You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is not a really serious problem, but we should also think of introducing an upper limit for the contract's settle_timeout property.
The only reason why we would need to do that is to protect users from themselves, by not letting them enter a settle_timeout close to 2**256 - 1 and then have either this or this modifier check overflow and have their channel botched with the tokens trapped in there forever.
Solution
Provide an upper limit for settle_timeout and enforce it in the contract.
Tasklist
Provide upper limit for settle timeout
Make test for that value
Add a changelog entry.
The text was updated successfully, but these errors were encountered:
Anything above a couple million to tens of millions of blocks (~ 1 - 10 year(s) with 20s blocks) could probably be considered "forever" for most practical use cases.
Problem Definition
This is not a really serious problem, but we should also think of introducing an upper limit for the contract's
settle_timeout
property.The only reason why we would need to do that is to protect users from themselves, by not letting them enter a
settle_timeout
close to2**256 - 1
and then have either this or this modifier check overflow and have their channel botched with the tokens trapped in there forever.Solution
Provide an upper limit for
settle_timeout
and enforce it in the contract.Tasklist
The text was updated successfully, but these errors were encountered: