From 1f0b80e20aa13b8aa9146b61344131c5d555c709 Mon Sep 17 00:00:00 2001 From: rotocoin Date: Sun, 18 May 2014 16:35:49 +0200 Subject: [PATCH] Fixed Heartbleed and TimeWarp vulnerabilities. Added DigiShield difficulty retarget system starting from block 445000 (This changes force a Hard-Fork, therefore, client version was upgraded) --- casinocoin-qt.pro | 6 +- contrib/gitian-descriptors/README | 2 +- contrib/gitian-descriptors/deps-win32.yml | 6 +- doc/build-msw.txt | 6 +- src/clientversion.h | 2 +- src/main.cpp | 104 +++++++++++++++++++--- src/version.h | 4 +- 7 files changed, 104 insertions(+), 26 deletions(-) diff --git a/casinocoin-qt.pro b/casinocoin-qt.pro index 6297980..a96f24b 100644 --- a/casinocoin-qt.pro +++ b/casinocoin-qt.pro @@ -1,7 +1,7 @@ TEMPLATE = app TARGET = casinocoin-qt macx:TARGET = "CasinoCoin-Qt" -VERSION = 1.1.0.0 +VERSION = 1.2.0.0 INCLUDEPATH += src src/json src/qt QT += core gui network greaterThan(QT_MAJOR_VERSION, 4): QT += widgets @@ -23,8 +23,8 @@ BOOST_INCLUDE_PATH=E:/crypto/deps/boost_1_53_0 BOOST_LIB_PATH=E:/crypto/deps/boost_1_53_0/stage/lib BDB_INCLUDE_PATH=E:/crypto/deps/db-4.8.30.NC/build_unix BDB_LIB_PATH=E:/crypto/deps/db-4.8.30.NC/build_unix -OPENSSL_INCLUDE_PATH=E:/crypto/deps/openssl-1.0.1b/include -OPENSSL_LIB_PATH=E:/crypto/deps/openssl-1.0.1b +OPENSSL_INCLUDE_PATH=E:/crypto/deps/openssl-1.0.1g/include +OPENSSL_LIB_PATH=E:/crypto/deps/openssl-1.0.1g QRENCODE_INCLUDE_PATH=E:/crypto/deps/qrencode-3.4.3 QRENCODE_LIB_PATH=E:/crypto/deps/qrencode-3.4.3/.libs diff --git a/contrib/gitian-descriptors/README b/contrib/gitian-descriptors/README index 46c7668..01f4eec 100644 --- a/contrib/gitian-descriptors/README +++ b/contrib/gitian-descriptors/README @@ -27,7 +27,7 @@ Once you've got the right hardware and software: wget 'http://fukuchi.org/works/qrencode/qrencode-3.2.0.tar.bz2' # Inputs for Win32: (Linux has packages for these) wget 'https://downloads.sourceforge.net/project/boost/boost/1.50.0/boost_1_50_0.tar.bz2' - wget 'http://www.openssl.org/source/openssl-1.0.1c.tar.gz' + wget 'http://www.openssl.org/source/openssl-1.0.1g.tar.gz' wget 'http://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz' wget 'https://downloads.sourceforge.net/project/libpng/zlib/1.2.6/zlib-1.2.6.tar.gz' wget 'https://downloads.sourceforge.net/project/libpng/libpng15/older-releases/1.5.9/libpng-1.5.9.tar.gz' diff --git a/contrib/gitian-descriptors/deps-win32.yml b/contrib/gitian-descriptors/deps-win32.yml index 7ad00fc..5464720 100644 --- a/contrib/gitian-descriptors/deps-win32.yml +++ b/contrib/gitian-descriptors/deps-win32.yml @@ -14,7 +14,7 @@ packages: reference_datetime: "2011-01-30 00:00:00" remotes: [] files: -- "openssl-1.0.1c.tar.gz" +- "openssl-1.0.1g.tar.gz" - "db-4.8.30.NC.tar.gz" - "miniupnpc-1.6.tar.gz" - "zlib-1.2.6.tar.gz" @@ -30,8 +30,8 @@ script: | # mkdir -p $INSTALLPREFIX - tar xzf openssl-1.0.1c.tar.gz - cd openssl-1.0.1c + tar xzf openssl-1.0.1g.tar.gz + cd openssl-1.0.1g ./Configure --cross-compile-prefix=$HOST- mingw --openssldir=$INSTALLPREFIX make make install_sw diff --git a/doc/build-msw.txt b/doc/build-msw.txt index a312cdf..ca83338 100644 --- a/doc/build-msw.txt +++ b/doc/build-msw.txt @@ -26,7 +26,7 @@ Dependencies Libraries you need to download separately and build: default path download -OpenSSL \openssl-1.0.1b-mgw