From 7a65919fbae02eb7a2699d5f8be8cf0311513317 Mon Sep 17 00:00:00 2001 From: sowle Date: Tue, 18 Jun 2019 13:42:07 +0300 Subject: [PATCH] wallet: more rules for contract proposal validation (a_pledge > 0 && b_pledge + amount_to_pay > 0) --- src/currency_core/currency_format_utils.cpp | 4 ++-- src/wallet/wallet2_escrow.cpp | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/currency_core/currency_format_utils.cpp b/src/currency_core/currency_format_utils.cpp index 28235ed4..9c0eab16 100644 --- a/src/currency_core/currency_format_utils.cpp +++ b/src/currency_core/currency_format_utils.cpp @@ -1396,9 +1396,9 @@ namespace currency //----------------------------------------------------------------------------------------------- bool check_outs_valid(const transaction& tx) { - BOOST_FOREACH(const tx_out& out, tx.vout) + for(const tx_out& out : tx.vout) { - CHECK_AND_NO_ASSERT_MES(0 < out.amount, false, "zero amount ouput in transaction id=" << get_transaction_hash(tx)); + CHECK_AND_NO_ASSERT_MES(0 < out.amount, false, "zero amount output in transaction id=" << get_transaction_hash(tx)); if (out.target.type() == typeid(txout_to_key)) { if (!check_key(boost::get(out.target).key)) diff --git a/src/wallet/wallet2_escrow.cpp b/src/wallet/wallet2_escrow.cpp index d50d8f87..a4d6d57a 100644 --- a/src/wallet/wallet2_escrow.cpp +++ b/src/wallet/wallet2_escrow.cpp @@ -104,6 +104,9 @@ bool wallet2::validate_escrow_proposal(const wallet_rpc::wallet_transfer_info& w bool correct_keys = (ms.keys[0] == a_key && ms.keys[1] == b_key) || (ms.keys[0] == b_key && ms.keys[1] == a_key); LOC_CHK(correct_keys, "template has mulisig output with invalid keys: 0:" << ms.keys[0] << " 1:" << ms.keys[1]); + LOC_CHK(cpd.amount_a_pledge > 0, "template has zero a pledge"); + LOC_CHK(cpd.amount_b_pledge + cpd.amount_to_pay > 0, "template has zero (b pledge + amount to pay)"); + uint64_t min_ms_amount = cpd.amount_a_pledge + cpd.amount_b_pledge + cpd.amount_to_pay + TX_DEFAULT_FEE; LOC_CHK(ms_amount >= min_ms_amount, "template multisig amount " << ms_amount << " is less than contract expected value: " << min_ms_amount << ", a_pledge=" << cpd.amount_a_pledge << ", b_pledge=" << cpd.amount_b_pledge << ", amount_to_pay=" << cpd.amount_to_pay); uint64_t min_a_inputs = cpd.amount_a_pledge + cpd.amount_to_pay;