Issue Overview
- Current Status: Issue Fixed
- Affected Network: Testnet, Mainnet
Summary of Impact
The vulnerability could have allowed someone to send a malicious transaction that would have allowed them to duplicate resources.
Technical Summary of Issue
- Function post-conditions may use the special variable
result, which is the value that is returned from the function - If the function return type is a resource type, the
resultvariable represents a second location for the resource to exist in, which should be invalid - This is a language design issue, the interaction of resource semantics and post-conditions was not considered
Addressing the Issue
Hot Fix
When the return type of a function is a resource type, then declare the type of the special variable result to be a reference type.
Recognition
As core contributors to the Flow ecosystem, we take reported issues very seriously and would like to thank Deniz Mert Edincik for finding and reporting this issue responsibly through our Responsible Disclosure Policy.
Timeline
2021-04-13
- Issue reported
2021-04-15
- Issue investigated
- Minimal reproduction created
- Fix implemented
- Analyzed impact on Mainnet contracts
- Fix tested locally
- Testnet updated and tested
- Mainnet update started
2021-04-16
- Mainnet update complete and tested
2021-05-14
- Public disclosure