GSA_kwCzR0hTQS1yOXJ2LTltaDgtcHhmNM4AA5Cj

Moderate

Permalink JSON

Nervos CKB BlockTimeTooNew should not be considered as invalid block

Affected Packages	Affected Versions	Fixed Versions
cargo:ckb PURL: `pkg:cargo/ckb`	<= 0.33.0	0.33.1
0 Dependent packages 0 Dependent repositories 121,654 Downloads total Affected Version Ranges All affected versions 0.1.0 All unaffected versions 0.37.0, 0.38.0, 0.39.0, 0.39.1, 0.40.0, 0.42.0, 0.43.0, 0.43.2, 0.100.0, 0.101.0, 0.101.1, 0.101.2, 0.101.3, 0.101.4, 0.101.5, 0.101.6, 0.101.7, 0.101.8, 0.102.0, 0.103.0, 0.104.0, 0.104.1, 0.105.0, 0.105.1, 0.106.0, 0.107.0, 0.108.0, 0.108.1, 0.109.0, 0.110.0, 0.110.1, 0.110.2, 0.111.0, 0.112.0, 0.112.1, 0.113.0, 0.113.1, 0.114.0, 0.115.0, 0.116.0, 0.116.1, 0.117.0, 0.118.0, 0.119.0, 0.120.0, 0.121.0, 0.200.0, 0.201.0, 0.202.0

Impact

Currently, when a node receives a block in future according to its local wall clock, it will mark the block as invalid and ban the peer.

If the header's timestamp is more than 15 seconds ahead of our current time. In that case, the header may become valid in the future, and we don't want to disconnect a peer merely for serving us one too-far-ahead block header, to prevent an attacker from splitting the network by mining a block right at the 15 seconds boundary.

Patches

Upgrade to v0.33.1 or above.

Workarounds

Don't ban peer serving too-far-ahead block header.

References:

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS1yOXJ2LTltaDgtcHhmNM4AA5Cj

Nervos CKB BlockTimeTooNew should not be considered as invalid block

Affected Version Ranges

All affected versions

All unaffected versions

Impact

Patches

Workarounds

Identifiers

Risk

Severity

Classification

Source

Origin

Repository

Date and time

Published

Updated

API