Giters

hyperledger / besu

An enterprise-grade Java-based, Apache 2.0 licensed Ethereum client https://wiki.hyperledger.org/display/besu

Home Page:https://www.hyperledger.org/projects/besu

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Validation errors (duplicated account) ignored in accounts-allowlist and empty list returned

aiza-fp opened this issue · comments

commented

Description

When an initial accounts-allowlist is defined, no exception is thrown if there are duplicated accounts. Other input validation errors are being ignored too.

Acceptance Criteria

  • If a validation error occurs an exception is thrown

Steps to Reproduce (Bug)

  1. Define a accounts-allowlist in the default permissions file or custom file where a duplicated account can be found.
  2. Start the node and use the PERM API to perm_getAccountsAllowlist (see example below).
  3. The result is an empty list (see example below).

Expected behavior: Get an exception that stops the node or ignore the duplicated account.

Actual behavior: It returns an empty list and it doesn't show a warning or throw an exception.

Frequency: 100%

Logs (if a bug)

No logs

Versions (Add all that apply)

  • Software version: 24.5.1
  • Java version: openjdk-java-21
  • OS Name & Version: linux-x86_64
  • Docker Version: 26.0.0

Additional Information - Example:

WORKS FINE:
accounts-allowlist=["0x4c3be0df1d9ff62856b721c13cefd1721b383bdc","0x432132e8561785c33afe931762cf8eeb9c80e3ad","0xcb88953e60948e3a76fa658d65b7c2d5043c6409","0xdd76406b124f9e3ae9fbeb47e4d8dc0ab143902d"]

RESULT:
$ curl -X POST --data '{"jsonrpc":"2.0","method":"perm_getAccountsAllowlist","params":[], "id":1}' http://127.0.0.1:8545
{"jsonrpc":"2.0","id":1,"result":["0x4c3be0df1d9ff62856b721c13cefd1721b383bdc","0x432132e8561785c33afe931762cf8eeb9c80e3ad","0xcb88953e60948e3a76fa658d65b7c2d5043c6409","0xdd76406b124f9e3ae9fbeb47e4d8dc0ab143902d"]}

MODIFIED, WITH DUPLICATED ACCOUNT
accounts-allowlist=["0x4c3be0df1d9ff62856b721c13cefd1721b383bdc","0x432132e8561785c33afe931762cf8eeb9c80e3ad","0xcb88953e60948e3a76fa658d65b7c2d5043c6409","0x432132E8561785c33Afe931762cf8EEb9c80E3aD"]

RESULT:
$ curl -X POST --data '{"jsonrpc":"2.0","method":"perm_getAccountsAllowlist","params":[], "id":1}' http://127.0.0.1:8545
{"jsonrpc":"2.0","id":1,"result":[]}

The bug is in the file AccountLocalConfigPermissioningController.java, methods readAccountsFromConfig and addAccounts because they are not taking into account the result returned by addAccounts. Errors returned by inputValidation are ignored.