rent collector does not whitelist native programs

solana-labs / solana

Web-Scale Blockchain for fast, secure, scalable, decentralized apps and marketplaces.

https://solanalabs.com

Apache License 2.0

13.02k stars 4.19k forks source link

rent collector does not whitelist native programs #9111

Closed mvines closed 4 years ago

mvines commented 4 years ago

We whitelist sysvars, https://github.com/solana-labs/solana/blob/c902fd0303368ab34bfe2ed627eb1c58e0e7fdf9/runtime/src/rent_collector.rs#L39, but not native programs with an account balance of 1 lamport.

This appears to imply that a native program can be rent-collected, which may be the root cause of #9109.

There's no need to collect rent from a native program account!

mvines commented 4 years ago

Sneaky (too sneaky) but this appears to not be an issue due to: https://github.com/solana-labs/solana/blob/12eff5a2f988033fa2ce18b2c27e93a1c70431e8/sdk/src/native_loader.rs#L12

account.rent_epoch is always 0 for native programs

mvines commented 4 years ago

No, whitelisting executable accounts in update() is the right thing to do as AccountsDb can modify the rent_epoch for a native program account.

This seems good:

-if account.rent_epoch > self.epoch || sysvar::check_id(&account.owner) { 
+if account.executable || account.rent_epoch > self.epoch || sysvar::check_id(&account.owner) {

mvines commented 4 years ago

This bug can literally take down any cluster with a simple transfer, we should fix it ASAP