Today Gridcoin released a new Algorithm that improves the security of Research rewards for users earning Gridcoin by contributing to BOINC projects. This improved Algorithm addresses multiple theoretical attack vectors that affect individual CPID rewards, where the attacker could potentially intercept the reward for themselves. A Bulletin on the details of the upgrade was released and is included here:

Gridcoin

Security Upgrade
Bulletin Date: September 18th, 2016

The Gridcoin Research security system for Proof of Research blocks is being upgraded to
withstand new attack methods including but not limited to “algorithm attacks” (reverse
engineering an algorithm), “man in the middle attacks” (altering information transmitted
between parties), “replay attacks” (construction of data using a replay of prior
information), and social attacks (gaining the boinc e-mail through social interaction).
Note: The updates discussed herein Do Not affect Investors. Investors mine blocks with
an investor CPID, and earn interest based on Coin age. None of the additions referenced
here will affect the safety of the coins or the interest bearing ability or the day to day
operations of the Investor and this entire document may be ignored. This document
pertains to researchers with Boinc CPIDs that accrue research rewards.
The upgrade plan end-goal is to replace the POR CPID Validity algorithm with a new
system to be completed in Phases. This allows us to continue to operate smoothly in
Prod, while we achieve each milestone. Phase 1 involves upgrading to the new beacon
system with hardened keypairs (one pair for each researcher CPID). Phase 2 involves a
Mandatory upgrade of the Wallet (affecting our service providers and the entire network)
to respect the new keys.

Phase 1: Understanding the Operation of the new system

Currently, Gridcoin requires two pieces of data from separate systems to successfully
stake a research reward block: Piece 1: The Beacon (The beacon currently contains your
researcher CPID) and could be expired or non-existent (resulting in no reward), and Piece
2: The Magnitude value for the CPID (from the daily superblock, originating from the
neural network). Note that our current security model ties the existing beacon with the
magnitude, and each remote node verifies the ownership of the originating CPID by using
the POR CPID algorithm (IE, verification of the components of the long CPID are tested
to ensure the Long cpid hashes in a way that proves it was originally generated from the
researcher that owned the boinc e-mail address). Beacons expire in 6 months, and the
client will automatically send a new beacon once the old expires (after 3 hours of being
found missing in the chain). If either a beacon does not exist, or magnitude does not
exist, the POR block is not staked. The CPID is tested when a block is being checked
with magnitude and with an existing beacon.

In the new upgraded system, a stronger Beacon is used, and is now indexed by the Public
CPID, and signed by the researcher, and contains the public beacon key. The private
researcher beacon key is stored on the researcher’s machine in the gridcoinresearch.conf
file (under PrivateKeyCPID=). The information sent in the block is sent in a way that
cannot be replayed (IE, the blockhash+cpid is signed with the PrivateKey of the
researcher, which will never be revealed to the network). In this way, a foreign node may
verify the ownership of the public CPID by testing the signature. At that point a decision
is made to reject the block or accept it.

Since we would like to accelerate the replacement of the CPID algorithm immediately, I
recommend we go through a process to immediately insert each researchers new beacon
in the chain.

Steps to Follow as a Researcher to Upgrade your Beacon:

1. Go to the Gridcoin RPC (Help | Debug | Console)
2. Type: execute beaconstatus
3. At this point, the system will report “Configuration Status:” Successful/Fail
4. If the status is Successful, you need not go further.
5. If the status is Fail, please verify that your CPID actually matches your boinc
   CPID. If it does not, debug the issue with your CPID first, using “list cpids” and
   our wiki page, verifying that Gridcoin actually picks up the correct cpid and that
   your boinc datadir is set properly before going further. A valid CPID is required
   before you can send a beacon.
6. Now, re-send your beacon with “execute advertisebeacon”. (With your wallet
   unlocked).
7. Wait 6 blocks, and then “execute beaconstatus” again, to verify the success of the
   beacon reaching the network.
8. Note: A public and private keypair will be created and stored in your
   configuration file. It is recommended that you back up your config file
   occasionally so as not to lose the keypair.
9. This beacon will expire in 6 months. In the interim, Gridcoin will re-send a new
   beacon (every 90 days or so) and re-sign the beacon with your existing Private
   Key and will store your public key again, so that you need not repeat this process.
10. Note: Gridcoin will automatically upgrade your beacon if you do not follow these
    instructions. These are provided so that you understand what is happening (or if
    you want to do it manually).

The reason it is important to upgrade your beacon quickly and this is being treated with
such high priority, is to ensure all of our researchers stake the claim of their personal
CPID, and this will prevent any hacking groups from taking ownership of the CPID or
the e-mail address you currently use. Note: An effort has been made to make it very hard
to create a keypair using a boinc CPID without actually owning it, but nevertheless if you
upgrade your beacon immediately this threat is removed.

We have built in extra safeguards to allow for “extraneous circumstances”. If you would
like to remove all traces of your prior CPID and corresponding e-mail address hash, you
may change your e-mail address across all projects within the boinc network and wait
until a new CPID is generated. Then advertise the beacon and you will end up with a
new keypair. In the new system, no e-mail hash will be sent over the network (this will
not be live until Phase 2 starts however).

On the other hand, if you discover that someone has taken control of your CPID, (IE you
keep attempting to create a beacon and it fails), execute the command “execute
proveownership” and send the results along with a URL of your boinc credit to RTM, and
he will use the Delete tool to delete the beacon manually. (This allows you to keep your
old CPID if you love it and have a problem with someone attempting to take it over).

Phase 2:

In Phase 2, we will set a future block number for a mandatory release. Phase2 will
respect the new POR security system.

Things to Test in the Interim:

(Note some items have been tested by Rob, others need more testing before phase 2):

1. Verify beacon will be upgraded when the researchers beacon v1 still exists: PASS
2. Verify a beacon that is valid and not expired cannot be replaced by any other
   researcher keyset that attempts to take an ownership of it (Not normally possible
   since we respect the original beacon and require ownership of the CPID, but
   possible with a modified client, so this needs tested) – TESTED : PASS
3. Verify that an expired beacon may be upgraded if a user stops researching for
   more than 6 months and will be replaced with a brand new beacon: PASS
4. Verify that RTMs beacon delete tool may delete a beacon (and subsequently
   allow a new beacon to be created after that timestamp) : PASS
5. Verify a block signed with a beacon public key will fail the signature verification
   test if signed with an invalid signature: PASS
6. Verify “showblock blocknumber” will show the beacon public key : UNTESTED
7. Verify “showblock blocknumber” will show the validity of the signature:
   UNTESTED
8. Verify “execute upgradedbeaconreport” will show the number and percent of
   upgraded beacons : UNTESTED
9. Verify storage of public & private keys works on linux: UNTESTED
10. Verify execute beaconstatus works on linux: UNTESTED
    Over the next week, we will monitor POR blocks that are staked, and verify the validity
    of the new keys. We will also check the percentage of upgrade beacons in the
    ‘upgradedbeaconreport’.

At that point we will set a block number for the mandatory upgrade and notify the
exchanges and prioritize the upgrade.

Miscellaneous Notes:
Our upgraded beacons are backward compatible so that in the interim (before phase 2),
old clients will check blocks successfully.

The beacon design is partially driven by the desire for ease of initial configuration for
new users (IE not requiring configuration settings to be stored inside Boinc, other than
joining team Gridcoin), preserving existing CPIDs, minimizing changes required by the
researchers, and maintaining a decentralized network (decentralized private keys by
default) with minimal admin intervention.

Happy Researching!

Rob Halford