![EfficiencyDOGE's tweet photo. Public Disclosure of "DogeReaper", a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely.
See the video below for a demonstration.
It works similarly to the Japanese manga series "Death Note", where you write down the name of a person and that person immediately dies of a heart attack.
DogeReaper is similar, where you write down the address of any Dogecoin node, and that node instantly dies of a Segmentation Fault.
Since the addresses of the Dogecoin nodes are known publicly, anyone could crash the entire Dogecoin network in an instant.
If a malicious actor would’ve found this bug instead of us, he could have stopped the Dogecoin network for at least a few days, with no transactions or blocks.
This would’ve caused a lot of FUD, and the $DOGE price surely would have been closer to $0 than to $1.
Luckily though, we discovered this bug before all this could happen, and DOGE is safe.
We've privately disclosed this vulnerability to the parties most affected by this (miners, exchanges), and most systems have been patched.
NB: @Coinbase considers the severity of this as “Low” and “informative”.
A fix has already been deployed as part of Dogecoin Core 1.14.9. Any version below that is affected by this vulnerability, which according to Blockchair are around 90% of nodes.
Our implementation "doged" is not affected (previously called "Dogecash"). Link in the replies if you want to run your own instance.
If you're running any of the versions 1.14.8 and below, you MUST update your node. Otherwise, anyone can crash it remotely with minimal effort, as shown in the video demonstration.
A signed SHA-256 commitment to prove authorship has been made on Nov 22 on this Twitter account, and in this Dogecoin transaction: c0316b81038bb3c45f50f9cfa929afebcbb17770f95e5cabd133581a147e26e8
So here it is, the DogeReaper vulnerability:
Summary: Malformed AuxPow Coinbase Causes Segmentation Fault in Dogecoin
Responsible Disclosure By:
Tobias Ruck <tobias.ruck@be.cash>
Roqqit <roqqit@proton.me>
Bounties: DCJDfXGLWBy5psR5QkiTTq62dK1VmGKTtn
dogecoind Versions Affected: v1.14-rc-1 (released 2019) and later
dogecoin developer branch 1.21-dev is also affected.
Who is impacted? Potentially all dogecoind node operators (miners, exchanges, businesses).
Impact if exploited: Potential to remotely crash dogecoind and halt the Dogecoin network. User funds are not at risk.
Public Disclosure: We anticipate publishing the public disclosure on or after December 4th, 2024. We encourage you to patch
and test your systems before this date.
Suggested Remedy:
Immediately apply the following patch to dogecoind:
```
diff --git a/src/auxpow.cpp b/src/auxpow.cpp
index 56b919d3b..dfc378abb 100644
--- a/src/auxpow.cpp
+++ b/src/auxpow.cpp
@@ -101,6 +101,10 @@ CAuxPow::check(const uint256& hashAuxBlock, int nChainId,
!= parentBlock.hashMerkleRoot)
return error("Aux POW merkle root incorrect");
+ if (tx->vin.empty()) {
+ return error("Aux POW coinbase has no inputs");
+ }
+
const CScript script = tx->vin[0].scriptSig;
// Check that the same work is not submitted twice to our chain.
```
Alternative Remedy:
Replace dogecoind with the Dogecash node implementation. See https://t.co/RLmO2cDHFx and read more details
about it in the Dogecash section at the bottom of this disclosure.
Details:
Commit bc8cca48968dfa3f60b5eae6a2b92bdd2870eee3 introduced AuxPow support into dogecoind. AuxPow is a feature that allows
Dogecoin and other blockchain networks to share proof of work. While the AuxPow data is not validated in entirety (since
dogecoind has no way to know the consensus rules of other blockchains), there is verification of the proof of work of the
AuxPow payload. This is done in AuxPow::check() in src/auxpow.cpp. The vulnerability in question relates to this line:
const CScript script = tx->vin[0].scriptSig;
Note the assumption that tx->vin is not empty. No validation is done to ensure tx->vin contains one or more entries.
We verified the impact of this vulnerability by applying the following patch which tests AuxPow with no inputs in tx-vin:
```
diff --git a/qa/rpc-tests/test_framework/scrypt_auxpow.py b/qa/rpc-tests/test_framework/scrypt_auxpow.py
index 3beefa057..c2f999947 100644
--- a/qa/rpc-tests/test_framework/scrypt_auxpow.py
+++ b/qa/rpc-tests/test_framework/scrypt_auxpow.py
@@ -36,7 +36,7 @@ def computeAuxpowWithChainId (block, target, chainid, ok):
# Build up the full coinbase transaction. It consists only
# of the input and has no outputs.
- tx = "01000000" + vin + "00" + ("00" * 4)
+ tx = "01000000" + "00" + "00" + ("00" * 4)
txHash = doubleHashHex (tx)
# Construct the parent block header. It need not be valid, just good
```
And then running the AuxPow functional test:
make && ./qa/pull-tester/rpc-tests.py https://t.co/sTWwQPAnlQ
Note that the test fails with error code -11 SIGSEGV, indicating the node segfaulted during the test.
Because of the nature of this functional test, we believe this is a reasonable approximation of the
behavior we would see if this were exploited in the wild. The cost to an attacker to exploit this is
extremely low and the complexity of such an attack is also extremely low.
