Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make send_packet method as private #1243

Open
dhruvja opened this issue May 30, 2024 · 2 comments
Open

Make send_packet method as private #1243

dhruvja opened this issue May 30, 2024 · 2 comments
Labels
A: blocked Admin: blocked by another (internal/external) issue or PR A: critical Admin: critical or Important

Comments

@dhruvja
Copy link
Contributor

dhruvja commented May 30, 2024

Bug Summary

The send_packet method is public which can be used to send packets without token transfers. But using send_packet, a transfer packet can be spoofed without locking the tokens. So essentially, users can just call send_packet and get tokens on destination without token transfer on source.

Details

The send_packet method here should prolly be private or be removed once we have port management which will enable us to just use send_transfer with different port for cross chain messaging.

ibc-rs/ibc-core/ics04-channel/src/handler/send_packet.rs

Line 20 in dcf8c36

pub fn send_packet(

Version

0.50.0
@rnbguy
Copy link
Collaborator

rnbguy commented May 30, 2024

Thanks for the report! Currently, ibc-rs is vulnerable to permissionless calls to send_packet_validate.

This requires port management to fix this completely. We need to include port capability check in send_packet_validate and as well as send_packet_execute method.

@rnbguy
Copy link
Collaborator

rnbguy commented May 31, 2024

Adding more context. We will probably need #465 and make sure, *_packet_execute cannot be called without *_packet_validate called before.

We will most likely need a way to create ValidatedContext after *_packet_validate. *_packet_validate should only be called on ValidatedContext. Need design decision for this.

@rnbguy rnbguy added the A: blocked Admin: blocked by another (internal/external) issue or PR label May 31, 2024
@rnbguy rnbguy added the A: critical Admin: critical or Important label Jun 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A: blocked Admin: blocked by another (internal/external) issue or PR A: critical Admin: critical or Important
Projects
ibc-rs
Status: 📥 To Do
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rnbguy @dhruvja