Eth2-to-Near-relay: don't panic on `MerkleProof` verification

Question

Eth2-to-Near-relay: don't panic on `MerkleProof` verification

sept-en opened this issue 2 years ago · 2 comments

ExecutionBlockProof::merkle_root_from_branch contains an assertion statement outside of a test block:
assert_eq!(branch.len(), depth, "proof length should equal depth");. This assertion encodes an invariant which should not occur during runtime based on the inputs to the call. However, the relay will panic if this property should ever be broken.

It would be preferable to return an error, providing the same guarantees that the function will not verify invalid data but will not crash the program.

Answer 1 · 2022-09-23T06:21:52.000Z

It is not a bug. I use this code only in tests.

Answer 2 · 2022-09-25T08:43:15.000Z

@olga24912 this is actually a bug. If the specific part of the code is intended to be used only in tests, it should have been protected with an appropriate feature flag.