With the patch applied from the Suggested Remedy section above, note how the modified test no longer
reports a segfault and instead reports only the expected test failure.
We also discovered that the AuxPow implementation was backported from Namecoin (https://t.co/xR3bDJ6Rpj),
however this vulnerability has already been patched as of May 15, 2019:
https://t.co/9sOpClr6dA
so no attempt to contact the Namecoin developers or businesses has been made.
We have not yet identified other software forks that may be affected. We encourage recipients of this disclosure report
to share it with trusted individuals related to projects forked from either Namecoin or Dogecoin. Please note that time
is of the essence, and sharing this days prior to the public disclosure date is encouraged.
Dogecash as Alternate Remedy:
Over the last 5 months, we have been developing a high performance Dogecoin node implementation that we call Dogecash.
Dogecash is not a new blockchain. It is an alternative node implementation that is 100% compatible with Dogecoin.
In addition to various improvements in performance, usability, and test coverage, you may notice Dogecash does not
suffer from the same vulnerability. You may also notice that Dogecash's modern RPC suite more similarly matches the
ones you are already familiar with on Bitcoin (BTC) and eCash (XEC). Our RPC suite is significantly faster than
dogecoind, has better test coverage, faster sync/IBD, and the code is cleaner and easier to review. It also ships
with a fast blockchain indexer. We humbly invite you try out Dogecash and are welcome to feedback: https://t.co/RLmO2cDHFx
If you plan to run Dogecash, please test against your internal systems before deploying on Dogecoin mainnet.
If you encounter any issues, you can email us with your feedback.](https://pbs.twimg.com/media/Gd-HjjLW8AA4_YG.jpg)
![EfficiencyDOGE's tweet photo. Public Disclosure of "DogeReaper", a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely.
See the video below for a demonstration.
It works similarly to the Japanese manga series "Death Note", where you write down the name of a person and that person immediately dies of a heart attack.
DogeReaper is similar, where you write down the address of any Dogecoin node, and that node instantly dies of a Segmentation Fault.
Since the addresses of the Dogecoin nodes are known publicly, anyone could crash the entire Dogecoin network in an instant.
If a malicious actor would’ve found this bug instead of us, he could have stopped the Dogecoin network for at least a few days, with no transactions or blocks.
This would’ve caused a lot of FUD, and the $DOGE price surely would have been closer to $0 than to $1.
Luckily though, we discovered this bug before all this could happen, and DOGE is safe.
We've privately disclosed this vulnerability to the parties most affected by this (miners, exchanges), and most systems have been patched.
NB: @Coinbase considers the severity of this as “Low” and “informative”.
A fix has already been deployed as part of Dogecoin Core 1.14.9. Any version below that is affected by this vulnerability, which according to Blockchair are around 90% of nodes.
Our implementation "doged" is not affected (previously called "Dogecash"). Link in the replies if you want to run your own instance.
If you're running any of the versions 1.14.8 and below, you MUST update your node. Otherwise, anyone can crash it remotely with minimal effort, as shown in the video demonstration.
A signed SHA-256 commitment to prove authorship has been made on Nov 22 on this Twitter account, and in this Dogecoin transaction: c0316b81038bb3c45f50f9cfa929afebcbb17770f95e5cabd133581a147e26e8
So here it is, the DogeReaper vulnerability:
Summary: Malformed AuxPow Coinbase Causes Segmentation Fault in Dogecoin
Responsible Disclosure By:
Tobias Ruck <tobias.ruck@be.cash>
Roqqit <roqqit@proton.me>
Bounties: DCJDfXGLWBy5psR5QkiTTq62dK1VmGKTtn
dogecoind Versions Affected: v1.14-rc-1 (released 2019) and later
dogecoin developer branch 1.21-dev is also affected.
Who is impacted? Potentially all dogecoind node operators (miners, exchanges, businesses).
Impact if exploited: Potential to remotely crash dogecoind and halt the Dogecoin network. User funds are not at risk.
Public Disclosure: We anticipate publishing the public disclosure on or after December 4th, 2024. We encourage you to patch
and test your systems before this date.
Suggested Remedy:
Immediately apply the following patch to dogecoind:
```
diff --git a/src/auxpow.cpp b/src/auxpow.cpp
index 56b919d3b..dfc378abb 100644
--- a/src/auxpow.cpp
+++ b/src/auxpow.cpp
@@ -101,6 +101,10 @@ CAuxPow::check(const uint256& hashAuxBlock, int nChainId,
!= parentBlock.hashMerkleRoot)
return error("Aux POW merkle root incorrect");
+ if (tx->vin.empty()) {
+ return error("Aux POW coinbase has no inputs");
+ }
+
const CScript script = tx->vin[0].scriptSig;
// Check that the same work is not submitted twice to our chain.
```
Alternative Remedy:
Replace dogecoind with the Dogecash node implementation. See https://t.co/RLmO2cDHFx and read more details
about it in the Dogecash section at the bottom of this disclosure.
Details:
Commit bc8cca48968dfa3f60b5eae6a2b92bdd2870eee3 introduced AuxPow support into dogecoind. AuxPow is a feature that allows
Dogecoin and other blockchain networks to share proof of work. While the AuxPow data is not validated in entirety (since
dogecoind has no way to know the consensus rules of other blockchains), there is verification of the proof of work of the
AuxPow payload. This is done in AuxPow::check() in src/auxpow.cpp. The vulnerability in question relates to this line:
const CScript script = tx->vin[0].scriptSig;
Note the assumption that tx->vin is not empty. No validation is done to ensure tx->vin contains one or more entries.
We verified the impact of this vulnerability by applying the following patch which tests AuxPow with no inputs in tx-vin:
```
diff --git a/qa/rpc-tests/test_framework/scrypt_auxpow.py b/qa/rpc-tests/test_framework/scrypt_auxpow.py
index 3beefa057..c2f999947 100644
--- a/qa/rpc-tests/test_framework/scrypt_auxpow.py
+++ b/qa/rpc-tests/test_framework/scrypt_auxpow.py
@@ -36,7 +36,7 @@ def computeAuxpowWithChainId (block, target, chainid, ok):
# Build up the full coinbase transaction. It consists only
# of the input and has no outputs.
- tx = "01000000" + vin + "00" + ("00" * 4)
+ tx = "01000000" + "00" + "00" + ("00" * 4)
txHash = doubleHashHex (tx)
# Construct the parent block header. It need not be valid, just good
```
And then running the AuxPow functional test:
make && ./qa/pull-tester/rpc-tests.py https://t.co/sTWwQPAnlQ
Note that the test fails with error code -11 SIGSEGV, indicating the node segfaulted during the test.
Because of the nature of this functional test, we believe this is a reasonable approximation of the
behavior we would see if this were exploited in the wild. The cost to an attacker to exploit this is
extremely low and the complexity of such an attack is also extremely low.
With the patch applied from the Suggested Remedy section above, note how the modified test no longer
reports a segfault and instead reports only the expected test failure.
We also discovered that the AuxPow implementation was backported from Namecoin (https://t.co/xR3bDJ6Rpj),
however this vulnerability has already been patched as of May 15, 2019:
https://t.co/9sOpClr6dA
so no attempt to contact the Namecoin developers or businesses has been made.
We have not yet identified other software forks that may be affected. We encourage recipients of this disclosure report
to share it with trusted individuals related to projects forked from either Namecoin or Dogecoin. Please note that time
is of the essence, and sharing this days prior to the public disclosure date is encouraged.
Dogecash as Alternate Remedy:
Over the last 5 months, we have been developing a high performance Dogecoin node implementation that we call Dogecash.
Dogecash is not a new blockchain. It is an alternative node implementation that is 100% compatible with Dogecoin.
In addition to various improvements in performance, usability, and test coverage, you may notice Dogecash does not
suffer from the same vulnerability. You may also notice that Dogecash's modern RPC suite more similarly matches the
ones you are already familiar with on Bitcoin (BTC) and eCash (XEC). Our RPC suite is significantly faster than
dogecoind, has better test coverage, faster sync/IBD, and the code is cleaner and easier to review. It also ships
with a fast blockchain indexer. We humbly invite you try out Dogecash and are welcome to feedback: https://t.co/RLmO2cDHFx
If you plan to run Dogecash, please test against your internal systems before deploying on Dogecoin mainnet.
If you encounter any issues, you can email us with your feedback.](https://pbs.twimg.com/media/Gd-HjjLWYAANEfE.jpg)
Olivia
Online
Department Of DOGE Efficiency
@EfficiencyDOGE
"Dogecoin is the people's crypto"—Elon Musk
Our mission is to scale and optimize Dogecoin so it can become fast, reliable and low-fee.
Washibeton DC
Joined November 2024
2 Following
479 Followers
138 Posts
Pinned Tweet
Public Disclosure of "DogeReaper", a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely.
See the video below for a demonstration.
It works similarly to the Japanese manga series "Death Note", where you write down the name of a person and that person immediately dies of a heart attack.
DogeReaper is similar, where you write down the address of any Dogecoin node, and that node instantly dies of a Segmentation Fault.
Since the addresses of the Dogecoin nodes are known publicly, anyone could crash the entire Dogecoin network in an instant.
If a malicious actor would’ve found this bug instead of us, he could have stopped the Dogecoin network for at least a few days, with no transactions or blocks.
This would’ve caused a lot of FUD, and the $DOGE price surely would have been closer to $0 than to $1.
Luckily though, we discovered this bug before all this could happen, and DOGE is safe.
We've privately disclosed this vulnerability to the parties most affected by this (miners, exchanges), and most systems have been patched.
NB: @Coinbase considers the severity of this as “Low” and “informative”.
A fix has already been deployed as part of Dogecoin Core 1.14.9. Any version below that is affected by this vulnerability, which according to Blockchair are around 90% of nodes.
Our implementation "doged" is not affected (previously called "Dogecash"). Link in the replies if you want to run your own instance.
If you're running any of the versions 1.14.8 and below, you MUST update your node. Otherwise, anyone can crash it remotely with minimal effort, as shown in the video demonstration.
A signed SHA-256 commitment to prove authorship has been made on Nov 22 on this Twitter account, and in this Dogecoin transaction: c0316b81038bb3c45f50f9cfa929afebcbb17770f95e5cabd133581a147e26e8
So here it is, the DogeReaper vulnerability:
Summary: Malformed AuxPow Coinbase Causes Segmentation Fault in Dogecoin
Responsible Disclosure By:
Tobias Ruck <[email protected]>
Roqqit <[email protected]>
Bounties: DCJDfXGLWBy5psR5QkiTTq62dK1VmGKTtn
dogecoind Versions Affected: v1.14-rc-1 (released 2019) and later
dogecoin developer branch 1.21-dev is also affected.
Who is impacted? Potentially all dogecoind node operators (miners, exchanges, businesses).
Impact if exploited: Potential to remotely crash dogecoind and halt the Dogecoin network. User funds are not at risk.
Public Disclosure: We anticipate publishing the public disclosure on or after December 4th, 2024. We encourage you to patch
and test your systems before this date.
Suggested Remedy:
Immediately apply the following patch to dogecoind:
```
diff --git a/src/auxpow.cpp b/src/auxpow.cpp
index 56b919d3b..dfc378abb 100644
--- a/src/auxpow.cpp
+++ b/src/auxpow.cpp
@@ -101,6 +101,10 @@ CAuxPow::check(const uint256& hashAuxBlock, int nChainId,
!= parentBlock.hashMerkleRoot)
return error("Aux POW merkle root incorrect");
+ if (tx->vin.empty()) {
+ return error("Aux POW coinbase has no inputs");
+ }
+
const CScript script = tx->vin[0].scriptSig;
// Check that the same work is not submitted twice to our chain.
```
Alternative Remedy:
Replace dogecoind with the Dogecash node implementation. See https://t.co/RLmO2cDHFx and read more details
about it in the Dogecash section at the bottom of this disclosure.
Details:
Commit bc8cca48968dfa3f60b5eae6a2b92bdd2870eee3 introduced AuxPow support into dogecoind. AuxPow is a feature that allows
Dogecoin and other blockchain networks to share proof of work. While the AuxPow data is not validated in entirety (since
dogecoind has no way to know the consensus rules of other blockchains), there is verification of the proof of work of the
AuxPow payload. This is done in AuxPow::check() in src/auxpow.cpp. The vulnerability in question relates to this line:
const CScript script = tx->vin[0].scriptSig;
Note the assumption that tx->vin is not empty. No validation is done to ensure tx->vin contains one or more entries.
We verified the impact of this vulnerability by applying the following patch which tests AuxPow with no inputs in tx-vin:
```
diff --git a/qa/rpc-tests/test_framework/scrypt_auxpow.py b/qa/rpc-tests/test_framework/scrypt_auxpow.py
index 3beefa057..c2f999947 100644
--- a/qa/rpc-tests/test_framework/scrypt_auxpow.py
+++ b/qa/rpc-tests/test_framework/scrypt_auxpow.py
@@ -36,7 +36,7 @@ def computeAuxpowWithChainId (block, target, chainid, ok):
# Build up the full coinbase transaction. It consists only
# of the input and has no outputs.
- tx = "01000000" + vin + "00" + ("00" * 4)
+ tx = "01000000" + "00" + "00" + ("00" * 4)
txHash = doubleHashHex (tx)
# Construct the parent block header. It need not be valid, just good
```
And then running the AuxPow functional test:
make && ./qa/pull-tester/rpc-tests.py https://t.co/sTWwQPAnlQ
Note that the test fails with error code -11 SIGSEGV, indicating the node segfaulted during the test.
Because of the nature of this functional test, we believe this is a reasonable approximation of the
behavior we would see if this were exploited in the wild. The cost to an attacker to exploit this is
extremely low and the complexity of such an attack is also extremely low.
With the patch applied from the Suggested Remedy section above, note how the modified test no longer
reports a segfault and instead reports only the expected test failure.
We also discovered that the AuxPow implementation was backported from Namecoin (https://t.co/xR3bDJ6Rpj),
however this vulnerability has already been patched as of May 15, 2019:
https://t.co/9sOpClr6dA
so no attempt to contact the Namecoin developers or businesses has been made.
We have not yet identified other software forks that may be affected. We encourage recipients of this disclosure report
to share it with trusted individuals related to projects forked from either Namecoin or Dogecoin. Please note that time
is of the essence, and sharing this days prior to the public disclosure date is encouraged.
Dogecash as Alternate Remedy:
Over the last 5 months, we have been developing a high performance Dogecoin node implementation that we call Dogecash.
Dogecash is not a new blockchain. It is an alternative node implementation that is 100% compatible with Dogecoin.
In addition to various improvements in performance, usability, and test coverage, you may notice Dogecash does not
suffer from the same vulnerability. You may also notice that Dogecash's modern RPC suite more similarly matches the
ones you are already familiar with on Bitcoin (BTC) and eCash (XEC). Our RPC suite is significantly faster than
dogecoind, has better test coverage, faster sync/IBD, and the code is cleaner and easier to review. It also ships
with a fast blockchain indexer. We humbly invite you try out Dogecash and are welcome to feedback: https://t.co/RLmO2cDHFx
If you plan to run Dogecash, please test against your internal systems before deploying on Dogecoin mainnet.
If you encounter any issues, you can email us with your feedback.
![EfficiencyDOGE's tweet photo. Public Disclosure of "DogeReaper", a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely.
See the video below for a demonstration.
It works similarly to the Japanese manga series "Death Note", where you write down the name of a person and that person immediately dies of a heart attack.
DogeReaper is similar, where you write down the address of any Dogecoin node, and that node instantly dies of a Segmentation Fault.
Since the addresses of the Dogecoin nodes are known publicly, anyone could crash the entire Dogecoin network in an instant.
If a malicious actor would’ve found this bug instead of us, he could have stopped the Dogecoin network for at least a few days, with no transactions or blocks.
This would’ve caused a lot of FUD, and the $DOGE price surely would have been closer to $0 than to $1.
Luckily though, we discovered this bug before all this could happen, and DOGE is safe.
We've privately disclosed this vulnerability to the parties most affected by this (miners, exchanges), and most systems have been patched.
NB: @Coinbase considers the severity of this as “Low” and “informative”.
A fix has already been deployed as part of Dogecoin Core 1.14.9. Any version below that is affected by this vulnerability, which according to Blockchair are around 90% of nodes.
Our implementation "doged" is not affected (previously called "Dogecash"). Link in the replies if you want to run your own instance.
If you're running any of the versions 1.14.8 and below, you MUST update your node. Otherwise, anyone can crash it remotely with minimal effort, as shown in the video demonstration.
A signed SHA-256 commitment to prove authorship has been made on Nov 22 on this Twitter account, and in this Dogecoin transaction: c0316b81038bb3c45f50f9cfa929afebcbb17770f95e5cabd133581a147e26e8
So here it is, the DogeReaper vulnerability:
Summary: Malformed AuxPow Coinbase Causes Segmentation Fault in Dogecoin
Responsible Disclosure By:
Tobias Ruck <tobias.ruck@be.cash>
Roqqit <roqqit@proton.me>
Bounties: DCJDfXGLWBy5psR5QkiTTq62dK1VmGKTtn
dogecoind Versions Affected: v1.14-rc-1 (released 2019) and later
dogecoin developer branch 1.21-dev is also affected.
Who is impacted? Potentially all dogecoind node operators (miners, exchanges, businesses).
Impact if exploited: Potential to remotely crash dogecoind and halt the Dogecoin network. User funds are not at risk.
Public Disclosure: We anticipate publishing the public disclosure on or after December 4th, 2024. We encourage you to patch
and test your systems before this date.
Suggested Remedy:
Immediately apply the following patch to dogecoind:
```
diff --git a/src/auxpow.cpp b/src/auxpow.cpp
index 56b919d3b..dfc378abb 100644
--- a/src/auxpow.cpp
+++ b/src/auxpow.cpp
@@ -101,6 +101,10 @@ CAuxPow::check(const uint256& hashAuxBlock, int nChainId,
!= parentBlock.hashMerkleRoot)
return error("Aux POW merkle root incorrect");
+ if (tx->vin.empty()) {
+ return error("Aux POW coinbase has no inputs");
+ }
+
const CScript script = tx->vin[0].scriptSig;
// Check that the same work is not submitted twice to our chain.
```
Alternative Remedy:
Replace dogecoind with the Dogecash node implementation. See https://t.co/RLmO2cDHFx and read more details
about it in the Dogecash section at the bottom of this disclosure.
Details:
Commit bc8cca48968dfa3f60b5eae6a2b92bdd2870eee3 introduced AuxPow support into dogecoind. AuxPow is a feature that allows
Dogecoin and other blockchain networks to share proof of work. While the AuxPow data is not validated in entirety (since
dogecoind has no way to know the consensus rules of other blockchains), there is verification of the proof of work of the
AuxPow payload. This is done in AuxPow::check() in src/auxpow.cpp. The vulnerability in question relates to this line:
const CScript script = tx->vin[0].scriptSig;
Note the assumption that tx->vin is not empty. No validation is done to ensure tx->vin contains one or more entries.
We verified the impact of this vulnerability by applying the following patch which tests AuxPow with no inputs in tx-vin:
```
diff --git a/qa/rpc-tests/test_framework/scrypt_auxpow.py b/qa/rpc-tests/test_framework/scrypt_auxpow.py
index 3beefa057..c2f999947 100644
--- a/qa/rpc-tests/test_framework/scrypt_auxpow.py
+++ b/qa/rpc-tests/test_framework/scrypt_auxpow.py
@@ -36,7 +36,7 @@ def computeAuxpowWithChainId (block, target, chainid, ok):
# Build up the full coinbase transaction. It consists only
# of the input and has no outputs.
- tx = "01000000" + vin + "00" + ("00" * 4)
+ tx = "01000000" + "00" + "00" + ("00" * 4)
txHash = doubleHashHex (tx)
# Construct the parent block header. It need not be valid, just good
```
And then running the AuxPow functional test:
make && ./qa/pull-tester/rpc-tests.py https://t.co/sTWwQPAnlQ
Note that the test fails with error code -11 SIGSEGV, indicating the node segfaulted during the test.
Because of the nature of this functional test, we believe this is a reasonable approximation of the
behavior we would see if this were exploited in the wild. The cost to an attacker to exploit this is
extremely low and the complexity of such an attack is also extremely low.
With the patch applied from the Suggested Remedy section above, note how the modified test no longer
reports a segfault and instead reports only the expected test failure.
We also discovered that the AuxPow implementation was backported from Namecoin (https://t.co/xR3bDJ6Rpj),
however this vulnerability has already been patched as of May 15, 2019:
https://t.co/9sOpClr6dA
so no attempt to contact the Namecoin developers or businesses has been made.
We have not yet identified other software forks that may be affected. We encourage recipients of this disclosure report
to share it with trusted individuals related to projects forked from either Namecoin or Dogecoin. Please note that time
is of the essence, and sharing this days prior to the public disclosure date is encouraged.
Dogecash as Alternate Remedy:
Over the last 5 months, we have been developing a high performance Dogecoin node implementation that we call Dogecash.
Dogecash is not a new blockchain. It is an alternative node implementation that is 100% compatible with Dogecoin.
In addition to various improvements in performance, usability, and test coverage, you may notice Dogecash does not
suffer from the same vulnerability. You may also notice that Dogecash's modern RPC suite more similarly matches the
ones you are already familiar with on Bitcoin (BTC) and eCash (XEC). Our RPC suite is significantly faster than
dogecoind, has better test coverage, faster sync/IBD, and the code is cleaner and easier to review. It also ships
with a fast blockchain indexer. We humbly invite you try out Dogecash and are welcome to feedback: https://t.co/RLmO2cDHFx
If you plan to run Dogecash, please test against your internal systems before deploying on Dogecoin mainnet.
If you encounter any issues, you can email us with your feedback.](https://pbs.twimg.com/media/Gd-HjjOXoAAZol1.jpg)
Stats on the dogecoin nodes: https://t.co/ESwbZXJy6x
Wow! Many doged nodes!
Network is growing. 14 nodes already!
doged very fast. 7x IBD than Dogecoin Core!
If you want to be a part of it, run your own node, link below 👇🏻
Announcement of doged, an ultra fast Dogecoin node
We made Dogecoin fast. By a lot. Almost an order of magnitude! @elonmusk
We’ve been working on a high-performance and modern Dogecoin node. In our benchmark, doged is 7.23x faster to sync the $DOGE blockchain compared to the currently most popular node. Our RPCs are up to 5.36x faster.
Lolwut?? How is this possible??
We’re developers who also work on “Bitcoin ABC”, the software powering the @eCashOfficial blockchain, which is a fork of Bitcoin. @Bitcoin_ABC has been made an incredibly efficient and feature-rich suite of blockchain software over the years.
It turns out that with a bit of work, we were able to make it fully compatible with the @dogecoin blockchain. @cb_doge @dogeofficialceo
This means not only does Dogecoin get a node that’s almost an order of magnitude faster than the current alternative, but you also get a bunch of other powerful goodies:
- A world-class indexer, Chronik, to access the blockchain at lightning speed
- A slick and super fast explorer
- ecash-lib, allowing you to make Dogecoin transactions with WebAssembly
- Iguana, a dogecoin transaction debugger
- A modern RPC suite. Just because Dogecoin forked the Bitcoin codebase long ago doesn’t mean it has to stay in the past.
- A rich test suite, covering many additional test cases and keeping the system secure
You can download a release at our download page or on GitHub (link in replies). Make sure to leave us a star there!
We have many plans to make Dogecoin more efficient on other metrics (transaction speed, fees, block capacity), some would require support from the community. Make sure to follow us if you want to see our proposals!
NOTE: If you saw one of our early releases, we used the name “Dogecash”, but for various reasons rebranded to “doged”.
You can support our work on this donation address:
DQ9ZPwcMiKZumTC2EXvPGZ4v2L3Fmno1wE
doged releases:
https://t.co/SjCNgkmsDk
Highlights:
* Fixed invalidateblock behavior that would fail to mark blocks as invalid in some scenarios.
* Tighten up requirements for GETHEADERS messages to make it more difficult to be used as a vector for DDoS.
* Fix various issues related to m_best_header tracking. These did not impact validation but resulted in undesirable output in some RPCs and resulted in unnecessary requests to peers during syncing.
* Do not process mutated blocks at all, protecting against mutated block attacks.
* Improved pruning so that RPC actions are more consistent for unpruned blocks.
* Enable wallet import on pruned nodes.
* Improved startup speed.
* Changed behavior on startup to abort when any port binding fails. If you are running multiple nodes on the same machine and using -port=<num> you might need to switch to using -bind=<ip>:<port> and specify a unique port for Tor binding even if you do not use it: -bind=<ip>:<uniqueport>=onion
* Fixed various issues affecting validation only on testnet.
* Added AssumeUTXO feature (Currently in beta. Usage instructions and QOL improvements are due in a near future release.)
* Various improvements for developers, namely more test coverage and less test flakiness.
Better, faster, stronger! Version 0.4.0 of doged has now been released: https://t.co/LYLLWwtt3f
Your favorite high perf dogecoin node just got even more resilient and improves YOUR quality of life.
#Monero has 2 main options:
1. Switch to Proof-of-Stake and enjoy price rise, because stakers will be accumulating coins to earn more and they won't need to cover burned electricity.
2. Keep Proof-of-Work, or switch to hybrid and experience this every single day:
Qubic mined 57 of the last 100 $XMR blocks
This has enabled them to perform a series of block reorgs that stopped at 9, one block shy of the 10-block threshold needed for a double-spending attack on CEXs
CFB held the ability to wreak total havoc on @monero and chose not to ✍️
There's more we can do than just hashrate and node count to protect Dogecoin. Ever heard of Avalanche?
Let's try this again, without the source being a scammy guy! (..oops.)
Dogecoin hashrate is as high as it's ever been. This protects Dogecoin, makes it more secure against outside attacks.
Maybe part of the community is trying to shore up security??
Remember to run nodes, too!
@ChangeNOW_io If you want to read more:
https://t.co/GIIlFRbon8
https://t.co/HCyPd9qDiH
https://t.co/3xpBfIcMf1
⚠️Dogecoin, a cryptocurrency project with a market capitalization of over $58 billion, was recently attacked with an exploit that heavily affected its node structure. The exploit, dubbed "Dogereaper," allowed Sequentia developer Andreas Kohl to crash 69% of all the Dogecoin nodes using only an old laptop from El Salvador.
While the attack heavily affected dogecoin nodes, it could have been worse: the vulnerability had already been disclosed by Tobias Ruck, an ecash developer, and Roqqit, another developer. Talking to https://t.co/OXeevPHGym, Ruck stated that he first discovered this vulnerability while developing doged, an alternative to Dogecoin Core. Ruck explained that while doing tests for the ported code for their alternative software, he found a segmentation fault that had not been fixed in the original code.
Rusk explained:
"We don't condone crashing nodes, we put a lot of effort into keeping the network secure. The attack could've been much more severe. All the important stakeholders like miners, exchanges etc. have been patched long before the attack, and it shows how important it was that we treaded carefully."⚠️
The important lesson from the Doge vulnerability is that there are too many developers who think it is OK to just fix bugs after they get reported, without any preventive maintenance.
And so there are multi-billion $ chains that are one malicious actor away from being shut down.
DogeD almost done!
We think alternative nodes is a good idea, why settle for the same fork everytime? It's time for a change in our eyes!
Shout out to @eCashCommunity and @TobiasRuck for this awesome development!
Try DogeD! Tell a friend!
If you provide -chronik, you get a nice indexer.
If you run into any issues, let us know, we're here to help.
Great things ahead for Dogecoin $DOGE :)
Thank you @TobiasRuck ! We are spinning up a DogeD node very shortly! We will let yall know how it goes!!!
Heres the repo for those who wanna try an alternative node implementation forked from Bitcoin ABC!
https://t.co/W3oZnT1HOy
@Dogepay_DRC20 @TobiasRuck Thank you! Let us know about your experience and if you run into any issues. We're here to help.
RT @Dogepay_DRC20: Thank you @TobiasRuck ! We are spinning up a DogeD node very shortly! We will yall know how it goes!!!
Heres the repo…
@Dnalab01 Thank you—much appreciated!
Public Disclosure of "DogeReaper", a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely.
See the video below for a demonstration.
It works similarly to the Japanese manga series "Death Note", where you write down the name of a person and that person immediately dies of a heart attack.
DogeReaper is similar, where you write down the address of any Dogecoin node, and that node instantly dies of a Segmentation Fault.
Since the addresses of the Dogecoin nodes are known publicly, anyone could crash the entire Dogecoin network in an instant.
If a malicious actor would’ve found this bug instead of us, he could have stopped the Dogecoin network for at least a few days, with no transactions or blocks.
This would’ve caused a lot of FUD, and the $DOGE price surely would have been closer to $0 than to $1.
Luckily though, we discovered this bug before all this could happen, and DOGE is safe.
We've privately disclosed this vulnerability to the parties most affected by this (miners, exchanges), and most systems have been patched.
NB: @Coinbase considers the severity of this as “Low” and “informative”.
A fix has already been deployed as part of Dogecoin Core 1.14.9. Any version below that is affected by this vulnerability, which according to Blockchair are around 90% of nodes.
Our implementation "doged" is not affected (previously called "Dogecash"). Link in the replies if you want to run your own instance.
If you're running any of the versions 1.14.8 and below, you MUST update your node. Otherwise, anyone can crash it remotely with minimal effort, as shown in the video demonstration.
A signed SHA-256 commitment to prove authorship has been made on Nov 22 on this Twitter account, and in this Dogecoin transaction: c0316b81038bb3c45f50f9cfa929afebcbb17770f95e5cabd133581a147e26e8
So here it is, the DogeReaper vulnerability:
Summary: Malformed AuxPow Coinbase Causes Segmentation Fault in Dogecoin
Responsible Disclosure By:
Tobias Ruck <[email protected]>
Roqqit <[email protected]>
Bounties: DCJDfXGLWBy5psR5QkiTTq62dK1VmGKTtn
dogecoind Versions Affected: v1.14-rc-1 (released 2019) and later
dogecoin developer branch 1.21-dev is also affected.
Who is impacted? Potentially all dogecoind node operators (miners, exchanges, businesses).
Impact if exploited: Potential to remotely crash dogecoind and halt the Dogecoin network. User funds are not at risk.
Public Disclosure: We anticipate publishing the public disclosure on or after December 4th, 2024. We encourage you to patch
and test your systems before this date.
Suggested Remedy:
Immediately apply the following patch to dogecoind:
```
diff --git a/src/auxpow.cpp b/src/auxpow.cpp
index 56b919d3b..dfc378abb 100644
--- a/src/auxpow.cpp
+++ b/src/auxpow.cpp
@@ -101,6 +101,10 @@ CAuxPow::check(const uint256& hashAuxBlock, int nChainId,
!= parentBlock.hashMerkleRoot)
return error("Aux POW merkle root incorrect");
+ if (tx->vin.empty()) {
+ return error("Aux POW coinbase has no inputs");
+ }
+
const CScript script = tx->vin[0].scriptSig;
// Check that the same work is not submitted twice to our chain.
```
Alternative Remedy:
Replace dogecoind with the Dogecash node implementation. See https://t.co/RLmO2cDHFx and read more details
about it in the Dogecash section at the bottom of this disclosure.
Details:
Commit bc8cca48968dfa3f60b5eae6a2b92bdd2870eee3 introduced AuxPow support into dogecoind. AuxPow is a feature that allows
Dogecoin and other blockchain networks to share proof of work. While the AuxPow data is not validated in entirety (since
dogecoind has no way to know the consensus rules of other blockchains), there is verification of the proof of work of the
AuxPow payload. This is done in AuxPow::check() in src/auxpow.cpp. The vulnerability in question relates to this line:
const CScript script = tx->vin[0].scriptSig;
Note the assumption that tx->vin is not empty. No validation is done to ensure tx->vin contains one or more entries.
We verified the impact of this vulnerability by applying the following patch which tests AuxPow with no inputs in tx-vin:
```
diff --git a/qa/rpc-tests/test_framework/scrypt_auxpow.py b/qa/rpc-tests/test_framework/scrypt_auxpow.py
index 3beefa057..c2f999947 100644
--- a/qa/rpc-tests/test_framework/scrypt_auxpow.py
+++ b/qa/rpc-tests/test_framework/scrypt_auxpow.py
@@ -36,7 +36,7 @@ def computeAuxpowWithChainId (block, target, chainid, ok):
# Build up the full coinbase transaction. It consists only
# of the input and has no outputs.
- tx = "01000000" + vin + "00" + ("00" * 4)
+ tx = "01000000" + "00" + "00" + ("00" * 4)
txHash = doubleHashHex (tx)
# Construct the parent block header. It need not be valid, just good
```
And then running the AuxPow functional test:
make && ./qa/pull-tester/rpc-tests.py https://t.co/sTWwQPAnlQ
Note that the test fails with error code -11 SIGSEGV, indicating the node segfaulted during the test.
Because of the nature of this functional test, we believe this is a reasonable approximation of the
behavior we would see if this were exploited in the wild. The cost to an attacker to exploit this is
extremely low and the complexity of such an attack is also extremely low.
With the patch applied from the Suggested Remedy section above, note how the modified test no longer
reports a segfault and instead reports only the expected test failure.
We also discovered that the AuxPow implementation was backported from Namecoin (https://t.co/xR3bDJ6Rpj),
however this vulnerability has already been patched as of May 15, 2019:
https://t.co/9sOpClr6dA
so no attempt to contact the Namecoin developers or businesses has been made.
We have not yet identified other software forks that may be affected. We encourage recipients of this disclosure report
to share it with trusted individuals related to projects forked from either Namecoin or Dogecoin. Please note that time
is of the essence, and sharing this days prior to the public disclosure date is encouraged.
Dogecash as Alternate Remedy:
Over the last 5 months, we have been developing a high performance Dogecoin node implementation that we call Dogecash.
Dogecash is not a new blockchain. It is an alternative node implementation that is 100% compatible with Dogecoin.
In addition to various improvements in performance, usability, and test coverage, you may notice Dogecash does not
suffer from the same vulnerability. You may also notice that Dogecash's modern RPC suite more similarly matches the
ones you are already familiar with on Bitcoin (BTC) and eCash (XEC). Our RPC suite is significantly faster than
dogecoind, has better test coverage, faster sync/IBD, and the code is cleaner and easier to review. It also ships
with a fast blockchain indexer. We humbly invite you try out Dogecash and are welcome to feedback: https://t.co/RLmO2cDHFx
If you plan to run Dogecash, please test against your internal systems before deploying on Dogecoin mainnet.
If you encounter any issues, you can email us with your feedback.
@funnyyellowdog thank you, much appreciated!
@_DavidSFreeman Yes, we made sure it was fixed responsibly :)
Our monitoring made us aware that the vulnerability appears to have been exploited, and almost 69% of the Dogecoin network has crashed 😳😳😳
Blockchair shows how the number of public nodes.
Before, it was 647, and at the time of writing it is just 205.
Public Re-Disclosure of "DogeReaper", a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely. We are re-disclosing this vulnerability without links to make the X algo happy.
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers