implementation so I went for the hackathonish solution (barely covering requirements, fast and easy to code)
about my blockchain solution, maybe the names are not the best, rather than using the type:
type BlockChain = [(Ledger,[Block Transaction])]
the app works more like:
type BlockChain = (Ledger,[Block Transaction])
type ForkL = [BlockChain]
then replace all BlockChain for ForkL. This list will contain all forks on the blockchain where the first is the one on use, the function addChain compares two fork and decides which to use base on the time of the fork. I use the time of the fork to decide which fork to use because:
1- Each node in the system behaves honestly at any given moment
2- I did not wanted to implement things like worker nodes.
3- You only ask to make nodes agree after a certain time, and say nothing of how, and using time was easy.
If I had to implement a blockchain I would not use a Haskell list in production, its ok for a small task to show Haskell abilities. In production I would go for a SQL database and save transactions and blocks in it.
For last, forks deeper than one are possible, addFork has a function for going down and reversing ledger operations.
About the Criterions, are those things my program is not doing correctly? I thought (for this case, not the real world) that I satisfied then satisfactorily.