Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce weight attribute to be included in authority JSON when performing updateauth action #132

Closed
DenisCarriere opened this issue May 9, 2019 · 5 comments
Closed

Enforce weight attribute to be included in authority JSON when performing updateauth action #132

DenisCarriere opened this issue May 9, 2019 · 5 comments

Comments

@DenisCarriere
Copy link

I've recently been able to pushed a system updateauth action when the JSON authority file was missing the weight attribute, this caused the account to "null" out the permission since the authority had a weight of 0.

If weight is undefined eosc should raise an error instead of pushing updateauth with a weight of 0 as the default.

Should raise an error (missing weight)

{
  "threshold": 1,
  "keys": [
    {
      "key": "EOS6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV"
    }
  ]
}

Valide authority JSON

{
  "threshold": 1,
  "keys": [
    {
      "key": "EOS6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV",
      "weight": 1
    }
  ]
}
@abourget
Copy link
Contributor

Ouch. This needs fixing. I thought nodeos checked for those risks.. surprised it accepts a weight of 0.. what's the use of a weight of 0 otherwise?!

@abourget
Copy link
Contributor

Do you have a link to your transaction?

@DenisCarriere
Copy link
Author

@abourget

I've created a new transaction with the following authority

https://kylin.eosq.app/tx/69a61fc2465820b98eae51d354878e8233ac2fc38a50aef8faebde94c5a81c60

{
    "threshold": 1,
    "keys": [
        {
            "key": "EOS74F5gi5wFQzSCo5mQ2p8ihERFw3RWARwMnXoyQ88fQQU1hXxCp",
            "weight": 0
        },
        {
            "key": "EOS7jUe6kEXz93RMeYpze33ek1uyNSegGf4CCDQWSU4DTh9N6kjEC",
            "weight": 1
        },
        {
            "key": "EOS8ZSQhzNqYn5nNnLARJzUMSwv1stbMNMPxHcsQ9W4SoztZ5mZ6K"
        }
    ],
    "accounts": [
        {
            "permission": {
                "actor": "deniscarrier",
                "permission": "active"
            },
            "weight": 1
        }
    ]
}

image

I did test if you only provide 1 public key with threshold of 1, the system does throw an error (so that's good).

Does throw an error

{
    "threshold": 1,
    "keys": [
        {
            "key": "EOS8ZSQhzNqYn5nNnLARJzUMSwv1stbMNMPxHcsQ9W4SoztZ5mZ6K"
        }
    ],
    "accounts": []
}

ERROR: pushing transaction: Internal Service Error: Action validate exception: Invalid authority: {"threshold":1,"keys":[{"key":"EOS8ZSQhzNqYn5nNnLARJzUMSwv1stbMNMPxHcsQ9W4SoztZ5mZ6K","weight":0}],"accounts":[],"waits":[]}: pending console output:

@AlexCppns AlexCppns mentioned this issue May 15, 2019
Merged
@maoueh
Copy link
Contributor

maoueh commented Jun 14, 2019

Should be resolved now.

@maoueh maoueh closed this as completed Jun 14, 2019
@DenisCarriere
Copy link
Author

🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@abourget @maoueh @DenisCarriere