From 44ceda5e10c4cc379dbe527ec27162c8330fae60 Mon Sep 17 00:00:00 2001 From: Josh Siegel Date: Tue, 26 Jul 2022 15:06:17 +0000 Subject: [PATCH] algo/audit: Fix KS-RL-02 @ gusc1a-ossdev-jsl5 --- algorand/wormhole_core.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/algorand/wormhole_core.py b/algorand/wormhole_core.py index b149e5aef..06b064be7 100644 --- a/algorand/wormhole_core.py +++ b/algorand/wormhole_core.py @@ -213,7 +213,6 @@ def getCoreContracts( genTeal, approve_name, clear_name, # What is the target of this governance message? tchain.store(Extract(Txn.application_args[1], off.load() + Int(1), Int(2))), # Needs to point at us or to all chains - MagicAssert(Or(tchain.load() == Bytes("base16", "0008"), tchain.load() == Bytes("base16", "0000"))), a.store(Btoi(Extract(Txn.application_args[1], off.load(), Int(1)))), Cond( @@ -222,6 +221,8 @@ def getCoreContracts( genTeal, approve_name, clear_name, # # In the case of Algorand, it contains the hash of the program that we are allowed to upgrade ourselves to. We would then run the upgrade program itself # to perform the actual upgrade + MagicAssert(tchain.load() == Bytes("base16", "0008")), + off.store(off.load() + Int(3)), App.globalPut(Bytes("validUpdateApproveHash"), Extract(Txn.application_args[1], off.load(), Int(32))) @@ -231,6 +232,8 @@ def getCoreContracts( genTeal, approve_name, clear_name, # This should point at all chains + MagicAssert(Or(tchain.load() == Bytes("base16", "0008"), tchain.load() == Bytes("base16", "0000"))), + # move off to point at the NewGuardianSetIndex and grab it off.store(off.load() + Int(3)), v.store(Extract(Txn.application_args[1], off.load(), Int(4))),