Skip to content

Commit

Permalink
Fix: ToB-01 (attestation nonce overflow) (#1430)
Browse files Browse the repository at this point in the history
* Fix: safe cast to uint32 for attestation nonce

* Add TODO note about uint32 for att nonces
  • Loading branch information
ChiTimesChi authored Oct 17, 2023
1 parent 09d0459 commit b13042d
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion packages/contracts-core/contracts/hubs/SnapshotHub.sol
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,15 @@ import {AgentSecured} from "../base/AgentSecured.sol";
import {SnapshotHubEvents} from "../events/SnapshotHubEvents.sol";
import {ISnapshotHub} from "../interfaces/ISnapshotHub.sol";
import {IStatementInbox} from "../interfaces/IStatementInbox.sol";
// ═════════════════════════════ EXTERNAL IMPORTS ══════════════════════════════
import {SafeCast} from "@openzeppelin/contracts/utils/math/SafeCast.sol";

/// @notice `SnapshotHub` is a parent contract for `Summit`. It is responsible for the following:
/// - Accepting and storing Guard and Notary snapshots to keep track of all the remote `Origin` states.
/// - Generating and storing Attestations derived from Notary snapshots, as well as verifying their validity.
abstract contract SnapshotHub is AgentSecured, SnapshotHubEvents, ISnapshotHub {
using AttestationLib for bytes;
using SafeCast for uint256;
using StateLib for bytes;

/// @notice Struct that represents stored State of Origin contract
Expand Down Expand Up @@ -258,7 +261,8 @@ abstract contract SnapshotHub is AgentSecured, SnapshotHubEvents, ISnapshotHub {
uint256 sigIndex
) internal returns (bytes memory attPayload) {
// Attestation nonce is its index in `_attestations` array
uint32 attNonce = uint32(_attestations.length);
// TODO: consider using more than 32 bits for attestation nonces
uint32 attNonce = _attestations.length.toUint32();
bytes32 snapGasHash = GasDataLib.snapGasHash(snapshot.snapGas());
SummitAttestation memory summitAtt = _toSummitAttestation(snapshot.calculateRoot(), agentRoot, snapGasHash);
attPayload = _formatSummitAttestation(summitAtt, attNonce);
Expand Down

0 comments on commit b13042d

Please sign in to comment.