absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 20:29:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Further harden decoy selection

Browse Source 
It risked panicking if a non-monotonic distribution was returned. While the
provided RPC code won't return non-monotonic distributions, users are allowed
to define their own implementations and override the provided method. Said
implementations could omit this required check.
This commit is contained in:
Luke Parker
2025-08-09 00:23:22 -04:00
parent ffa033d978
commit 336922101f
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
networks/monero/wallet/src/decoys.rs
View File

@@ -121,7 +121,9 @@ async fn select_n(
// Find which block this points to // Find which block this points to
let i = distribution.partition_point(|s| *s < (highest_output_exclusive_bound - 1 - o)); let i = distribution.partition_point(|s| *s < (highest_output_exclusive_bound - 1 - o));
let prev = i.saturating_sub(1); let prev = i.saturating_sub(1);
let n = distribution[i] - distribution[prev]; let n = distribution[i].checked_sub(distribution[prev]).ok_or_else(|| {
RpcError::InternalError("RPC returned non-monotonic distribution".to_string())
})?;
if n != 0 { if n != 0 {
// Select an output from within this block // Select an output from within this block
let o = distribution[prev] + (rng.next_u64() % n); let o = distribution[prev] + (rng.next_u64() % n);