Skip to content

inflation postmortem #2246

Merged
maurelian merged 3 commits intomasterfrom
m/inflation-postmortem
Mar 9, 2022
Merged

inflation postmortem #2246
maurelian merged 3 commits intomasterfrom
m/inflation-postmortem

Conversation

@maurelian
Copy link
Contributor

@maurelian maurelian commented Mar 2, 2022
edited
Loading

Description

Adds the incident response postmortem from the Feb 2, 2022 inflation bug, also adds a SECURITY.md file as explained below.

This should not be merged until after ethereum-optimism/.github#7.

Additional context

It is generally a best practice to have a SECURITY.md document in the repo with easy to find disclosure instructions.
However this creates a maintenance burden across all of our repos.

Github allows us to have a single canonical security policy document in our .github repo, which is then accessible in each repo at github.com/org/repo/security/policy (example).

Still not everyone will be aware of this, so this PR adds a SECURITY.md file which simply links to the canonical one.

@changeset-bot
Copy link

changeset-bot bot commented Mar 2, 2022
edited
Loading

⚠️ No Changeset found

Latest commit: 124b3c4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@maurelian maurelian mentioned this pull request Mar 2, 2022
Merged
@codecov-commenter
Copy link

codecov-commenter commented Mar 2, 2022
edited
Loading

Codecov Report

Merging #2246 (9b4216b) into master (03f1cfd) will increase coverage by 17.28%.
The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff             @@
##           master    #2246       +/-   ##
===========================================
+ Coverage   73.04%   90.33%   +17.28%     
===========================================
  Files          86       51       -35     
  Lines        2846     1376     -1470     
  Branches      486      206      -280     
===========================================
- Hits         2079     1243      -836     
+ Misses        767      133      -634
Flag Coverage Δ
batch-submitter ?
contracts 90.88% <ø> (ø)
core-utils 87.80% <ø> (ø)
data-transport-layer ?
sdk ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
packages/sdk/src/utils/coercion.ts
...h-submitter/src/batch-submitter/batch-submitter.ts
...kages/data-transport-layer/src/utils/validation.ts
packages/batch-submitter/src/index.ts
packages/sdk/src/utils/index.ts
...ubmitter/src/batch-submitter/tx-batch-submitter.ts
packages/data-transport-layer/src/utils/index.ts
...kages/batch-submitter/src/batch-submitter/index.ts
packages/sdk/src/utils/message-encoding.ts
packages/sdk/src/index.ts
... and 25 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 03f1cfd...9b4216b. Read the comment docs.

@mslipper
Copy link
Collaborator

mslipper commented Mar 2, 2022

I'll also include the post mortem on the changelog site.

@maurelian maurelian changed the title refactor: move audits into new technical-documents dir inflation postmortem Mar 2, 2022
maurelian
maurelian commented Mar 2, 2022
View reviewed changes
Copy link
Contributor Author

@maurelian maurelian left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now that I look at this from more of an outsiders perspective, it's lacking discussion of the factors that contributed to the bug being introduced. I have it in my head from many internal conversations, just need to write it sure.

smartcontracts
smartcontracts reviewed Mar 4, 2022
View reviewed changes
@maurelian maurelian force-pushed the m/inflation-postmortem branch from 9b4216b to 6c2f53f Compare March 7, 2022 16:41
smartcontracts
smartcontracts reviewed Mar 7, 2022
View reviewed changes
smartcontracts
smartcontracts reviewed Mar 7, 2022
View reviewed changes
technical-documents/postmortems/2022-02-02-inflation-vuln.md
1. the changes were mostly deleting code and simplifying the system by removing the OVM, and
2. the availability of qualified auditors was extremely constrained.

#### Conclusion regarding the introduction of the bug
Copy link
Contributor

@smartcontracts smartcontracts Mar 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An additional point worth noting here is that the issue could've been prevented with a review of expected EVM behavior for any opcodes impacted by the change. For example, the logic should've been:

  1. This impacts the way that balances and value transfers happen in the EVM.
  2. Several opcodes refer to balance and value transfer.
  3. SELFDESTRUCT involves value transfer.
  4. Does SELFDESTRUCT behave the same way after the change?

Copy link
Contributor Author

@maurelian maurelian Mar 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WDYT an improved PR process would look like to ensure that happens? Would it require the author to explicitly list the other parts of the system that could be affected and why they believe its not an issue?

Copy link
Contributor Author

@maurelian maurelian Mar 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tried to incorporate that here: https://github.com/ethereum-optimism/optimism/pull/2246/files#diff-b740618b9dad4e1d02d8a2eb24e62f3a67cdfa72a8a113a137b9dfb4c6ed597fR158-R167

smartcontracts
smartcontracts reviewed Mar 7, 2022
View reviewed changes
@maurelian maurelian force-pushed the m/inflation-postmortem branch 2 times, most recently from 54335c2 to f58fac4 Compare March 8, 2022 19:52
maurelian added 3 commits March 8, 2022 15:50
@maurelian
refactor: move audits into new technical-documents dir
13815ae
@maurelian
feat: Add security.md
122e264 
It is generally a best practice to have a SECURITY.md document in the repo,
however this creates a maintenance burden across all of our repos. Github
allows us to have a single security policy document in our .github repo, which
is then accessible in each repo at github.com/org/repo/security/policy.

Still not everyone will be aware of this, and so adding this stub page gives
them one more way to discover the main document.
@maurelian
docs: Add inflation vuln post-mortem
124b3c4
@maurelian maurelian force-pushed the m/inflation-postmortem branch from f58fac4 to 124b3c4 Compare March 8, 2022 20:50
@maurelian maurelian merged commit 6becbe8 into master Mar 9, 2022
@maurelian maurelian deleted the m/inflation-postmortem branch March 9, 2022 02:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smartcontracts smartcontracts smartcontracts left review comments

@mslipper mslipper mslipper approved these changes

@tynes tynes tynes approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@maurelian @codecov-commenter @mslipper @tynes @smartcontracts