Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the Xycloans case study #144

Merged
merged 4 commits into from
Oct 23, 2024
Merged

Add the Xycloans case study #144

merged 4 commits into from
Oct 23, 2024

Conversation

thpani
Copy link
Collaborator

@thpani thpani commented Oct 21, 2024
edited
Loading

Add a further case study, based on TypeScript monitors.

It reproduces a known and fixed criticial vulnerability exposed by a rounding error identified by OtterSec as finding OS-XYC-ADV-00 in this audit report.

Closes #133, closes #142

@thpani thpani requested a review from konnov October 21, 2024 10:13
konnov
konnov approved these changes Oct 21, 2024
View reviewed changes
Copy link
Contributor

@konnov konnov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Amazing example! We should get some feedback from the Xycloans team on that

ContractExamples/scripts/xycloans-populate.sh Outdated Show resolved Hide resolved
...AKERFYIKL/477912/entry-49ce70a0fe73f9b815f50dbe13403608242cec0770ac32eb24d1a425e39467be.json Outdated Show resolved Hide resolved
solarkraft/test/e2e/verify_js_example_xycloans.ts
const token = env.storage().instance().get('TokenId')

// side-effects: we track deposits locally to compute rewards later
this.shares = this.shares.update(from, 0n, (x) => x + amount)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks like a very fragile solution to me. What if we have two succeeds_with conditions that both update this.shares?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could move it outside the succeeds_with. WDYT?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, I believe it's how it should be done conceptually. Kind of like one update per tx.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Uh, but here's the thing: we're passing Env to succeeds_with not to the containing method. However, the second side-effect below accesses storage via env.

We're doing this because reverts_if and succeeds_with receive different Envs: reverts_if only has access to the pre-state, while succeeds_with receives pre- and post-states.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will think about it a bit more, but maybe we need to leave this as a future design consideration.

Base automatically changed from th/bigint-everywhere to main October 21, 2024 15:34
@thpani thpani mentioned this pull request Oct 23, 2024
Closed
@thpani thpani force-pushed the th/case-study-xycloans branch from 1fe7f59 to ce62543 Compare October 23, 2024 15:23
@thpani thpani merged commit 6652035 into main Oct 23, 2024
3 checks passed
@thpani thpani deleted the th/case-study-xycloans branch October 23, 2024 15:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@konnov konnov konnov approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add case study #1 Previous audits as case studies
2 participants
@thpani @konnov