Info

Download ZIP (58.3 KB)

Testing and Issues

You can test this entry and submit issues during the testing period of the Blockchain Contest contest.

Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.

Voting

64

Comments

1) Multi-signature wallet - with all fift scripts (merge messages, add signature to message, etc.)
2) Auto DNS Resolver
3) Manual DNS Resolver via prefix dictionary
4) Manual DNS Resolve via hashmap
5) Synchronous two-party payment channel
1
You have not added any comments yet...
by rating

Issues

Magic Python Oct 29, 2019 at 12:24
What if one party start unilateral finalization with some valid but very old state?
Is there a way for the other party to force the smartcontract to use some newer state?
10
Merry Ant Oct 31, 2019 at 10:23
In this case, the other party sends a cheating message (action == 4) during the finalization period and receives the full amount
Magic Python Nov 4, 2019 at 10:28
Multisig wallet:
plus:
All required features are implemented.

minus:
Sadly it didn't work on our test (n=16, k=10).

UPD:
You are right, sorry. There is some garbage collection.
Newer order won't be collected during queries to an older one, but it is more or less ok.

Also, you use 16 bits pending_queries dictionary. It won't work with 32-bit seqno when seqno will be big enough.

And yes, It didn't work because of the gas limit.
10
Merry Ant Nov 4, 2019 at 14:46
1) Contract deletes old orders when receives order (screenshot)

2) Contract exceeded gas credit before accept_message. I agree that this is a flaw, but if you divide message into smaller messages, they will be processed)
Clever Turkey Nov 4, 2019 at 19:24
Automatic DNS:
+ Correct price calculation.
+ Domain sanity checks.
+ Adds zero to domain name, preventing basic denial of service attacks.
+ Returns domain owner in the whois method.
- seqno is checked for internal messages, so it is really hard to change two domains simultaneously.
- If category -2 is not defined, then anyone can edit domain.
- There is no way to prolongate domain.
- No garbage collection for expired domains.
- There is no way to customize domain fees.
- There is no way to customize domain expiration time.
10
Merry Ant Nov 5, 2019 at 11:35
I agree with everything except "There is no way to prolongate domain"

If you are a domain owner and domain not yet expired, you can send message with action=1, this domain and same/new domain data. This will prolongate domain.

Non-owners can only do this when the domain expires.
Clever Turkey Nov 4, 2019 at 19:24
Manual DNS:
+ Domain name sanity checks.
- There is no way to completely delete expired domains.

Prefix dictionary implementation:
- "ph.telegra" can't be found by "ph\0telegra\0" and it is not possible to add it as "ph\0telegra" because of sanity checks .
Hash implementation:
+ Support for storing of a domain and its subdomains.
- All dictionary keys are 256-bit, so there could be high storage costs.
10
First of all - great job, I like your organization structure, readability and amount of work! The best application I've seen so far

Doubts:
1. accept_message() shouldn't be used in recv_internal. I see it in examples of TON fc (going to raise an issue), but it will lead to depletion vulnerability - send message with small amount of grams that contains an error
2. dnsresolve matches "acom" as subdomain of "com"
1
Merry Ant Oct 19, 2019 at 14:14
Thanks for report

1) I was guided by the fact that accept_message() used in recv_internal in elector-code.fc example.

2) Please specify how to reproduce this.

This should not be possible because all domains are stored with a 0-byte at the end.

I could not reproduce this (in screenshot 0-byte replaced by dot for convenient debugging).
Hello Merry Ant
1) It's just my opinion, in fact maybe I"m wrong. I've raised the issue on github and ton doesn't think that it's problem

2) I didn't expect that you request domain with zero at the end explicitly. Then sorry for that. I discussed mostly the case when you have "organium\0" domain and request "org" without "\0" at the end. But looks like it's not related to your cause you support only such interface. What most interesting for me - now you showed me a stylish way to avoid the problem with such domains - I did it in a cycle, but was needed just to add \0 in dnsresove, so simple! Cause I resolve domain with dots and add nothing at the end
1
As far as I see there are no validation that parties submitted amount configured using `new.fif`.
3) Also when I try to reproduce your case that we discussed in section 2, I've noticed another thing - you override existed Hashmap with a new value on every call, so it's not possible to add new categories, but only override whole existed dict

> I discussed mostly the case when you have "organium\0" domain and request "org" without "\0" at the end. - Vice versa
Merry Ant Oct 19, 2019 at 17:22
Yes, in the solutions presented, the value will be completely replaced if the domain already exists.

If we want to add a category, we need to get the current value through dnsresolve and add a new category to it.

This is done for simplicity of the interface.
Concerning AUTO DNS: Finally someone who correctly recursively evaluated size of data.

But here you overshot with it a bit. Your in_msg_copy also contains 32-bit action and 32-bit seqno numbers that are not stored in any way but counted in the price. Also, the in_msg cell itself will be included in addition to two cells of key and value (last two are reasonable).
This way price will be at least 64 * PPB + 1 * PPC higher than the actual price that is used for storage.
If consider the condition that only price of value should be stored then the price is overestimated by 64 * PPB + 2 * PPC + key_bits * PPB.

The code also does not abide the smart contract guidelines in part of data structure (query id) and data processing result (replying with specific messages with query ids and ops).
Also, unused remainder of message balance is not sent back (strongly linked with previous issue about guidelines).
Merry Ant Oct 23, 2019 at 13:30
Thank you for report!
All 3 issues make sense.
Also, prolonging domain without providing full domain value (dictionary) is not possible (just providing which domain want to prolong). I dont see reason to use action = 2 at all here, while action = 1 allows change of domain data and at the same time prolongs it (except for the price difference), and there is problem that it does not prolong domain actually, it overrides expiration date with now() + lifetime while it should prolong it with lifetime: the new value should be sub_expired_at (current expiration) + lifetime. Otherwise it just throws away the remainder of current domain's expiration life.
Merry Ant Oct 23, 2019 at 13:40
1) Indeed, the main difference between renewing and update data is the price, I think this is ok for the current version.

2) I will replace now + lifetime with expired_at + lifetime, I also prohibit prolonging it for too long a time ahead (for example, for 10 years)
You count signatures by comparing outgoing message, you have not included mode (although had it stored). So I can first collect enough signatures except one. And then send my last confirmation with mode 128 which will carry all contract remaining balance out.
Merry Ant Oct 23, 2019 at 13:56
Thanks!

Yes, I also need to compare send_mode.

I did not take into account that there is a mode such as 128.

This is dangerous even considering that the owners of the wallet are friendly.
Clever Turkey Nov 5, 2019 at 11:48
#issue9035
Domain prolongation is extension of domain lifetime without other changes. In your implementation left expiration time is lost, because lifetime is added to now() instead of sub_expires_at. The owner also needs to pay full price for registering new domain and pass the whole domain state.
Nobody added any issues yet...