rippled icon indicating copy to clipboard operation
rippled copied to clipboard
verified publisher icon XRPLF

Add unauthorized trustline checks in `accountHolds` and invariants

Open shawnxie999 opened this issue 7 months ago • 2 comments

Summary

There might be unauthorized trustlines with non-zero balance in existence. In rippled's accountHolds function, it should check for authorization of the trustline since it is used in various features.

Also, invariants should be added so that these trustlines are not allowed to modify its balances in any form. This ensures existing and new features don't open loopholes that allow malicious users to bypass authorization.

shawnxie999 avatar May 26 '25 18:05 shawnxie999

@shawnxie999 do you have an indication of how many unauthorized trustlines with non-zero balances exist?

bthomee avatar May 27 '25 14:05 bthomee

@bthomee no, to know this we would need to write a script to do a full ledger scan. But my guess is very few of them exist.

shawnxie999 avatar May 27 '25 15:05 shawnxie999