Validation errors (duplicated account) ignored in accounts-allowlist and empty list returned
aiza-fp opened this issue · comments
Description
When an initial accounts-allowlist is defined, no exception is thrown if there are duplicated accounts. Other input validation errors are being ignored too.
Acceptance Criteria
- If a validation error occurs an exception is thrown
Steps to Reproduce (Bug)
- Define a accounts-allowlist in the default permissions file or custom file where a duplicated account can be found.
- Start the node and use the PERM API to perm_getAccountsAllowlist (see example below).
- The result is an empty list (see example below).
Expected behavior: Get an exception that stops the node or ignore the duplicated account.
Actual behavior: It returns an empty list and it doesn't show a warning or throw an exception.
Frequency: 100%
Logs (if a bug)
No logs
Versions (Add all that apply)
- Software version: 24.5.1
- Java version: openjdk-java-21
- OS Name & Version: linux-x86_64
- Docker Version: 26.0.0
Additional Information - Example:
WORKS FINE:
accounts-allowlist=["0x4c3be0df1d9ff62856b721c13cefd1721b383bdc","0x432132e8561785c33afe931762cf8eeb9c80e3ad","0xcb88953e60948e3a76fa658d65b7c2d5043c6409","0xdd76406b124f9e3ae9fbeb47e4d8dc0ab143902d"]
RESULT:
$ curl -X POST --data '{"jsonrpc":"2.0","method":"perm_getAccountsAllowlist","params":[], "id":1}' http://127.0.0.1:8545
{"jsonrpc":"2.0","id":1,"result":["0x4c3be0df1d9ff62856b721c13cefd1721b383bdc","0x432132e8561785c33afe931762cf8eeb9c80e3ad","0xcb88953e60948e3a76fa658d65b7c2d5043c6409","0xdd76406b124f9e3ae9fbeb47e4d8dc0ab143902d"]}
MODIFIED, WITH DUPLICATED ACCOUNT
accounts-allowlist=["0x4c3be0df1d9ff62856b721c13cefd1721b383bdc","0x432132e8561785c33afe931762cf8eeb9c80e3ad","0xcb88953e60948e3a76fa658d65b7c2d5043c6409","0x432132E8561785c33Afe931762cf8EEb9c80E3aD"]
RESULT:
$ curl -X POST --data '{"jsonrpc":"2.0","method":"perm_getAccountsAllowlist","params":[], "id":1}' http://127.0.0.1:8545
{"jsonrpc":"2.0","id":1,"result":[]}
The bug is in the file AccountLocalConfigPermissioningController.java, methods readAccountsFromConfig and addAccounts because they are not taking into account the result returned by addAccounts. Errors returned by inputValidation are ignored.