fix(executor): prevent header validation panic, enforce strict timestamps, validate chain_id#8
Open
wpank wants to merge 3 commits into
Conversation
…amps, validate chain_id Fix three executor validation bugs: - #118: validate_header_against_parent panics on parent.number == u64::MAX due to unchecked addition. Use checked_add and return an error on overflow. - #119: Timestamp validation allows header.timestamp == parent.timestamp. Change from `<` to `<=` to enforce strictly increasing timestamps per Ethereum consensus rules. - #121: decode_tx_env ignores the chain_id parameter (prefixed with `_`). Add chain_id validation that rejects transactions whose chain_id does not match the executor's configured chain_id. Pre-EIP-155 legacy transactions without a chain_id are still accepted. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
#118:
validate_header_against_parentpanics whenparent.number == u64::MAXdue to uncheckedparent.number + 1overflow. Fixed by usingchecked_addand returning anExecutionError::BlockValidationon overflow.#119: Timestamp validation uses
<(allowsheader.timestamp == parent.timestamp), violating Ethereum consensus rules that require strictly increasing timestamps. Fixed by changing to<=.#121:
decode_tx_envaccepts thechain_idparameter but never validates it (parameter was prefixed with_). Added chain ID validation that rejects transactions with mismatched chain IDs. Pre-EIP-155 legacy transactions without a chain ID are still accepted for backward compatibility.Test plan
validate_header_against_parent_max_block_numbertest: verifiesu64::MAXparent number returns error instead of panickingvalidate_header_against_parent_timestamptest: verifies equal timestamps are now rejectedvalidate_header_rejects_equal_timestamptest: dedicated test for strict timestamp enforcementdecode_tx_env_rejects_wrong_chain_idtest: verifies wrong chain ID is rejecteddecode_tx_env_accepts_matching_chain_idtest: verifies correct chain ID is acceptedexecute_skips_wrong_chain_id_txtest: verifies wrong chain ID tx is skipped in block execution (not crash)🤖 Generated with Claude Code