Skip to content

Skip proof validation when performing estimation #1471

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Skip proof validation when performing estimation #1471

wants to merge 1 commit into from

Conversation

yrong
Copy link
Contributor

@yrong yrong commented May 12, 2025
edited
Loading

@codecov Codecov
Copy link

codecov bot commented May 12, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.81%. Comparing base (43a91ce) to head (70ff5fb).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1471      +/-   ##
==========================================
+ Coverage   80.79%   80.81%   +0.02%     
==========================================
  Files          20       20              
  Lines         854      855       +1     
  Branches      148      149       +1     
==========================================
+ Hits          690      691       +1     
  Misses        141      141              
  Partials       23       23
Flag Coverage Δ
solidity 80.81% <100.00%> (+0.02%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

alistair-singh
alistair-singh reviewed May 14, 2025
View reviewed changes
contracts/src/Gateway.sol
$.inboundNonce.set(message.nonce);

// Produce the commitment (message root) by applying the leaf proof to the message leaf
bytes32 commitment = MerkleProof.processProof(leafProof, leafHash);
if (msg.sender != address(this)) {
Copy link
Contributor

@alistair-singh alistair-singh May 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be safe because of the nonreentrant modifier. There is no way to re-enter this code path with the sender address of the gateway proxy. But we may need a test to cover that this can never happen.

For instance, in a separate branch, remove the nonreentrant modifier and maybe try sending Ether to a contract address with receive() implemented to try and reenter the Gateway skip proof verification. If its possible without nonreentrant modifier, and will it still be possible after nonreentrant modifier will give us insight into whether we want to use this method to bypass verification.

Another note is that the choice of the GatewayProxy address is arbitrary and we could of chosen any keyless account for this purpose, but the GatewayProxy is probably the most sane choice.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alistair-singh alistair-singh alistair-singh left review comments

Assignees
No one assigned
Labels
Component: Ethereum
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yrong @alistair-singh