Fix/secure random in oaes#26
Closed
post-hum wants to merge 139 commits into
Closed
Conversation
- When background syncing, the wallet wipes the spend key from memory and processes all new transactions. The wallet saves all receives, spends, and "plausible" spends of receives the wallet does not know key images for. - When background sync disabled, the wallet processes all background synced txs and then clears the background sync cache. - Adding "plausible" spends to the background sync cache ensures that the wallet does not need to query the daemon to see if any received outputs were spent while background sync was enabled. This would harm privacy especially for users of 3rd party daemons. - To enable the feature in the CLI wallet, the user can set background-sync to reuse-wallet-password or custom-background-password and the wallet automatically syncs in the background when the wallet locks, then processes all background synced txs when the wallet is unlocked. - The custom-background-password option enables the user to open a distinct background wallet that only has a view key saved and can be opened/closed/synced separately from the main wallet. When the main wallet opens, it processes the background wallet's cache. - To enable the feature in the RPC wallet, there is a new `/setup_background_sync` endpoint. - HW, multsig and view-only wallets cannot background sync.
…ing [RELEASE] 1. Use std::is_standard_layout and std::is_trivially_copyable instead of std::is_pod for KV byte-wise serialization, which fixes compile issue for Boost UUIDs 2. Removed reimplementation of std::hash for boost::uuids::uuid 3. Removed << operator overload for crypto::secret_key 4. Removed instances in code where private view key was dumped to the log in plaintext Release version of #9450, containing C++14 modified assertions
Wait for network to be online before starting
1. Daemon-specific proxy is exclusive with global proxy (--proxy). 2. If you set global proxy (--proxy) you cannot set daemon-specific proxy. 3. If you don't set global proxy, you can set proxy (or not set) proxy for each daemon connection with the proxy field in jsonrpc to the wallet-rpc.
On Linux Mint 21.3, g++ Ubuntu 11.4.0-1ubuntu1~22.04, I get linking error for an undefined reference to `epee::string_tools::trim_right`. This PR reverts the changes to epee_readline.cpp in commit c56ee140, which turns a `boost::trim_right` callsite into an `epee::string_tools::trim_right` callsite.
In-line comments explicitly explaining banned hosts/subnets might help assuage fears of some good banlists' arbitaryiness.
…e is none. Co-authored-by: Boog900 <boog900@tutanota.com>
Get height of the RingCT fork to start the output distributuon programmatically, instead of using a hardcoded index. If using a hardcoded index, when the hardfork tables are modified, this can cause segmentation faults or horrific privacy issues: https://codeberg.org/wownero/wownero/issues/488#issuecomment-2514880.
Rings for outgoing transactions are stored within the scanning code since the last hardfork, so this code is largely unneccessary now. Co-authored-by: j-berman <justinberman@protonmail.com>
Reported by hacksandhops and Ada Logic.
- Make sure to mark identified spends in the pool as spends. The wallet might not know these have been spent if it wasn't the wallet that relayed the tx to the daemon, or the wallet was cleared via rescan_bc. - Make sure to add spends to m_unconfirmed_txs if not present. - Make sure to process the entire pool again if refreshing for the first time. The wallet fetches pool and blocks at the same time. The wallet scans blocks first, then pool. If the wallet identifies received outputs in the chain, then it may have spent those received outputs in the pool. So we make sure to re-process the entire pool again after scanning the chain for the first time. - Multisig wallets that know about spent key images can now detect spend txs in the pool. Update tests for that.
Otherwise we can end up double counting txs towards the weight, which can over-state the pool weight. E.g. relay tx to node in stem phase, add its weight to pool weight, then receive tx from another node, then bump the pool weight again. That double counts the tx towards the pool weight. If the weight exceeds the max, the node will "prune" txs from the pool. Thus, over-counting is probably a cause of, but perhaps not the only cause of: seraphis-migration/monero#148
- Make sure the server sends a complete response when the client includes the "Connection: close" header. - Make sure the server terminates in `m_strand` to avoid concurrent socket closure and ops processing.
…ration Critical security fix (CVSS 9.8): - Replaces insecure rand() with cryptographically secure crypto::rand() - Prevents predictable AES keys that could lead to wallet decryption - Adds proper crypto.h include as fallback when OAES_HAVE_ISAAC is not defined Impact: - Wallet encryption is no longer vulnerable to brute force - Network traffic encryption is now secure - Private key generation uses proper entropy
Contributor
Author
|
Closing in favor of #27 (clean version with single commit). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Security: Replace rand() with crypto::rand() in AES
Problem:
rand()is used for AES key generation whenOAES_HAVE_ISAACis not defined.Fix: Replace with
crypto::rand<uint8_t>()Files changed:
src/crypto/oaes_lib.cImpact: Prevents predictable AES keys and wallet decryption.
/cc @hayzamjs