skip bds for mark_vulnerable_rollapp

dymensionxyz · Oct 14, 2024 · 245c76f · 245c76f
1 parent 2298774
commit 245c76f
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/x/rollapp/keeper/msg_server_mark_vulnerable_rollapps.go b/x/rollapp/keeper/msg_server_mark_vulnerable_rollapps.go
@@ -63,7 +63,15 @@ func (k Keeper) MarkVulnerableRollapps(ctx sdk.Context, drsVersions []string) (i
 			continue
 		}
 
-		for _, bd := range info.BDs.BD {
+		// We only check first and last BD to avoid DoS attack related to iterating big number of BDs (taking into account a state update can be submitted with any numblock value)
+		// It is assumed there cannot be two upgrades in the same state update (since it requires gov proposal), if this happens it will be a fraud caught by Rollapp validators.
+		// Therefore checking first and last BD for deprecated DRS version should be enough.
+		var bdsToCheck []*types.BlockDescriptor
+		bdsToCheck = append(bdsToCheck, &info.BDs.BD[0])
+		if info.NumBlocks > 1 {
+			bdsToCheck = append(bdsToCheck, &info.BDs.BD[len(info.BDs.BD)-1])
+		}
+		for _, bd := range bdsToCheck {
 			// TODO: this check may be deleted once empty DRS version is marked vulnerable
 			//  https://github.com/dymensionxyz/dymension/issues/1233
 			if bd.DrsVersion == "" {