From bafa419cca89ba9e1c05c38b3380c52d0d287069 Mon Sep 17 00:00:00 2001 From: crStiv Date: Thu, 26 Dec 2024 14:37:24 +0100 Subject: [PATCH 1/3] Update rpc_blob_sidecars_by_range.go --- .../sync/rpc_blob_sidecars_by_range.go | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/beacon-chain/sync/rpc_blob_sidecars_by_range.go b/beacon-chain/sync/rpc_blob_sidecars_by_range.go index a5e179513d6..327beaa955d 100644 --- a/beacon-chain/sync/rpc_blob_sidecars_by_range.go +++ b/beacon-chain/sync/rpc_blob_sidecars_by_range.go @@ -32,6 +32,26 @@ func (s *Service) streamBlobBatch(ctx context.Context, batch blockBatch, wQuota s.writeErrorResponseToStream(responseCodeServerError, p2ptypes.ErrGeneric.Error(), stream) return wQuota, errors.Wrapf(err, "could not retrieve sidecars for block root %#x", root) } + + // Get the number of KZG commitments in the block + kzgCommitments := len(b.Block().Body().BlobKzgCommitments()) + + // Count available blob sidecars + availableSidecars := 0 + for _, hasIndex := range idxs { + if hasIndex { + availableSidecars++ + } + } + + // Check if we have all required blob sidecars + if kzgCommitments > 0 && availableSidecars < kzgCommitments { + s.writeErrorResponseToStream(responseCodeServerError, errMissingBlobsForBlockCommitments.Error(), stream) + return wQuota, errors.Wrapf(errMissingBlobsForBlockCommitments, + "block root %#x has %d KZG commitments but only %d available sidecars", + root, kzgCommitments, availableSidecars) + } + for i, l := uint64(0), uint64(len(idxs)); i < l; i++ { // index not available, skip if !idxs[i] { From e9889070d46827ec228111e62e126430f5c69876 Mon Sep 17 00:00:00 2001 From: crStiv Date: Thu, 26 Dec 2024 14:37:37 +0100 Subject: [PATCH 2/3] Update rpc_blob_sidecars_by_range_test.go --- .../sync/rpc_blob_sidecars_by_range_test.go | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/beacon-chain/sync/rpc_blob_sidecars_by_range_test.go b/beacon-chain/sync/rpc_blob_sidecars_by_range_test.go index 18c471bab25..6423355d8e7 100644 --- a/beacon-chain/sync/rpc_blob_sidecars_by_range_test.go +++ b/beacon-chain/sync/rpc_blob_sidecars_by_range_test.go @@ -147,6 +147,24 @@ func TestBlobByRangeOK(t *testing.T) { }, total: func() *int { x := int(params.BeaconConfig().MaxRequestBlobSidecars); return &x }(), }, + { + name: "missing blob sidecars for block with KZG commitments", + nblocks: 1, + requestFromSidecars: func(scs []blocks.ROBlob) interface{} { + return ðpb.BlobSidecarsByRangeRequest{ + StartSlot: scs[0].Slot(), + Count: 1, + } + }, + defineExpected: func(t *testing.T, scs []blocks.ROBlob, req interface{}) []*expectedBlobChunk { + return []*expectedBlobChunk{ + { + code: responseCodeServerError, + message: errMissingBlobsForBlockCommitments.Error(), + }, + } + }, + }, } for _, c := range cases { t.Run(c.name, func(t *testing.T) { From f7d1b4bd8040035b2665fb7c9e2d8833183c0025 Mon Sep 17 00:00:00 2001 From: crStiv Date: Thu, 26 Dec 2024 14:54:25 +0100 Subject: [PATCH 3/3] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 036f80f883a..47d5647e8fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,7 @@ The format is based on Keep a Changelog, and this project adheres to Semantic Ve ### Fixed - Added check to prevent nil pointer deference or out of bounds array access when validating the BLSToExecutionChange on an impossibly nil validator. +* [Beacon Chain] Fixed blob sidecar validation to ensure the number of available sidecars matches KZG commitment count ### Security