Locking simplification
Closed this issue · 1 comments
drinkcoffee commented
The locking implementation as currently written allows for multiple calls to the same contract, if the calls are within the same crosschain call. In some rare situations when a read or write is executed out of natural execution order relative to a write, an attacker could create a malicious invalid update.
The protocol has been revised to prevent this attack by simplifying the locking mechanism: any updates prevent any further updates to the contract. The lockable storage contract needs to be updated to reflect this update in the protocol.
drinkcoffee commented
Resolved with #5