Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/ccv/provider/types.SlashLogKey() uses the wrong byte prefix #785

Closed
5 tasks
tbruyelle opened this issue Mar 16, 2023 · 1 comment · Fixed by #786
Closed
5 tasks

x/ccv/provider/types.SlashLogKey() uses the wrong byte prefix #785

tbruyelle opened this issue Mar 16, 2023 · 1 comment · Fixed by #786
Assignees
@mpoke
Labels
type: bug Issues that need priority attention -- something isn't working

Comments

@tbruyelle
Copy link
Contributor

Summary of Bug

The x/ccv/provider/types.SlashLogKey() function uses the SlashAcksBytePrefix byte prefix instead of SlashLogBytePrefix.

Version

4c318b4

interchain-security/x/ccv/provider/types/keys.go

Lines 447 to 450 in 4c318b4

// SlashLogKey returns the key to a validator's slash log
func SlashLogKey(providerAddr ProviderConsAddress) []byte {
return append([]byte{SlashAcksBytePrefix}, providerAddr.ToSdkConsAddr().Bytes()...)
}

Steps to Reproduce

For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged
  • Contributor assigned/self-assigned
  • Is a spike necessary to map out how the issue should be approached?
@tbruyelle tbruyelle added type: bug Issues that need priority attention -- something isn't working status: waiting-triage This issue/PR has not yet been triaged by the team. labels Mar 16, 2023
@mpoke mpoke removed the status: waiting-triage This issue/PR has not yet been triaged by the team. label Mar 16, 2023
@mpoke mpoke assigned shaspitz and mpoke and unassigned shaspitz Mar 16, 2023
@jtremback
Copy link
Contributor

Great catch! This is definitely a mistake, but luckily it will not cause any problems in production. We'll put a fix in the next release.

Usually, SlashAcksBytePrefix is used to store records having to do with a particular chain id.

For this bug to have any effect at all, someone would need to pass a consumer creation proposal with the chain id being a serialized public key belonging to a validator.

Once this was done, the consumer chain could cause records to be written to the storage location by sending downtime packets. This would then make it possible for someone to create an equivocation slashing governance proposal for the validator with that key. This proposal would then also have to be approved for anything to happen.

@mpoke mpoke mentioned this issue Mar 16, 2023
Merged
12 tasks
@shaspitz shaspitz mentioned this issue Mar 16, 2023
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mpoke mpoke

Labels
type: bug Issues that need priority attention -- something isn't working
Projects
Cosmos Hub
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Ser correct byte prefix for SlashLogKey cosmos/interchain-security
4 participants
@tbruyelle @jtremback @mpoke @shaspitz