octo
/
Zebra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,248 Commits 4 Branches 0 Tags 28 MiB
Commit Graph

641 Commits

Author SHA1 Message Date
Alfredo Garcia d7b83b7b2a remove unused import 2021-03-22 11:54:31 -04:00
teor 8e18c99cdc Avoid risky use of Read::take with untrusted lengths 
Zebra already uses `Read::take` to enforce message, body, and block
maximum sizes.

So using `Read::take` on untrusted sizes can result in short reads,
without a corresponding `UnexpectedEof` error. (The old code was
correct, but copying it elsewhere would have been risky.)
 2021-03-22 11:54:31 -04:00
teor 5c55f7210c Stop untrusted preallocation during script deserialization 
This is an easy memory denial of service attack.
 2021-03-22 11:54:31 -04:00
teor 609d70ae53 Stop untrusted preallocation during string deserialization 
This is an easy memory denial of service attack.
 2021-03-22 11:54:31 -04:00
teor db2f920d96 Stop untrusted preallocation during JoinSplit deserialization 
Zebra believes the untrusted `JoinSplit` list size field when
deserializing `JoinSplit`s, and preallocates a `Vec` based on that size.

This is trivial a memory exhaustion attack.

Instead, use the current auto-growing implementation, which is limited
by the size of the message data.
 2021-03-22 11:54:31 -04:00
teor d19585cfca Fix some missed Sapling to Canopy checkpoint code changes 2021-03-18 10:13:47 +10:00
Alfredo Garcia a292cbe611 change the mandatory checkpoint to Canopy 2021-03-18 10:13:47 +10:00
dependabot[bot] 97cae4b2da build(deps): bump displaydoc from 0.1.7 to 0.2.0 
Bumps [displaydoc](https://github.com/yaahc/displaydoc) from 0.1.7 to 0.2.0.
- [Release notes](https://github.com/yaahc/displaydoc/releases)
- [Changelog](https://github.com/yaahc/displaydoc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yaahc/displaydoc/commits/v0.2.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-17 15:50:40 -04:00
Alfredo Garcia d49eaab68e
Bump versions for zebrad 1.0.0-alpha.4 (#1913) 
* Bump versions for zebrad 1.0.0-alpha.4

* add Cargo.lock
 2021-03-16 21:12:37 -03:00
teor 873127aac1 Replace smart quotes with ascii quotes 
Some tools don't deal well with unicode text. And we're not using it
consistently in Zebra anyway.
 2021-03-15 03:18:10 -04:00
dependabot[bot] 7f9d66a4af build(deps): bump serde-big-array from 0.3.1 to 0.3.2 
Bumps [serde-big-array](https://github.com/est31/serde-big-array) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/est31/serde-big-array/releases)
- [Commits](https://github.com/est31/serde-big-array/commits/v0.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-13 05:50:01 -05:00
Alfredo Garcia 8883543a85
Add transaction version 5 stubs (#1824) 
* add transaction V5 stub
* add v5_strategy
* deduplicate version group ids
* Update comment for V5 transactions
* Add V5 transactions to non_finalized_state

Currently these are all `unimplemented!(...)`

* Fix struct matches
* Apply trivial panic message changes
* add zcash_deserialize for V5
* make all tx versions explicit in sprout and sapling nullifier functions
* match exhaustively in sprout and sapling nullifier functions
* fix matches in zebra-consensus
* fix NU5 strategy
* We're still deciding if v5 transactions support Sprout

Co-authored-by: teor <teor@riseup.net>
 2021-03-04 07:56:41 +10:00
Jane Lusby e541746a50
Add initial support for NU5 to zebra (#1823) 
* Add NU5 variant to NetworkUpgrade
* Add consensus branch ID for NU5
* Add network protocol versions for NU5
* Add NU5 to the protocol::version_consistent test
* Make unimplemented panic messages more specific
* Block target spacing doesn't change in NU5
* add comments for future updates for NU5

