Ethereum Asked by user2284570 on August 26, 2021
I have a contract where the hash value is also the key to unlock the money.
As the full ecrecover parameters are fetched from transaction parameters, and it was compiled in 2016, it is vulnerable to the ECrecoverMalformedInput compiler bug.
But actually what are examples calls to ecrecover() built‑in contract which can make it returns nothing ?
A unit test was added when it was fixed https://github.com/ethereum/solidity/blob/v0.4.14/test/libsolidity/SolidityEndToEndTest.cpp#L8257-L8274.
contract C {
function f() returns (address) {
return recover(
0x77e5189111eb6557e8a637b27ef8fbb15bc61d61c2f00cc48878f3a296e5e0ca,
0, // invalid v value
0x6944c77849b18048f6abe0db8084b0d0d0689cdddb53d2671c36967b58691ad4,
0xef4f06ba4f78319baafd0424365777241af4dfd3da840471b4b4b087b7750d0d,
0xca35b7d915458ef540ade6068dfe2f44e8fa733c,
0xca35b7d915458ef540ade6068dfe2f44e8fa733c
);
}
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s, uint blockExpired, bytes32 salt)
returns (address)
{
require(hash == keccak256(blockExpired, salt));
return ecrecover(hash, v, r, s);
}
}
Answered by Ismael on August 26, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP