hop icon indicating copy to clipboard operation
hop copied to clipboard

Published 20 hours ago verified publisher icon hop-protocol

Limit the bonder’s ability to bond transfers whose `amount` is greater than the expected hToken amount on the source chain

Open shanefontaine opened this issue 2 years ago • 1 comments

The bonder should not bond a transfer that sends more hTokens than have been deposited into the source chain. This would protect against the case where a chain has a bug and a malicious user was able to mint ETH/Tokens/etc. out of thin air, among other things.

An example is an attack where an attacker can somehow mint hTokens unexpectedly and try to send them to a chain. For example, imagine there are 1,500 hETH on Optimism at this time. The bonder software should not bond any transfer that is ≥1,500 ETH on any chain when the source is Optimism because, if they did, that would mean that the attacker was able to mint hTokens unexpectedly.

The implementation can likely use the chain balance and pending amount from the chain.

shanefontaine avatar Mar 15 '22 20:03 shanefontaine

This old PR could use a review to handle this https://github.com/hop-protocol/hop/pull/413.

miguelmota avatar Aug 04 '22 10:08 miguelmota

Handled with new redundant logic.

shanefontaine avatar Jan 28 '24 18:01 shanefontaine