Decouple CAuxPow from CBaseMerkleTx.

domob1812 · domob1812 · commit a33a19009663 · 2019-04-08T14:03:15.000+02:00
This refactors CAuxPow to be independent of CBaseMerkleTx. Instead, the fields and serialisation code are put directly in CAuxPow as needed. By doing so, we can also get rid of two redundant fields: The hashBlock (which is always zero anyway since the last commit) and nIndex, which is also always zero for a coinbase tx. Those fields are still present in the serialisation format (for backwards compatibility), but not in the actual instance. Note that this changes the consensus behaviour: Previously, CAuxPow instances with a non-zero nIndex value would be invalid. With this change, the nIndex value is ignored, so that those will be accepted. That is, however, fine, since the auxpow is just used to provide PoW for a block and does not otherwise influence the consensus state. If an attacker makes use of this change to send out blocks that are accepted by new nodes while they are rejected by old nodes, this is equivalent to the attacker simply refusing to send blocks to old nodes (which they can always do if they wish, independent of that particular change). For reference, see namecoin/namecoin-core#288.
diff --git a/src/auxpow.cpp b/src/auxpow.cpp
@@ -41,9 +41,6 @@ bool
 CAuxPow::check (const uint256& hashAuxBlock, int nChainId,
                 const Consensus::Params& params) const
 {
-    if (coinbaseTx.nIndex != 0)
-        return error("AuxPow is not a generate");
-
     if (params.fStrictChainId && parentBlock.GetChainId () == nChainId)
         return error("Aux POW parent has our chain ID");
 
@@ -57,12 +54,11 @@ CAuxPow::check (const uint256& hashAuxBlock, int nChainId,
     std::reverse (vchRootHash.begin (), vchRootHash.end ()); // correct endian
 
     // Check that we are in the parent block merkle tree
-    if (CheckMerkleBranch(coinbaseTx.GetHash(), coinbaseTx.vMerkleBranch,
-                          coinbaseTx.nIndex)
+    if (CheckMerkleBranch(coinbaseTx->GetHash(), vMerkleBranch, 0)
           != parentBlock.hashMerkleRoot)
         return error("Aux POW merkle root incorrect");
 
-    const CScript script = coinbaseTx.tx->vin[0].scriptSig;
+    const CScript script = coinbaseTx->vin[0].scriptSig;
 
     // Check that the same work is not submitted twice to our chain.
     //
@@ -191,11 +187,10 @@ CAuxPow::createAuxPow (const CPureBlockHeader& header)
   parent.hashMerkleRoot = BlockMerkleRoot (parent);
 
   /* Construct the auxpow object.  */
-  std::unique_ptr<CAuxPow> auxpow(new CAuxPow (coinbaseRef));
+  std::unique_ptr<CAuxPow> auxpow(new CAuxPow (std::move (coinbaseRef)));
+  assert (auxpow->vMerkleBranch.empty ());
   assert (auxpow->vChainMerkleBranch.empty ());
   auxpow->nChainIndex = 0;
-  assert (auxpow->coinbaseTx.vMerkleBranch.empty ());
-  auxpow->coinbaseTx.nIndex = 0;
   auxpow->parentBlock = parent;
 
   return auxpow;
diff --git a/src/auxpow.h b/src/auxpow.h
@@ -89,19 +89,19 @@ class CBaseMerkleTx
 
 /**
  * Data for the merge-mining auxpow.  This uses a merkle tx (the parent block's
- * coinbase tx) and a manual merkle branch to link the actual Namecoin block
+ * coinbase tx) and a second merkle branch to link the actual Namecoin block
  * header to the parent block header, which is mined to satisfy the PoW.
  */
 class CAuxPow
 {
 
 private:
 
