Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions on handleCallMessage #3

Open
AntonAndell opened this issue Nov 15, 2023 · 0 comments
Open

Permissions on handleCallMessage #3

AntonAndell opened this issue Nov 15, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@AntonAndell
Copy link

There are a few issues in the saftey during implementation on HandleCallMessage in java and solidity.

In both cases the caller must always be the xCall Addresss.

On the java side the dapp must also verify that the _from is the NetworkAddress(previously BTP addresss in V1) of xCall on ICON

On the solidity contract apart from verifying the caller, the dapp must verify that the _from is the network address of the Java contract to prevent anyone from voting
@AntonAndell AntonAndell added the bug Something isn't working label Nov 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AntonAndell