claim spoofing fix #149
claim spoofing fix #149
Conversation
…ng handled correctly when processed through updated offerHandler code
…itedness as generic interface for creating AsyncGenerator subscribtions (#150) This commit contains test for: - Handling bobs offer - Subscribing to bobs wallet - Verifying Alice's inability to make a second claim attempt
…xisting test code to properly evaluate assertions against updated makeClaimAirdropInvitation - added Observable factory function for watching AsyncGenerators - implemented logic for informing smart wallets of tribbles issuer (fixes issue where provisionSmartWallet fails when interfacing with a new issuer) - added import statements for various type definitions (a practice that should continue whenever faced with VSCode intellisense errors stemming from unknown types)
|
@tgrecojs I am going to review this, hopefully, today but it looks good at first glance. Could you maybe add very basics details in readme regarding how to run this on local? Thanks. |
Yes, no problem @amessbee. I will be sure to do so today. Additionally, if you find that you would benefit from a deeper understanding of the code, I'd be more than happy to walk you through it during a short Zoom call. Feel free to reach out to me, and we can schedule a time that suits us both. |
Awesome - that would be great. I think the contract code looks fine to me. I may still want to go through the tests with you if we can find time. |
contract/src/airdrop.contract.js
Outdated
| await Promise.all( | ||
| Object.values(payment).map(pmtP => | ||
| E.when(pmtP, pmt => E(depositFacet).receive(pmt)), | ||
| ), | ||
| ); |
There was a problem hiding this comment.
I was wondering if there is a case of multiple payments to an address given that depositFacet receives payment before the corresponding address is added to the accountStore in case of failure somewhere in between?
There was a problem hiding this comment.
This is a great call out. Could you provide me with an example of one such error?
I'm not necessarily worried about a failure happening, however your comments did introduce a new scenario to me in which a user makes subsequent offers to claim before this Promise has resolved. If the user is able to get passed the accountStore book keeping occurs, then they would seemingly be able to collect more than one payment.
This is all the more reason for updating the code so that the book keeping logic happens before any Payment is sent out.
contract/src/airdrop.contract.js
Outdated
| rearrange( | ||
| harden([ | ||
| [tokenHolderSeat, claimSeat, { Tokens: paymentAmount }], | ||
| [claimSeat, tokenHolderSeat, { Fee: claimTokensFee }], | ||
| ]), | ||
| harden([[claimSeat, tokenHolderSeat, { Fee: claimTokensFee }]]), | ||
| ); |
There was a problem hiding this comment.
This probably none to very limit impact in the current context, but we are probably breaking offer-safety here by separating deposit of tokens from claiming Fee. WDYT?
There was a problem hiding this comment.
We've opted to allow for the offer to occur in such a manner enforces offer-safety for the tokenHolderSeat. This is due to the nature of this specific offer as it uses depositFacets one one side of the offer, and Zoe seat rearrange for the other.
If this is an issue, then I think the fix would be to move the accountStore logic so that it occurs before the depositFacet is sent a payment, effectively stopping any instances in which a user manages to get passed the check on accountStore before the Promise.all payment resolves.
Does that make sense?
There was a problem hiding this comment.
I've realized that a merge I conducted for adding this commit into the codebase got lost along the way. I'm going to address this today. I wanted to make note of it though as it relates to ensuring offer safety.
| test.serial('makePauseContractInvitation', async t => { | ||
| const merkleRoot = merkleTreeAPI.generateMerkleRoot( | ||
| accounts.map(x => x.pubkey.key), |
There was a problem hiding this comment.
I see that all tests in this module are passing but if possible, can we refactor these two tests (makePauseContractInvitation and E2E test) - I kind of lost track halfway through :)
| } | ||
| }; | ||
| const offerArgsValue = makeOfferArgs({ | ||
| address: wallet.address, |
There was a problem hiding this comment.
Question: if we are not using address in the contract, why are we still sending it here or expecting in offerArgs - do we expect a future use case?
There was a problem hiding this comment.
No, we're not expecting to use it ever. I didn't mean to include this file in the PR so sorry for the confusion.
…his commit contains code that was introduced to the codebase on a seperate branch**. This is meant to be as an acknowledgement of this undesired (yet somewhat necessary) process
There was a problem hiding this comment.
@tgrecojs I am going to review this, hopefully, today but it looks good at first glance. Could you maybe add very basics details in readme regarding how to run this on local? Thanks.
Yes, no problem @amessbee. I will be sure to do so today.
Additionally, if you find that you would benefit from a deeper understanding of the code, I'd be more than happy to walk you through it during a short Zoom call. Feel free to reach out to me, and we can schedule a time that suits us both.
Awesome - that would be great. I think the contract code looks fine to me. I may still want to go through the tests with you if we can find time.
@amessbee, here is a link to schedule a meeting with me. If you're unable to find a time that suits you, please let me know. I'm more than happy to accommodate. :)
|
Thanks @tgrecojs - I have requested a meeting on Monday if that works. It may be too late though, so I am available at the same time on Fri/Sat/Sun so do let me know if we can meet earlier. Thanks. |
|
Thank you for setting the meeting @amessbee. Considering the timeline, it would be really helpful if we could move the session to Saturday at the same time (9AM EST). This change would allow me to address any remaining action items before Monday, putting us in a strong position to finalize the review process at the start of the week. If this new timing works for you, please let me know, and I'll adjust the invite accordingly. Thanks again! |
|
@tgrecojs yes that works for me, let's meet on Saturday. |
* refactor(offerHandler): - moved offerHandler book keeping so that it takes place at the time when Payments are sent to claimant's depositFacets - removed instances where precomputed logic was being used once - removed address string from accountStore lookup message to eliminate unnecessary computation
|
hey @amessbee - can you stamp this as all good now that you have context into the decision to take this approach, and the conversations that were conducted with Dean, as well as others, confirming the validity of this approach? you may have noticed but everything you mentioned has been addressed. thanks for all the useful feedback btw 🙂 |
No description provided.