cairo-contracts icon indicating copy to clipboard operation
cairo-contracts copied to clipboard

Published 20 hours ago verified publisher icon OpenZeppelin

AccessControl error messages return different values

Open andrew-fleming opened this issue 1 year ago • 3 comments

Loosely related to #389

The AccessControl error messages, when using 251 bit role ids, return a different value. For example:

timelock lib

const PROPOSER_ROLE = 0x584d52d759b8167ea85b5b15e229930249c790924513d0eae539b0415b40ce6

test

...

PROPOSER_ROLE = 0x584d52d759b8167ea85b5b15e229930249c790924513d0eae539b0415b40ce6
...

    # non-proposer invocation should fail
    await assert_revert(signer.send_transaction(
        nonproposer, timelock.contract_address, "schedule", [
            *call_array,                             # call array
            0,                                       # predecessor
            SALT,                                    # SALT
            MIN_DELAY                                # delay
        ]),
        reverted_with=f"AccessControl: caller is missing role {PROPOSER_ROLE}"
    )

This test fails because the expected id is different:

Result

# expected
AccessControl: caller is missing role 2496259353022054459354176319975332211135266402363241835273660559971786689766

# actual
AccessControl: caller is missing role -1122243435644076754343146463119737894487840812968354864699431496164085330715

Dropping down to 250 bits resolves this particular issue, but we should research further in order to determine if this returned value change may reoccur—and if so, determine the limitations. Furthermore, these findings should be considered with #389.

andrew-fleming avatar Jul 11 '22 17:07 andrew-fleming

I think Martin mentioned a similar (same?) issue in Discord the other day. I'm not sure, but I think it might be because of this function, so dropping to 250 bits won't help.

A solution that might work is to do modulo prime on the returned value:

from starkware.crypto.signature.signature import FIELD_PRIME

assert -1122243435644076754343146463119737894487840812968354864699431496164085330715 % FIELD_PRIME == PROPOSER_ROLE

milancermak avatar Jul 11 '22 19:07 milancermak

I think Martin mentioned a similar (same?) issue in Discord the other day. I'm not sure, but I think it might be because of this function, so dropping to 250 bits won't help.

It indeed appears to be the same/similar issue haha. Oddly enough, all the relevant tests were passing when I truncated to 250 bits. In other words, requires further research :)

A solution that might work is to do modulo prime on the returned value:

Super helpful suggestion^. Thank you!

andrew-fleming avatar Jul 11 '22 21:07 andrew-fleming

A solution that might work is to do modulo prime on the returned value:

Wow. This should be fixed at the error_message level probably though.

martriay avatar Jul 12 '22 21:07 martriay