[Calypso] LTSID not checked on the Write contract

dedis / cothority

Scalable collective authority

Other

425 stars 106 forks source link

[Calypso] LTSID not checked on the Write contract #2497

Closed nkcr closed 2 years ago

nkcr commented 2 years ago

The write contract gets an LTSID upon creation, which should correspond to a valid InstanceID of an LTS smart contract instance. This LTSID is used for the ZKP and during the decryption process, to get the roster. This LTSID is actually never checked. One could indeed use any other value, with the following consequences:

The ZKP checks fails, in case the client is using the real LTSID. But it would pass if the client uses the same wrong LTSID
The decryption process fails, because the service can't retrieve the roster. Hopefully this case is handled and won't make the system crash (+1).

nkcr commented 2 years ago

Some pointers:

Where I would expect a check: https://github.com/dedis/cothority/blob/3b1a235f92ad3b64a2130dd1a447eacdbc7772aa/calypso/contracts.go#L74
Use of the LTSID in the ZKP: https://github.com/dedis/cothority/blob/3b1a235f92ad3b64a2130dd1a447eacdbc7772aa/calypso/struct.go#L78
Use of the LTSID to get the roster: https://github.com/dedis/cothority/blob/3b1a235f92ad3b64a2130dd1a447eacdbc7772aa/calypso/service.go#L549

ineiti commented 2 years ago

Thanks for the bug report. Are you actively using the Calypso module in a project?

For your two cases:

That's how the system is supposed to work. The LTSID must be respected, even if it doesn't exist - it also might've been deleted in the meantime
As you point out, the calypso/service.go returns an error if it cannot find the LTSID

nkcr commented 2 years ago

No not really, but we are porting some of it to Dela, which is how I came to discover this bug.

ineiti commented 2 years ago

Cool - looking forward to it! Don't forget to ask us to run a node if you decide to have a long-time DELA network running!