Info

Download ZIP (22.4 KB)

Testing and Issues

You can test this entry and submit issues during the testing period of the Blockchain Contest contest.

Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.

Voting

44

Comments

This is a multi-sign wallet smc implementation with some helper scripts to create, sign, inspect orders and merge partially signed orders together.
You have not added any comments yet...
by rating

Issues

Magic Python Nov 4, 2019 at 10:15
plus:
Good performance (0.06G for a transfer with n=16, k=10).
All required features are implemented.
It is possible to add a signature to order without modifying seqno.

minus:
Anyway, accept_message is called too early so anyone may send a message which will be accepted.
Garbage collection could take quadratic time.

UPD:
Thanks for clarifications. Was wrong about seqno

About gc it is a common problem. If you are trying to send N orders simultaneously it will take O(N^2 * log(N)) time to make all passes. Each pass will take O(N * log(N)) and there will be O(N) passes altogether.

A better approach would be to scan only over expired orders. Like in https://github.com/ton-blockchain/ton/blob/master/crypto/smartcont/highload-wallet-v2-code.fc#L37

It is not a major problem, but it is a minus.
11
Keen Fox Nov 4, 2019 at 17:20
Thanks for a feedback!

I agree, `accept_message()` is called too early and smc may throw after message was accepted which isn't good also.

But `seqno` is actually signed. In `code.fc` there is only signatures dict stripped from `in_msg` and the rest of it is participated in signatures' check later. Likewise in `sing-msg.fif` signatures dict at the beginning is cut, but the whole slice's remainder is signed.

And I don't get how gc could take O(N**2) even potentially. I'm building a completely new dictionary including only key-values from original one, but skipping expired orders. Could you please explain where is the problem in this approach? Except that I probably shouldn't run gc on every valid external message.
Magic Python Oct 16, 2019 at 12:21
accept_message() is called before any signature was checked.
4
Keen Fox Oct 16, 2019 at 12:43
Yes, and it's nothing wrong with it, since `accept_message()` just sets gas limit to maximum available. Even more, if you place `accept_message()` after signatures' checks, smc may exceed gas limit processing messages signed by many participants, and these messages will just be dropped.
[reply to Keen Fox] If i know your smc address, i can send external message with valid structure and seqno, but without signatures, but your contract will pay for this wrong message. After some my messages your balance will empty as result
3
Keen Fox Oct 17, 2019 at 17:39
Yep, you're right. I expected that if smc failed processing message within initial gas limit, it won't pay for fuel even if `accept_message()` was already called. But that's wrong. And I had to check this assumption before submitting :)
Nobody added any issues yet...