`ExtensionOptions` are not initialized before usage in the EIP712 handler
omritoptix opened this issue · 2 comments
omritoptix commented
from the audit
mtsitrin commented
not sure about why we have this issue. we use same code as in original repo
txWithExtensions, ok := tx.(authante.HasExtensionOptionsTx)
if !ok {
return errorsmod.Wrap(errortypes.ErrUnknownExtensionOptions, "tx doesnt contain any extensions")
}
opts := txWithExtensions.GetExtensionOptions()
if len(opts) != 1 {
return errorsmod.Wrap(errortypes.ErrUnknownExtensionOptions, "tx doesnt contain expected amount of extension options")
}
extOpt, ok := opts[0].GetCachedValue().(*types.ExtensionOptionsWeb3Tx)
if !ok {
return errorsmod.Wrap(errortypes.ErrUnknownExtensionOptions, "unknown extension option")
}
zale144 commented
@omritoptix @mtsitrin From what I can tell, the difference between GetCachedValue
and UnpackAny
is that:
- the first one just returns the cached value if there is any,
- while the second one looks for a cached value and if it finds it, sets it to the interface, otherwise it tries to look up if the passed interface is registered in the registry (we do it in
init()
), it takes.Value
, deserializes it and sets it to the interface and the cached value.
It seems to me, the second option might be a bit safer, but also much slower because it relies a lot on reflection