github-actions[bot]
commented
8 months ago Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/keep-core/actions/runs/7209109302 check.
Closed lukasz-zimnoch closed 8 months ago
github-actions[bot]
commented
8 months ago Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/keep-core/actions/runs/7209109302 check.
github-actions[bot]
commented
8 months ago Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/keep-core/actions/runs/7209175432 check.
lukasz-zimnoch
commented
8 months ago Let's not forget to apply the same fix to the Random Beacon contract.
Created an issue to capture that work: https://github.com/keep-network/keep-core/issues/3758
The
challengeDkgResultfunction uses severaltry-catchblocks as part of its business logic. However, the EVM has a call stack depth limit equal to 1024. A third-party contract can leverage this limitation and force thetry-catch-ed calls to revert unconditionally, by using recursion and letting those calls be executed at depth 1025. In such a case, the control flow is passed to thecatchclauses which may lead to undesired side effects like invalidation of a proper DKG result. To address that problem, we are adding a requirement thatchallengeDkgResultcan only be called by an EOA. This prevents third-party contracts from callingchallengeDkgResult.