• Forum has been upgraded, all links, images, etc are as they were. Please see Official Announcements for more information

Temporary disabling of InstandSend due to potential quorum exploit method

@camosoul Thank you for your reply - 22 days is nuts. My mn finally got paid a few hours into its twelfth day. If it makes a habit of that I'd be tempted to put it down to an 'unlucky' hash or masternode key or whatever the selection criteria is. Starting over with a new address and masternode key (and ip address etc) couldn't really hurt with delays like that.
It doesn't help to change key/address. You're just putting yourself at the back of the line.

Sometimes shit just happens.

The overwhelming majority hold entropy to ~half day worth of blocks.

I've got one hanging on to 13 days right now... But, two others popped at 6 days... Should be ~7.5.

If you have only 1 or 2 nodes the aberrations stand out to the limited sample proportion. When you look at the entire stack, it's stable.

Go to dash ninja and sort the whole stack by payment.
 
Is there an obvious fix for this InstantSend exploit or will it require more work than that?
OP:
As 12.2 release is imminent, our intention is to include the fix as part of the 12.2 release process, which is estimated within the next few weeks, instead of releasing a hotfix immediately, to minimize the disruption in the coming network upgrade.
reeding iz gud
 
Last edited:
What is the status of the fix ?

30 aug: fix completed and qa'ed (according to AndyDark)
24 sep: work on fixing in progress (1st annual dash conference)

anyway, when would it be safe to use InstaSend?

Otoh owns more than 6 masternodes. So, it is not unrealistic to conduct such an attack ...
 
IS will be back on when 12.2 is released

otho ?
what does otho has to do with this

save to use
it is disabled so there is nothing to use
 
What is the status of the fix ?

30 aug: fix completed and qa'ed (according to AndyDark)
24 sep: work on fixing in progress (1st annual dash conference)

anyway, when would it be safe to use InstaSend?

Otoh owns more than 6 masternodes. So, it is not unrealistic to conduct such an attack ...


When they turn it on again, it will be safe to use.
 
Thanks for the feedback.

Could you also please answer the following questions with yes/no?

1) Has the fix been completed and qa'ed on 30 sep 2017?
2) Is work on the fix still in progress as of 24 sep 2017?
3) Is work on the fix still in progress as of today?
 
Hi @AndyDark, any update on 12.2? It's been nearly a month since this original post, and InstantSend being disabled has prevented a number of projects from continuing development. In general, it's just good to know what to tell people when they ask when they'll be able to use InstantSend again. Thanks!
 
There were 2 major fixes:
https://github.com/dashpay/dash/pull/1592
https://github.com/dashpay/dash/pull/1620
and few smaller followups/cleanups later.
Due to the nature of the vulnerability/fix we can't just apply it on the live network and we have to wait for 12.2 to activate it via soft-fork-like mechanism.

Yes, that was well understood. What I'm not entirely clear about is when the release is planned. The roadmap said September.

I realize that this is a complicated problem that I'm glad I don't have to handle, it just puts me in a difficult position when newcomers ask about when they can use InstantSend and I don't have an answer. It reflects poorly on Dash and makes it seem like things are broken and a mess, and while I know that such isn't true at all, I'd like to be able to answer that question with confidence.
 
Yes, that was well understood. What I'm not entirely clear about is when the release is planned. The roadmap said September.

I realize that this is a complicated problem that I'm glad I don't have to handle, it just puts me in a difficult position when newcomers ask about when they can use InstantSend and I don't have an answer. It reflects poorly on Dash and makes it seem like things are broken and a mess, and while I know that such isn't true at all, I'd like to be able to answer that question with confidence.
The roadmap was put together before IS issue was even discovered and it took a lot of time to find a proper way to fix it (initially we had another fix prepared btw). Anyway, all major tickets for 12.2 are closed now and everything (2mb blocks, lower fees, IS fix, and a whole bunch of internal fixes/backports/refactoring) seems to be working as designed. We are forking testnet right now to test migration process and to make sure that we didn't miss anything and dip0001 activation + network upgrade work well together (these were two separate events on "old" testnet). That's going to take few more days, not sure how long but at least 3 more. If no issues are found during this, then we are going to start migration at the very end of September (30th) or first days of October (more likely). Then it depends on how fast masternoders/miners are going to update so that dip0001 could lock in/activate and thus trigger other fixes. However, you should keep in mind that dip0001 lock in is going to require at least a week in any case, see https://github.com/dashpay/dips/blob/master/dip-0001.md#selection-of-parameters and _this_ is the earliest time we can turn IS back on. Considering how long it usually takes to update MNs, I'd say this day (of IS activation) is probably closer to mid of October.
 
The roadmap was put together before IS issue was even discovered and it took a lot of time to find a proper way to fix it (initially we had another fix prepared btw). Anyway, all major tickets for 12.2 are closed now and everything (2mb blocks, lower fees, IS fix, and a whole bunch of internal fixes/backports/refactoring) seems to be working as designed. We are forking testnet right now to test migration process and to make sure that we didn't miss anything and dip0001 activation + network upgrade work well together (these were two separate events on "old" testnet). That's going to take few more days, not sure how long but at least 3 more. If no issues are found during this, then we are going to start migration at the very end of September (30th) or first days of October (more likely). Then it depends on how fast masternoders/miners are going to update so that dip0001 could lock in/activate and thus trigger other fixes. However, you should keep in mind that dip0001 lock in is going to require at least a week in any case, see https://github.com/dashpay/dips/blob/master/dip-0001.md#selection-of-parameters and _this_ is the earliest time we can turn IS back on. Considering how long it usually takes to update MNs, I'd say this day (of IS activation) is probably closer to mid of October.

Thanks for the detailed response, this is definitely something I can work with.

Question: in the original post, Andy mentioned the possibility of an immediate hotfix instead of waiting for 12.2. What would have been the timeline for this approach from the moment the problem was announced?
 
Back
Top