This repository contains multiple sample apps, from CorDapps that help you get started, all the way to demonstrating specific features and advanced usage.
51
stars
48
forks
source link
oracle-primenumber: added checkCommandVisibility to oracle service #2
Adds a needed security based check for oracles. checks that in filtered transaction all commands requiring the oracle signature are visible. Without, it's possible to attack by embedding >1 command in a TX for oracle to sign, then filtering down to a "valid" - oracle will sign the TX (unknowingly vouching for the hidden commands as well).
Adds a needed security based check for oracles. checks that in filtered transaction all commands requiring the oracle signature are visible. Without, it's possible to attack by embedding >1 command in a TX for oracle to sign, then filtering down to a "valid" - oracle will sign the TX (unknowingly vouching for the hidden commands as well).