View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0006416||Taler||auditor||public||2020-06-25 11:15||2020-06-25 23:48|
|Reporter||oec||Assigned To||Christian Grothoff|
|Target Version||0.8||Fixed in Version|
|Summary||0006416: Same coin_pub with multiple denom_sigs - a problem?|
|Description||Taler uses a cache for fast lookups of coin_pub -> (denom_pub, denom_sig), the table known_coins. The table is populated via TEH_DB_know_coin_transaction before deposit, melt and recoup operations, i.e. independent of the outcome of those operations.|
Consider the scenario where the same coin_pub is signed with different denomination keys. The first usage of one of those coins would lock the denomination value in the known_coins table. However, it is not clear (to me) what would happen if the same coin_pub than is used later with a _different_ (but also validly signed) denomination for any of the operations.
I have not come up with a particular attack to the advantage of a customer (i.e. gain profit). But maybe leaving the exchange in a confused state that the auditor might notice and complain about could lead to DoS?
Would it make sense to have (coin_pub, denom_pub) as an index for the known_coins and allow multiple entries with the same coin_pub in it?
|Tags||No tags attached.|
|2020-06-25 11:15||oec||New Issue|
|2020-06-25 11:15||oec||Status||new => assigned|
|2020-06-25 11:15||oec||Assigned To||=> Christian Grothoff|
|2020-06-25 11:48||Christian Grothoff||Note Added: 0016366|
|2020-06-25 23:47||Christian Grothoff||Target Version||=> 0.8|
|2020-06-25 23:48||Christian Grothoff||Product Version||=> 0.7.0|