Open ProgramCrafter opened 2 months ago
If you deem this worthy of a bug bounty, my address is UQCyoez1VF4HbNNq5Rbqfr3zKuoAjKorhK-YZr7LIIiVrX0-
.
Hi, thank you! This peculiarity was first time noted by Alex Gapak in February. We have https://github.com/ton-blockchain/ton/compare/testnet...SpyCheese:ton:trans-rand-seed?expand=1 this patch but decided to put it off for now.
I believe it's possible to retain current behavior but do so explicitly? Because now it creates a technical debt - requirement that fields addr_rewrite
and addr
remain in this order.
Code track
addr_rewrite = addr.bits()
, but it works here OK because left-hand side pulls exactly 32 bits it needs out of 256 available;addr_rewrite
field, so read is mostly out-of-bounds and accessesaddr
field:(data.bits() + 256).copy_from(account.addr_rewrite.cbits(), 256)
.Proof
Consider the following FunC code.
It succeeds when emulated with certain block seed and the same block seed provided in external message. Thus, random seed of account is calculated from block seed, first 32 and first 224 bits of address.
Expected behavior
The random seed of account is hash of block seed and whole address. In particular, there are no out-of-bounds reads when creating a transaction.