contract download - remove exception on empty validatedrootindex #251
Comments
|
I wouldn't characterize this as a security check. If the user doesn't explicitly specify a block height to download, the command gets "most recent available". How the command chooses "most recent available" doesn't seem that critical. How about a slight variation on option 1: Use if (stateHeight == 0)
{
uint? localRootIndex, validatedRootIndex;
try
{
(localRootIndex, validatedRootIndex) = await stateAPI.GetStateHeightAsync().ConfigureAwait(false);
}
catch (RpcException e) when (e.Message.Contains("Method not found"))
{
throw new Exception(
"Could not get state information. Make sure the remote RPC server has state service support");
}
stateHeight = validatedRootIndex.HasValue
? validatedRootIndex.Value
: localRootIndex.HasValue
? localRootIndex.Value
: throw new Exception($"GetStateHeight did not return local or validated root index");
} |
|
FYI, can use null coalesce operator instead: stateHeight = validatedRootIndex ?? localRootIndex
?? throw new Exception($"GetStateHeight did not return local or validated root index"); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
contract downloadfeature is intended to support local development. There is a security check that seems unnecessary when used for this purpose, specifically hereneo-express/src/neoxp/Node/NodeUtility.cs
Lines 244 to 245 in c6424c0
this basically forbids using any node that is not voted into the list of state validators by the consensus committee. It should be possible to use nodes that you trust e.g. I want to use our COZ nodes because the NEO nodes are very slow. This could be done by using
localrootindexinstead ofvalidatedrootindex.I see 3 ways of solving this
localrootindexinstead ofvalidatedrootindex--allow-localrootto uselocalrootindexifvalidatedrootindexisnulllocalrootindexby default unless passing some flag like--require-rootvalidated-stateThe text was updated successfully, but these errors were encountered: