Randomness in mn payee selection

[demo]

@dark_wanderer If it was 10 days already then dashd (12.0) could see it as "never paid" even if it was before but that's ok, it means that you are in top 10% from which MNs are picked randomly so just keep your mn online do NOT restart it via masternode start-* commands and it should be paid eventually. If you restart, it will be brought to the end of the queue and you'll have to wait 7+ days to get into that top 10% again.

And this is the reason why static IPs are required for the masternodes....

Another nail in the coffin of the anonymity of the masternodes.

 

[UdjinM6]

And this is the reason why static IPs are required for the masternodes....

Another nail in the coffin of the anonymity of the masternodes.

no, it's not

 

[demo]

no, it's not

But if you dynamiccaly change IPs, isnt it equivalant to restarting ?

If you restart, it will be brought to the end of the queue and you'll have to wait 7+ days to get into that top 10% again.

 

[UdjinM6]

But if you dynamiccaly change IPs, is it equivalant to restarting ?

no, static IP is only required to make it discoverable/available

Sorry for off-topic here, but could you please post the name of the source file with the implementation of this random/deterministic selection?

masternodeman.cpp, look for `CMasternodeMan::GetNextMasternodeInQueueForPayment` and dig from there

 

[demo]

no, static IP is only required to make it discoverable/available

code?

masternodeman.cpp, look for `CMasternodeMan::GetNextMasternodeInQueueForPayment` and dig from there

CMasternode *CMasternodeMan::FindRandomNotInVec(std::vector<CTxIn> &vecToExclude, int protocolVersion) {
LOCK(cs);
protocolVersion = protocolVersion == -1 ? masternodePayments.GetMinMasternodePaymentsProto() : protocolVersion;
int nCountEnabled = CountEnabled(protocolVersion);
LogPrintf("CMasternodeMan::FindRandomNotInVec - nCountEnabled - vecToExclude.size() %d\n", nCountEnabled - vecToExclude.size());
if(nCountEnabled - vecToExclude.size() < 1) return NULL;
int rand = GetRandInt(nCountEnabled - vecToExclude.size());
LogPrintf("CMasternodeMan::FindRandomNotInVec - rand %d\n", rand);
bool found;

BOOST_FOREACH(CMasternode &mn, vMasternodes) {
if(mn.protocolVersion < protocolVersion || !mn.IsEnabled()) continue;
found = false;
BOOST_FOREACH(CTxIn &usedVin, vecToExclude) {
if(mn.vin.prevout == usedVin.prevout) {
found = true;
break;
}
}
if(found) continue;
if(--rand < 1) {
return &mn;
}
}

Is GetRandInt the randomness? Where is GetRandInt defined?

Why you dont let us search it in github?

 

[UdjinM6]

code?

https://github.com/dashpay/dash

Is GetRandInt the randomness? Where is this defined?

No, I already answered where to start digging. CalculateScore in masternode.cpp is your next stop.
GetRandInt is defined in random.cpp

 

[demo]

No, I already answered where to start digging. CalculateScore in masternode.cpp is your next stop.
GetRandInt is defined in random.cpp

No its not CalculateScore my next step. It is how randomness is defined.
If randomness is not truly random, then whatever you calculate is wrong.
Randomness is defined in random.cpp here.

This is a local randomness. Not a network randomness decided among Masternodes.
In order to calculate a true randomness, you need a secure multiparty computation protocol of randomness among masternodes.

