certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Prevent attestation of wormhole assets on algorand

This commit is contained in:
Josh Siegel 2022-06-20 15:46:49 +00:00 committed by jumpsiegel
parent 5931368ed7
commit 1103a23e87
3 changed files with 27 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
algorand/test/test.py
View File

@ -617,11 +617,6 @@ class AlgoTest(PortalCore):
self.submitVAA(transferVAA, client, player, self.tokenid)
seq += 1
aid = client.account_info(player.getAddress())["assets"][0]["asset-id"]
print("generate an attest of the asset we just received: " + str(aid))
# paul - attestFromAlgorand
self.testAttest(client, player, aid)
print("Create the test app we will use to torture ourselves using a new player")
player2 = self.getTemporaryAccount(client)
print("player2 address " + player2.getAddress())

38
algorand/token_bridge.py
View File

@ -519,6 +519,9 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
MagicAssert(Fee.load() <= Amount.load()),
# Remove the fee
Amount.store(Amount.load() - Fee.load()),
If (action.load() == Int(3), Seq([
aid.store(Btoi(Extract(Destination.load(), Int(24), Int(8)))), # The destination is the appid in a payload3
tidx.store(Txn.group_index() + Int(1)),
@ -692,12 +695,11 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
assert_common_checks(Gtxn[tidx.load()]),
amount.store(Gtxn[tidx.load()].amount()),
MagicAssert(fee.load() < amount.load()),
amount.store(amount.load() - fee.load())
# fee cannot exceed amount
MagicAssert(fee.load() <= amount.load()),
]),
Seq([
MagicAssert(And(
# The previous txn is the asset transfer itself
Gtxn[tidx.load()].type_enum() == TxnType.AssetTransfer,
@ -709,10 +711,8 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
amount.store(Gtxn[tidx.load()].asset_amount()),
# peal the fee off the amount
# fee cannot exceed amount
MagicAssert(fee.load() <= amount.load()),
amount.store(amount.load() - fee.load()),
factor.store(getFactor(Btoi(extract_decimal(aid.load())))),
@ -736,8 +736,6 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
# Is the authorizing signature of the creator of the asset the address of the token_bridge app itself?
If(aaddr.load() == Global.current_application_address(),
Seq([
# Log(Bytes("Wormhole wrapped")),
asset.store(blob.read(Int(2), Int(0), Int(8))),
# This the correct asset?
MagicAssert(Txn.application_args[1] == asset.load()),
@ -750,7 +748,6 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
MagicAssert(Txn.accounts[2] == get_sig_address(Btoi(FromChain.load()), Address.load())),
]),
Seq([
# Log(Bytes("Non Wormhole wrapped")),
MagicAssert(Txn.accounts[2] == get_sig_address(aid.load(), Bytes("native"))),
FromChain.store(Bytes("base16", "0008")),
Address.store(Txn.application_args[1]),
@ -846,27 +843,10 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
# Is the authorizing signature of the creator of the asset the address of the token_bridge app itself?
If(If(aid.load() != Int(0), auth_addr(extract_creator(aid.load())) == Global.current_application_address(), Int(0)),
Seq([
# Log(Bytes("Wormhole wrapped")),
# Wormhole wrapped asset
asset.store(blob.read(Int(2), Int(0), Int(8))),
# This the correct asset?
MagicAssert(Txn.application_args[1] == asset.load()),
# Pull the address and chain out of the original vaa
Address.store(blob.read(Int(2), Int(60), Int(92))),
FromChain.store(Btoi(blob.read(Int(2), Int(92), Int(94)))),
# This the correct page given the chain and the address
MagicAssert(Txn.accounts[2] == get_sig_address(FromChain.load(), Address.load())),
# this is wormhole wrapped... it shouldn't be busting 8
MagicAssert(Btoi(extract_decimal(aid.load())) <= Int(8)),
# Lets just hand back the previously generated vaa payload
p.store(blob.read(Int(2), Int(8), Int(108)))
# Cannot attest a wormhole wrapped token
Reject()
]),
Seq([
# Log(Bytes("Non Wormhole wrapped")),
MagicAssert(Txn.accounts[2] == get_sig_address(aid.load(), Bytes("native"))),
zb.store(BytesZero(Int(32))),

37
sdk/js/src/token_bridge/attest.ts
View File

@ -119,34 +119,33 @@ export async function attestFromAlgorand(
aa
);
txs.push(...emitterOptInTxs);
let wormhole: boolean = false;
let creatorAcctInfo: any = false;
let creatorAddr = "";
let creatorAcctInfo;
const bPgmName: Uint8Array = textToUint8Array("attestToken");
if (assetId !== BigInt(0)) {
const assetInfo = await client
.getAssetByID(safeBigIntToNumber(assetId))
.do();
creatorAddr = assetInfo.params.creator;
creatorAcctInfo = await client.accountInformation(creatorAddr).do();
wormhole = creatorAcctInfo["auth-addr"] === tbAddr;
} else {
wormhole = false;
creatorAcctInfo = await client
.accountInformation(assetInfo.params.creator)
.do();
if (creatorAcctInfo["auth-addr"] === tbAddr) {
throw new Error("Cannot re-attest wormhole assets");
}
}
if (!wormhole) {
// "notWormhole"
const result = await optin(
client,
senderAddr,
tokenBridgeId,
assetId,
textToHexString("native")
);
creatorAddr = result.addr;
txs.push(...result.txs);
}
const result = await optin(
client,
senderAddr,
tokenBridgeId,
assetId,
textToHexString("native")
);
creatorAddr = result.addr;
txs.push(...result.txs);
const suggParams: SuggestedParams = await client.getTransactionParams().do();
const firstTxn = makeApplicationCallTxnFromObject({