I noticed that there are some problems with the BlockChain module:
First, PruneToHeight only removes entries from the blockAtHeight map, not the blocks map, so blocks are never entirely removed.
Second, the Get method requests a block from any replica. If one replica responds, it will store the requested block in the maps. This could be problematic because the entry in blockAtHeight for height h might be overwritten by a malicious replica. This could for example be done by sending an invalid vote referencing a block that the malicious replica has created. The block will be fetched before the vote is invalidated. If this block specifies view h, it will be stored in blockAtHeight for height h. I don't think this is a threat to consensus, but it interferes with the detection of forked blocks and may cause blocks to remain unpruned.
Third, it might be nice to be able to configure how many blocks should be kept in memory.
I noticed that there are some problems with the
BlockChainmodule:First,
PruneToHeightonly removes entries from theblockAtHeightmap, not theblocksmap, so blocks are never entirely removed.Second, the
Getmethod requests a block from any replica. If one replica responds, it will store the requested block in the maps. This could be problematic because the entry inblockAtHeightfor heighthmight be overwritten by a malicious replica. This could for example be done by sending an invalid vote referencing a block that the malicious replica has created. The block will be fetched before the vote is invalidated. If this block specifies viewh, it will be stored inblockAtHeightfor heighth. I don't think this is a threat to consensus, but it interferes with the detection of forked blocks and may cause blocks to remain unpruned.Third, it might be nice to be able to configure how many blocks should be kept in memory.