Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fully anonymise timestamps in version messages when broadcasting transactions #3300

Closed
Tracked by #2311
teor2345 opened this issue Dec 26, 2021 · 3 comments
Closed
Tracked by #2311

Fully anonymise timestamps in version messages when broadcasting transactions #3300

teor2345 opened this issue Dec 26, 2021 · 3 comments
Labels
A-network Area: Network protocol updates or fixes C-security Category: Security issues I-privacy Zebra discloses private information S-needs-investigation Status: Needs further investigation

Comments

@teor2345
Copy link
Contributor

teor2345 commented Dec 26, 2021
edited
Loading

Motivation

Zebra should broadcast user-generated transactions using anonymised connections. (These transactions can be generated by lightwalletd wallets.)

Currently, Zebra's isolated connections send a truncated timestamp in their version messages. But truncated clock skew can still be used to track users, so it would be better if we just set that field to zero. (There are statistical attacks that check when truncated values change.)

But first, we need to check that zcashd accepts transactions sent with this kind of version message.

Existing Designs

This could be an improvement on the draft Stolon RFC:
https://github.com/ZcashFoundation/zebra/blob/main/book/src/dev/rfcs/drafts/xxxx-stolon.md#isolated-minimally-distinguishable-connections

Suggested Solution

Timestamp:

  • Check whether zcashd does anything with the version timestamp
  • Send zeroed timestamps in isolated network connections

Remote Peer Services:

  • Check whether zcashd does anything with the address_recv peer services
  • Send empty remote peer services in isolated network connections
@teor2345 teor2345 added S-needs-triage Status: A bug report needs triage S-needs-investigation Status: Needs further investigation P-Medium C-security Category: Security issues I-privacy Zebra discloses private information A-network Area: Network protocol updates or fixes labels Dec 26, 2021
@daira
Copy link
Contributor

daira commented Dec 27, 2021
edited
Loading

Prior to version 2.1.1-1, zcashd would by default adjust its local clock based on timestamps received from its peers. That was an insecure thing to do, and as of 2.1.1-1 that behaviour was disabled by default; in zcash/zcash#4374 the time adjustment code was removed entirely. Zcashd does warn if its peers' clocks are too different; see that PR for details.

In particular, if zebra sends a zero timestamp then zcashd will ignore it, even for the clock warning, because it is "more than 10 days away from the current local time".

For the peer services, I would recommend just fixing them at whatever current zcashd sends (assuming you support those services). It's relatively unlikely that we will use additional peer services flags except in connection with backports from Bitcoin; we tend to rely on the peer protocol version to detect node capabilities instead.

@mpguerra
Copy link
Contributor

Hey team! Please add your planning poker estimate with ZenHub @conradoplg @dconnolly @jvff @oxarbitrage @teor2345 @upbqdn

@mpguerra mpguerra mentioned this issue Jan 27, 2022
Closed
40 tasks
@ftm1000 ftm1000 removed the S-needs-triage Status: A bug report needs triage label Feb 14, 2022
@teor2345
Copy link
Contributor Author

teor2345 commented Mar 1, 2022

Our current code is probably ok for now.

@teor2345 teor2345 closed this as completed Mar 1, 2022
@arya2 arya2 mentioned this issue Mar 31, 2023
Merged
6 tasks
@mpguerra mpguerra mentioned this issue Apr 11, 2023
Closed
4 tasks
@mpguerra mpguerra closed this as not planned Won't fix, can't repro, duplicate, stale May 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-network Area: Network protocol updates or fixes C-security Category: Security issues I-privacy Zebra discloses private information S-needs-investigation Status: Needs further investigation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@daira @mpguerra @teor2345 @ftm1000