[Hardening] Assure batch_update_compass cannot be sent other than by vote #2043
Comments
4 tasks
taariq
pushed a commit
to palomachain/paloma
that referenced
this issue
Aug 29, 2024
# Related Github tickets - VolumeFi#1960 - VolumeFi#1951 - VolumeFi#1956 - VolumeFi#2043 # Background This change makes use of the atomic handover endpoint on compass, re-enables the token relink and ensures ownership of fee manager is transferred as well. # Testing completed - [x] test coverage exists or has been added/updated - [x] tested in a private testnet # Breaking changes - [x] I have checked my code for breaking changes - [x] If there are breaking changes, there is a supporting migration.
4 tasks
byte-bandit
added a commit
to palomachain/paloma
that referenced
this issue
Aug 30, 2024
# Related Github tickets - VolumeFi#1960 - VolumeFi#1951 - VolumeFi#1956 - VolumeFi#2043 # Background This change makes use of the atomic handover endpoint on compass, re-enables the token relink and ensures ownership of fee manager is transferred as well. # Testing completed - [x] test coverage exists or has been added/updated - [x] tested in a private testnet # Breaking changes - [x] I have checked my code for breaking changes - [x] If there are breaking changes, there is a supporting migration.
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since the
batch_update_compassmessage is treated like very other message going to compass, the current architecture in Paloma would allow a hostile network takeover by an attacker modifying the Paloma code base to inject an EVM message with thebatch_update_compassaction.I can think of two ways to avoid this:
The latter would more secure (maybe), but there is no infrastructure there at all.
Looking into the first.
The text was updated successfully, but these errors were encountered: