From: "James O'Beirne" <james.obeirne@gmail•com>
To: Daniel Kraft <d@domob•eu>
Cc: bitcoin-dev@lists•linuxfoundation.org
Subject: Re: [bitcoin-dev] The new obfuscation patch & GetStats
Date: Wed, 7 Oct 2015 16:32:03 -0700 [thread overview]
Message-ID: <CAPfvXfLw25J_mXn6b9QO_VDTU3EoVP9zxt7bbN0RF+2coYAdJA@mail.gmail.com> (raw)
In-Reply-To: <56155572.5040501@domob.eu>
[-- Attachment #1: Type: text/plain, Size: 2141 bytes --]
Hey, Daniel.
Patch author here. Thanks for the diligence; I think this indeed may be an
oversight, though I'm going to need to look into a bit more thoroughly at
home. Curious that it didn't fail any of the automated tests.
Correct me if I'm wrong, but the only actual invocation of that method is
here
<https://github.com/bitcoin/bitcoin/blob/master/src/rpcblockchain.cpp#L448>
(and even then, proxied through a few layers of CCoinView-machinery). In
fact, this line
<https://github.com/bitcoin/bitcoin/blob/master/src/coins.cpp#L48> makes me
suspect that the implementation of GetStats you reference may be dead code.
In any case, you raise a good point: if users of CLevelDBWrapper go
directly for the iterator, they run the risk of dealing with obfuscated
data. This should be remedied somehow.
I'll give it more look this evening.
Thanks again for the find,
James
On Wed, Oct 7, 2015 at 10:25 AM, Daniel Kraft via bitcoin-dev <
bitcoin-dev@lists•linuxfoundation.org> wrote:
> Hi!
>
> I hope this is not a stupid question, but I thought I'd ask here first
> instead of opening a Github ticket (in case I'm wrong).
>
> With the recently merged "obfuscation" patch, content of the
> "chainstate" LevelDB is obfuscated by XOR'ing against a random "key".
> This is handled by CLevelDBWrapper's Read/Write methods, which probably
> cover most of the usecases.
>
> *However*, shouldn't it also be handled when iterating over the
> database? In particular, I would expect that the obfuscation key is
> applied before line 119 in txdb.cpp (i. e., while iterating over the
> coin database in CCoinsViewDB::GetStats).
>
> Is there a reason why this need not be done there, or is this an actual
> oversight?
>
> Yours,
> Daniel
>
> --
> http://www.domob.eu/
> OpenPGP: 1142 850E 6DFF 65BA 63D6 88A8 B249 2AC4 A733 0737
> Namecoin: id/domob -> https://nameid.org/?name=domob
> --
> Done: Arc-Bar-Cav-Hea-Kni-Ran-Rog-Sam-Tou-Val-Wiz
> To go: Mon-Pri
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists•linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
[-- Attachment #2: Type: text/html, Size: 3158 bytes --]
next prev parent reply other threads:[~2015-10-07 23:32 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-07 17:25 Daniel Kraft
2015-10-07 23:32 ` James O'Beirne [this message]
2015-10-08 0:29 ` James O'Beirne
2015-10-08 5:14 ` Daniel Kraft
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAPfvXfLw25J_mXn6b9QO_VDTU3EoVP9zxt7bbN0RF+2coYAdJA@mail.gmail.com \
--to=james.obeirne@gmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=d@domob$(echo .)eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox