Impact
All node version 4 contain a bug in protocol 4 implementation of V1 contracts. The bug affects contracts that are written in a specific way and leads to the contract state not being correctly updated for those contracts. This can lead to contracts not behaving correctly.
Contracts written using the concordium-std library are unaffected and cannot be used to trigger the bug. However contracts written using either modified versions of concordium-std, using Wasm directly, or some other means, can potentially trigger the bug.
Details
The bug is triggered by a combination of a transfer from contract to an account, and a state update before, but not after the transfer. Concretely if a contract
- updates its own state
- invokes a transfer from the contract to some account (assume that this succeeds)
- terminates and responds with "success".
Then the transfer is affected, but the state of the contract is not changed on the chain. This means that the same contract can be called again with the same parameters and will transfer the same amount again.
The balance of the contract is still correctly updated, and thus only the CCD owned by the contract can be transferred, so the chain overall is unaffected.
No contracts currently on mainnet or testnet trigger this bug.
Workarounds
The bug affects only contracts written in a specific way. A workaround is to write a contract in a way that the state is modified after the transfer is affected as well.
Patches
The bug is fixed in node version 5.0.6 both in protocol 4 and protocol 5.
Impact
All node version 4 contain a bug in protocol 4 implementation of V1 contracts. The bug affects contracts that are written in a specific way and leads to the contract state not being correctly updated for those contracts. This can lead to contracts not behaving correctly.
Contracts written using the concordium-std library are unaffected and cannot be used to trigger the bug. However contracts written using either modified versions of
concordium-std, usingWasmdirectly, or some other means, can potentially trigger the bug.Details
The bug is triggered by a combination of a transfer from contract to an account, and a state update before, but not after the transfer. Concretely if a contract
Then the transfer is affected, but the state of the contract is not changed on the chain. This means that the same contract can be called again with the same parameters and will transfer the same amount again.
The balance of the contract is still correctly updated, and thus only the CCD owned by the contract can be transferred, so the chain overall is unaffected.
No contracts currently on mainnet or testnet trigger this bug.
Workarounds
The bug affects only contracts written in a specific way. A workaround is to write a contract in a way that the state is modified after the transfer is affected as well.
Patches
The bug is fixed in node version 5.0.6 both in protocol 4 and protocol 5.