You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
assertIsProgramDerivedAddress and isProgramDerivedAddress don't actually check to see if the address is off the curve. All they do is validate the format of the tuple.
Someone could supply a regular on-curve address there and have those guards pass.
The job is to add in the off-curve check, and to write tests.
NOTE: This still does nothing to assert that the bump seed is the correct one given the address supplied. Thoughts?
The text was updated successfully, but these errors were encountered:
Sure I can make that change. Both methods will become async functions but I don't think that's an issue (EDIT: It's an issue).
RE the bump: it's only valid in conjunction with an array of seeds so there would be no way to assert it's valid unless we require the seeds. Maybe that's the job for another helper method like verifyProgramDerivedAddress(pda, seeds)?
assertIsProgramDerivedAddress
andisProgramDerivedAddress
don't actually check to see if the address is off the curve. All they do is validate the format of the tuple.Someone could supply a regular on-curve address there and have those guards pass.
The job is to add in the off-curve check, and to write tests.
NOTE: This still does nothing to assert that the bump seed is the correct one given the address supplied. Thoughts?
The text was updated successfully, but these errors were encountered: