Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(unorderedtx): issues reported in audit (#21467) #23727

Merged
merged 17 commits into from
Feb 26, 2025
Merged

fix(unorderedtx): issues reported in audit (#21467) #23727

merged 17 commits into from
Feb 26, 2025

Conversation

technicallyty
Copy link
Contributor

Description

Closes: STA-117

backports the audit fix from e9eaefa

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title, you can find examples of the prefixes below:
  • confirmed ! in the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • reviewed "Files changed" and left comments if necessary
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • updated the relevant documentation or specification, including comments for documenting Go code
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

Please see Pull Request Reviewer section in the contributing guide for more information on how to review a pull request.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic, API design and naming, documentation is accurate, tests and test coverage

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 19, 2025
View reviewed changes
x/auth/ante/unorderedtx/manager.go Dismissed
@@ -145,33 +146,30 @@
var txHash TxHash
copy(txHash[:], buf[:txHashSize])

m.Add(txHash, binary.BigEndian.Uint64(buf[txHashSize:]))
timeStamp := binary.BigEndian.Uint64(buf[txHashSize:])
m.Add(txHash, time.Unix(int64(timeStamp), 0))

Check failure

Code scanning / gosec

integer overflow conversion uint64 -> uint8 Error

integer overflow conversion uint64 -> int64
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this ok?

@technicallyty
Merge branch 'technicallyty/backport-6ec53aaf54-unorderedtx-part-1' i…
2596601 
…nto technicallyty/STA-117/backport-auditfix1-e2c6e
@technicallyty
Merge branch 'technicallyty/backport-6ec53aaf54-unorderedtx-part-1' i…
6f5596c 
…nto technicallyty/STA-117/backport-auditfix1-e2c6e
@aljo242 aljo242 mentioned this pull request Feb 25, 2025
Open
@aljo242 aljo242 linked an issue Feb 25, 2025 that may be closed by this pull request
[Epic]: Unordered Tx support in v53 #23756
Open
@aljo242 aljo242 added this to the SDK v0.53 milestone Feb 25, 2025
technicallyty and others added 2 commits February 25, 2025 08:46
aljo242
aljo242 reviewed Feb 25, 2025
View reviewed changes
x/auth/ante/unordered.go Outdated
},
}

const DefaultSha256Cost = 25
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think we should doc this. What is the unit?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DefaultSha256GasCost and rename all other var uses related to this

x/auth/ante/unordered.go Outdated
}

txHash := sha256.Sum256(ctx.TxBytes())
// consume gas in all exec modes to avoid gas estimation discrepancies
sdkCtx.GasMeter().ConsumeGas(d.sha256Cost, "consume gas for calculating tx hash")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One thing I want us to follow up on is "why is the default cost what it is?"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#23816

x/auth/ante/unorderedtx/manager.go Dismissed
@@ -145,33 +146,30 @@
var txHash TxHash
copy(txHash[:], buf[:txHashSize])

m.Add(txHash, binary.BigEndian.Uint64(buf[txHashSize:]))
timeStamp := binary.BigEndian.Uint64(buf[txHashSize:])
m.Add(txHash, time.Unix(int64(timeStamp), 0))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this ok?

@technicallyty technicallyty mentioned this pull request Feb 26, 2025
Open
@technicallyty technicallyty marked this pull request as ready for review February 26, 2025 17:04
@technicallyty technicallyty requested a review from a team as a code owner February 26, 2025 17:04
@github-actions GitHub Actions
Copy link
Contributor

@technicallyty your pull request is missing a changelog!

@technicallyty technicallyty merged commit b754f48 into technicallyty/backport-6ec53aaf54-unorderedtx-part-1 Feb 26, 2025
53 of 57 checks passed
@technicallyty technicallyty deleted the technicallyty/STA-117/backport-auditfix1-e2c6e branch February 26, 2025 18:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aljo242 aljo242 aljo242 approved these changes

Assignees
No one assigned
Labels
C:CLI C:x/auth C:x/staking C:x/tx Type: Build
Projects
None yet
Milestone
SDK v0.53 Core
Development

Successfully merging this pull request may close these issues.

[Epic]: Unordered Tx support in v53
3 participants
@technicallyty @aljo242 @facundomedica