Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WarpCore shouldn't allow for recipients to be the remote router or remote collateral token #4964

Open
tkporter opened this issue Dec 7, 2024 · 1 comment · May be fixed by #5057
Open

WarpCore shouldn't allow for recipients to be the remote router or remote collateral token #4964

tkporter opened this issue Dec 7, 2024 · 1 comment · May be fixed by #5057

Comments

@tkporter
Copy link
Collaborator

tkporter commented Dec 7, 2024

Problem

Sadly recently someone used the UI to do a Stride -> Eclipse transfer, and they set the recipient as the mint address on the Eclipse side

Solution

In validateTransfer, we should require the recipient is not the destination router or token address

Nice to Have

Describe non-essential extensions to the solution
Additional features which should be implemented if they are easy to accommodate but otherwise can be skipped

@0x471
Copy link

0x471 commented Dec 19, 2024

Hi ,I’ve added a check to ensure the recipient is not the destination token address in the validateTransfer function. You can see the changes here:
main...0x471:hyperlane-monorepo:warp/validateTransfer-recipientConflict.

I wasn't able to find how to access the destination router object to fetch the address. Any guidance on this would be appreciated.

Happy to submit a PR once it's done, thanks!

@jmrossy @tkporter

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Backlog
3 participants