Partial vs Complete Catchup: what are the differences in terms of security?stellar-code stuck with Joining...
Eww, those bytes are gross
What are "industrial chops"?
Spring Boot request header return null value
What is the most fuel efficient way out of the Solar System?
Why did the villain in the first Men in Black movie care about Earth's Cockroaches?
Porting Linux to another platform requirements
How should I handle players who ignore the session zero agreement?
How can my powered armor quickly replace its ceramic plates?
When can a QA tester start his job?
A starship is travelling at 0.9c and collides with a small rock. Will it leave a clean hole through, or will more happen?
Bash Script Function Return True-False
Does theoretical physics suggest that gravity is the exchange of gravitons or deformation/bending of spacetime?
Finding lengths when circles and squares tangents.
Does a phylactery of a lich have to be a box?
Do authors have to be politically correct in article-writing?
Consequences of lack of rigour
Nested word series [humans only]
I will be going to Sweden on business purpose .Can I visit London from Sweden and how much UK visa will cost?
What incentives do banks have to gather up loans into pools (backed by Ginnie Mae)and selling them?
What are career options for big-picture thinkers with no experience?
Is it a fallacy if someone claims they need an explanation for every word of your argument to the point where they don't understand common terms?
Why is it that Bernie Sanders is always called a "socialist"?
What is the wife of a henpecked husband called?
Publishing research using outdated methods
Partial vs Complete Catchup: what are the differences in terms of security?
stellar-code stuck with Joining SCPShould Every Node Contain The Same Quorum Set Configuration?FATAL when switching from test network to public network on stellar-coreHelp - why can’t I synch stellar core?Stellar Core node is typically behind SDF by 20 to 100 ledgersWhat are the message size limitations of stellar consensus protocol?Limiting the size of local buckets on the coreSetting the network interface for core?Node sync issue - private networkPartial Catch-up on Validator nodes
Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?
In other words, when I perform partial catchup, what are the risks in terms of security?
UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.
stellar-core scp catchup
add a comment |
Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?
In other words, when I perform partial catchup, what are the risks in terms of security?
UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.
stellar-core scp catchup
add a comment |
Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?
In other words, when I perform partial catchup, what are the risks in terms of security?
UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.
stellar-core scp catchup
Lets assume I power-up a new core and join (as validator) to a network of pre-existing other nodes. In addition, to speed things up, I chose to do a partial catchup from one history archive. Now, having synced up, is it possible that my new core has a state that's been tampered with?
In other words, when I perform partial catchup, what are the risks in terms of security?
UPDATE: I'm slightly changing the question to make it more interesting: Suppose the network I join has conspired against me and they've all tampered with the state (the bucketlist) stored on their history to reflect a state that's different than the one I would arrive to by replaying the txs from the genesis block. Is this possible? If it is, then a full catchup does have benefits over a partial one.
stellar-core scp catchup
stellar-core scp catchup
edited 2 hours ago
Orbit Lens
5,5861925
5,5861925
asked 5 hours ago
FuzzyAmiFuzzyAmi
731312
731312
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.
Therefore, there is no difference whether you are doing full or partial catchup.
EDIT:
- Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.
- Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.
If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
1
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "686"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstellar.stackexchange.com%2fquestions%2f2246%2fpartial-vs-complete-catchup-what-are-the-differences-in-terms-of-security%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.
Therefore, there is no difference whether you are doing full or partial catchup.
EDIT:
- Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.
- Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.
If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
1
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
add a comment |
Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.
Therefore, there is no difference whether you are doing full or partial catchup.
EDIT:
- Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.
- Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.
If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
1
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
add a comment |
Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.
Therefore, there is no difference whether you are doing full or partial catchup.
EDIT:
- Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.
- Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.
If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.
Each node synchronizes the state with the quorum set, so archives tampering won't work. The node will be unable to catch up with SCP quorum if the local state differs from the quorum-approved state. Nobody can modify a single archive file without messing up the whole archive because each ledger contains hash of the previous ledger and they are validated during the catchup. The node will discard the ledger with invalid hash.
Therefore, there is no difference whether you are doing full or partial catchup.
EDIT:
- Attackers control both the quorum set and archives destination → Newly-connected node will be 100% compromised.
- Attackers control only the quorum set or the archives data → New node will connect and follow the SCP majority, but won't be able to catchup with the history. It will be unable to apply the state from buckets if hashes don't match. I don't think that the node will be able to act as validator in this case.
If the archives are tempered, you won't be able to ingest the history regardless whether you are starting from the genesis block or not.
edited 2 hours ago
answered 3 hours ago
Orbit LensOrbit Lens
5,5861925
5,5861925
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
1
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
add a comment |
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
1
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
thank you for the answer. I updated my question and added a corner case where I think it might be beneficial to perform full catchup. Also, would you be so kind as to add a 'catchup' tag to this SO? thx!
– FuzzyAmi
2 hours ago
1
1
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
@FuzzyAmi I updated the answer
– Orbit Lens
2 hours ago
add a comment |
Thanks for contributing an answer to Stellar Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstellar.stackexchange.com%2fquestions%2f2246%2fpartial-vs-complete-catchup-what-are-the-differences-in-terms-of-security%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown