About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Fix Infinite Feegrant Bug- 1446

Cosmos SDKPosted 1 Year Ago
  • The fee grant module in the Cosmos SDK is used for setting up a different account to pass for gas on your behalf. After an allowlisted amount was set for a given user, they were given a specific allowance.
  • When using the fee grant module as a user, the amount of fees that a user had access to was never being updated. So, once you had the allowance, it was effectively infinite! This is wild that it got passed testing imo.
  • From reading the code snippets, it appears that the original developer thought that the function Accept() was updating the value. It appears that it was only checking the value. So, the author of the PR had to add code to modify the allowance object to subtract funds from it.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed