View Issue Details

IDProjectCategoryView StatusLast Update
0006416Talerauditorpublic2020-06-25 23:48
ReporteroecAssigned ToChristian Grothoff 
PrioritynormalSeverityminorReproducibilityalways
Status assignedResolutionopen 
Product Version0.7.0 
Target Version0.8Fixed in Version 
Summary0006416: Same coin_pub with multiple denom_sigs - a problem?
DescriptionTaler uses a cache for fast lookups of coin_pub -> (denom_pub, denom_sig), the table known_coins. The table is populated via TEH_DB_know_coin_transaction before deposit, melt and recoup operations, i.e. independent of the outcome of those operations.

Consider the scenario where the same coin_pub is signed with different denomination keys. The first usage of one of those coins would lock the denomination value in the known_coins table. However, it is not clear (to me) what would happen if the same coin_pub than is used later with a _different_ (but also validly signed) denomination for any of the operations.

I have not come up with a particular attack to the advantage of a customer (i.e. gain profit). But maybe leaving the exchange in a confused state that the auditor might notice and complain about could lead to DoS?

Would it make sense to have (coin_pub, denom_pub) as an index for the known_coins and allow multiple entries with the same coin_pub in it?
TagsNo tags attached.

Activities

Christian Grothoff

2020-06-25 11:48

manager   ~0016366

Great find. Discussed with Florian, we will change the index to span coin_pub and denom_h and make sure all SELECT()s also select on both columns.

Issue History

Date Modified Username Field Change
2020-06-25 11:15 oec New Issue
2020-06-25 11:15 oec Status new => assigned
2020-06-25 11:15 oec Assigned To => Christian Grothoff
2020-06-25 11:48 Christian Grothoff Note Added: 0016366
2020-06-25 23:47 Christian Grothoff Target Version => 0.8
2020-06-25 23:48 Christian Grothoff Product Version => 0.7.0