mirror of
https://github.com/ethereum/go-ethereum.git
synced 2026-06-12 09:51:36 +00:00
21f243ff8a
Addresses review finding C4 + Opus agent audit secondary bug.
Bug 1 — fail-open gate in disklayer.storage:
disklayer.storage() compared a 64-byte merkle-shaped combinedKey
(accountHash || storageHash) against the 32-byte bintrie generator
marker via codec.MarkerCompare. For bintrie, accountHash is always
common.Hash{} (since bintrieFlatCodec.StorageKey returns zero for
the account key), so the combinedKey started with 32 zero bytes.
The sha256-derived marker's first byte is essentially never 0x00,
so bytes.Compare returned -1, the > 0 branch never fired, and the
generator-progress gate was silently DISABLED. During active
generation, disklayer.storage served whatever was on disk (nil or
stale) without returning errNotCoveredYet.
Fix: add StorageMarkerKey(accountHash, storageHash) to the
flatStateCodec interface. Merkle returns the 64-byte concatenation
(preserving existing behavior); bintrie returns storageHash[:]
(the 32-byte stem||offset key matching the generator marker shape).
disklayer.storage now uses the codec method.
Bug 2 — rlp.Split on raw bintrie storage leaves in historicStateReader:
historicStateReader.Storage at core/state/database_history.go:87
calls rlp.Split(blob) on whatever bytes the pathdb historical reader
returns. Merkle storage values are RLP-encoded (trimmed-left-zeros);
bintrie leaves are raw 32 bytes. rlp.Split on raw 32-byte input
either errors or decodes garbage. Even after fixing Bug 1, bintrie
historical storage reads were broken end-to-end.
Fix: add isVerkle bool to historicStateReader; when true, bypass
rlp.Split and copy the raw 32-byte blob directly. The flag is set
from db.triedb.IsVerkle() at construction time.
|
||
|---|---|---|
| .. | ||
| pruner | ||
| snapshot | ||
| access_events.go | ||
| access_events_test.go | ||
| access_list.go | ||
| database.go | ||
| database_code.go | ||
| database_hasher.go | ||
| database_hasher_binary.go | ||
| database_hasher_binary_test.go | ||
| database_hasher_merkle.go | ||
| database_hasher_merkle_test.go | ||
| database_history.go | ||
| database_iterator.go | ||
| database_iterator_test.go | ||
| dump.go | ||
| iterator.go | ||
| iterator_test.go | ||
| journal.go | ||
| metrics.go | ||
| reader.go | ||
| reader_bintrie_test.go | ||
| reader_stater.go | ||
| state_mut.go | ||
| state_object.go | ||
| state_object_test.go | ||
| state_sizer.go | ||
| state_sizer_test.go | ||
| state_test.go | ||
| statedb.go | ||
| statedb_fuzz_test.go | ||
| statedb_hooked.go | ||
| statedb_hooked_test.go | ||
| statedb_stats.go | ||
| statedb_test.go | ||
| stateupdate.go | ||
| sync.go | ||
| sync_test.go | ||
| transient_storage.go | ||
| trie_prefetcher.go | ||
| trie_prefetcher_test.go | ||