Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: fetch_root_key refuses to play along if called on the mainnet #526

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
* Added node metrics, ECDSA, and Bitcoin functions to `MgmtMethod`. Most do not have wrappers in `ManagementCanister` because only canisters can call these functions.
* Added `FetchCanisterLogs` function to `MgmtMethod` and a corresponding wrapper to `ManagementCanister`.
* Updated the `ring` crate to 0.17.7. `ring` 0.16 has a bug where it requires incorrect Ed25519 PEM encoding. 0.17.7 fixes that and is backwards compatible.
* Agent::fetch_root_key() now returns an error, and sets its root key to an empty vector, if called on the mainnet.
ericswanson-dfinity marked this conversation as resolved.
Show resolved Hide resolved

## [0.33.0] - 2024-02-08

Expand Down
5 changes: 5 additions & 0 deletions ic-agent/src/agent/agent_error.rs
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,11 @@ pub enum AgentError {
/// Route provider failed to generate a url for some reason.
#[error("Route provider failed to generate url: {0}")]
RouteProviderError(String),

/// It's an error to fetch the root key on the mainnet.
/// Doing so would enable a man-in-the-middle attack.
#[error("Never fetch the root key on the mainnet")]
NeverFetchRootKeyOnMainNet(),
}

impl PartialEq for AgentError {
Expand Down
14 changes: 14 additions & 0 deletions ic-agent/src/agent/agent_test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,20 @@ fn make_certifying_agent(url: &str) -> Agent {
.unwrap()
}

#[cfg_attr(not(target_family = "wasm"), tokio::test)]
async fn refuse_to_install_mainnet_root_key() -> Result<(), AgentError> {
let url = "https://icp0.io";

let agent = make_agent(url);
let result = agent.fetch_root_key().await;
assert!(matches!(
result,
Err(AgentError::NeverFetchRootKeyOnMainNet())
));
assert_eq!(agent.read_root_key(), Vec::<u8>::new());
Ok(())
}

#[cfg_attr(not(target_family = "wasm"), tokio::test)]
#[cfg_attr(target_family = "wasm", wasm_bindgen_test)]
async fn query() -> Result<(), AgentError> {
Expand Down
7 changes: 6 additions & 1 deletion ic-agent/src/agent/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,11 @@ impl Agent {
}
let status = self.status().await?;
let root_key = match status.root_key {
Some(key) if key[..] == IC_ROOT_KEY[..] => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This wouldn't apply in case of an actual man-in-the-middle-attack.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct. What this is meant to protect against is accidentally fetching the root key on mainnet, which opens the door to the man-in-the-middle attack.

This applies in the case where you are erroneously fetching the root key on mainnet. Prior to this change you won't notice, because everything works: you fetch the root key from mainnet, replace your root key with it (the same key), and go about your day. You shouldn't have, but no harm done, right? It "works" locally, it "works" on mainnet, it "works" on any testnet. It "works" everywhere; there's just one problem...

Then one day, you connect with the agent, only there's been a DNS hack and you connect somewhere else: a man-in-the-middle. You fetch the root key, like you always do. It's not the the IC_ROOT_KEY this time, but you don't notice, and all the signatures check out. You're fallen for the man-in-the-middle attack.

This change is intended to make you notice that you are fetching the root key from mainnet (opening yourself up to this attack) and stop doing that.

Does that make sense?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It does make sense to nudge people not to fetch the root key from mainnet. But if we wanted to make sure that people don't fetch the root key from mainnet, we'd need to take the URL into account.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are other places that look at the URL and later skip the call or flag this as an error. But I wouldn't consider them as making sure, because there are a lot of ways to express the same URL.

This method however does seem like a way of making sure that you aren't blithely calling fetch_root_key against , because if you do, the only time it doesn't notice is if there is a MITM attack going on.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. Thank you for your explanations!

// even if the caller ignores this error, we're done here.
self.set_root_key(vec![]);
return Err(AgentError::NeverFetchRootKeyOnMainNet());
}
Some(key) => key,
None => return Err(AgentError::NoRootKeyInStatus(status)),
};
Expand All @@ -340,7 +345,7 @@ impl Agent {
/// By default, the agent is configured to talk to the main Internet Computer, and verifies
/// responses using a hard-coded public key.
///
/// Using this function you can set the root key to a known one if you know if beforehand.
/// Using this function you can set the root key to a known one if you know it beforehand.
pub fn set_root_key(&self, root_key: Vec<u8>) {
*self.root_key.write().unwrap() = root_key;
}
Expand Down
Loading