Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add storage bounds to account procedures #886

Merged
merged 22 commits into from
Oct 7, 2024
Merged

Conversation

phklive
Copy link
Contributor

@phklive phklive commented Sep 18, 2024

In this PR I propose to add storage bounds to account procedures this will prevent a procedure from accessing unauthorised storage slots.

We have added a lower bound in the storage_offset but no upper bound. This pr adds storage_size which will be the upper bound for any account code procedure.

Closes: #866

@phklive phklive marked this pull request as ready for review September 20, 2024 14:02
@phklive phklive linked an issue Sep 20, 2024 that may be closed by this pull request
Copy link
Contributor

@bobbinth bobbinth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Thank you! I left some comments inline. The main one is about potentially merging validate_storage_sizes logic into validate_storage_offsets.

objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
Copy link
Contributor

@bobbinth bobbinth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Thank you! I left some more comments inline. After these are addressed, we can merge.

objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/procedure.rs Outdated Show resolved Hide resolved
objects/src/accounts/code/mod.rs Show resolved Hide resolved
miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
Comment on lines +400 to +405
# assert that if size is 0 then offset is 0
dup.1 eq.0
if.true
dup eq.0 assert.err=ERR_INVALID_STORAGE_OFFSET_FOR_SIZE
end
# => [storage_offset, storage_size, index, num_storage_slots, num_account_procedures]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add a TODO for this block to figure out how to do this without the if statement.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would we need to remove the if statement?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if statements are relatively expensive. So, if we can do this with some small number (e.g., half a dozen or so) non-conditional instructions, this would be quite a bit more efficient.

miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
miden-lib/asm/kernels/transaction/lib/account.masm Outdated Show resolved Hide resolved
@phklive phklive merged commit 9a33191 into next Oct 7, 2024
8 checks passed
@phklive phklive deleted the phklive-storage-bounds branch October 7, 2024 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add storage bounds to account procedures
2 participants