Add type to smart rollup outbox message
Context
The current outbox message type of Mumbai allows a user to trick the kernel into not withdrawing their funds in the L2 and withdrawing a ticket of the rollup in the L1. This is possible because the expression sent to the L1 is typed against the receiver l1 contract. An expression, e.g. Pair Kt1... (Pair "I'm not a Ticket!" 450)
, can be typed as either a ticket string
or a pair string (pair string nat)
.
The user can submit to a kernel to send an outbox message Pair (Pair %S "%s") (Pair 450 "Hello, Ticket!)
of type pair string (pair string nat)
to a contract with type ticket string
and so the kernel won't withdraw the user fund in the L2 but still lose the ticket in the l1.
Manually testing the MR
Checklist
-
Document the interface of any function added or modified (see the coding guidelines) -
Document any change to the user interface, including configuration parameters (see node configuration) -
Provide automatic testing (see the testing guide). -
For new features and bug fixes, add an item in the appropriate changelog ( docs/protocols/alpha.rst
for the protocol and the environment,CHANGES.rst
at the root of the repository for everything else). -
Select suitable reviewers using the Reviewers
field below. -
Select as Assignee
the next person who should take action on that MR
Edited by Sylvain R.