diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2022-05-15 11:50:28 +0000 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2022-05-15 11:57:37 +0000 |
commit | fde7c96b5cd44962fe08cdb8d23115ed51b30915 (patch) | |
tree | 179ecd699eb615476afd8914da3c2a03a4178506 /contrib | |
parent | Merge pull request #8321 (diff) | |
download | monero-fde7c96b5cd44962fe08cdb8d23115ed51b30915.tar.xz |
wallet2: fix spurious reorg detection with untrusted nodes
When forced to deal with an untrusted node, a wallet will quantize
its current height to disguise the real height to the adversary, to
try and minimize the daemon's ability to distinguish returning
wallets.
Daemons will thus return more blocks than the wallet needs, starting
from earlier in the chain. These extra blocks will be disregarded
by the wallet, which had already scanned them.
However, for the purposes of reorg size detection, the wallet assumes
all blocks the daemon sends are different, which is only correct if
the wallet hasn't been coy, which is only the case for trusted
daemons (which you should use). This causes an issue when the size
of this "fake reorg" is above the sanity check threshold at which
the wallet refuses a reorg.
To fix this, the reorg size check is moved later on, when the reorg
is about to actually happen, after the wallet has checked which
blocks are actually different from the ones it expects.
Diffstat (limited to 'contrib')
0 files changed, 0 insertions, 0 deletions