Return early in PosBase::transfer if an attempt is made to transfer zero tokens#856
Return early in PosBase::transfer if an attempt is made to transfer zero tokens#856
PosBase::transfer if an attempt is made to transfer zero tokens#856Conversation
james-chf
force-pushed
the
james/mainline/amount-is-zero
branch
from
ac057b1 to
508799a
Compare
james-chf
force-pushed
the
james/mainline/amount-is-zero
branch
from
508799a to
be02b10
Compare
|
pls update wasm |
|
@tzemanovic not sure if this is worth adding, to resolve audit issue #603, if not this PR can be close |
If I understand the issue correctly, it is that we're not checking that slash amount is greater than 0, which is probably a good thing to verify with cubic slashing. I think we should somehow ensure this from slashing logic, maybe having some lower bound param or something. The transfer with 0 is almost no-op (it might write |
yep, it is almost a noop like you say, if we were to slash a validator by 0 (which should not really be occurring in any case) - we may end up initializing a balance to be explicitly 0 where there was none before (but no balance and 0 balance should be being treated functionally equivalently) |
tzemanovic
force-pushed
the
james/mainline/amount-is-zero
branch
from
be02b10 to
b5e6d47
Compare
|
I rebased this into v0.14.3 - the PosBase trait is gone and we're just using |
|
pls update wasm |
* james/mainline/amount-is-zero: [ci] wasm checksums update Add changelog Short circuit token::transfer if amount is zero Add Amount::is_zero fn
3 participants
Relates to #603
This potential PR would add a helper fn for checking if an
Amount::is_zero, and use it to short circuitPosBase::transferif somehow a zero amount was attempted to be transferred.