Nxt Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client 1.11.10 - NEW RELEASE: Ardor 2.0.5e TestNet - The Ignis ICO is over!! Ardor genesis snapshots will happen at Nxt block 1,630,000 (expected for 25th December)

Pages: 1 2 [3] 4  All

Author Topic: NRS v1.5.2e  (Read 8590 times)

EvilDave

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1791
    • View Profile
    • NXT Foundation
  • Karma: +341/-40
Re: NRS v1.5.2e
April 18, 2015, 10:56:29 pm

Cock......that doesn't look good.
Sending a test tx now, at block 407145
Nulli Dei, nulli Reges, solum NXT
NXT Donations: NXT-BNZB-9V8M-XRPW-3S3WD
We will ride eternal, shiny and chrome!

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1732
    • View Profile
  • Karma: +431/-42
Re: NRS v1.5.2e
April 19, 2015, 05:36:06 am

Nxt crashed. Generating just empty blocks and no transaction gets included... can somebody help? :)

I'm looking into this, looks like transactions from account 365367776374786931 / NXT-54VM-3U7M-LSWB-2EJ6C are not being accepted.

In my logs I see:
"2015-04-18 22:52:15 SEVERE: nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931
nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931"

I'm not sure yet why, I sent 1000 NXT to this account, just in case, let's see if this fixes the problem.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

jl777

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 6176
    • View Profile
  • Karma: +718/-123
Re: NRS v1.5.2e
April 19, 2015, 05:54:48 am

Nxt crashed. Generating just empty blocks and no transaction gets included... can somebody help? :)

I'm looking into this, looks like transactions from account 365367776374786931 / NXT-54VM-3U7M-LSWB-2EJ6C are not being accepted.

In my logs I see:
"2015-04-18 22:52:15 SEVERE: nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931
nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931"

I'm not sure yet why, I sent 1000 NXT to this account, just in case, let's see if this fixes the problem.
strange that all tx are prevented for most accounts, unless they have small amounts of NXT
I would think a single malformed tx would just be skipped
There are over 1000 people in SuperNET slack! http://slackinvite.supernet.org/ automatically sends you an invite

I am just a simple C programmer

mystcoin

  • Full Member
  • ***
  • Offline Offline
  • Posts: 188
    • View Profile
  • Karma: +50/-0
Re: NRS v1.5.2e
April 19, 2015, 05:55:15 am

While testing this release, I have had a big problem with the UI. The UI frequently gets stuck, necessitating logging out and back in again to get it functioning again, every few minutes. Sometimes I must restart the server.

Not everything gets stuck. What I notice is that I can still click on menus and switch pages, but the transaction info timestamp links on the dashboard stop working; also not all of the phasing graphics appear on the transaction lines. But even though I can switch pages, for example to the Block page, the blocks may never appear; even if they do, the block info timestamp links don't work.

What seems to trigger this state is clicking on a timestamp link. Usually, only one to three clicks is enough.

This kind of thing may have happened very occasionally in the past, but it has become a serious problem as of this release.

This is a known issue, if you get an Exception in the transaction info dialog you can no longer open it until you restart the session. I fixed this problem in some area but we don't have complete fix yet. So the question is where did you get this exception.
Can you reproduce this consistently ? Do you see an Exception stack trace in the browser JavaScript console ? If you post a transaction id which reproduce this I can probably fix this quickly.

The next day, I intended to try to reproduce the problem, but it never happened, not even once! If it's starts happening again, I will try to isolate the problem based on your suggestion.

JohnHolmes

  • Full Member
  • ***
  • Offline Offline
  • Posts: 133
    • View Profile
  • Karma: +28/-1
Re: NRS v1.5.2e
April 19, 2015, 06:01:57 am

Nxt crashed. Generating just empty blocks and no transaction gets included... can somebody help? :)

I'm looking into this, looks like transactions from account 365367776374786931 / NXT-54VM-3U7M-LSWB-2EJ6C are not being accepted.

In my logs I see:
"2015-04-18 22:52:15 SEVERE: nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931
nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931"

I'm not sure yet why, I sent 1000 NXT to this account, just in case, let's see if this fixes the problem.
strange that all tx are prevented for most accounts, unless they have small amounts of NXT
I would think a single malformed tx would just be skipped

Is the Robin Hood forging effect a bug, or could it be some sort of attack?

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1732
    • View Profile
  • Karma: +431/-42
Re: NRS v1.5.2e
April 19, 2015, 06:10:44 am

There is still a problem, sending NXT to this account does not fix it.
I can see about 20 unconfirmed transactions at the moment and blocks come up empty (at least for me I'm on block 407398)
Still need around 30 minutes to setup the environment to debug this locally.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

capodieci

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1332
  • Tips go to DeBuNe Dev fund
    • View Profile
    • DeBuNe - Decentralised Business Network
  • Karma: +256/-18
Re: NRS v1.5.2e
April 19, 2015, 06:20:51 am

Block 407396 has ben forged by NXT-96V7-J34N-VQ63-HPVPF with a balance of 14'047'623, so the balance is not what excludes the account from forging...

I saw account with various balances... seems pretty much that ANY forging account can forge. The PoS is algorithm not working properly... It would be nice to see the percentages of forging account on the new beta release compared to those to the last stable one...

R
- Decentralised Business Network: DeBuNe -
Asset: 6926770479287491943 - Issuer: NXT-GQ27-DD53-YM6K-ER6HK
OTDocs.com - debune.org - nxtforum.org/debune - NEW: thesoundkey.com

Jean-Luc

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1610
    • View Profile
  • Karma: +816/-81
Re: NRS v1.5.2e
April 19, 2015, 06:25:34 am

Do not worry, it is an attack, trying to exploit a bug. I will make a bugfix release soon. And do not send money to that account.
GPG key fingerprint: 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C
NXT-X4LF-9A4G-WN9Z-2R322

jl777

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 6176
    • View Profile
  • Karma: +718/-123
Re: NRS v1.5.2e
April 19, 2015, 06:27:33 am

Block 407396 has ben forged by NXT-96V7-J34N-VQ63-HPVPF with a balance of 14'047'623, so the balance is not what excludes the account from forging...

I saw account with various balances... seems pretty much that ANY forging account can forge. The PoS is algorithm not working properly... It would be nice to see the percentages of forging account on the new beta release compared to those to the last stable one...

R
you misunderstand. only small accounts are able to include tx in blocks
big accts can only make 0 tx blocks even when there are tx, but looks like jean-luc narrowed down the problem
There are over 1000 people in SuperNET slack! http://slackinvite.supernet.org/ automatically sends you an invite

I am just a simple C programmer

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1732
    • View Profile
  • Karma: +431/-42
Re: NRS v1.5.2e
April 19, 2015, 06:33:19 am

The transaction which cause this is a bid order cancellation, from some reason when applying it, the unconfirmed balance is increased to be more than the confirmed balance thus getting:
nxt.Account$DoubleSpendingException: Unconfirmed exceeds confirmed balance or quantity for account 365367776374786931
        at nxt.Account.checkBalance(Account.java:1156)

Probably this is an issue with the order of applying unconfirmed transactions.
One thing I noticed is that in validateAttachment() of ColoredCoinsOrderCancellation we do not check the balance since the assumption is that the balance is increased so there's no reason to check it. However here its increased to much. Perhaps this should be the direction of the fix.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

Jean-Luc

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1610
    • View Profile
  • Karma: +816/-81
Re: NRS v1.5.2e
April 19, 2015, 06:47:07 am

The unconfirmed balance is increased too much because it was never reduced by the amount of the order being cancelled, to begin with. And this is of course because the order belongs to a different account. Nice try, but our second line of defense caught it.
GPG key fingerprint: 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C
NXT-X4LF-9A4G-WN9Z-2R322

capodieci

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1332
  • Tips go to DeBuNe Dev fund
    • View Profile
    • DeBuNe - Decentralised Business Network
  • Karma: +256/-18
Re: NRS v1.5.2e
April 19, 2015, 06:48:22 am

Do not worry, it is an attack, trying to exploit a bug.

Now I can relax... what???

I will make a bugfix release soon. And do not send money to that account.

Ok, cool. Looking forward to it :)

you misunderstand. only small accounts are able to include tx in blocks
big accts can only make 0 tx blocks even when there are tx, but looks like jean-luc narrowed down the problem

Oh, I see... I need more coffee in the morning! I am sure all is under control, looking forward for the bug fix!

