Closed adizere closed 2 years ago
ouch, i broke this in https://github.com/informalsystems/ibc-rs/pull/1512
btw, do we check anywhere that the event consensus_height matches the header height?
btw, do we check anywhere that the event consensus_height matches the header height?
I don't think we check this. It would be good safety measure, or you have some specific scenario in mind?
btw, do we check anywhere that the event consensus_height matches the header height?
I don't think we check this. It would be good safety measure, or you have some specific scenario in mind?
no, just safety for redundant/ duplicate data.
Does this code perform the check you're referring to? https://github.com/informalsystems/ibc-rs/blob/9411184a7666628e553419bf96dff90a6fb6ea18/relayer/src/foreign_client.rs#L1206-L1214
Summary of Bug
Whenever Hermes finds an
UpdateClient
for a given consensus heighth
, it should perform misbehavior detection for the header in that event at that height. We call the heighth
a target height, i.e., this is the height that it aims to verify. Instead of using the consensus height field, Hermes mistakenly uses the event height as the target height.Bug Description
Our definition of
UpdateClient
event has two notions of heights:Both heights are fields of the
Attributes
type. https://github.com/informalsystems/ibc-rs/blob/4ca8298270e8d629e2a99dbdf21a55a98f1e2dbe/modules/src/core/ics02_client/events.rs#L228-L229As part of misbehavior detection, Hermes is not interested in the event height, but rather in the consensus state height. However, it seems like we mistakenly extract the event height to be used as target height, here:
https://github.com/informalsystems/ibc-rs/blob/1fda889b159c7706399704c4a1ea3a1dd4823b1d/relayer/src/foreign_client.rs#L1166-L1167
Note: Found this bug while trying to answer a question for ibc-go devs (ref: https://github.com/cosmos/ibc-go/pull/1208/files#r851167308).
Version
hermes 0.13.0+37dbe8c4
Steps to Reproduce
Setup two chains
ibc-1
andibc-2
with a channel between them. Dohermes start
with log level attrace
and watch the logs. In a separate terminal, trigger anft-transfer
.In the running Hermes instance, we see the following:
The last line of this log says that Hermes is performing misbehavior checking for height
1-16804
. The client that is concerned here is07-tendermint-1
which is hosted onibc-1
(the destination chain) and is verifying headers ofibc-2
, the source chain. Since the source chain has revision_number2
, it doesn't make sense for Hermes to perform misbehavior checking on a header with height1-16804
, since this height cannot originate fromibc-2
. Instead, Hermes should be performing misbehavior checking forHeight { revision: 2, height: 16807 }
.Acceptance Criteria
UpdateClient
eventFor Admin Use