axone-protocol/axoned

๐Ÿง  Logic: Atom table persistence potential risk

bdeneux opened this issue ยท 0 comments

๐Ÿ“ Description

In the Prolog interpreter, each atom is registered in a global variable table created at the start of the node. Each time a new atom is created, it's added to this table without being cleaned up after interpreter execution, due to the nature of the global variable. This can potentially lead to a vector attack, as a program can create a large quantity of atoms. Even if gas consumption can mitigate this, the atom is still added to the table. Moreover, during the node's execution life, the table is never cleaned and can grow larger over time with no synchronization between nodes, since it's relative to the node execution and query.

This table is located here: https://github.com/axone-protocol/prolog/blob/21a231dca6b411aca4eee5b7cba5b5402335cf41/engine/atom.go#L16-L24

๐Ÿ’ก Solutions

Since the first review, this table has been used to link an atom (uint64) to its corresponding string name. I propose to remove the usage of this table and transform Atom into a string.

FYI @amimart @ccamel