-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: recipient rate limited ISM #4636
Conversation
🦋 Changeset detectedLatest commit: fae0ffe The changes in this PR will be included in the next version bump. This PR includes changesets to release 9 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
@@ -16,6 +16,8 @@ | |||
using Message for bytes; | |||
using TokenMessage for bytes; | |||
|
|||
address public immutable recipient; |
Check notice
Code scanning / Olympix Integrated Security
Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables Low
constructor( | ||
address _mailbox, | ||
uint256 _maxCapacity | ||
) MailboxClient(_mailbox) RateLimited(_maxCapacity) {} | ||
uint256 _maxCapacity, |
Check notice
Code scanning / Olympix Integrated Security
Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low
uint256 _maxCapacity | ||
) MailboxClient(_mailbox) RateLimited(_maxCapacity) {} | ||
uint256 _maxCapacity, | ||
address _recipient |
Check notice
Code scanning / Olympix Integrated Security
Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #4636 +/- ##
==========================================
- Coverage 73.89% 73.85% -0.04%
==========================================
Files 100 100
Lines 1421 1423 +2
Branches 180 181 +1
==========================================
+ Hits 1050 1051 +1
- Misses 350 351 +1
Partials 21 21
|
Description
Add recipient restriction to rate limited ISM. This prevents multiple recipients from sharing the same rate limit ISM and denial of service attacks.
Backward compatibility
No
Testing
Unit Tests