This repository was archived by the owner on May 13, 2022. It is now read-only.
Fix signature logic - prevent replay attack issue#198
Merged
loredanacirstea merged 2 commits intoraiden-network:masterfrom Nov 28, 2017
Merged
Fix signature logic - prevent replay attack issue#198loredanacirstea merged 2 commits intoraiden-network:masterfrom
loredanacirstea merged 2 commits intoraiden-network:masterfrom
Conversation
Fixes raiden-network#193 - Include contract address in `_balance_msg_sig` - Include contract & sender info in `_closing_sig` by just signing `keccak256(_balance_msg_sig)` - Remove redundant signature length checks. This is done in `ECVerify.ecverify`.
957145a to
72610c3
Compare
LefterisJP
approved these changes
Nov 28, 2017
| receiver, | ||
| open_block_number, | ||
| balance, | ||
| uraiden_instance.address |
Contributor
There was a problem hiding this comment.
general naming question. I see that uraiden_instance as seen here and in the fixture is actually the uraiden_contract and not an instance of the uraiden_app as the name may imply. It's used quite a lot in tests so this should not be an urgent refactor but I would call it uraiden_contract and not just instance as it can be confusing.
Contributor
Author
There was a problem hiding this comment.
I use
_instance as an off-the-shelf deployed contract.
_contract as a function that can take other parameters (token, txn data)
get_*_contract for a lower level setup
Agree that the name is not great. Yes, will leave it like this for now, but noted.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #193
Discovered in #134 (comment)
_balance_msg_sig_closing_sigby just signingkeccak256(_balance_msg_sig)ECVerify.ecverify.