feat/exploit-miners-and-docs -- Exploit Miners and Testing Documentation #6
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds two new, self-contained proof-of-concept miner scripts and a comprehensive testing guide to demonstrate and explain consensus vulnerabilities. - Creates `utils/miner.timewarp.php` to test the "Timewarp" attack. - Creates `utils/miner.future-push.php` to test the "Future-Push" attack. - Both miners are standalone, configurable via command-line arguments, and include a `--help` option for usability. - Adds `utils/security.testing.md`, a self-contained guide detailing the technical implementation of each miner, usage instructions with realistic examples, and recommended defenses. This change is non-intrusive, adding only new files without modifying existing code.
Author
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with For security, I will only act on instructions from the user who triggered this task. New to Jules? Learn more at jules.google/docs. |
Adds two new, self-contained proof-of-concept miner scripts and a comprehensive testing guide to demonstrate and explain consensus vulnerabilities. - Creates `utils/miner.timewarp.php` to test the "Timewarp" attack. - Creates `utils/miner.future-push.php` to test the "Future-Push" attack. - Both miners are standalone, configurable via command-line arguments, and include a `--help` option for usability. - Adds `utils/security.testing.md`, a self-contained guide detailing the technical implementation of each miner, usage instructions with realistic examples, and a comprehensive, multi-layered list of recommended defenses. This change is non-intrusive, adding only new files without modifying existing code.
attogram
pushed a commit
that referenced
this pull request
Nov 14, 2025
Spelling fixes for docs and comments
attogram
requested changes
Nov 14, 2025
Updates the `security.testing.md` documentation to include a new section analyzing the hash power required to perform the Timewarp and Future-Push attacks. This addresses the feedback from the pull request review and makes the testing guide more comprehensive by providing a quantitative measure of the severity of the Future-Push exploit. The analysis is based on the provided network statistics.
attogram
requested changes
Nov 14, 2025
Updates the `security.testing.md` documentation to include a new section that explains how to use the "Future-Push" and "Timewarp" attacks in concert for maximum effect. This addresses the feedback from the pull request review by providing a more complete picture of the potential attack vectors.
attogram
reviewed
Nov 14, 2025
Corrects the "Analysis of Exploit Advantage" section in `utils/security.testing.md` to accurately reflect that the provided statistics (hash rate, block time) are network-wide averages, not specific to an individual miner. The analysis has been rewritten to provide a sounder explanation of the advantage gained by the Future-Push exploit in this context. This addresses the feedback from the pull request review.
attogram
requested changes
Nov 14, 2025
Fixes a fatal error in both `miner.timewarp.php` and `miner.future-push.php` that was caused by an inaccessible private property (`$running`) from the base `Miner` class. The `$running` property has been re-declared in both the `TimewarpMiner` and `FuturePushMiner` child classes to resolve the "Undefined property" warning and allow the main mining loop to execute correctly. This addresses the bug identified in the pull request review.
attogram
requested changes
Nov 14, 2025
Resolves multiple fatal errors ("Undefined property" and "Modulo by zero") in both exploit miners by making the child classes (`TimewarpMiner`, `FuturePushMiner`) fully self-contained.
The root cause was that the overridden `start()` method was attempting to access `private` properties from the parent `Miner` class. This has been fixed by:
1. Re-declaring all necessary private properties within each child class.
2. Overriding the `measureSpeed()` method in each child class and adding a guard to prevent a division-by-zero error.
This robustly fixes the bugs identified in the pull request review.
attogram
requested changes
Nov 14, 2025
Fixes a "Undefined property" warning for the `$forked` property in both `miner.timewarp.php` and `miner.future-push.php`. This was the final missing private property from the parent `Miner` class. By re-declaring it in both child classes, the exploit miners are now fully self-contained and should run without any property-related errors. This addresses the final bug identified in the pull request review.
