rollmint Incorrect Untrusted Header height validation

Incorrect Untrusted Header height validation

Open oxnr opened this issue 1 year ago • 1 comments

Finding 036 - Incorrect Untrusted Header height validation

ID 036

Finding Incorrect Untrusted Header height validation

Severity 0 - Informational

Description Untrusted header height is expected to be >= the trusted header but in reality it should just be == to trusted header +1.

Recommendation Fix the validation step to do an equality check.

Code References https://github.com/rollkit/rollkit/blob/eccdd0f1793a5ac532011ef4d896de9e0d8bcb9d/types/signed_header.go#L54

ID	036
Finding	Incorrect Untrusted Header height validation
Severity	0 - Informational
Description	Untrusted header height is expected to be >= the trusted header but in reality it should just be == to trusted header +1.
Recommendation	Fix the validation step to do an equality check.
Code References	https://github.com/rollkit/rollkit/blob/eccdd0f1793a5ac532011ef4d896de9e0d8bcb9d/types/signed_header.go#L54

Jan 17 '24 22:01 oxnr

Making the change from >= the trusted header to == trusted header +1 causes issues with https://github.com/celestiaorg/go-header. Needs more investigation.

Jan 18 '24 15:01 Manav-Aggarwal

rollmint rollmint copied to clipboard

Incorrect Untrusted Header height validation

Finding 036 - Incorrect Untrusted Header height validation

rollmint
rollmint copied to clipboard