Fix new XLM leak in Validator
Closed this issue · 1 comments
Overview
In order to have a better handle on the accounts that are created and merged and not lose XLM we need to have control over the accounts that are created and merged.
Note, the Master Account needs to have a balance of 50 or above in order to work.
Tasks
- [x] Create 10 secret keys on main net
- [x] Add an environment variable that reads the 10 secret keys
- [x] Refactor the code (SEP10.test.js) to create, merge, and fund accounts from the secret keys we control
- Have the user supply a HD account's secret key to derive all the other keys. (creating accounts needed for signing tests in the sep10 tests)
- log the key pairs of the aforementioned created accounts
- Make the SEP10 tests more defensive by merging the created accounts if any tests fail
- Write a cleanup script that attempts to merge the created accounts that were merged
- This could run after a workflow is completed regardless of failure or not.
- [ ] Any test that needs a temp signing key (test that include removing the master signer and the re adding) should have a secret key thats hardcoded in the test.
- Any test that needs a temp signing key is also derived from the HD account's secret key and logged for recovery purposes.
- Move the sep10.test.js tests into their own suite (ala SEP6, 24, and 31)
- UI changes to support that
I believe I found the issue: transactions could fail due to tx_too_late. This was not an error status we considered recoverable, but since it only requires resubmitting it is indeed recoverable. Closing this issue for now until we see more leaking.