Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix vulnerabilities of staking components found by the audit team #195

Merged
merged 6 commits into from
Oct 18, 2022
Merged

Fix vulnerabilities of staking components found by the audit team #195

merged 6 commits into from
Oct 18, 2022

Conversation

chfanghr
Copy link
Contributor

No description provided.

@chfanghr chfanghr requested a review from emiflake October 13, 2022 11:37
@chfanghr chfanghr force-pushed the connor/audit-fix branch 2 times, most recently from 03c846c to 00798e6 Compare October 13, 2022 12:37
emiflake
emiflake requested changes Oct 17, 2022
View reviewed changes
emiflake
emiflake approved these changes Oct 18, 2022
View reviewed changes
Copy link
Member

@emiflake emiflake left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, now.

@emiflake emiflake merged commit 1821dd6 into staging Oct 18, 2022
lukipuki
lukipuki reviewed Oct 18, 2022
View reviewed changes
agora/Agora/Stake/Scripts.hs
authorizedBy <- pletC $ pauthorizedBy # authorizationContext txInfoF

let ownerSignsTransaction = authorizedBy # firstStakeInputDatumF.owner
PPair allHaveSameOwner allHaveSameDelegatee <-
pmatchC $
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This refactoring works but it's less readable. Was it needed for performance purposes, e.g. there's only one pass through restOfStakeInputDatums instead of two?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, exactly. We have to do manual list fusion in plutarch for now.

agora/Agora/Stake/Scripts.hs
pmatchC $
pfoldr
# plam
( \d p -> unTermCont $ do
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use longer names, so that the reader can guess the types used, otherwise it's hard to read.

Suggested change
( \d p -> unTermCont $ do
( \stakeInputDatum pair -> unTermCont $ do

Copy link
Contributor Author

@chfanghr chfanghr Oct 18, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great point. I will write that down.

agora/Agora/Stake/Scripts.hs
# pcon (PPair (pconstant True) (pconstant True))
# restOfStakeInputDatums

let ownerSignsTransaction =
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As far as I can see, the Privilege escalation: Acting on behalf of delegatee role issue has been resolved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukipuki lukipuki lukipuki left review comments

@emiflake emiflake emiflake approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chfanghr @lukipuki @emiflake