Fix node ID mismatch in consignment #131
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dr-orlovsky
reviewed
Feb 10, 2021
There was a problem hiding this comment.
You did a very untrivial job on discovering the source behind the bug. Unfortunately this specific solution will lead to the confidential information leak: the receiving party will known change UTXO from the sender.
The solution should not expose such information, and the node id must not depend on whether any of the state transition data are concealed or not. Pls see details in my comment #130 (comment)
UkolovaOlga
added a commit
to LNP-BP/devcalls
that referenced
this pull request
Feb 15, 2021
10.02.2021 Agenda: RGB QA Issues from https://github.com/orgs/rgb-org/projects/11: 1. Properly handle result from 'validate' request to Stash daemon - RGB-WG/rgb-node#132 2. Asset state transition node ID mutability - https://github.com/rgb-org/rgb-node/issues/133 - RGB-WG/rgb-node#131 - Asset transfer validation is ineffective: RGB-WG/rgb-node#130 3. Question about fungible asset known allocations semantics - RGB-WG/rgb-node#134 4. Transfer change allocation not being registered - RGB-WG/rgb-node#129 5. Transaction output duplicated by 'fungible transfer' - RGB-WG/rgb-node#127
|
Invalidated by RGB-WG/rgb-core#8 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a proposed fix for an issue that I have bumped into when testing the
fungible validatecommand, and that had been reported at #130.It turns out that the way the Consignment structure was being generated, it ended up with state transition node IDs referenced by different fields of the structure that did not match. More specifically, the state transition node IDs in the
endpointsfield did not match the state transition node IDs in thestate_transitionsfield.This happened because the state transition (in my test case there was a single state transition) had some of its assignments concealed before it was added to the
state_transitionsfield but was used as it was in theendpointsfield. The modification of the state transition (via the concealment of its assignments) caused its node ID to change, leading to the mismatch.The proposed fix makes sure that the state transitions are modified as needed (have some of its assignments concealed) before they are assigned to any of the Consignment fields. That way the whole Consignment structure will reference the modified state transitions, avoiding the mismatch. That same scheme is also applied to state extensions.