Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enrichSigHash : The order of function calling would lead to multiple issues. #96

Open
hats-bug-reporter bot opened this issue Jul 17, 2024 · 4 comments
Open

enrichSigHash : The order of function calling would lead to multiple issues. #96

hats-bug-reporter bot opened this issue Jul 17, 2024 · 4 comments
Labels
invalid This doesn't seem right

Comments

@hats-bug-reporter
Copy link

Github username: --
Twitter username: --
Submission hash (on-chain): 0x67f8774cefff6eb87badafaac75efb028c2d2c6ba736996a5b1538789c8e71a0
Severity: medium

Description:
Description\

AbstractTxSerializer is inherited by the TxSerilier and RefuelTxSerilzer.

There are three different functions . partiallySignOutgoingTransaction, serializeOutgoingTransaction and enrichSigHash.

The enrichSigHash should be able to call even if the serializeOutgoingTransaction set the isFinished() is true.

But, the function enrichSigHash has the following check. when the serializeOutgoingTransaction comppletes and update the _serializing.state, then the enrichSigHash will not pass through.

enrichSigHash

    function enrichSigHash(uint256 inputIndex, uint256 count) public virtual onlyRelayer {
        require(_skeleton.hasSufficientInputs, "IVM");
        require(_skeleton.sigHashes[inputIndex] == bytes32(0), "AH");
        require(!isFinished(), "AF"); --->> this is not needed.

The another issue is,

serializeOutgoingTransaction updates the _skeleton.tx.inputs[i].scriptSig by calling the _writeScriptSigs

The function enrichSigHash uses this _skeleton.tx.inputs[i].scriptSig to wrtie the _sigHashSerializer

refer the code flow

enrichSigHash - serializeTx -> serializeTransactionInputs

if relayer calls the enrichSigHash function first , then then _skeleton.tx.inputs[i].scriptSig written will not be a valid value.

Attachments

  1. Proof of Concept (PoC) File
  1. Revised Code File (Optional)

enrichSigHash

    function enrichSigHash(uint256 inputIndex, uint256 count) public virtual onlyRelayer {
        require(_skeleton.hasSufficientInputs, "IVM");
        require(_skeleton.sigHashes[inputIndex] == bytes32(0), "AH");
        require(_skeleton.tx.hash =! bytes32(0)); -->> add this line
        require(!isFinished(), "AF"); --->> remove
@hats-bug-reporter hats-bug-reporter bot added the bug Something isn't working label Jul 17, 2024
@party-for-illuminati party-for-illuminati added invalid This doesn't seem right and removed bug Something isn't working labels Jul 17, 2024
@aktech297
Copy link

@party-for-illuminati

@party-for-illuminati
Copy link
Collaborator

The enrichSigHash should be able to call even if the serializeOutgoingTransaction set the isFinished() is true.

"The enrichSigHash should be able to call even if the serializeOutgoingTransaction set the isFinished() is true." - why would it be needed?

@aktech297
Copy link

aktech297 commented Jul 18, 2024
edited
Loading

We think that the enrichSigHash and serializeOutgoingTransaction both are different functions.
Pls explain the sequence of calling these three functions
partiallySignOutgoingTransaction, serializeOutgoingTransaction and enrichSigHash.

@party-for-illuminati
Copy link
Collaborator

We think that the enrichSigHash and serializeOutgoingTransaction both are different functions. Pls explain the sequence of calling these three functions partiallySignOutgoingTransaction, serializeOutgoingTransaction and enrichSigHash.

https://github.com/hats-finance/illuminex-0x0bb4aa1f58719707405c231fcdf0b405714799cf/blob/main/docs/out/withdraw_flow/Withdraw%20flow.png

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid This doesn't seem right
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aktech297 @party-for-illuminati