You are viewing a single comment's thread from:

RE: About Hivemind, the recent Steemit outage, and "Fake Nodes"

in #witness2 years ago

I'd also like to hear more about this malformed transaction, what it was, how it got onto the chain, and whether this points out a vulnerability that needs to be fixed.

2 years ago in #witness by
$0.08
  • Past Payouts $0.08
  • - Author $0.04
  • - Curators $0.04
4 votes
Reply 5
Sort:  
  • Trending
    • [-]
     2 years ago 

    While I strongly agree that there's no security through obscurity, and even though @ety001 has already patched the issue, I'd rather not elaborate on the particular transaction here until I've had time to audit the codebase a little deeper. I hope you understand!

    $0.08
    • Past Payouts $0.08
    • - Author $0.04
    • - Curators $0.03
    2 votes
    Reply
    [-]
     2 years ago 

    Just to add that this tx was completely valid from the chain perspective -- no issue with steemd.

    $0.07
    • Past Payouts $0.07
    • - Author $0.04
    • - Curators $0.03
    2 votes
    Reply
    [-]
     2 years ago 

    I think it probably has been fixed. I noticed this in github the other day: remove special char from hive role title.

    $0.06
    • Past Payouts $0.06
    • - Author $0.03
    • - Curators $0.03
    2 votes
    Reply
    [-]
     2 years ago 

    Thanks. I overlooked the commit. Probably because it has not yet been pulled into the branch.

    $0.04
    • Past Payouts $0.04
    • - Author $0.02
    • - Curators $0.02
    3 votes
    Reply
    [-]
     2 years ago 

    That is the fix, yes :)

    $0.02
    • Past Payouts $0.02
    • - Author $0.01
    • - Curators $0.01
    3 votes
    Reply