The withdrawal_safety heuristic currently verifies that a CrossDomainHash is reflective of a standard 256 bit hexadecimal hash output. This is done by taking the Sorensen Dice coefficient to ensure dissimilarity when compared to constant values (0x0...0, 0xF...F). Currently this check happens in the heuristic directly and fails to consider for additional constant values.
Problem Solution
Add some HashVerification function into the common/mathlibrary that performs integrity checks to verify if a value is reflective of a real hash output. This can extend on the existing implementation or leverage more intelligent techniques.
Problem
The
withdrawal_safetyheuristic currently verifies that aCrossDomainHashis reflective of a standard 256 bit hexadecimal hash output. This is done by taking the Sorensen Dice coefficient to ensure dissimilarity when compared to constant values (0x0...0,0xF...F). Currently this check happens in the heuristic directly and fails to consider for additional constant values.Problem Solution
Add some
HashVerificationfunction into thecommon/mathlibrary that performs integrity checks to verify if a value is reflective of a real hash output. This can extend on the existing implementation or leverage more intelligent techniques.