In the current implementation for the commit-reveal voting scheme in referendum, the random salt values are generated by UUID 4. While Joystream seems to be aware of this according to the code annotation, we wanted to issue a reminder to use a cryptographically secure random number generator instead of UUID 4 for this purpose.
Issue details
Currently, the salt used in the commit-reveal scheme for votes is generated in pioneer/packages/joy-election/src/VoteForm.tsx the following way:
// TODO use a crypto-prooven generator instead of UUID 4.
function randomSalt () {
return uuid().replace(/-/g, '');
}
While UUIDs can be generated with variable amounts of randomness, they are generally designed to be unique and not necessarily random. While Joystream seems to be aware of this according to the code annotation, we wanted to point it out as an information-level issue.
Risk
If an attacker is able to predict the random salt that is generated for the commit-reveal scheme for referendums, they could reveal votes of participants before the referendum ends.
Mitigation
Make sure to use a cryptographically secure random number generator for salt generation in production.
Summary
In the current implementation for the commit-reveal voting scheme in referendum, the random
salt
values are generated by UUID 4. While Joystream seems to be aware of this according to the code annotation, we wanted to issue a reminder to use a cryptographically secure random number generator instead of UUID 4 for this purpose.Issue details
Currently, the
salt
used in the commit-reveal scheme for votes is generated inpioneer/packages/joy-election/src/VoteForm.tsx
the following way:While UUIDs can be generated with variable amounts of randomness, they are generally designed to be unique and not necessarily random. While Joystream seems to be aware of this according to the code annotation, we wanted to point it out as an information-level issue.
Risk
If an attacker is able to predict the random salt that is generated for the commit-reveal scheme for referendums, they could reveal votes of participants before the referendum ends.
Mitigation
Make sure to use a cryptographically secure random number generator for salt generation in production.