You can test this entry and submit issues during the testing period of the TON Trustless Bridge Challenge contest.
Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.
Info
Testing and Issues
Voting
Comments
Сontinuation about Keen Fox Issue
## transaction-checker
Yes, you are right about the unfinished script. There just wasn't enough time. But as I wrote above, the validator check will remain valid in this case (see above). We do not need to check the weight again if it is checked on the block verification side, here we only check the validity of the validators themselves relative to the block smart-contract.
Yes, the remark about impure is true, but the Fift compiler took into account verify_signatures and verify_block_shard_data.
## transaction-checker
Yes, you are right about the unfinished script. There just wasn't enough time. But as I wrote above, the validator check will remain valid in this case (see above). We do not need to check the weight again if it is checked on the block verification side, here we only check the validity of the validators themselves relative to the block smart-contract.
Yes, the remark about impure is true, but the Fift compiler took into account verify_signatures and verify_block_shard_data.
You have not added any comments yet...
by rating
Issues
## lite-client
`check_signatures` functions uses only `total_weight` from actual config34. The code extracts pubkeys, signatures and even data itself from `signatures` parameter that could be totally artificial.
So it looks like both `check_block` and `new_key_block` messages don't check provided block for correctness.
## transaction-checker
Script preparing `check_transaction` message for transaction-checker doesn't look finished.
Again looks like nothing stops me from preparing `check_transaction` with fake key-block signatures and using them to sign fake transaction.
Also some important functions in `checker.fc` (like `verify_signatures`, `verify_block_shard_data`, etc) aren't marked `impure` so I believe they are missing in compiled smc bytecode.
In `verify_signatures` function there is only number of valid signatures considered, not their weight.
`check_signatures` functions uses only `total_weight` from actual config34. The code extracts pubkeys, signatures and even data itself from `signatures` parameter that could be totally artificial.
So it looks like both `check_block` and `new_key_block` messages don't check provided block for correctness.
## transaction-checker
Script preparing `check_transaction` message for transaction-checker doesn't look finished.
Again looks like nothing stops me from preparing `check_transaction` with fake key-block signatures and using them to sign fake transaction.
Also some important functions in `checker.fc` (like `verify_signatures`, `verify_block_shard_data`, etc) aren't marked `impure` so I believe they are missing in compiled smc bytecode.
In `verify_signatures` function there is only number of valid signatures considered, not their weight.
Nobody added any issues yet...