search

immutable / imx-core-sdk-kotlin-jvm

Apache License 2.0
4 stars 2 forks source link

Get signable withdraw details return different input amount #100

Open mmo2112 opened 2 years ago

mmo2112 commented 2 years ago

Hi, the response amount from v1/signable-withdrawal-details does not match with the input 100000000000000000 vs 1000000000. image It may throw an Invalid Eth signature exception at there, and I have checked on v1/withdrawals can repeat to submit transaction without changing anything the used body, is that valid? curl --location --request POST 'api.ropsten.x.immutable.com/v1/withdrawals' \ --header 'x-imx-eth-address: 0x3d943bcdb0538fe86a615d61fdebac391acc9d3f' \ --header 'x-imx-eth-signature: 0xe1b1fe774431906f9c1efe6343565c57e7c67e5bf14d72a0700bb7371e6c100e455b00c5b98f2258181c36f789df84b1d85b3917147ac7c0816afa5cb728ab0d01' \ --header 'Content-Type: application/json' \ --data-raw '{ "amount": "100000000000000000", "asset_id": "0x02705737cd248ac819034b5de474c8f0368224f72a0fda9e031499d519992d9e", "stark_key": "0x06f6457c6bb164412a01e6bb80843119224b974b239bcd5a7811bbd6a593735d", "stark_signature": "0x07723f8fb1be06195017a8602907da5e6e9dafe6f740b0e4c77ea629ad11ab3b005c0c7b1548ae0cb58014b2f29c06d38cb7b1889af468a61157e7a162eed091", "nonce": 730261893, "vault_id": 1505692084 }'

CodeSchwert commented 2 years ago

@mmo2112 the request amount appears to be unquantized where as the response amount appears to be quantized.

This article explains quantization: https://docs.starkware.co/starkex-v4/starkex-deep-dive/starkex-specific-concepts#quantization

mmo2112 commented 2 years ago

@mmo2112 the request amount appears to be unquantized where as the response amount appears to be quantized.

This article explains quantization: https://docs.starkware.co/starkex-v4/starkex-deep-dive/starkex-specific-concepts#quantization

Thanks for your response but I think this should parse on the server containing logic code not a response to the client. Cause when the server returns a signable reaction, the client simply believes that the quantized amount is used for the next step, and the exception invalid eth signature is thrown. However, when trying to decode the signature, the signature is still valid, so confused. And the other reason is why the server returns this quantized amount but does not use it for anything, the client must use the non-quantized amount for a valid request to process the next step. And the repeat transactions with the existed nonce, are they valid?