@@ -380,14 +380,12 @@ bool CheckStakeKernelHash(unsigned int nBits, const CBlockIndex &blockFrom, cons
380380}
381381
382382// Check kernel hash target and coinstake signature
383- bool CheckProofOfStake (CValidationState &state, const CBlockHeader &header)
383+ bool CheckProofOfStake (CValidationState &state, const CBlockHeader &header, const Consensus::Params& consensus )
384384{
385385 if (header.posBlockSig .empty ()) {
386386 return state.DoS (100 , false , REJECT_MALFORMED, " bad-pos-sig" false , " missing PoS signature"
387387 }
388388
389- auto &consensus = Params ().GetConsensus ();
390-
391389 COutPoint prevout = header.StakeInput ();
392390
393391 // First try finding the previous transaction in database
@@ -398,26 +396,24 @@ bool CheckProofOfStake(CValidationState &state, const CBlockHeader &header)
398396 if (!GetTransaction (prevout.hash , txinPrevRef, consensus, txinHashBlock, true )) {
399397 BlockMap::iterator it = mapBlockIndex.find (header.hashPrevBlock );
400398
401- if (it == mapBlockIndex.end ()) {
399+ if (( it != mapBlockIndex.end ()) && chainActive. Contains (it-> second )) {
402400 return state.DoS (100 , false , REJECT_INVALID, " bad-unkown-stake"
403401 } else {
404402 // We do not have the previous block, so the block may be valid
405403 return state.TransientError (" tmp-bad-unkown-stake"
406404 }
407405 }
408406
409- // NOTE: coin maturity checks are part of block validation as with PoW. So, headers may get accepted.
410-
411407 // Check tx input block is known
412408 {
413409 BlockMap::iterator it = mapBlockIndex.find (txinHashBlock);
414410
415- if (it != mapBlockIndex.end ()) {
411+ if (( it != mapBlockIndex.end ()) && chainActive. Contains (it-> second )) {
416412 pindex_tx = it->second ;
417413 } else {
418414 it = mapBlockIndex.find (header.hashPrevBlock );
419415
420- if (it == mapBlockIndex.end ()) {
416+ if (( it != mapBlockIndex.end ()) && chainActive. Contains (it-> second )) {
421417 return state.DoS (100 , false , REJECT_INVALID, " bad-stake-mempool"
422418 false , " stake from mempool"
423419 } else {
@@ -427,6 +423,34 @@ bool CheckProofOfStake(CValidationState &state, const CBlockHeader &header)
427423 }
428424 }
429425
426+ // Check if UTXO is beyond possible fork point
427+ {
428+ BlockMap::iterator it = mapBlockIndex.find (header.hashPrevBlock );
429+
430+ // It must never happen as it's part of header validation.
431+ if (it == mapBlockIndex.end ()) {
432+ return state.DoS (100 , false , REJECT_INVALID, " bad-prev-header"
433+ false , " previous PoS header is not known"
434+ }
435+
436+ auto pindex_fork = chainActive.FindFork (it->second );
437+
438+ if (!pindex_fork || (pindex_fork->nHeight < pindex_tx->nHeight )) {
439+ return state.DoS (100 , false , REJECT_INVALID, " bad-stake-after-fork"
440+ false , " rogue fork tries to use UTXO from the current chain"
441+ }
442+ }
443+
444+ // NOTE: stake age check is part of CheckStakeKernelHash()
445+
446+ // Check stake maturity (double checking with other functionality for DoS mitigation)
447+ if (txinPrevRef->IsCoinBase () &&
448+ ((header.nHeight - pindex_tx->nHeight ) <= COINBASE_MATURITY)
449+ ) {
450+ return state.DoS (100 , false , REJECT_INVALID, " bad-stake-coinbase-maturity"
451+ false , " coinbase maturity mismatch for stake"
452+ }
453+
430454 // Extract stake public key ID and verify block signature
431455 {
432456 txnouttype whichType;
0 commit comments