http://www.openssl.org/source/ +OpenSSL \openssl-1.0.1g-mgw http://www.openssl.org/source/ Berkeley DB \db-4.8.30.NC-mgw http://www.oracle.com/technology/software/products/berkeley-db/index.html Boost \boost-1.47.0-mgw http://www.boost.org/users/download/ miniupnpc \miniupnpc-1.6-mgw http://miniupnp.tuxfamily.org/files/ @@ -38,7 +38,7 @@ Boost MIT-like license miniupnpc New (3-clause) BSD license Versions used in this release: -OpenSSL 1.0.1b +OpenSSL 1.0.1g Berkeley DB 4.8.30.NC Boost 1.47.0 miniupnpc 1.6 @@ -50,7 +50,7 @@ MSYS shell: un-tar sources with MSYS 'tar xfz' to avoid issue with symlinks (OpenSSL ticket 2377) change 'MAKE' env. variable from 'C:\MinGW32\bin\mingw32-make.exe' to '/c/MinGW32/bin/mingw32-make.exe' -cd /c/openssl-1.0.1b-mgw +cd /c/openssl-1.0.1g-mgw ./config make diff --git a/src/clientversion.h b/src/clientversion.h index e624492..343c8a1 100644 --- a/src/clientversion.h +++ b/src/clientversion.h @@ -7,7 +7,7 @@ // These need to be macros, as version.cpp's and bitcoin-qt.rc's voodoo requires it #define CLIENT_VERSION_MAJOR 1 -#define CLIENT_VERSION_MINOR 1 +#define CLIENT_VERSION_MINOR 2 #define CLIENT_VERSION_REVISION 0 #define CLIENT_VERSION_BUILD 0 diff --git a/src/main.cpp b/src/main.cpp index e049624..fbdd8b8 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -1216,7 +1216,7 @@ unsigned int static KimotoGravityWell(const CBlockIndex* pindexLast, const CBloc { /* Kimoto Gravity Well implementation - credit to Dr Kimoto Chan of Megacoin */ // - // We need to add digishield or darkgravity. Unless a Dev can come up with another solution. + // DigiShield comes in at block 445000 // const CBlockIndex *BlockLastSolved = pindexLast; const CBlockIndex *BlockReading = pindexLast; @@ -1292,21 +1292,99 @@ unsigned int static GetNextWorkRequired_V2(const CBlockIndex* pindexLast, const return KimotoGravityWell(pindexLast, pblock, BlocksTargetSpacing, PastBlocksMin, PastBlocksMax); } +unsigned int static DigiShield(const CBlockIndex* pindexLast, const CBlockHeader *pblock) +{ + // DigiShield difficulty retarget system + // Credits to DigiByte developers + unsigned int nProofOfWorkLimit = bnProofOfWorkLimit.GetCompact(); + + int blockstogoback = 0; + + //set default to pre-v2.0 values + int64 retargetTimespan = nTargetSpacing; //Make sure we retarget every block + int64 retargetSpacing = nTargetSpacing; + int64 retargetInterval = retargetTimespan / retargetSpacing; + // Genesis block + if (pindexLast == NULL) return nProofOfWorkLimit; + + // Only change once per interval + if ((pindexLast->nHeight+1) % retargetInterval != 0){ + // Special difficulty rule for testnet: + if (fTestNet){ + // If the new block's timestamp is more than 2* 10 minutes + // then allow mining of a min-difficulty block. + if (pblock->nTime > pindexLast->nTime + retargetSpacing*2) + return nProofOfWorkLimit; + else { + // Return the last non-special-min-difficulty-rules-block + const CBlockIndex* pindex = pindexLast; + while (pindex->pprev && pindex->nHeight % retargetInterval != 0 && pindex->nBits == nProofOfWorkLimit) + pindex = pindex->pprev; + return pindex->nBits; + } + } + return pindexLast->nBits; + } + + // DigiByte: This fixes an issue where a 51% attack can change difficulty at will. + // Go back the full period unless it's the first retarget after genesis. Code