-  /**
-   * The parent block's coinbase tx, which is used to link the auxpow from
-   * the tx input to the parent block header.
-   */
-  CBaseMerkleTx coinbaseTx;
+  /** The parent block's coinbase transaction.  */
+  CTransactionRef coinbaseTx;
+
+  /** The Merkle branch of the coinbase tx to the parent block's root.  */
+  std::vector<uint256> vMerkleBranch;
 
   /** The merkle branch connecting the aux block to our coinbase.  */
   std::vector<uint256> vChainMerkleBranch;
@@ -126,8 +126,8 @@ class CAuxPow
 public:
 
   /* Prevent accidental conversion.  */
-  inline explicit CAuxPow (CTransactionRef txIn)
-    : coinbaseTx (txIn)
+  inline explicit CAuxPow (CTransactionRef&& txIn)
+    : coinbaseTx (std::move (txIn))
   {}
 
   CAuxPow () = default;
@@ -138,21 +138,23 @@ class CAuxPow
     inline void
     SerializationOp (Stream& s, Operation ser_action)
   {
-    READWRITE (coinbaseTx);
+    /* The coinbase Merkle tx' hashBlock field is never actually verified
+       or used in the code for an auxpow (and never was).  The parent block
+       is known anyway directly, so this is also redundant.  By setting the
+       value to zero (for serialising), we make sure that the format is
+       backwards compatible but the data can be compressed.  */
+    uint256 hashBlock;
 
-    /* The Merkle block hash in an auxpow is never verified or used for
-       anything, and the block hash is known anyway from the parent block.
-       Thus we can just as well set the hash to zero, so that it compresses
-       better (and we exclude any accidental use in the future).  */
-    if (ser_action.ForRead ())
-      coinbaseTx.hashBlock.SetNull ();
+    /* The index of the parent coinbase tx is always zero.  */
+    int nIndex = 0;
 
-    /* When writing, we should always have a zero hashBlock already.  There
-       is no code path that actually sets the hashBlock to something nonzero
-       (and if there is, then it is a bug).  */
-    else
-      assert (coinbaseTx.hashBlock.IsNull ());
+    /* Data from the coinbase transaction as Merkle tx.  */
+    READWRITE (coinbaseTx);
+    READWRITE (hashBlock);
+    READWRITE (vMerkleBranch);
+    READWRITE (nIndex);
 
+    /* Additional data for the auxpow itself.  */
     READWRITE (vChainMerkleBranch);
     READWRITE (nChainIndex);
     READWRITE (parentBlock);
diff --git a/src/rpc/blockchain.cpp b/src/rpc/blockchain.cpp
@@ -96,17 +96,16 @@ UniValue AuxpowToJSON(const CAuxPow& auxpow)
 
     {
         UniValue tx(UniValue::VOBJ);
-        tx.pushKV("hex", EncodeHexTx(*auxpow.coinbaseTx.tx));
-        TxToJSON(*auxpow.coinbaseTx.tx, auxpow.parentBlock.GetHash(), tx);
+        tx.pushKV("hex", EncodeHexTx(*auxpow.coinbaseTx));
+        TxToJSON(*auxpow.coinbaseTx, auxpow.parentBlock.GetHash(), tx);
         result.pushKV("tx", tx);
     }
 
-    result.pushKV("index", auxpow.coinbaseTx.nIndex);
     result.pushKV("chainindex", auxpow.nChainIndex);
 
     {
         UniValue branch(UniValue::VARR);
-        for (const auto& node : auxpow.coinbaseTx.vMerkleBranch)
+        for (const auto& node : auxpow.vMerkleBranch)
             branch.push_back(node.GetHex());
         result.pushKV("merklebranch", branch);
     }
diff --git a/src/test/auxpow_tests.cpp b/src/test/auxpow_tests.cpp
@@ -52,10 +52,11 @@ class CAuxPowForTest : public CAuxPow
 public:
 
   explicit inline CAuxPowForTest (CTransactionRef txIn)
-    : CAuxPow (txIn)
+    : CAuxPow (std::move (txIn))
   {}
 
   using CAuxPow::coinbaseTx;
+  using CAuxPow::vMerkleBranch;
   using CAuxPow::vChainMerkleBranch;
   using CAuxPow::nChainIndex;
   using CAuxPow::parentBlock;
@@ -195,9 +196,7 @@ CAuxpowBuilder::get (const CTransactionRef tx) const
   LOCK(cs_main);
 
