Switch to bytecheck-secured argument passing in Piecrust uplink helpers #324
Assignees
Labels
team:Core
Low Level Core Development Team (Rust)
type:enhancement
Issues concerning code or feature improvement (performance, refactoring, etc)
Comments
miloszm
added
team:Core
This was referenced Feb 13, 2024
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
Currently, Piecrust uplink helpers, which are used in contracts for contract methods' argument passing, use unsafe way of deserialising arguments. This is not optimal for the overall integrity and security of the system, as it allows contract callers to maliciously or accidentally send corrupted arguments. In addition, such corruption is undetected and causes harder to track problems.
Possible solution design or implementation
We need to use safe code to deserialise contract methods' arguments, and in particular, we should use bytecheck checking in such a way, that an error in bytecheck checking is causing panic.
Additional context
This improvement will require changes in Rusk code.
The text was updated successfully, but these errors were encountered: