In the SqliteStore, in places where we search for multiple entities (such as get_block_headers()), we format the SQL query to use IN () statements. We should likely enable the rarray extension and use that. This way we avoid formatting the query which can lead to SQL injections.
Additionally, we should implement a way to retrieve multiple InputNoteRecords in one query only. This should be used from the data store in order to get all inputs as once.
How should it be done?
We should enable the extension and implement the queries like in this example.
When is this task done?
When we don't format the SQL statements and use rarray instead.
What should be done?
In the
SqliteStore
, in places where we search for multiple entities (such asget_block_headers()
), we format the SQL query to useIN ()
statements. We should likely enable therarray
extension and use that. This way we avoid formatting the query which can lead to SQL injections.Additionally, we should implement a way to retrieve multiple
InputNoteRecords
in one query only. This should be used from the data store in order to get all inputs as once.How should it be done?
We should enable the extension and implement the queries like in this example.
When is this task done?
When we don't format the SQL statements and use
rarray
instead.Additional context
No response