A rain of NSC to small NXT holders ! :)

R
- Decentralised Business Network: DeBuNe -
Asset: 6926770479287491943 - Issuer: NXT-GQ27-DD53-YM6K-ER6HK
OTDocs.com - debune.org - nxtforum.org/debune - NEW: thesoundkey.com

capodieci

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1332
  • Tips go to DeBuNe Dev fund
    • View Profile
    • DeBuNe - Decentralised Business Network
  • Karma: +256/-18
Re: NRS v1.5.2e
April 19, 2015, 06:48:56 am

The unconfirmed balance is increased too much because it was never reduced by the amount of the order being cancelled, to begin with. And this is of course because the order belongs to a different account. Nice try, but our second line of defense caught it.

Nice! Is this related to a specific version, or affects them all?

R
- Decentralised Business Network: DeBuNe -
Asset: 6926770479287491943 - Issuer: NXT-GQ27-DD53-YM6K-ER6HK
OTDocs.com - debune.org - nxtforum.org/debune - NEW: thesoundkey.com

Klokan

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 273
    • View Profile
  • Karma: +28/-5
Re: NRS v1.5.2e
April 19, 2015, 07:26:59 am

The unconfirmed balance is increased too much because it was never reduced by the amount of the order being cancelled, to begin with. And this is of course because the order belongs to a different account. Nice try, but our second line of defense caught it.

Nice! Is this related to a specific version, or affects them all?

R

Hardly says, if it is related, but with my amount of effective balance (slightly over 200.000NXT) I was able forge a block every ~ second or third day in the past. Now my last forged block is from 2015-04-07, nothing else until now.  It may be a coincidence, of course, but it can also be related to the 1.5.x version(s) on the mainnet (I'm running 1.4.16 on all my mainnet NRS hallmarked nodes...).

martismartis

  • Hero Member
  • *****
  • Online Online
  • Posts: 1230
    • View Profile
  • Karma: +70/-10
Re: NRS v1.5.2e
April 19, 2015, 07:30:21 am

I see alot unconfirmed transactions with time in future on my public node with old 7875 interface. Node is 1.5.2e on mainnet.

EDIT: this account https://nxtblocks.info/#section/accountId/NXT-54VM-3U7M-LSWB-2EJ6C having 0.335 NXT in it and there are a lot unconfirmed transactions in future time.

mystcoin

  • Full Member
  • ***
  • Offline Offline
  • Posts: 188
    • View Profile
  • Karma: +50/-0
Re: NRS v1.5.2e
April 19, 2015, 05:09:23 pm

Phasing testing in the NRS Client:

1. Asset and currency approval requests have a 2 NXT default fee. It should be 1 NXT. Whitelisted approval requests already have the correct default of 1 NXT.

2. When I click on the unconfirmed notification graphic at the top (the empty circle), it opens My Transactions, Unconfirmed tab. If I then click on the phasing notification grapic (the gavel) at the top, nothing happens instead of changing the list to Phasing. And vice versa. I have to click on the tabs to get the list of transactions to change. And when I click on the Unconfirmed (Everyone) tab, I've never seen anything displayed.

3. When I attempt to create a phased transaction (such as Send NXT) and select voting model 1 (Vote By NXT Balance), I am not given the option to require a minimum balance of NXT to vote, but I think this is possible using the API.

4. When I attempt to create a phased transaction (such as Send NXT) and I use a whitelist with voting model 0 (One Vote Per Account), If the quorum is greater than the number of whitelisted accounts, I get an error that says that the quorum can't be acheived. It seems to me that the whitelist is for inviting specific accounts to vote, not requiring them to vote or preventing non-whitelisted accounts from voting. The error would make sense if only whitelisted accounts are eligible to vote, but this does not seem to be the case. If a non-whitelist account learns about the poll through some means other than an approval request, it could vote through the API.

5. When I attempt to create a phased transaction (such as Send NXT) and select voting model 3 (Vote By Currency ) I must specify a currency code. As I type in the code, the currency is instantly looked up in the database and when found, the currency ID is displayed. However, this only works when I use ALL CAPS. It would be better if my entry was automatically converted to ALL CAPS as it is for some Monetary System fields.

Jean-Luc

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1610
    • View Profile
  • Karma: +816/-81
Re: NRS v1.5.2e
April 19, 2015, 05:31:06 pm

4. When I attempt to create a phased transaction (such as Send NXT) and I use a whitelist with voting model 0 (One Vote Per Account), If the quorum is greater than the number of whitelisted accounts, I get an error that says that the quorum can't be acheived. It seems to me that the whitelist is for inviting specific accounts to vote, not requiring them to vote or preventing non-whitelisted accounts from voting. The error would make sense if only whitelisted accounts are eligible to vote, but this does not seem to be the case. If a non-whitelist account learns about the poll through some means other than an approval request, it could vote through the API.
The whitelist is indeed restrictive, only accounts on the whitelist are allowed to vote. If another account tries to submit a vote it should get an error.

