Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replay Protect Shielded Actions #3300

Closed
murisi opened this issue May 23, 2024 · 1 comment · Fixed by #3320, #3406 or #3409
Closed

Replay Protect Shielded Actions #3300

murisi opened this issue May 23, 2024 · 1 comment · Fixed by #3320, #3406 or #3409
Assignees
@murisi
Labels
bug Something isn't working MASP prio:high
Milestone
Phase 1: mainnet ...

Comments

@murisi
Copy link
Contributor

murisi commented May 23, 2024

The Transaction object embedded inside MASP-IBC transactions only commits to the IBC internal address. This means that an attacker could potentially replay a Transaction object inside a different Tx where the specific IBC addresses have been changed. Ideally we should get the Transaction object to commit to specific IBC addresses instead of just the general IBC internal address.
@murisi murisi added bug Something isn't working MASP prio:high labels May 23, 2024
@cwgoes
Copy link
Contributor

cwgoes commented May 24, 2024

Fixes required here:

  • Include receiving IBC address in Transaction object
  • Add checks in VP to check that this address is correctly authorized

@cwgoes cwgoes mentioned this issue May 24, 2024
Closed
@murisi murisi mentioned this issue May 28, 2024
Merged
2 tasks
This was referenced May 31, 2024
Closed
Closed
This was referenced Jun 12, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@murisi murisi

Labels
bug Something isn't working MASP prio:high
Projects
None yet
Milestone
Phase 1: mainnet genesis
2 participants
@murisi @cwgoes