absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 04:09:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Correct the prior documented TOCTOU

Browse Source 
Now, if a malicious validator set publishes a malicious `Batch` at the last
moment, it'll cause all future `Batch`s signed by the next validator set to
require a bool being set (yet they never will set it).

This will prevent the handover.

The only overhead is having two distinct `batch_message` calls on-chain.
This commit is contained in:
Luke Parker
2023-10-13 04:40:59 -04:00
parent e6aa9df428
commit d50fe87801
8 changed files with 45 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/coordinator/src/tests/batch.rs
View File

@@ -165,7 +165,7 @@ pub async fn batch(
let signature = Signature(
schnorrkel::keys::Keypair::from_bytes(&schnorrkel_key_pair)
.unwrap()
.sign_simple(b"substrate", &batch_message(&batch))
.sign_simple(b"substrate", &batch_message(batch.id == 0, &batch))
.to_bytes(),
);

6
tests/processor/src/tests/batch.rs
View File

@@ -137,8 +137,10 @@ pub(crate) async fn sign_batch(
messages::substrate::ProcessorMessage::SignedBatch { batch: this_batch },
) => {
if batch.is_none() {
assert!(PublicKey::from_raw(key)
.verify(&batch_message(&this_batch.batch), &this_batch.signature));
assert!(PublicKey::from_raw(key).verify(
&batch_message(this_batch.batch.id == 0, &this_batch.batch),
&this_batch.signature
));
batch = Some(this_batch.clone());
}