Quote
5. When I attempt to create a phased transaction (such as Send NXT) and select voting model 3 (Vote By Currency ) I must specify a currency code. As I type in the code, the currency is instantly looked up in the database and when found, the currency ID is displayed. However, this only works when I use ALL CAPS. It would be better if my entry was automatically converted to ALL CAPS as it is for some Monetary System fields.
I will fix it on the server side to always convert the query to upper case.

The rest seem like UI bugs only.
GPG key fingerprint: 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C
NXT-X4LF-9A4G-WN9Z-2R322

mystcoin

  • Full Member
  • ***
  • Offline Offline
  • Posts: 188
    • View Profile
  • Karma: +50/-0
Re: NRS v1.5.2e
April 19, 2015, 06:47:22 pm

4. When I attempt to create a phased transaction (such as Send NXT) and I use a whitelist with voting model 0 (One Vote Per Account), If the quorum is greater than the number of whitelisted accounts, I get an error that says that the quorum can't be acheived. It seems to me that the whitelist is for inviting specific accounts to vote, not requiring them to vote or preventing non-whitelisted accounts from voting. The error would make sense if only whitelisted accounts are eligible to vote, but this does not seem to be the case. If a non-whitelist account learns about the poll through some means other than an approval request, it could vote through the API.
The whitelist is indeed restrictive, only accounts on the whitelist are allowed to vote. If another account tries to submit a vote it should get an error.
I just double checked whitelist behavior for voting models 0, 1, 2, and 3.

Voting model 0 does not allow me to vote from a non-whitelisted account using the API. I get an error, as you said. So the UI error about quorum not being acheivable makes sense in this case.

But voting models 1, 2 and 3 do allow me to vote from a non-whitelisted account using the API. I assumed this was also the case for voting model 0, but evidently hadn't checked that case until now. Still, I'm surprised by the inconsistency between model 0 and the others. Is this intentional?

Jean-Luc

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1610
    • View Profile
  • Karma: +816/-81
Re: NRS v1.5.2e
April 19, 2015, 07:47:10 pm

But voting models 1, 2 and 3 do allow me to vote from a non-whitelisted account using the API. I assumed this was also the case for voting model 0, but evidently hadn't checked that case until now. Still, I'm surprised by the inconsistency between model 0 and the others. Is this intentional?
It is a bug, will be fixed in 1.5.3e. Thanks for finding it!
GPG key fingerprint: 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C
NXT-X4LF-9A4G-WN9Z-2R322

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1732
    • View Profile
  • Karma: +431/-42
Re: NRS v1.5.2e
April 19, 2015, 08:03:19 pm

Summary of the latest attack on the network:
When issuing a bid order the unconfirmed balance of an account is reduced by the bid quantity times the bid price therefore when cancelling a bid order the unconfirmed balance is increased by the same amount. Same goes for ask order and unconfirmed asset balance correspondingly.
1. The attacker noticed that for bid/ask cancellation transactions the validation code does not check that the account cancelling the bid/ask order is the same account that submitted the order. This was blocked by the UI but can be submitted manually using a transaction. He then submitted several bid and ask cancellation transactions for orders he did not issue in the hope that his balance would be increased as a result.
2. However the condition of unconfirmed balance increasing to be more than the confirmed balance was prevented by the Account checkBalance() method thus causing the code to throw a double spending exception when forgers tried to include these transactions into a block.
3. Because of a subtle condition in the code, instead of just rejecting these transactions, forgers started generating empty blocks. However, some forgers either did not receive these transactions or explicitly rejected them allowing some small number of blocks to still go through.
4. The fix was to verify that the account cancelling the order is the same account which submitted the order and it is included in version 1.4.17 and will be available shortly in version 1.5.3e. In addition to this, this attack also exposed a reference leak of transactions in the unconfirmed pool which was fixed and we also added better diagnostic messages to help us track this type of issue even faster next time.
5. After the fix is applied you'll see an exception in the log when these attack transactions are being rejected until they'll eventually expire after 24 hours.

Many thanks for Jean-Luc for resolving the issue.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651
Pages: 1 2 [3] 4  All