search

OriginProtocol / origin-bridge

We've moved to a monorepo: https://github.com/OriginProtocol/origin/tree/master/infra/bridge
MIT License
15 stars 7 forks source link

Verify events are generated by legit contracts #44

Closed Gzing closed 6 years ago

Gzing commented 6 years ago

Currently we are grepping events which are basically keccack-256 hashes of the event signatures which can collide with event names from different contracts on the blockchain. Possible solutions are:

  1. Checking bytecode of the event contract and verifying it with the bytecode of origin contracts and it if matches, then we are good and we don't care who deployed the contract since the code is unaltered. Suggested by @DanielVF
  2. Keeping a registry of deployed contracts by origin and checking the emitter address in the events
franckc commented 6 years ago

Implemented in EVentListener. Closing.