🛡️ Halt Operation can lead to DOS

[ccamel]

Severity: Info target: v7.1.0 - Commit: 3c854270b006db30aa3894da2cdba10cc31b8c5f Ref: OKP4 Blockchain Audit Report v1.0 - 02-05-2024 - BlockApex

Description

Okp4 supports rich set of prolog predicates. These predicates allows to define complex business logic and agreements conditions which can be queried and evaluated on-chain. Okp4 provides options to whitelist and blacklist the set of prolog predicates. One such predicates which caught our specific attention during our audit was halt/1. As per the swi-prolog documentation.

Halt: Terminate Prolog execution with default exit code using halt/1. The default exit code is normally 0, but can be 1 if one of the Prolog flags on_error or on_warning is set to status and there have been errors or warnings.

If the Blockchain is bootstrapped using the default configuration and 'halt' is specifically not blacklisted opens the room for potential usage of the predicate which would result is the termination of the underlaying node.

Recommandation

If the halt/1 is executed it would result in the termination of the blockchain process.

Although Okp4 explicitly mentions the potential impact of the halt/1 butwe find it necessary to mention that since okp4 recommend it to blacklist this predicate, we propose that this predicate should be removed from the code because the potential impact of someone not blacklisting is very critical as it would result in the terminating of the Node.