Add security warnings doc with warning about side channels.
This commit is contained in:
parent
46187fbe7a
commit
8fb1005c5e
|
@ -19,8 +19,15 @@ proving scheme which preserves confidentiality of transaction metadata.
|
|||
|
||||
Participation in the Zcash project is subject to a [Code of Conduct](code_of_conduct.md).
|
||||
|
||||
Security Warnings
|
||||
-----------------
|
||||
|
||||
See important security warnings in
|
||||
[doc/security-warnings.md](doc/security-warnings.md).
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
Zcash Core is released under the terms of the MIT license. See [COPYING](COPYING) for more
|
||||
information or see http://opensource.org/licenses/MIT.
|
||||
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
Security Warnings
|
||||
====================
|
||||
|
||||
Security Audit
|
||||
--------------
|
||||
|
||||
Zcash has not yet been subjected to a formal third-party security review. This
|
||||
section will be updated with links to security audit reports in the future.
|
||||
|
||||
Side-Channel Attacks
|
||||
--------------------
|
||||
|
||||
This implementation of Zcash is not resistant to side-channel attacks. You
|
||||
should assume other unprivileged users running on the same hardware as your
|
||||
`zcashd` process will be able to:
|
||||
|
||||
- Determine which note your are spending by observing cache side-channels as you
|
||||
perform a JoinSplit operation. This is due to probable side-channel leakage in
|
||||
the libsnark proving machinery.
|
||||
|
||||
- Determine which notes you own by observing cache side-channel information
|
||||
leakage from the incremental witnesses as they are updated with new notes.
|
||||
|
||||
You should ensure no other users have the ability to execute code (even
|
||||
unprivileged) on the hardware your `zcashd` process runs on until these
|
||||
vulnerabilities are fully analyzed and fixed.
|
Loading…
Reference in New Issue