Skip to content

fix: subgraphService access control (OZ C-04) #990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 6, 2024
Merged

fix: subgraphService access control (OZ C-04) #990

merged 3 commits into from
Sep 6, 2024

Conversation

Maikol
Copy link
Member

@Maikol Maikol commented Aug 8, 2024

No description provided.

@openzeppelin-code OpenZeppelin Code
Copy link

openzeppelin-code bot commented Aug 8, 2024
edited
Loading

fix: subgraphService access control (OZ C-04)

Generated at commit: 0364b4115f233cbff44749652d78c786a853675c

🚨 Report Summary

Severity Level Results
Contracts Critical
High
Medium
Low
Note
Total		 2
4
0
16
41
63
Dependencies Critical
High
Medium
Low
Note
Total		 0
0
0
0
0
0

For more details view the full report in OpenZeppelin Code Inspector

tmigone
tmigone requested changes Aug 13, 2024
View reviewed changes
Copy link
Member

@tmigone tmigone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some comments!

packages/subgraph-service/contracts/SubgraphService.sol Outdated
Comment on lines 489 to 490
Allocation.State memory allocation = allocations.get(allocationId);
require(allocation.indexer == indexer, SubgraphServiceInvalidAllocationIndexer(indexer, allocationId));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this check is not needed. The allocation id is retrieved from a signed RAV which is already being validated later.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean tokens collected get directly sent to the indexer specified in the RAV so they cant be stolen. And it would make no sense for an indexer to collect someone elses RAV because they would be locking their stake and get zero tokens out of it.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed I'll leave this check in case an indexer receives a voucher with a wrong allocationId so they don't accidentally lock in. their stake to collect another indexer's voucher. Also added a comment with this information.

@tmigone
Copy link
Member

tmigone commented Aug 13, 2024

Just realized we also need to ensure resizeAllocation() doesn't allow resizing someone else's allocation 🫤

@Maikol
Copy link
Member Author

Maikol commented Aug 13, 2024
edited
Loading

Just realized we also need to ensure resizeAllocation() doesn't allow resizing someone else's allocation 🫤

I'll work next on resize on a new PR

@Maikol Maikol requested a review from tmigone August 13, 2024 17:36
tmigone
tmigone approved these changes Aug 13, 2024
View reviewed changes
packages/subgraph-service/contracts/SubgraphService.sol

// release expired stake claims
_releaseStake(indexer, 0);
_releaseStake(_indexer, 0);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: this change is not needed since indexer = _indexer :p

@pcarranzav pcarranzav changed the title fix: subgraphService access controll (OZ C-04) fix: subgraphService access control (OZ C-04) Aug 19, 2024
@pcarranzav
Copy link
Member

pcarranzav commented Aug 19, 2024
edited
Loading

I'd suggest fixing resizeAllocation on this PR instead of a separate one, otherwise we risk forgetting about it... or make it super super clear that this PR doesn't fully resolve C-04

Edit: just realized it's in #992 - I'd suggest mentioning this in the PR description

@pcarranzav pcarranzav mentioned this pull request Aug 19, 2024
Merged
@Maikol
Copy link
Member Author

Maikol commented Aug 19, 2024

@pcarranzav I'll mention it on the other PR, thank you! 👍

@tmigone tmigone force-pushed the mde/pr989-fix-oz-c-03 branch from fb00c7a to 3999eb1 Compare August 20, 2024 20:00
@tmigone tmigone force-pushed the mde/pr990-fix-oz-c-04 branch from d09457b to 320b0d9 Compare August 20, 2024 20:01
@tmigone tmigone force-pushed the mde/pr989-fix-oz-c-03 branch from 3999eb1 to a183d7e Compare August 22, 2024 17:53
@tmigone tmigone force-pushed the mde/pr990-fix-oz-c-04 branch from 320b0d9 to 0364b41 Compare August 22, 2024 17:57
Base automatically changed from mde/pr989-fix-oz-c-03 to horizon September 6, 2024 19:25
@tmigone tmigone merged commit 0364b41 into horizon Sep 6, 2024
3 checks passed
@tmigone tmigone deleted the mde/pr990-fix-oz-c-04 branch September 6, 2024 19:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tmigone tmigone tmigone approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Maikol @tmigone @pcarranzav