I could change the random.cpp in my masternode and make it return non random values, and that way cheat your calculations.

void GetStrongRandBytes(unsigned char* out, int num)
{
assert(num <= 32); CSHA512 hasher; unsigned char buf[64];
// First source: OpenSSL's RNG
RandAddSeedPerfmon(); GetRandBytes(buf, 32); hasher.Write(buf, 32);
// Second source: OS RNG
GetOSRand(buf); hasher.Write(buf, 32);

// Produce output
hasher.Finalize(buf);
memcpy(out, buf, num);
memory_cleanse(buf, 64);
}

/** Get 32 bytes of system entropy. */
static void GetOSRand(unsigned char *ent32)
{
int f = open("/dev/urandom", O_RDONLY);
if (f == -1) {
RandFailure();
}
int have = 0;
do {
ssize_t n = read(f, ent32 + have, 32 - have);
if (n <= 0 || n + have > 32) {
RandFailure();
}
have += n;
} while (have < 32);
close(f);
}

and

static inline int64_t GetPerformanceCounter()
{
int64_t nCounter = 0;
timeval t;
gettimeofday(&t, NULL);
nCounter = (int64_t)(t.tv_sec * 1000000 + t.tv_usec);
return nCounter;
}

So it is enough for me to change my system's time and the way /dev/urandom behaves and that way cheat your system.

Am I wrong on something? Am I?

 

[demo]

no, static IP is only required to make it discoverable/available

code?

https://github.com/dashpay/dash

Can you give me something more specific?

Are you sure that dashd does not restart when I change the IP?

 

[demo]

So it is enough for me to change my system's time and the way /dev/urandom behaves and that way cheat your system.

Am I wrong on something? Am I?

Why nobody answers my question? If I am wrong, then why dont you prove my error?

If I am right, then what is the incective the Dash community gives to the people who discover the bugs?
I mean, why someone to reveal a bug, instead of trying to exploit it?

I think you should give incectives to the people who discover flaws in your system.
The role of the testers is very important, equaly important to the role of the developers.
You should allocate a budget some and pay them for each flaw they discover.

 

[UdjinM6]

...
Why you dont let us search it in github?

Ask github why they do this. Clone repo to your local machine and search as much as you like.

Why nobody answers my question? If I am wrong, then why dont you prove my error?
...

GetNextMasternodeInQueueForPayment != FindRandomNotInVec
You are looking at the wrong piece of code.

 

[demo]

GetNextMasternodeInQueueForPayment != FindRandomNotInVec
You are looking at the wrong piece of code.

You said:

@dark_wanderer If it was 10 days already then dashd (12.0) could see it as "never paid" even if it was before but that's ok, it means that you are in top 10% from which MNs are picked randomly so just keep your mn online do NOT restart it via masternode start-* commands and it should be paid eventually. If you restart, it will be brought to the end of the queue and you'll have to wait 7+ days to get into that top 10% again.

Where is this randomness in the code, if not into the FindRandomNotInVec ?

 

[demo]

So the truth is this.
Either you implement a Protocol for Multiparty Coin Toss with Dishonest Majority.
Or there is no randomness!

 

[demo]

Still waiting for an official answer (aka "where is the code?") regarding the way randomness is defined into the masternodes network.

 

[demo]

There is a discussion regarding this issue here:
https://www.dash.org/forum/threads/...-program-by-bugcrowd.15321/page-2#post-133234

After the very helpfull clarifications of @UdjinM6, my conclusion is this:

I will investigate whatever system random functions you may use into the code (if any), and how these functions (if hacked in the system) can affect code's behavior. Thanks for the hints and for the clarifications you gave to me . I always appreciate a code related talk with you.

Note that bitcoin's code has no dependacy at all from the local random device.
While dash's code has at least one dependacy here which (according my understanding) seems to affect a disconnected masternode to enter into the masternodes list again (and being a candidate to be paid).
Can this insecure randomness cause severe problems in case the local random device is hacked? I dont know. As long as I am not sure about it, neither I have a showcase to present it to you, the answer is IT CANNOT. It is obvious that you should trust @UdjinM6 on that, rather than me.

 

[demo]

While dash's code has at least one dependacy here

"Here" refers to masternodeman.cpp of 21 july 2017:
https://github.com/dashpay/dash/blo...26328f42cf463788ae/src/masternodeman.cpp#L633