Co-authored-by: teor <teor@riseup.net>
 2021-03-03 06:22:11 +10:00
Alfredo Garcia ca44fbd7b8
upgrade ed25519-zebra to v2 (#1811) 
This implements ZIP-215
 2021-03-02 17:45:55 +10:00
teor f2bdebee07 Clippy: Use Option::map instead of a manual impl 2021-03-01 23:31:18 -05:00
teor 0ed372703d Fix a typo in Transaction 
We parse v1, v2, and v3 transactions, but we don't validate them,
due to the Sapling checkpoint.
 2021-02-25 20:42:25 -05:00
dependabot[bot] bf1e2bd3b8
build(deps): bump tracing from 0.1.24 to 0.1.25 (#1815) 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.24 to 0.1.25.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.24...tracing-0.1.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-02-25 09:28:26 +10:00
teor 7558f74c78 Bump versions for zebrad 1.0.0-alpha.3 2021-02-23 10:39:13 -05:00
dependabot[bot] b578d1ff2e build(deps): bump proptest-derive from 0.2.0 to 0.3.0 
Bumps [proptest-derive](https://github.com/AltSysrq/proptest) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/AltSysrq/proptest/releases)
- [Changelog](https://github.com/AltSysrq/proptest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/AltSysrq/proptest/compare/proptest-derive-0.2.0...proptest-derive-0.3.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-22 01:33:54 -05:00
Deirdre Connolly 1fa41ff199 Use new bech32 methods that expect a Variant enum variant 2021-02-21 20:51:43 -05:00
dependabot[bot] dd940f7dbf build(deps): bump bech32 from 0.7.2 to 0.8.0 
Bumps [bech32](https://github.com/rust-bitcoin/rust-bech32) from 0.7.2 to 0.8.0.
- [Release notes](https://github.com/rust-bitcoin/rust-bech32/releases)
- [Commits](https://github.com/rust-bitcoin/rust-bech32/compare/v0.7.2...v0.8.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-21 20:51:43 -05:00
dependabot[bot] f19ef44493 build(deps): bump tracing from 0.1.23 to 0.1.24 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.23 to 0.1.24.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.23...tracing-0.1.24)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-18 22:21:49 -05:00
teor 55613db846 Fix a clippy redundant range lint 2021-02-17 12:47:56 +10:00
teor df59468085 Fix clippy uppercase acronym lint 2021-02-17 12:47:56 +10:00
Alfredo Garcia 21dbf5cb69
fix rust beta panic string warnings (#1731) 2021-02-15 07:00:02 +10:00
Deirdre Connolly 0c5daa8410 Bump versions for zebrad 1.0.0-alpha.2 
Including tower-batch bump to 0.2.0, tower-fallback to 0.2.0, zebra-script to 1.0.0-alpha.3
 2021-02-09 16:14:29 -05:00
dependabot[bot] b3a3b8f7c7 build(deps): bump tracing from 0.1.22 to 0.1.23 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.22 to 0.1.23.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.22...tracing-0.1.23)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-05 12:26:52 -05:00
Alfredo Garcia d7c40af2a8
Fix shutdown panics (#1637) 
* add a shutdown flag in zebra_chain::shutdown
* fix network panic on shutdown
* fix checkpoint panic on shutdown
 2021-02-03 19:03:28 +10:00
dependabot[bot] 25b6491929 build(deps): bump sha2 from 0.9.2 to 0.9.3 
Bumps [sha2](https://github.com/RustCrypto/hashes) from 0.9.2 to 0.9.3.
- [Release notes](https://github.com/RustCrypto/hashes/releases)
- [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.9.2...sha2-v0.9.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-01 19:14:15 -05:00
dependabot[bot] c52310ef91 build(deps): bump jubjub from 0.5.1 to 0.6.0 
Bumps [jubjub](https://github.com/zkcrypto/jubjub) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/zkcrypto/jubjub/releases)
- [Changelog](https://github.com/zkcrypto/jubjub/blob/main/RELEASES.md)
- [Commits](https://github.com/zkcrypto/jubjub/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-30 01:54:06 -05:00
dependabot[bot] 3c6bf4e1cd build(deps): bump primitive-types from 0.8.0 to 0.9.0 
Bumps [primitive-types](https://github.com/paritytech/parity-common) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/paritytech/parity-common/releases)
- [Commits](https://github.com/paritytech/parity-common/compare/primitive-types-v0.8.0...primitive-types-v0.9.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-29 21:11:03 -05:00
Deirdre Connolly 1b09538277
Bump versions for zebrad 1.0.0-alpha.1 (#1646) 
* Bump versions where appropriate

Tested with cargo install --locked --path etc

* Remove fixed panics from 'Known Issues'

* Change to alpha release series in the README

Co-authored-by: teor <teor@riseup.net>
 2021-01-27 20:31:39 -05:00
teor 49e6150427 Use collect() to avoid a lint 2021-01-19 11:02:20 -05:00
teor b1d28b73fd Stop disabling lints that no longer cause warnings on nightly 2021-01-19 11:02:20 -05:00
teor 258789ed9b Use the rustc unknown lints attribute 
The clippy unknown lints attribute was deprecated in
nightly in rust-lang/rust#80524. The old lint name now produces a
warning.

Since we're using `allow(unknown_lints)` to suppress warnings, we need to
add the canonical name, so we can continue to build without warnings on
nightly.

But we also need to keep the old name, so we can continue to build
without warnings on stable.

And therefore, we also need to disable the "removed lints" warning,
otherwise we'll get warnings about the old name on nightly.

