Fix: Keep track of changing permissions during transaction validation #1412
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mitschabaude
commented
Feb 6, 2024
| isValidProof = await verify(proof, verificationKey); | ||
| if (!isValidProof) { | ||
| throw Error( | ||
| `Invalid proof for account update\n${JSON.stringify(update)}` | ||
| ); | ||
| } | ||
| } catch (error) { | ||
| errorTrace += '\n\n' + (error as Error).message; | ||
| errorTrace += '\n\n' + (error as Error).stack; |
There was a problem hiding this comment.
much better to also include the stack trace here - that way you can see where the code failed
Comment on lines
+1257
to
+1261
| let verificationKey = account.zkapp?.verificationKey?.data; | ||
| assert( | ||
| verificationKey !== undefined, | ||
| 'Account does not have a verification key' | ||
| ); |
There was a problem hiding this comment.
ran into this being undefined in a test and failed down the line - better to have an explicit error about it right away
Trivo25
approved these changes
Feb 6, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fixes a bug where a transaction that updated permissions on an existing account, and then tried to perform an action affected by the updated permissions, was incorrectly rejected by the TS pre-validation logic, because that logic didn't keep track of the changed permissions.
As a fix, we introduced a lightweight internal "ledger" on which individual account updates are applied, updating permissions.
This can be extended in the future to keep track of more account state on the TS side.
Note: There are no tests currently fixed by this. However, a unit test that would fail without this change is coming soon as part of #1384 (
token-contract.unit-test.ts)