mirrors/bisq
1
0
Fork 0
mirror of https://github.com/bisq-network/bisq.git synced 2025-02-22 14:42:37 +01:00
Code Issues Projects Releases Packages Wiki Activity

Remove DateTolerantPayload interface

Browse source 
The date check would not add real protection as the attacker could just
use a new date and we do not cross check the date with the tx date.
We could do that but it would add complexity and we have another
strategy which does not require that.
This commit is contained in:
Manfred Karrer 2019-04-06 19:29:31 -05:00
parent 5cfa2c77ac
commit 1df485a4fa
No known key found for this signature in database
GPG key ID: 401250966A6B2C46
1 changed files with 1 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
core/src/main/java/bisq/core/dao/governance/blindvote/storage/BlindVotePayload.java
View file

@ -21,7 +21,6 @@ import bisq.core.dao.governance.ConsensusCritical;
import bisq.core.dao.governance.blindvote.BlindVote;
import bisq.network.p2p.storage.payload.CapabilityRequiringPayload;
import bisq.network.p2p.storage.payload.DateTolerantPayload;
import bisq.network.p2p.storage.payload.PersistableNetworkPayload;
import bisq.common.app.Capabilities;
@ -35,7 +34,6 @@ import io.bisq.generated.protobuffer.PB;
import com.google.protobuf.ByteString;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import lombok.EqualsAndHashCode;
import lombok.Getter;
@ -52,9 +50,8 @@ import javax.annotation.concurrent.Immutable;
@Slf4j
@Getter
@EqualsAndHashCode
public final class BlindVotePayload implements PersistableNetworkPayload, PersistableEnvelope, DateTolerantPayload,
public final class BlindVotePayload implements PersistableNetworkPayload, PersistableEnvelope,
CapabilityRequiringPayload, ConsensusCritical {
private static final long TOLERANCE = TimeUnit.HOURS.toMillis(5); // +/- 5 hours
private final BlindVote blindVote;
private final long date; // 8 byte
@ -115,18 +112,6 @@ public final class BlindVotePayload implements PersistableNetworkPayload, Persis
}
///////////////////////////////////////////////////////////////////////////////////////////
// DateTolerantPayload
///////////////////////////////////////////////////////////////////////////////////////////
@Override
public boolean isDateInTolerance() {
// We don't allow entries older or newer then 5 hours.
// Preventing forward dating is also important to protect against a sophisticated attack
return Math.abs(new Date().getTime() - date) <= TOLERANCE;
}
///////////////////////////////////////////////////////////////////////////////////////////
// CapabilityRequiringPayload
///////////////////////////////////////////////////////////////////////////////////////////