We'll need to keep this transitional clippy config until rustc 1.51 is
stable.
 2021-01-19 11:02:20 -05:00
dependabot[bot] 3a093cca39 build(deps): bump secp256k1 from 0.20.0 to 0.20.1 
Bumps [secp256k1](https://github.com/rust-bitcoin/rust-secp256k1) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/rust-bitcoin/rust-secp256k1/releases)
- [Changelog](https://github.com/rust-bitcoin/rust-secp256k1/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-bitcoin/rust-secp256k1/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-17 21:38:41 -05:00
dependabot[bot] 38ac869f57 build(deps): bump byteorder from 1.3.4 to 1.4.2 
Bumps [byteorder](https://github.com/BurntSushi/byteorder) from 1.3.4 to 1.4.2.
- [Release notes](https://github.com/BurntSushi/byteorder/releases)
- [Changelog](https://github.com/BurntSushi/byteorder/blob/master/CHANGELOG.md)
- [Commits](https://github.com/BurntSushi/byteorder/compare/1.3.4...1.4.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-11 18:45:49 -05:00
dependabot[bot] f222a6805b build(deps): bump primitive-types from 0.7.3 to 0.8.0 
Bumps [primitive-types](https://github.com/paritytech/parity-common) from 0.7.3 to 0.8.0.
- [Release notes](https://github.com/paritytech/parity-common/releases)
- [Commits](https://github.com/paritytech/parity-common/compare/primitive-types-v0.7.3...primitive-types-v0.8.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-06 20:26:31 -05:00
dependabot[bot] d67de58554 build(deps): bump secp256k1 from 0.19.0 to 0.20.0 
Bumps [secp256k1](https://github.com/rust-bitcoin/rust-secp256k1) from 0.19.0 to 0.20.0.
- [Release notes](https://github.com/rust-bitcoin/rust-secp256k1/releases)
- [Changelog](https://github.com/rust-bitcoin/rust-secp256k1/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-bitcoin/rust-secp256k1/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-04 11:05:43 -05:00
dependabot[bot] b2a0048968 build(deps): bump serde-big-array from 0.3.0 to 0.3.1 
Bumps [serde-big-array](https://github.com/est31/serde-big-array) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/est31/serde-big-array/releases)
- [Commits](https://github.com/est31/serde-big-array/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-28 15:50:29 -05:00
Alfredo Garcia 436ce00fc2
Move height check to NetworkUpgrade (#1505) 
* move height check to NetworkUpgrade
* refactor the max block time height check

Co-authored-by: teor <teor@riseup.net>
 2020-12-15 08:30:38 +10:00
teor 66e300be0a
Cleanup the ExpandedDifficulty PartialOrd impl (#1466) 2020-12-14 11:25:50 +10:00
Henry de Valence 0842eb2dab
zebra: move to 1.x-based versioning. (#1476) 
Previously we set the crate versions to 3.x, so that the major version was
aligned with the NU version.  But we want to be able to make API changes
independently of the NU schedule.
 2020-12-08 08:53:07 +10:00
teor 9bd3b8becd Clarify a difficulty debug impl comment 2020-12-04 10:44:36 +10:00
teor 2014dffd27 Show expanded values in CompactDifficulty debug fmt 2020-12-04 10:44:36 +10:00
dependabot[bot] 8c052cc39a build(deps): bump color-eyre from 0.5.9 to 0.5.10 
Bumps [color-eyre](https://github.com/yaahc/color-eyre) from 0.5.9 to 0.5.10.
- [Release notes](https://github.com/yaahc/color-eyre/releases)
- [Changelog](https://github.com/yaahc/color-eyre/blob/v0.5.10/CHANGELOG.md)
- [Commits](https://github.com/yaahc/color-eyre/compare/v0.5.9...v0.5.10)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-03 10:55:16 -05:00
Jane Lusby d7bef1c155
bump color-eyre version to avoid a panic when printing spantraces (#1438) 2020-12-02 14:16:18 -08:00
Henry de Valence b449fe93b2 network: correct data modeling for headers messages 
We modeled a Bitcoin `headers` message as being a list of block headers.
However, the actual data structure is slightly different: it's a list of (block
header, transaction count) pairs.  This caused zcashd to reject our headers
messages.

To fix this, introduce a new `CountedHeader` struct with a `block::Header` and
transaction count `usize`, then thread it through the inbound service and the
state.

I tested this locally by running Zebra with these changes and inspecting a
trace-level log of the span of a peer connection that requested a nontrivial
headers packet from us, and verified that it did not reject our message.
 2020-12-02 10:24:31 -08:00
teor 4109534c9b
Run `cargo fmt --all` (#1427) 2020-12-02 14:43:33 +10:00
Henry de Valence 1606b28d14 chain: add missing sources to SerializationError 2020-12-01 19:16:41 -08:00