Skip to content
This repository was archived by the owner on Jan 22, 2025. It is now read-only.

Prevent runtime from using messages with version 127 #29807

Merged
merged 1 commit into from
Feb 13, 2023
Merged

Prevent runtime from using messages with version 127 #29807

merged 1 commit into from
Feb 13, 2023

Conversation

askibin
Copy link
Contributor

@askibin askibin commented Jan 20, 2023

Problem

To prevent social attacks by which the signer is tricked into signing a transaction, the runtime MUST NOT accept signed off-chain messages as transactions under any circumstances. The first byte of the signing domain specifier is chosen such that it corresponds to a value (0xff) which is implicitly illegal as the first byte in a transaction MessageHeader today. The property is implicit because the top bit in the first byte of a MessageHeader being set signals a versioned transaction, but only a value of zero is supported at this time. The runtime needs to be modified to reserve 127 as an illegal version number, making this property explicit.

Summary of Changes

Deserialization of VersionedMessage

Fixes #

CriesofCarrots
CriesofCarrots previously approved these changes Jan 26, 2023
View reviewed changes
Copy link
Contributor

@CriesofCarrots CriesofCarrots left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks reasonable to me, but would be good to get @t-nelson to sanity check as well.

t-nelson
t-nelson previously approved these changes Jan 27, 2023
View reviewed changes
Copy link
Contributor

@t-nelson t-nelson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

r+ suggested error string elaboration. thanks!

@askibin askibin mentioned this pull request Feb 11, 2023
Merged
@askibin askibin dismissed stale reviews from t-nelson and CriesofCarrots via d70994c February 11, 2023 18:37
@askibin askibin merged commit cb7fed6 into solana-labs:master Feb 13, 2023
@etodanik etodanik mentioned this pull request Jul 29, 2025
Closed
2 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@t-nelson t-nelson Awaiting requested review from t-nelson

1 more reviewer

@CriesofCarrots CriesofCarrots CriesofCarrots approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@askibin @t-nelson @CriesofCarrots