courtesy of Art Forz + blockstogoback = retargetInterval-1; + if ((pindexLast->nHeight+1) != retargetInterval) blockstogoback = retargetInterval; + + // Go back by what we want to be 14 days worth of blocks + const CBlockIndex* pindexFirst = pindexLast; + for (int i = 0; pindexFirst && i < blockstogoback; i++) + pindexFirst = pindexFirst->pprev; + assert(pindexFirst); + + // Limit adjustment step + int64 nActualTimespan = pindexLast->GetBlockTime() - pindexFirst->GetBlockTime(); + printf(" nActualTimespan = %"PRI64d" before bounds\n", nActualTimespan); + + + + CBigNum bnNew; + bnNew.SetCompact(pindexLast->nBits); + + if (nActualTimespan < (retargetTimespan - (retargetTimespan/4)) ) nActualTimespan = (retargetTimespan - (retargetTimespan/4)); + if (nActualTimespan > (retargetTimespan + (retargetTimespan/2)) ) nActualTimespan = (retargetTimespan + (retargetTimespan/2)); + + // Retarget + bnNew *= nActualTimespan; + bnNew /= retargetTimespan; + + /// debug print + printf("DigiShield RETARGET \n"); + printf("retargetTimespan = %"PRI64d" nActualTimespan = %"PRI64d"\n", retargetTimespan, nActualTimespan); + printf("Before: %08x %s\n", pindexLast->nBits, CBigNum().SetCompact(pindexLast->nBits).getuint256().ToString().c_str()); + printf("After: %08x %s\n", bnNew.GetCompact(), bnNew.getuint256().ToString().c_str()); + + + if (bnNew > bnProofOfWorkLimit) + bnNew = bnProofOfWorkLimit; + + + + return bnNew.GetCompact(); +} + unsigned int static GetNextWorkRequired(const CBlockIndex* pindexLast, const CBlockHeader *pblock) { - int DiffMode = 1; - if (fTestNet) - { - if (pindexLast->nHeight+1 >= 100) { DiffMode = 2; } - } - else - { - if (pindexLast->nHeight+1 >= 227000) { DiffMode = 2; } - } + int DiffMode = 1; + if (fTestNet) + { + if (pindexLast->nHeight+1 >= 100) { DiffMode = 2; } + } + else + { + if (pindexLast->nHeight+1 >= 227000 && pindexLast->nHeight+1 < 445000) { DiffMode = 2; } + else if (pindexLast->nHeight+1 >= 445000) { DiffMode = 3; } + } - if (DiffMode == 1) { return GetNextWorkRequired_V1(pindexLast, pblock); } - else if (DiffMode == 2) { return GetNextWorkRequired_V2(pindexLast, pblock); } - return GetNextWorkRequired_V2(pindexLast, pblock); + if (DiffMode == 1) { return GetNextWorkRequired_V1(pindexLast, pblock); } + else if (DiffMode == 2) { return GetNextWorkRequired_V2(pindexLast, pblock); } + else if (DiffMode == 3) { return DigiShield(pindexLast, pblock); } + return DigiShield(pindexLast, pblock); } bool CheckProofOfWork(uint256 hash, unsigned int nBits) diff --git a/src/version.h b/src/version.h index 01dfbba..f894da1 100644 --- a/src/version.h +++ b/src/version.h @@ -25,13 +25,13 @@ extern const std::string CLIENT_DATE; // network protocol versioning // -static const int PROTOCOL_VERSION = 70002; +static const int PROTOCOL_VERSION = 70003; // intial proto version, to be increased after version/verack negotiation static const int INIT_PROTO_VERSION = 209; // disconnect from peers older than this proto version -static const int MIN_PEER_PROTO_VERSION = 60002; +static const int MIN_PEER_PROTO_VERSION = 60002; // TODO: Change to 70003 before block 445000 to force new client downloading and therefore doing the actual hard fork // nTime field added to CAddress, starting with this version; // if possible, avoid requesting addresses nodes older than this