search

hyperledger / fabric

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. Its modular and versatile design satisfies a broad range of industry use cases. It offers a unique approach to consensus that enables performance at scale while preserving privacy.
https://wiki.hyperledger.org/display/fabric
Apache License 2.0
15.68k stars 8.83k forks source link

Timestamp string conversion is not deterministic #4406

Open semil opened 1 year ago

semil commented 1 year ago

Description

Critical areas of the code like https://github.com/hyperledger/fabric/blob/c24c9b57439cfb1a9c2332d953286946ebfc3600/orderer/common/cluster/util.go#L812-L820 are using timestamp's String() method in order to calculate it's string representation.

The string method uses: https://github.com/hyperledger/fabric/blob/c24c9b57439cfb1a9c2332d953286946ebfc3600/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go#L271-L273

https://github.com/hyperledger/fabric/blob/c24c9b57439cfb1a9c2332d953286946ebfc3600/vendor/google.golang.org/protobuf/internal/impl/api_export.go#L173-L177

https://github.com/hyperledger/fabric/blob/c24c9b57439cfb1a9c2332d953286946ebfc3600/vendor/google.golang.org/protobuf/encoding/prototext/encode.go#L85-L98

Which clearly states "Do not depend on the output being stable. It may change over time across different versions of the program.".

Evidence to that is the way the timestamp seconds:1693225332; nanos:471402000 is converted to string:

This string is then converted to bytes array and it's hash is used to calculated different security components.

Steps to reproduce

No response

semil commented 1 year ago

@arkadiPiven and I are working on a fix.

denyeart commented 3 months ago

I think we just forgot to close this issue when the fix https://github.com/hyperledger/fabric/pull/4407 was merged. Should we just close this issue @semil or do you want to consider different approaches?