aboutsummaryrefslogtreecommitdiff
path: root/src/wallet/wallet_rpc_server.cpp
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2019-10-15 12:25:26 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2019-11-01 18:59:37 +0000
commitd5472bd87b8e93706295d8aa7ff99e5ad594277d (patch)
tree37d3ecbbad5cde75df9afe774009fbdc3d078b7e /src/wallet/wallet_rpc_server.cpp
parentwallet2: do not repeatedly ask for pool txes sent to us (diff)
downloadmonero-d5472bd87b8e93706295d8aa7ff99e5ad594277d.tar.xz
wallet2: do not send an unnecessary last getblocks.bin call on refresh
The "everything refreshed" state was detected when a refresh call did not return any new blocks. This can be detected without that extra "empty" call by comparing the claimed node height to the height of the last block retrieved. Doing this avoids that last call, saves some bandwidth, and makes the common refresh case use only one call rather than two. As a side effect, it prevents an information leak reported by Tramèr et al: if the wallet retrieves a set of blocks which includes an output sent to the refreshing wallet, the wallet will prompt the user for the password to decode the amount and calculate the key image for the new output, and this will delay subsequent calls to getblocks.bin, allowing a passive adversary to note the delay and deduce when the wallet receives at least one output. This can still happen if the wallet downloads more than 1000 blocks, since this will be split in several calls, but then the most the adversary can tell is which 1000 block section the user received some monero (the adversary can estimate the heights of the blocks by calculating how many "large" transfers are done, which will be sections of blocks, the last of which will usually be below 1000, but the size of the data should allow the actual number of blocks sent to be determined fairly accurately). This timing trick still be used via the subsequent scan for incoming txes in the txpool, which will be fixed later.
Diffstat (limited to 'src/wallet/wallet_rpc_server.cpp')
0 files changed, 0 insertions, 0 deletions