feat(token portal standard): create token portal standard and corresponding cross chain test #2293
Conversation
rahul-kothari
changed the title
rahul-kothari
changed the title
rahul-kothari
force-pushed
the
rk/token_portal_standard2
branch
from
312e50a
to
5ecec2f
Compare
| @@ -0,0 +1,43 @@ | |||
| struct AztecAddress { | |||
There was a problem hiding this comment.
We should probably but those somewhere separate such that it is not duplicated across the token and here.
| } | ||
|
|
||
| // Computes a content hash of a deposit/mint message. | ||
| fn get_mint_content_hash(amount: Field, owner_address: Field, canceller: Field) -> Field { |
There was a problem hiding this comment.
Ambiguous, since the same message is used for two functions, I can break your assumptions around it. Example: say that you want to do a public deposit into a contract, I see it, and can then consume that message to be a private mint instead with a known secret which I can then take myself.
| // User needs to call token.redeem_shield() to get the private assets | ||
| // This method is public because it accesses public storage. For similar reasons, the corresponding call on the token is also public | ||
| #[aztec(public)] | ||
| fn mint( |
There was a problem hiding this comment.
As mentioned below. I can hijack your public deposit and steal the funds, by consuming it with a mint instead of the intended mint_public.
| let storage = Storage::init(Context::public(&mut context)); | ||
|
|
||
| // Burn tokens on L2 | ||
| let return_value = Token::at(storage.token.read()).burn_public(context, from.address, amount, nonce); |
There was a problem hiding this comment.
This could be very dangerous if you are not inserting the approval in a batch where you instantly consume it.
Anyone can jump in after you made that approval and consume it but send the funds to themselves instead.
To mitigate, remove the from and use context.msg_sender() instead, or add another authwit check for the more complete action.
| // Burns the appropriate amount of tokens and creates a L2 to L1 withdraw message privately | ||
| // Requires `from` to give approval to the bridge to burn tokens on their behalf using witness signatures | ||
| #[aztec(private)] | ||
| fn withdraw( |
There was a problem hiding this comment.
Re above.
In private it is less dangerous since it requires that
- the attacker has your privacy key
- you provided him with the signature to spend the funds as well
rahul-kothari
force-pushed
the
rk/token_portal_standard2
branch
from
d6c4f33
to
4a99bb4
Compare
rahul-kothari
force-pushed
the
rk/token_portal_standard2
branch
4 times, most recently
from
1c371d7
to
1bb8f3f
Compare
rahul-kothari
force-pushed
the
rk/token_portal_standard2
branch
from
1bb8f3f
to
0b81b08
Compare
Part of #2167. In Future PRs, I aim to
crosschainharness.ts, delete existing cross chain e2e (Replace NonNativeToken everywhere + update token portal #2291),