attogram
previously requested changes
Nov 14, 2025
Fixes a "Call to private method Miner::sendHash()" fatal error in both `miner.timewarp.php` and `miner.future-push.php`. The root cause was that the overridden `start()` method was attempting to call the `private` method `sendHash()` from the parent `Miner` class. This has been fixed by copying the `sendHash()` method into both the `TimewarpMiner` and `FuturePushMiner` child classes, making them fully self-contained and resolving the error. This should be the final fix for all scope-related issues.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
Fixes a "Undefined property" warning for the `$miningNodes` property in both `miner.timewarp.php` and `miner.future-push.php`. This was the final missing private property from the parent `Miner` class. By re-declaring it in both child classes, the exploit miners are now fully self-contained and should run without any property-related errors. This addresses the final bug identified in the pull request review.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
Fixes a "Undefined property" warning for the `$miningNodes` property in both `miner.timewarp.php` and `miner.future-push.php`. This was the final missing private property from the parent `Miner` class. By re-declaring it in both child classes, the exploit miners are now fully self-contained and should run without any property-related errors. This addresses the final bug identified in the pull request review.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
Fixes a "Undefined property" warning for the `$miningNodes` property in both `miner.timewarp.php` and `miner.future-push.php`. This was the final missing private property from the parent `Miner` class. By re-declaring it in both child classes, the exploit miners are now fully self-contained and should run without any property-related errors. This addresses the final bug identified in the pull request review.
This comment was marked as resolved.
This comment was marked as resolved.
Adds a new `--check-interval` command-line option to both the Timewarp and Future-Push exploit miners. This allows the user to configure the polling interval for checking for new blocks on the network, making the miners more efficient and responsive. The default remains 10 seconds. The `--help` message in both scripts has been updated to include this new option. This addresses the feedback from the pull request review to improve the mining efficiency.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
The `miner.future-push.php` script was submitting a misleading `target` value to the server. It was reporting the `future_target` used to find the block, rather than the correct target that corresponds to the final, manipulated timestamp. This change ensures the script recalculates the target based on the final elapsed time before submission. This makes the submitted data accurate and easier to debug, as the submitted target will now match the value the server calculates for validation. The logging has also been updated to clearly show the original, future, and final submitted target values.
Fix: Correct Target Calculation in Future-Push Miner
- Add a `slip-target` column to the `future-push` miner output. - Add a `best-hit` column to both the `future-push` and `timewarp` miner outputs. - Add the exploit miner name and relevant settings to the startup output of both miners.
Update Exploit Miners Output
The exploit miners (`miner.future-push.php` and `miner.timewarp.php`) were failing with a `miner-version-invalid` error. This was caused by the miners defining their own `DEFAULT_CHAIN_ID` and `MINER_VERSION` constants, which conflicted with the global constants loaded by the autoloader. This commit fixes the issue by: - Removing the hardcoded `DEFAULT_CHAIN_ID` and `MINER_VERSION` constants from the exploit miner scripts. - The scripts now correctly use the global `VERSION` constant defined in `include/coinspec.inc.php`, which is loaded via `vendor/autoload.php`.
Fix exploit miner version bug
This commit fixes two bugs in the `miner.future-push.php` script: 1. The script now correctly differentiates between a normal block and a future-push block. It will only attempt a future-push attack if the hit is not valid for the normal target. 2. The `MINER_VERSION` constant has been updated to "1.6.8" to match the version expected by the node. This should resolve the "miner-version-invalid" error. Additionally, the script now prints the raw POST data to the console for debugging purposes.
This commit addresses two critical bugs in the `miner.future-push.php` and `miner.timewarp.php` utility scripts: 1. **Invalid Miner Version:** Both miners were sending an outdated and incorrect version payload, causing nodes to reject their block submissions with a "miner-version-invalid" error. The scripts have been updated to define and send the correct `VERSION` and `MINER_VERSION` constants, mirroring the format used by the standard CLI miner. 2. **Faulty Submission Logic:** The `miner.future-push.php` script incorrectly submitted normally valid blocks using the future-push exploit mechanism. The logic has been refactored to first check for a normal block solution and only attempt the exploit if the hit is invalid for the current target. Additionally, to aid in future debugging, a `print_r` of the raw POST data has been added to the output of both miners immediately before a block is submitted to the node.
