re write deployment verification code #451
Comments
|
as opposed to current verification code, can consider doing async calls to fetch on chain bytecode. |
ilanDoron
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
current contract verification code is in file:
readVerifyDeployment.js
in web3deployment folder.
https://github.com/KyberNetwork/smart-contracts/blob/master/web3deployment/readVerifyDeployment.js
This file does many checks on our setup.
most of those checks are already done in other places.
so we should rewrite the file and structure it.
the main purpose should be to verify the deployed contracts kyber is connected to are only contracts we expect.
Example: a reserve manager can set sanity rate contract pointer to a totally different file and do some logic that attacks users or other reserves.
So what should be done.
iterate all contracts connected to kyber network.
get byteCode from the chain and verify it.
this is already done in old file.
but one change is required. since folder structure changed, we should save sha3 of the bytecode and compare on chain sha3 to saved sha3. before structure changed, could compile contract and compare compilation result. but bytecode includes some data on the source test file. so any change in text causes the compilation result to slightly change.
The text was updated successfully, but these errors were encountered: