search

roke-to / roketo-contract

The Unlicense
4 stars 1 forks source link

Streaming: Missing Account Validation Check #25

Closed Kouprin closed 2 years ago

Kouprin commented 2 years ago

A valid AccountId follows the NEAR’s account ID rules, but the validity is not checked when creating a new stream since the AccountId is deserialized from the msg of ft_on_transfer directly.

streaming/src/stream.rs #Line 53-86

Kouprin commented 2 years ago

Looks like not an issue, https://github.com/near/near-sdk-rs/blob/05c389c75a568af3f37a3346d6f7b4064852e1de/near-sdk/src/types/account_id.rs#L142

Needs to be tested.

Kouprin commented 2 years ago

Test added in a97f16d47692c0f869d071c032dbe073d7ae0b09