THREAT - ShuffleThreshold shouldn’t be used as the nbrSubmissions threshold

[chenchanglew]

Scenario

In general we define that ShuffleThreshold > f, while DKGThreshold > 2f. This is because we only need a shuffler to shuffle 1 time more than the malicious node (f). And for computePubshares, we will need to have more than 2f to protect against the byzantine node.
However, the current system only has “ShuffleThreshold” which didn’t differentiate between “shuffle” and “compute pubshares”. Which will cause problems in the future if we tighten the shuffle threshold.

Source

For checking if we have shuffled enough, we can use shuffleThreshold
contracts/evoting/evoting.go line 396~399

    // in case we have enough shuffled ballots, we update the status
    if len(form.ShuffleInstances) >= form.ShuffleThreshold {
        form.Status = types.ShuffledBallots
        PromFormStatus.WithLabelValues(form.FormID).Set(float64(form.Status))
    }

But for checking
contracts/evoting/evoting.go line 583~586

  if nbrSubmissions >= form.ShuffleThreshold {
       form.Status = types.PubSharesSubmitted
       PromFormStatus.WithLabelValues(form.FormID).Set(float64(form.Status))
   }

Breaking Property

Integrity

Risk

CVSS Score: 6.6/10

Mitigation

We can create a new threshold “DKGThreshold” for combine Pubshares and only use “ShuffleThreshold” for shuffler related function.