fix(execution): prevent reentrancy attacks with cancelling proposal d…

…uring execution
Squads-Protocol · Jun 23, 2023 · 8416203 · 8416203
1 parent 2e4b79e
commit 8416203
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 0 deletions.
diff --git a/programs/multisig/src/instructions/batch_execute_transaction.rs b/programs/multisig/src/instructions/batch_execute_transaction.rs
@@ -1,4 +1,5 @@
 use anchor_lang::prelude::*;
+use std::borrow::Borrow;
 
 use crate::errors::*;
 use crate::state::*;
@@ -146,6 +147,10 @@ impl BatchExecuteTransaction<'_> {
             &ephemeral_signer_keys,
         )?;
 
+        let current_status = proposal.status.clone();
+        // Set the proposal state to Executing to prevent reentrancy attacks (e.g. cancelling proposal) in the middle of execution.
+        proposal.status = ProposalStatus::Executing;
+
         // Execute the transaction message instructions one-by-one.
         executable_message.execute_message(
             &vault_seeds
@@ -155,6 +160,9 @@ impl BatchExecuteTransaction<'_> {
             &ephemeral_signer_seeds,
         )?;
 
+        // Restore the proposal status after execution.
+        proposal.status = current_status;
+
         // Increment the executed transaction index.
         batch.executed_transaction_index = batch
             .executed_transaction_index

diff --git a/programs/multisig/src/instructions/vault_transaction_execute.rs b/programs/multisig/src/instructions/vault_transaction_execute.rs
@@ -128,6 +128,9 @@ impl VaultTransactionExecute<'_> {
             &ephemeral_signer_keys,
         )?;
 
+        // Set the proposal state to Executing to prevent reentrancy attacks (e.g. cancelling proposal) in the middle of execution.
+        proposal.status = ProposalStatus::Executing;
+
         // Execute the transaction message instructions one-by-one.
         executable_message.execute_message(
             &vault_seeds

diff --git a/programs/multisig/src/state/proposal.rs b/programs/multisig/src/state/proposal.rs
@@ -136,6 +136,8 @@ pub enum ProposalStatus {
     Rejected { timestamp: i64 },
     /// Proposal has been approved and is pending execution.
     Approved { timestamp: i64 },
+    /// Proposal is being executed. This is a transient state that always transitions to `Executed` in the span of a single transaction.
+    Executing,
     /// Proposal has been executed.
     Executed { timestamp: i64 },
     /// Proposal has been cancelled.

diff --git a/sdk/multisig/idl/multisig.json b/sdk/multisig/idl/multisig.json
@@ -1988,6 +1988,9 @@
               }
             ]
           },
+          {
+            "name": "Executing"
+          },
           {
             "name": "Executed",
             "fields": [

diff --git a/sdk/multisig/src/generated/types/ProposalStatus.ts b/sdk/multisig/src/generated/types/ProposalStatus.ts
-Original file line number
+Diff line change
@@ Expand Up / @@ -1988,6 +1988,9 @@ @@
                   }
                 ]
               },
+              {
+                "name": "Executing"
+              },
               {
                 "name": "Executed",
                 "fields": [
@@ Expand Down @@