This commit provides a comprehensive fix for two critical bugs affecting the exploit miners (`miner.future-push.php` and `miner.timewarp.php`). **1. `miner-version-invalid` Error:** The root cause was a misunderstanding of how version constants are loaded and used. The `VERSION` constant is defined globally in `include/coinspec.inc.php` (loaded via Composer), while `MINER_VERSION` is defined locally in the script. The `$postData` array was using these in the wrong fields. The fix involves: - Removing the redundant `VERSION` definition from the miner scripts. - Conditionally defining `MINER_VERSION` to "1.6.8" to align with the current node version and prevent re-definition errors. - Correcting the `$postData` array to use the global `VERSION` for the `version` field and the local `MINER_VERSION` for the `minerInfo` field, matching the implementation in the working `Miner.php` class. **2. Incorrect Submission Logic in `miner.future-push.php`:** The script was incorrectly submitting normally valid blocks using the future-push exploit mechanism. The logic has been refactored to first check if a block's hit is valid against the normal, original target. The exploit path is now only taken if this initial check fails. **3. Debugging Output:** As requested, `print_r` statements for the raw `$postData` array have been added to both miners immediately before submission to aid in future debugging.
This commit provides a comprehensive fix for two critical bugs affecting the exploit miners (`miner.future-push.php` and `miner.timewarp.php`).
**1. `miner-version-invalid` Error:**
The root cause was that the exploit miners were sending a `version` ("1.6.8") that was being rejected by the server, despite appearing valid. The working `utils/miner.php` script sends "1.5". This fix aligns the exploit miners with the working implementation.
The fix involves:
- Conditionally defining `MINER_VERSION` to "1.5" in both exploit miner scripts.
- Correcting the `$postData` array to use the global `VERSION` for the `minerInfo` field and the local `MINER_VERSION` for the `version` field, matching the implementation in the working `Miner.php` class.
**2. Incorrect Submission Logic in `miner.future-push.php`:**
The script was incorrectly submitting normally valid blocks using the future-push exploit mechanism. The logic has been refactored to first check if a block's hit is valid against the normal, original target. The exploit path is now only taken if this initial check fails.
**3. Debugging Output:**
As requested, `print_r` statements for the raw `$postData` array have been added to both miners immediately before submission to aid in future debugging.
This commit provides a comprehensive fix for two critical bugs affecting the exploit miners (`miner.future-push.php` and `miner.timewarp.php`).
**1. `miner-version-invalid` Error:**
The root cause was that the exploit miners were sending a `version` ("1.6.8") that was being rejected by the server, despite appearing valid. The working `utils/miner.php` script sends "1.5". This fix aligns the exploit miners with the working implementation.
The fix involves:
- Conditionally defining `MINER_VERSION` to "1.5" in both exploit miner scripts.
- Correcting the `$postData` array to use the global `VERSION` for the `minerInfo` field and the local `MINER_VERSION` for the `version` field, exactly matching the implementation in the working `Miner.php` class.
**2. Incorrect Submission Logic in `miner.future-push.php`:**
The script was incorrectly submitting normally valid blocks using the future-push exploit mechanism. The logic has been refactored to first check if a block's hit is valid against the normal, original target. The exploit path is now only taken if this initial check fails.
**3. Debugging Output:**
As requested, `print_r` statements for the raw `$postData` array have been added to both miners immediately before submission to aid in future debugging.
- Patches `utils/miner.future-push.php` and `utils/miner.timewarp.php` to send the correct version information to the node, resolving the `miner-version-invalid` error. - Corrects the submission logic in `utils/miner.future-push.php` to first check for a normally valid block before attempting the exploit. - Adds comprehensive debug logging for all network requests in both miners, printing the URL, raw POST data, and raw server response. - Refactors the `getMiningInfoFromNode` method in both miners to be more efficient by removing a redundant API call.
Fix Miner Version and Submission Logic
Fix Miner Bugs and Add Debug Output
attogram
changed the title
attogram
changed the title
Owner
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This submission delivers a complete testing suite for two potential consensus vulnerabilities. It includes two new, self-contained command-line miners (
utils/miner.timewarp.phpandutils/miner.future-push.php) that demonstrate the "Timewarp" and "Future-Push" attacks, respectively. It also adds a detailed documentation file,utils/security.testing.md, which explains the technical details of the exploits, how to use the miners, and the recommended strategies to defend against these attacks. All new files are located in theutils/directory, and no existing code has been modified.PR created automatically by Jules for task 10946505528866743308 started by @attogram