Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing threshold parameter check for the create cluster command #3241

Open
aadomn opened this issue Aug 28, 2024 · 0 comments
Open

Missing threshold parameter check for the create cluster command #3241

aadomn opened this issue Aug 28, 2024 · 0 comments
Assignees
@aadomn
Labels
protocol Protocol Team tickets

Comments

@aadomn
Copy link
Contributor

aadomn commented Aug 28, 2024

🐞 Bug Report

Description

The create cluster command does not prevent misconfigurations where the threshold exceeds the number of nodes (eg 4-out-of-3 setting). This can lead to erroneous secret sharings that will not be capable of threshold signing nor reconstructing the joint secret.

Similarly, the create dkg command allows to pass --threshold=1 as input parameter but the subsequent dkg command will fail because the kryptology library returns an error if the threshold is smaller than 2.

Has this worked before in a previous version?

Yes, in all previous versions.

🔬 Minimal Reproduction

charon create cluster \
    --nodes=3 \
    --network=holesky \
    --num-validators=1 \
    --name="Quickstart Guide Cluster" \
    --cluster-dir="cluster" \
    --fee-recipient-addresses=0x000000000000000000000000000000000000dead \
    --withdrawal-addresses=0x000000000000000000000000000000000000dead \
    --threshold=4

🔥 Error

When trying to recombine the joint secret, it prints the following:

charon combine --cluster-dir="./cluster" --output-dir="./combined"
07:47:15.008 INFO cmd        Recombining private key shares           {"input_dir": "/opt/charon/cluster", "output_dir": "/opt/charon/combined"}
07:47:15.044 INFO cmd        Loading keystore                         {"path": "/opt/charon/cluster/node0/validator_keys"}
07:47:15.109 INFO cmd        Loading keystore                         {"path": "/opt/charon/cluster/node1/validator_keys"}
07:47:15.173 INFO cmd        Loading keystore                         {"path": "/opt/charon/cluster/node2/validator_keys"}
07:47:15.237 ERRO cmd        Fatal error: insufficient private key shares found for validator {"validator_index": 0, "expected": 4, "actual": 3}
	cmd/combine/combine.go:99 .Combine
	cmd/combine.go:56 .newCombineFunc
	cmd/combine.go:31 .func1
	cmd/cmd.go:91 .func1
	main.go:19 .main

🌍 Your Environment

Operating System:

  
Ubuntu 24.04 LTS

What version of Charon are you running? (Which release)

  
1.0.1

Anything else relevant (validator index / public key)?
@aadomn aadomn self-assigned this Aug 28, 2024
@github-actions github-actions bot added the protocol Protocol Team tickets label Aug 28, 2024
@aadomn aadomn mentioned this issue Aug 28, 2024
Merged
obol-bulldozer bot pushed a commit that referenced this issue Sep 9, 2024
@aadomn
cmd: hardening threshold parameter checks (#3242)
98b84e1 
Ensure the threshold parameter given as input to the `create dkg` and `create cluster` commands is sound.

category: bug
ticket: #3241
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aadomn aadomn

Labels
protocol Protocol Team tickets
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aadomn