You can test this entry and submit issues during the testing period of the TON Trustless Bridge Challenge contest.
Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.
Info
Testing and Issues
Voting
by rating
Issues
Hey! A great work!
Would like to highlight some points.
In `check_validator_signatures` there is no check if given pubkey is used more than once. So having only one valid signature it is possible to achieve any given required weight by repeating it multiple times in `check_block` message. Notice, that in ton-blockchain code you referenced there actualy IS a protection from this issue present -- they track used indices in `seen` variable.
It is possible to make `check_transaction` message with such specific coins amount that gas will be exhausted during lite-client's `check_block`. In this case `transaction-checker` won't receive neither response nor bounce from lite-client, and `g_transactions` will store this pending query record forever and grow storage size over time.
Would like to highlight some points.
In `check_validator_signatures` there is no check if given pubkey is used more than once. So having only one valid signature it is possible to achieve any given required weight by repeating it multiple times in `check_block` message. Notice, that in ton-blockchain code you referenced there actualy IS a protection from this issue present -- they track used indices in `seen` variable.
It is possible to make `check_transaction` message with such specific coins amount that gas will be exhausted during lite-client's `check_block`. In this case `transaction-checker` won't receive neither response nor bounce from lite-client, and `g_transactions` will store this pending query record forever and grow storage size over time.
Nobody added any issues yet...