Merge pull request #6110 from onflow/ramtin/flow-evm-state-add-extra-…

…checks-for-balances [Flow EVM] add extra checks for EVM state balance changes
onflow · Jun 20, 2024 · 796c517 · 796c517
2 parents e463acf + 3dfedbb
commit 796c517
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 2 deletions.
diff --git a/fvm/evm/emulator/emulator.go b/fvm/evm/emulator/emulator.go
@@ -106,6 +106,11 @@ type BlockView struct {
 
 // DirectCall executes a direct call
 func (bl *BlockView) DirectCall(call *types.DirectCall) (*types.Result, error) {
+	// negative amounts are not acceptable.
+	if call.Value.Sign() < 0 {
+		return nil, types.ErrInvalidBalance
+	}
+
 	proc, err := bl.newProcedure()
 	if err != nil {
 		return nil, err
@@ -150,6 +155,11 @@ func (bl *BlockView) RunTransaction(
 		return types.NewInvalidResult(tx, err), nil
 	}
 
+	// negative amounts are not acceptable.
+	if msg.Value.Sign() < 0 {
+		return nil, types.ErrInvalidBalance
+	}
+
 	// update tx context origin
 	proc.evm.TxContext.Origin = msg.From
 	res, err := proc.run(msg, tx.Hash(), 0, tx.Type())
@@ -182,6 +192,11 @@ func (bl *BlockView) BatchRunTransactions(txs []*gethTypes.Transaction) ([]*type
 			continue
 		}
 
+		// negative amounts are not acceptable.
+		if msg.Value.Sign() < 0 {
+			return nil, types.ErrInvalidBalance
+		}
+
 		// update tx context origin
 		proc.evm.TxContext.Origin = msg.From
 		res, err := proc.run(msg, tx.Hash(), uint(i), tx.Type())
@@ -222,6 +237,11 @@ func (bl *BlockView) DryRunTransaction(
 		GetSigner(bl.config),
 		proc.config.BlockContext.BaseFee,
 	)
+	// negative amounts are not acceptable.
+	if msg.Value.Sign() < 0 {
+		return nil, types.ErrInvalidBalance
+	}
+
 	// we can ignore invalid signature errors since we don't expect signed transctions
 	if !errors.Is(err, gethTypes.ErrInvalidSig) {
 		return nil, err
@@ -291,6 +311,11 @@ func (proc *procedure) mintTo(
 	call *types.DirectCall,
 	txHash gethCommon.Hash,
 ) (*types.Result, error) {
+	// negative amounts are not acceptable.
+	if call.Value.Sign() < 0 {
+		return nil, types.ErrInvalidBalance
+	}
+
 	bridge := call.From.ToCommon()
 
 	// create bridge account if not exist
@@ -325,6 +350,11 @@ func (proc *procedure) withdrawFrom(
 	call *types.DirectCall,
 	txHash gethCommon.Hash,
 ) (*types.Result, error) {
+	// negative amounts are not acceptable.
+	if call.Value.Sign() < 0 {
+		return nil, types.ErrInvalidBalance
+	}
+
 	bridge := call.To.ToCommon()
 
 	// create bridge account if not exist

diff --git a/fvm/evm/emulator/state/stateDB.go b/fvm/evm/emulator/state/stateDB.go
@@ -108,12 +108,22 @@ func (db *StateDB) HasSelfDestructed(addr gethCommon.Address) bool {
 
 // SubBalance substitutes the amount from the balance of the given address
 func (db *StateDB) SubBalance(addr gethCommon.Address, amount *big.Int) {
+	// negative amounts are not accepted.
+	if amount.Sign() < 0 {
+		db.handleError(types.ErrInvalidBalance)
+		return
+	}
 	err := db.lastestView().SubBalance(addr, amount)
 	db.handleError(err)
 }
 
 // AddBalance adds the amount from the balance of the given address
 func (db *StateDB) AddBalance(addr gethCommon.Address, amount *big.Int) {
+	// negative amounts are not accepted.
+	if amount.Sign() < 0 {
+		db.handleError(types.ErrInvalidBalance)
+		return
+	}
 	err := db.lastestView().AddBalance(addr, amount)
 	db.handleError(err)
 }

diff --git a/fvm/evm/types/errors.go b/fvm/evm/types/errors.go
@@ -87,8 +87,8 @@ const (
 )
 
 var (
-	// ErrInvalidBalance is returned when an invalid balance is provided for transfer (e.g. negative)
-	ErrInvalidBalance = errors.New("invalid balance for transfer")
+	// ErrInvalidBalance is returned when an invalid amount is provided for transfer or balance change (e.g. negative)
+	ErrInvalidBalance = errors.New("invalid amount for transfer or balance change")
 
 	// ErrInsufficientComputation is returned when not enough computation is
 	// left in the context of flow transaction to execute the evm operation.