   CAuxPowForTest res(tx);
-  res.coinbaseTx.nIndex = 0;
-  res.coinbaseTx.vMerkleBranch
-      = merkle_tests::BlockMerkleBranch (parentBlock, res.coinbaseTx.nIndex);
+  res.vMerkleBranch = merkle_tests::BlockMerkleBranch (parentBlock, 0);
 
   res.vChainMerkleBranch = auxpowChainMerkleBranch;
   res.nChainIndex = auxpowChainIndex;
diff --git a/test/functional/auxpow_mining.py b/test/functional/auxpow_mining.py
@@ -109,7 +109,6 @@ def test_common (self, create, submit):
     data = self.nodes[1].getblock (auxblock['hash'])
     assert 'auxpow' in data
     auxJson = data['auxpow']
-    assert_equal (auxJson['index'], 0)
     assert_equal (auxJson['chainindex'], 0)
     assert_equal (auxJson['merklebranch'], [])
     assert_equal (auxJson['chainmerklebranch'], [])
diff --git a/test/functional/auxpow_zerohash.py b/test/functional/auxpow_zerohash.py
@@ -96,6 +96,18 @@ def run_test (self):
     p2pStore.send_blocks_and_test ([blk], node, success=True)
     assert_equal (node.getbestblockhash (), blkHash)
 
+    self.log.info ("Sending non-zero nIndex auxpow through RPC...")
+    blk, blkHash = self.createBlock ()
+    blk.auxpow.nIndex = 42
+    assert_equal (node.submitblock (blk.serialize ().hex ()), None)
+    assert_equal (node.getbestblockhash (), blkHash)
+
+    self.log.info ("Sending non-zero nIndex auxpow through P2P...")
+    blk, blkHash = self.createBlock ()
+    blk.auxpow.nIndex = 42
+    p2pStore.send_blocks_and_test ([blk], node, success=True)
+    assert_equal (node.getbestblockhash (), blkHash)
+
   def createBlock (self):
     """
     Creates and mines a new block with auxpow.

Original file line number	Diff line number	Diff line change
`@@ -96,17 +96,16 @@ UniValue AuxpowToJSON(const CAuxPow& auxpow)`
`96`	`96`
`97`	`97`	`{`
`98`	`98`	`UniValue tx(UniValue::VOBJ);`
`99`		`- tx.pushKV("hex", EncodeHexTx(*auxpow.coinbaseTx.tx));`
`100`		`- TxToJSON(*auxpow.coinbaseTx.tx, auxpow.parentBlock.GetHash(), tx);`
	`99`	`+ tx.pushKV("hex", EncodeHexTx(*auxpow.coinbaseTx));`
	`100`	`+ TxToJSON(*auxpow.coinbaseTx, auxpow.parentBlock.GetHash(), tx);`
`101`	`101`	`result.pushKV("tx", tx);`
`102`	`102`	`}`
`103`	`103`
`104`		`- result.pushKV("index", auxpow.coinbaseTx.nIndex);`
`105`	`104`	`result.pushKV("chainindex", auxpow.nChainIndex);`
`106`	`105`
`107`	`106`	`{`
`108`	`107`	`UniValue branch(UniValue::VARR);`
`109`		`- for (const auto& node : auxpow.coinbaseTx.vMerkleBranch)`
	`108`	`+ for (const auto& node : auxpow.vMerkleBranch)`
`110`	`109`	`branch.push_back(node.GetHex());`
`111`	`110`	`result.pushKV("merklebranch", branch);`
`112`	`111`	`}`