Module sources should be transparent to auditors #2117
Assignees
Labels
enhancement
New feature or request
project
Issues submitted for attention of project management at Agoric to communicate with stake-holders
Comments
kriskowal
added
the
project
29 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the Problem Being Solved?
Auditors should inspect code artifacts that are actually evaluated, not compiled artifacts. Bundles do not currently contain the source code the auditor will find in the contract’s Github repository, but rather the combined result of a ses-censoriship-evasive-transform (
@endo/evasive-transform) and the module-to-ses-script-transform (@endo/static-module-record) which collectively attempt to preserve line numbers and spacing, but fails on both counts to varying degrees. Source maps should not be used to make the generated code resemble the alleged original sources because source maps can be used for malicious distortions that hide attack code. Auditing has different design criteria than debugging #2116.Description of the Design
Security Considerations
Scaling Considerations
Test Plan
Compatibility Considerations
Upgrade Considerations
The text was updated successfully, but these errors were encountered: