add feature forbid-evm-reentrancy #863
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sorpaas
approved these changes
Sep 21, 2022
|
@sorpaas I applied your suggestions, thanks |
|
@sorpaas the CI is green, can you merge? |
librelois
added a commit
to moonbeam-foundation/frontier
that referenced
this pull request
Oct 3, 2022
* add feature forbid-evm-reentrancy * apply suggestions * link feature forbid-evm-reentrancy * clippy Conflicts: frame/evm/Cargo.toml
abhijeetbhagat
pushed a commit
to web3labs/frontier
that referenced
this pull request
Jan 11, 2023
* add feature forbid-evm-reentrancy * apply suggestions * link feature forbid-evm-reentrancy * clippy
|
Hi @librelois, in which way could EVMRunner reentrancy be a risk? Can it not be interpreted as an internal transaction of the outer transaction? |
The EVMRunner implementation was not designed to auto handle reentrancy, if you need to made an evm call inside an evm execution you should explicitly use the subcall api. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The goal of this PR is to provide a mechanism that guarantees that it's not possible to re-enter the EVM runner recursively.
We need this kind of security on moonbeam because in some special cases it may be possible: for example, with a precompile allowing to execute any XCM message locally, and the XCM to EVM feature, it becomes possible to re-enter the EVM runner recursively.
I coded this feature as an option because I don't know if it's annoying to impose it to all projects, even if I don't see why a project would need to allow a recursive re-entry in the evm runner.