reject empty SetCode auth list#3528
Conversation
|
The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).
|
PR SummaryLow Risk Overview Tests cover Reviewed by Cursor Bugbot for commit 33f7713. Bugbot is set up for automated code reviews on this repo. Configure here. |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3528 +/- ##
==========================================
- Coverage 58.97% 58.14% -0.83%
==========================================
Files 2211 2137 -74
Lines 182172 173629 -8543
==========================================
- Hits 107434 100964 -6470
+ Misses 65120 63720 -1400
+ Partials 9618 8945 -673
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
8e60340 to
33f7713
Compare
Summary
Reject SetCode transactions with nil or empty authorization lists during Sei EVM tx validation, so CheckTx no longer accepts transactions that DeliverTx later rejects through Geth's EIP-7702 stateless checks.
The same guard is mirrored in the Giga EVM tx-type copy to keep validation behavior aligned.
Root Cause
SetCodeTx.Validate()delegated tovalidateAuthList(), which iterated over the list but treated nil and empty lists as valid. CheckTx runs Sei's stateless validation path without GethStateTransition.StatelessChecks(), preserving pending-nonce mempool behavior, so the empty auth-list invariant was missed before mempool admission. DeliverTx invokes the Geth stateless check and rejects the same tx withErrEmptyAuthList, wrapped asErrWrongSequence.Tests
go test ./x/evm/types ./x/evm/types/ethtx ./app/ante ./giga/deps/xevm/types/ethtx