cerc-io/laconicd
17
0
Fork 2
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 9 Wiki Activity

Fix nonce issue for replay attack (#692)

Browse Source 
* fix nonce issue for replay attack

* fix lint

* add to changelog
This commit is contained in:
Daniel Choi 2021-01-08 17:44:50 -08:00 committed by GitHub
parent 4a619b1e1b
commit d7bdbd7488
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -44,6 +44,8 @@ Ref: https://keepachangelog.com/en/1.0.0/
### Bug Fixes
* (evm) [\#687](https://github.com/cosmos/ethermint/issues/687) Fix nonce check to explicitly check for the correct nonce, rather than a simple 'greater than' comparison.
* (api) [\#687](https://github.com/cosmos/ethermint/issues/687) Returns error for a transaction with an incorrect nonce.
* (evm) [\#674](https://github.com/cosmos/ethermint/issues/674) Reset all cache after account data has been committed in `EndBlock` to make sure every node state consistent.
* (evm) [\#672](https://github.com/cosmos/ethermint/issues/672) Fix panic of `wrong Block.Header.AppHash` when restart a node with snapshot.

2
app/ante/eth.go
View File

@ -257,7 +257,7 @@ func (nvd NonceVerificationDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, sim
// if multiple transactions are submitted in succession with increasing nonces,
// all will be rejected except the first, since the first needs to be included in a block
// before the sequence increments
if msgEthTx.Data.AccountNonce < seq {
if msgEthTx.Data.AccountNonce != seq {
return ctx, sdkerrors.Wrapf(
sdkerrors.ErrInvalidSequence,
"invalid nonce; got %d, expected %d", msgEthTx.Data.AccountNonce, seq,

14
rpc/namespaces/eth/api.go
View File

@ -1000,16 +1000,16 @@ func (api *PublicEthereumAPI) generateFromArgs(args rpctypes.SendTxArgs) (*evmty
gasPrice = big.NewInt(ethermint.DefaultGasPrice)
}
if args.Nonce == nil {
// get the nonce from the account retriever and the pending transactions
nonce, err = api.accountNonce(api.clientCtx, args.From, true)
} else {
nonce = (uint64)(*args.Nonce)
}
// get the nonce from the account retriever and the pending transactions
nonce, err = api.accountNonce(api.clientCtx, args.From, true)
if err != nil {
return nil, err
}
if args.Nonce != nil {
if nonce != (uint64)(*args.Nonce) {
return nil, fmt.Errorf(fmt.Sprintf("invalid nonce; got %d, expected %d", (uint64)(*args.Nonce), nonce))
}
}
if args.Data != nil && args.Input != nil && !bytes.Equal(*args.Data, *args.Input) {
return nil, errors.New("both 'data' and 'input' are set and not equal. Please use 'input' to pass transaction call data")