evidence

package

Go to main page

Versions in this module

v0

v0.38.17

Feb 3, 2025

v0.38.16

Dec 20, 2024 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.15

Nov 6, 2024 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.14

Nov 6, 2024 GO-2024-3259 +2 more

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.13

Oct 25, 2024 GO-2024-3259 +2 more

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.12

Sep 3, 2024 GO-2024-3259 +2 more

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.11

Aug 12, 2024 GO-2024-3112 +3 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.10

Jul 15, 2024 GO-2024-3112 +3 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.9

Jul 1, 2024 GO-2024-3112 +3 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.8

Jun 27, 2024 GO-2024-3112 +3 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.7

Apr 27, 2024 GO-2024-2951 +4 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.6

Mar 13, 2024 GO-2024-2951 +4 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.5

Jan 24, 2024 GO-2024-2951 +4 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.4

Jan 22, 2024

retracted

GO-2024-2951 +4 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.3

Jan 18, 2024

retracted

GO-2024-2951 +4 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.2

Nov 27, 2023

retracted

GO-2024-2471 +5 more

GO-2024-2471: Chain halt panic in github.com/cometbft/cometbft

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.1

Nov 17, 2023

retracted

GO-2024-2471 +5 more

GO-2024-2471: Chain halt panic in github.com/cometbft/cometbft

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.0

Sep 12, 2023

retracted

GO-2024-2471 +5 more

GO-2024-2471: Chain halt panic in github.com/cometbft/cometbft

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2024-3259: CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

Changes in this version

+ func IsEvidenceExpired(heightNow int64, timeNow time.Time, heightEv int64, timeEv time.Time, ...) bool

type Reactor

+ func (evR *Reactor) Receive(e p2p.Envelope)

v0.38.0-rc3

Jul 14, 2023 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.0-rc2

Jun 26, 2023 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.0-rc1

Jun 5, 2023 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.0-alpha.2

May 17, 2023 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.38.0-alpha.1

Mar 29, 2023 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.15

Feb 3, 2025 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.14

Dec 20, 2024 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.13

Oct 31, 2024 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.12

Oct 25, 2024 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.11

Sep 3, 2024 GO-2025-3442 +1 more

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.10

Aug 12, 2024 GO-2024-3112 +2 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.9

Jul 15, 2024 GO-2024-3112 +2 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.8

Jul 1, 2024 GO-2024-3112 +2 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.7

Jun 27, 2024 GO-2024-3112 +2 more

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.6

Apr 27, 2024 GO-2024-2951 +3 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.5

Mar 13, 2024 GO-2024-2951 +3 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.4

Nov 27, 2023 GO-2024-2951 +3 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.3

Nov 17, 2023 GO-2024-2951 +3 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.2

Jun 14, 2023 GO-2024-2951 +3 more

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.1

Apr 26, 2023 GO-2023-1882 +5 more

GO-2023-1882: Deadlock in github.com/cometbft/cometbft/consensus

GO-2023-1883: Denial of service via OOM in github.com/cometbft/cometbft

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.0

Mar 6, 2023 GO-2023-1883 +4 more

GO-2023-1883: Denial of service via OOM in github.com/cometbft/cometbft

GO-2024-2951: Denial of service when syncing with a malicious peer in github.com/cometbft/cometbft

GO-2024-3112: CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

Changes in this version

+ const EvidenceChannel

+ func VerifyDuplicateVote(e *types.DuplicateVoteEvidence, chainID string, valSet *types.ValidatorSet) error

+ func VerifyLightClientAttack(e *types.LightClientAttackEvidence, ...) error

+ type BlockStore interface

+ Height func() int64

+ LoadBlockCommit func(height int64) *types.Commit

+ LoadBlockMeta func(height int64) *types.BlockMeta

+ type PeerState interface

+ GetHeight func() int64

+ type Pool struct

+ func NewPool(evidenceDB dbm.DB, stateDB sm.Store, blockStore BlockStore) (*Pool, error)

+ func (evpool *Pool) AddEvidence(ev types.Evidence) error

+ func (evpool *Pool) CheckEvidence(evList types.EvidenceList) error

+ func (evpool *Pool) Close() error

+ func (evpool *Pool) EvidenceFront() *clist.CElement

+ func (evpool *Pool) EvidenceWaitChan() <-chan struct{}

+ func (evpool *Pool) PendingEvidence(maxBytes int64) ([]types.Evidence, int64)

+ func (evpool *Pool) ReportConflictingVotes(voteA, voteB *types.Vote)

+ func (evpool *Pool) SetLogger(l log.Logger)

+ func (evpool *Pool) Size() uint32

+ func (evpool *Pool) State() sm.State

+ func (evpool *Pool) Update(state sm.State, ev types.EvidenceList)

+ type Reactor struct

+ func NewReactor(evpool *Pool) *Reactor

+ func (evR *Reactor) AddPeer(peer p2p.Peer)

+ func (evR *Reactor) GetChannels() []*p2p.ChannelDescriptor

+ func (evR *Reactor) ReceiveEnvelope(e p2p.Envelope)

+ func (evR *Reactor) SetEventBus(b *types.EventBus)

+ func (evR *Reactor) SetLogger(l log.Logger)

v0.37.0-rc4

Mar 1, 2023 GO-2023-1883 +2 more

GO-2023-1883: Denial of service via OOM in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.0-rc3

Feb 28, 2023 GO-2023-1883 +2 more

GO-2023-1883: Denial of service via OOM in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.37.0-alpha.3

Feb 21, 2023 GO-2023-1883 +2 more

GO-2023-1883: Denial of service via OOM in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

v0.34.27-alpha.1

Feb 10, 2023 GO-2023-1883 +2 more

GO-2023-1883: Denial of service via OOM in github.com/cometbft/cometbft

GO-2025-3442: CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

GO-2025-3443: CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts in github.com/cometbft/cometbft

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL