Skip to content

fix: prevent collision between in round and redeem vtxo #537

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Apr 17, 2025
Merged

fix: prevent collision between in round and redeem vtxo #537

merged 10 commits into from
Apr 17, 2025

Conversation

sekulicd
Copy link
Collaborator

Problem

Previously, there was a potential race condition where a vtxo could be both redeemed via SubmitRedeemTx and simultaneously registered for the next round via SpendVtxos. This could lead to double-spending attempts and inconsistent state.

Solution

This PR implements bidirectional checks to prevent collisions between vtxos being redeemed and those being registered for the next round:

  1. Added a new redeemTxRequests structure to track vtxos that are currently being redeemed
  2. Enhanced SubmitRedeemTx to:
    • Check if any vtxos are already registered for the next round
    • Track vtxos being redeemed in the redeemTxRequests structure
    • Remove vtxos from tracking after successful processing or in case of errors
  3. Enhanced SpendVtxos to check if any vtxos are currently being redeemed before allowing them to be registered

@altafan please review.

altafan
altafan reviewed Apr 15, 2025
View reviewed changes
Copy link
Collaborator

@altafan altafan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add a test that ensures the double spend attempt won't succeed.

altafan
altafan reviewed Apr 15, 2025
View reviewed changes
Copy link
Collaborator

@altafan altafan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also please, in ark.trivy.yaml, update runs-on to ubuntu-24.04

@tiero tiero changed the title [FIX]prevent collision between in round and redeem vtxo fix: prevent collision between in round and redeem vtxo Apr 15, 2025
@sekulicd
Copy link
Collaborator Author

Let's add a test that ensures the double spend attempt won't succeed.

This cant be tested with consistent outcome as it is matter of timing.
We cant control SDK invocation timing for Settle and SendOffchain.

@sekulicd
Copy link
Collaborator Author

Also please, in ark.trivy.yaml, update runs-on to ubuntu-24.04

Done

@altafan altafan merged commit 9ba1b94 into ark-network:master Apr 17, 2025
7 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bordalix bordalix bordalix left review comments

@altafan altafan altafan left review comments

@louisinger louisinger louisinger left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sekulicd @bordalix @altafan @louisinger