Info

Download ZIP (17.6 KB)

Testing and Issues

You can test this entry and submit issues during the testing period of the Blockchain Contest contest.

Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.

Voting

44

Comments

Async payment channel

See test dir for more usage examples. It demonstrates the work of all functions.
you can compile using stdlib_test.fc to replace my_address() and get_balance() calls with mocks but unfortunately, it does not work for now() because if compiler bug (function name collides with its opcode), you'll need to disable those calls in code manually to avoid errors.
11
We store:
init (1 bit) flag to initialize the contract
timeout (32 bits) timeout in second for exit
timestamp (48 bits) UNIX time in seconds
pubkA (256 bits) pub key of user A
pubkB (256 bits) pub key of user B
fA (1 bit) flag registry for A
fB (1 bit) flag registry for B
X_a (214 bits) nanograms registry for A
X_b (214 bits) nanograms registry for B

The total size is 1023 and it is enough to store in 1 Cell. 214 bits is enough to rotate all balance of the TON network for 5e45 times, so, it is safe.
13
You have not added any comments yet...
by rating

Issues

In function challenge accept_message happens before signature check. Anybody can deplete channel by sending 'challenge' messages (actually looks like it will be made automatically by replaying: there is no replay protection as well).
1
Night Turkey Nov 6, 2019 at 22:53
indeed, the vulnerability is valid. To fix, accept_message() should be moved inside the if statements
Nobody added any issues yet...