Relayers OFAC #1313
Relayers OFAC #1313
Conversation
| if err != nil { | ||
| return "", fmt.Errorf("failed to decode destination: %v", err) | ||
| } | ||
| return account32.Hex(), nil |
There was a problem hiding this comment.
So in the UI we do not post the hex version of the account. We post the SS58 version. Not sure what the correct thing to do there is?
There was a problem hiding this comment.
Just saw here Chainalysis does not support non-EVM chains. 😬 https://go.chainalysis.com/chainalysis-oracle-docs.html Compatible networks Edit: Nevermind, I see this is not the API but an oracle.
Checking to see which Polkadot addresses they support...
There was a problem hiding this comment.
The SS58 version is probably right, will add it.
There was a problem hiding this comment.
Addressed in 1e9558e.
relayer/relays/execution/main.go
Outdated
| "destination": destination, | ||
| "payload": common.Bytes2Hex(ev.Payload), | ||
| }).Info("extracted destination from message") | ||
| banned, err := r.ofac.IsBanned(ev.Raw.Address.Hex(), destination) |
There was a problem hiding this comment.
Is ev.Raw.Address.Hex() equivalent to msg.sender or tx.origin. Because I think we need the latter. The original signer is OFAC banned.
There was a problem hiding this comment.
Yeah, I would assume it's actually Gateway address, not the original sender supposed to check.
There was a problem hiding this comment.
Addressed in 1e9558e.
| isBanned, err := s.IsBanned(m) | ||
| if err != nil { | ||
| //return nil, fmt.Errorf("banned check: %w", err) | ||
| log.WithError(err).Fatal("error checking banned address found") |
There was a problem hiding this comment.
Return error after logging.
relayer/relays/parachain/scanner.go
Outdated
| return true, err | ||
| } | ||
|
|
||
| return s.ofac.IsBanned(destination, "") |
There was a problem hiding this comment.
Maybe add a comment that we will in a follow up ban the source address.
There was a problem hiding this comment.
Does that require AliasOrigin with V2 first?
There was a problem hiding this comment.
Does that require AliasOrigin with V2 first?
To extract it from the on-chain message, yes. In the interim we can fetch the event from Subscan and pull out the source from there.
|
When OFAC banned detected, since it's ordered channel the message can't be skipped, I would assume the bridge is actually bricked? So do we plan to add an governance call to reset the nonce/message which is banned? Or we wait for V2 with non-order messaging be ready first? |
We will work around this with an off-chain process/policy until V2 ships. |
Resolves: SNO-1156
TODO remaining for a follow-up PR: SNO-1214