Telegram Open Network forum

Advanced search  

News:

SMF - Just Installed!

Author Topic: No exception should be thrown handling external message after it was accepted.  (Read 127 times)

admin

  • Administrator
  • Newbie
  • *****
  • Posts: 9
    • View Profile

No exception should be thrown handling external message after it was accepted.

Throwing exception reverts contract state, including replay protection mechanisms (such as seqno). It's trivial to spot external message that raised exception. That message then can be replayed as many times as one would like draining contract out of funds.

Due to limited resources available it might be impossible to perform all neccessary actions until message is accepted. This particular problem was discussed in paper. And suggested approach is to use external message handler to perform basic authentication only. Once sender is authenticated message payload should be transfered to internal message queue.

This way authentication and replay protection are decoupled from any futher processing actions. Exception raised durring processing will still cause some funds to be lost. But it would be impossible for anyone else to simply replay it again.

Source: https://gist.github.com/rainydio/b59f20c2342c71c8d7df34e5795cf821
Logged