feat: api: sanity check the "to" address of outgoing messages #12135
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses.
Stebalien
force-pushed
the
steb/sanity-check-outgoing-messages
branch
from
d2285e0
to
3d1bc96
Compare
|
This seems fine to me, but here's my understanding of what it's doing: refusing to receive messages for the message pool from the API. One implication is that it would refuse such messages from the large public RPC providers, which would cut off a large % of the source of these messages (I think). I'm not sure how the pubsub censorship resistance works though so can't really comment on that. Is there any path to receiving and passing them on but just refusing to pack them into blocks? Or is the packing part of the protocol too? |
|
Added the backport label to this so we have it in the v1.28 release. |
18 tasks
|
Assigning myself to take this to completion. |
|
@Stebalien @rvagg I have added unit tests and an itest to this. Please can you guys approve? |
|
LGTM but I can't approve as I created the PR (and someone else should make sure the logic is fine). |
rvagg
approved these changes
Jul 3, 2024
aarshkshah1992
added a commit
that referenced
this pull request
Jul 3, 2024
* feat: api: sanity check the "to" address of outgoing messages If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses. * tests for invalid delegated addresses * fix lint --------- Co-authored-by: aarshkshah1992 <aarshkshah1992@gmail.com>
rvagg
pushed a commit
that referenced
this pull request
Jul 3, 2024
* feat: api: sanity check the "to" address of outgoing messages If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses. * tests for invalid delegated addresses * fix lint --------- Co-authored-by: aarshkshah1992 <aarshkshah1992@gmail.com>
Merged
aarshkshah1992
added a commit
that referenced
this pull request
Jul 3, 2024
* feat: api: sanity check the "to" address of outgoing messages If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses. * tests for invalid delegated addresses * fix lint --------- Co-authored-by: aarshkshah1992 <aarshkshah1992@gmail.com>
rvagg
pushed a commit
that referenced
this pull request
Jul 10, 2024
* feat: api: sanity check the "to" address of outgoing messages If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses. * tests for invalid delegated addresses * fix lint --------- Co-authored-by: aarshkshah1992 <aarshkshah1992@gmail.com>
rvagg
pushed a commit
that referenced
this pull request
Jul 10, 2024
* feat: api: sanity check the "to" address of outgoing messages If the "to" address of an outgoing message is a _delegated_ address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating `0xff0000....` addresses into `f410f...` addresses instead of `f0...` addresses. * tests for invalid delegated addresses * fix lint --------- Co-authored-by: aarshkshah1992 <aarshkshah1992@gmail.com>
8 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Related Issues
Proposed Changes
If the "to" address of an outgoing message is a delegated address, verify that it maps to a valid Ethereum address. This isn't a consensus critical change, but it'll help prevent client-side address conversion libraries from directing messages into oblivion (e.g., by mis-translating
0xff0000....addresses intof410f...addresses instead off0...addresses.Notes:
Additional Info
Checklist
Before you mark the PR ready for review, please make sure that:
<PR type>: <area>: <change being made>fix: mempool: Introduce a cache for valid signaturesPR type: fix, feat, build, chore, ci, docs, perf, refactor, revert, style, testarea, e.g. api, chain, state, mempool, multisig, networking, paych, proving, sealing, wallet, deps