The Implementation of The Ledger of Things Node. Layer 1 decentralized blockchain platform for the tokenization of objects. Proof of Scan protocol. Useful smart-contracts and dApps.
https://github.com/3Dpass/3DP/blob/110c140a97ac8e726889ff21127adad8f907d0f6/pallets/mining-pool/src/lib.rs#L505
This means that anyone can resend any past submit_mining_stat call along with the signature the pool sent, for example they can increase their hashrate momentarily and get the pool to send submit_mining_stat with many shares, then stop mining and just resend that same share list to steal other's rewards
This can be fixed by including a nonce or the current block number in the MiningStat struct that is being signed
https://github.com/3Dpass/3DP/blob/110c140a97ac8e726889ff21127adad8f907d0f6/pallets/mining-pool/src/lib.rs#L505 This means that anyone can resend any past submit_mining_stat call along with the signature the pool sent, for example they can increase their hashrate momentarily and get the pool to send submit_mining_stat with many shares, then stop mining and just resend that same share list to steal other's rewards This can be fixed by including a nonce or the current block number in the MiningStat struct that is being signed