Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PublicKey type ignores validation on deserialization #498

Closed
Tracked by #494
austinabell opened this issue Jul 26, 2021 · 0 comments · Fixed by #502
Closed
Tracked by #494

PublicKey type ignores validation on deserialization #498

austinabell opened this issue Jul 26, 2021 · 0 comments · Fixed by #502
Assignees
@austinabell

Comments

@austinabell
Copy link
Contributor

austinabell commented Jul 26, 2021
edited
Loading

Noticed while doing something related, PublicKey just uses the borsh derive deserialize, which ignores validation and accepts any bytes.

Also, it doesn't implement hash, which was used by the multisig contract. Although it's generally better to avoid std hash collections in wasm contracts, probably worth it to have for tests. Thoughts @matklad if it's worth leaving out or adding Hash derive to public key?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@austinabell austinabell

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: pubkey deserialize validation and add hash trait derive near/near-sdk-rs
1 participant
@austinabell