Partial vs Complete Catchup: what are the differences in terms of security?stellar-code stuck with Joining...

Eww, those bytes are gross

What are "industrial chops"?

Spring Boot request header return null value

What is the most fuel efficient way out of the Solar System?

Why did the villain in the first Men in Black movie care about Earth's Cockroaches?

Porting Linux to another platform requirements

How should I handle players who ignore the session zero agreement?

How can my powered armor quickly replace its ceramic plates?

When can a QA tester start his job?

A starship is travelling at 0.9c and collides with a small rock. Will it leave a clean hole through, or will more happen?

Bash Script Function Return True-False

Does theoretical physics suggest that gravity is the exchange of gravitons or deformation/bending of spacetime?

Finding lengths when circles and squares tangents.

Does a phylactery of a lich have to be a box?

Do authors have to be politically correct in article-writing?

Consequences of lack of rigour

Nested word series [humans only]

I will be going to Sweden on business purpose .Can I visit London from Sweden and how much UK visa will cost?

What incentives do banks have to gather up loans into pools (backed by Ginnie Mae)and selling them?

What are career options for big-picture thinkers with no experience?

Is it a fallacy if someone claims they need an explanation for every word of your argument to the point where they don't understand common terms?

Why is it that Bernie Sanders is always called a "socialist"?

What is the wife of a henpecked husband called?

Publishing research using outdated methods



Partial vs Complete Catchup: what are the differences in terms of security?


stellar-code stuck with Joining SCPShould Every Node Contain The Same Quorum Set Configuration?FATAL when switching from test network to public network on stellar-coreHelp - why can’t I synch stellar core?Stellar Core node is typically behind SDF by 20 to 100 ledgersWhat are the message size limitations of stellar consensus protocol?Limiting the size of local buckets on the coreSetting the network interface for core?Node sync issue - private networkPartial Catch-up on Validator nodes













2















Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?



In other words, when I perform partial catchup, what are the risks in terms of security?



UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.










share|improve this question





























    2















    Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?



    In other words, when I perform partial catchup, what are the risks in terms of security?



    UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.










    share|improve this question



























      2












      2








      2








      Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?



      In other words, when I perform partial catchup, what are the risks in terms of security?



      UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.










      share|improve this question
















      Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?



      In other words, when I perform partial catchup, what are the risks in terms of security?



      UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.







      stellar-core scp catchup






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 2 hours ago









      Orbit Lens

      5,5861925




      5,5861925










      asked 5 hours ago









      FuzzyAmiFuzzyAmi

      731312




      731312






















          1 Answer
          1






          active

          oldest

          votes


















          3














          Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.



          Therefore, there is no difference whether you are doing full or partial catchup.



          EDIT:




          1. Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.

          2. Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.


          If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.






          share|improve this answer


























          • thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

            – FuzzyAmi
            2 hours ago






          • 1





            @FuzzyAmi I updated the answer

            – Orbit Lens
            2 hours ago











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "686"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstellar.stackexchange.com%2fquestions%2f2246%2fpartial-vs-complete-catchup-what-are-the-differences-in-terms-of-security%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          3














          Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.



          Therefore, there is no difference whether you are doing full or partial catchup.



          EDIT:




          1. Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.

          2. Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.


          If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.






          share|improve this answer


























          • thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

            – FuzzyAmi
            2 hours ago






          • 1





            @FuzzyAmi I updated the answer

            – Orbit Lens
            2 hours ago
















          3














          Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.



          Therefore, there is no difference whether you are doing full or partial catchup.



          EDIT:




          1. Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.

          2. Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.


          If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.






          share|improve this answer


























          • thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

            – FuzzyAmi
            2 hours ago






          • 1





            @FuzzyAmi I updated the answer

            – Orbit Lens
            2 hours ago














          3












          3








          3







          Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.



          Therefore, there is no difference whether you are doing full or partial catchup.



          EDIT:




          1. Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.

          2. Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.


          If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.






          share|improve this answer















          Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.



          Therefore, there is no difference whether you are doing full or partial catchup.



          EDIT:




          1. Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.

          2. Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.


          If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 2 hours ago

























          answered 3 hours ago









          Orbit LensOrbit Lens

          5,5861925




          5,5861925













          • thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

            – FuzzyAmi
            2 hours ago






          • 1





            @FuzzyAmi I updated the answer

            – Orbit Lens
            2 hours ago



















          • thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

            – FuzzyAmi
            2 hours ago






          • 1





            @FuzzyAmi I updated the answer

            – Orbit Lens
            2 hours ago

















          thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

          – FuzzyAmi
          2 hours ago





          thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!

          – FuzzyAmi
          2 hours ago




          1




          1





          @FuzzyAmi I updated the answer

          – Orbit Lens
          2 hours ago





          @FuzzyAmi I updated the answer

          – Orbit Lens
          2 hours ago


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stellar Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstellar.stackexchange.com%2fquestions%2f2246%2fpartial-vs-complete-catchup-what-are-the-differences-in-terms-of-security%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Why do type traits not work with types in namespace scope?What are POD types in C++?Why can templates only be...

          Will tsunami waves travel forever if there was no land?Why do tsunami waves begin with the water flowing away...

          Simple Scan not detecting my scanner (Brother DCP-7055W)Brother MFC-L2700DW printer can print, can't...