dr-orlovsky
commented
6 days ago Well, the wallet doesn't accept it: you force it to accept by providing a malicious offchain resolver. Just do not use it and that's it
Open zoedberg opened 2 weeks ago
dr-orlovsky
commented
6 days ago Well, the wallet doesn't accept it: you force it to accept by providing a malicious offchain resolver. Just do not use it and that's it
zoedberg
commented
6 days ago Please read the test code. The offchain resolver is used only by the malicious actor.
The test added in this PR shows what I consider a bug: a wallet could (maliciously) accept a transfer sending to a blinded UTXO even if the transfer TX has not been broadcasted and then send the assets to another wallet (in the test,
wlt_3) which will think the received allocation is valid and owned. The receiver will notice this allocation is not spendable only when it actually tries to spend it. I think the wallet should be able to differentiate an allocation coming from a history containing an unbroadcasted/unmined TX.Run
cargo test --test transfers receive_from_unbroadcasted_transfer_to_blinded -- --nocaptureto see the issue.To be merged once we have a fix for this.