diff --git a/btcclient/query.go b/btcclient/query.go index c7a4225d..5707937d 100644 --- a/btcclient/query.go +++ b/btcclient/query.go @@ -153,6 +153,10 @@ func (c *Client) getBlockVerboseWithRetry(hash *chainhash.Hash) (*btcjson.GetBlo // getChainBlocks returns a chain of indexed blocks from the block at baseHeight to the tipBlock // note: the caller needs to ensure that tipBlock is on the blockchain func (c *Client) getChainBlocks(baseHeight uint32, tipBlock *types.IndexedBlock) ([]*types.IndexedBlock, error) { + if tipBlock.Height < 0 { + panic(fmt.Errorf("received negative block height: %d", tipBlock.Height)) + } + tipHeight := uint32(tipBlock.Height) if tipHeight < baseHeight { return nil, fmt.Errorf("the tip block height %v is less than the base height %v", tipHeight, baseHeight) @@ -201,7 +205,7 @@ func (c *Client) FindTailBlocksByHeight(baseHeight uint32) ([]*types.IndexedBloc return nil, err } - if baseHeight > uint32(tipIb.Height) { + if int32(baseHeight) > tipIb.Height { return nil, fmt.Errorf("invalid base height %d, should not be higher than tip block %d", baseHeight, tipIb.Height) } diff --git a/btcstaking-tracker/atomicslasher/routines.go b/btcstaking-tracker/atomicslasher/routines.go index af46651a..22a73d06 100644 --- a/btcstaking-tracker/atomicslasher/routines.go +++ b/btcstaking-tracker/atomicslasher/routines.go @@ -1,6 +1,7 @@ package atomicslasher import ( + "fmt" "time" bstypes "github.com/babylonlabs-io/babylon/x/btcstaking/types" @@ -58,6 +59,9 @@ func (as *AtomicSlasher) slashingTxTracker() { return } // record BTC tip + if blockEpoch.Height < 0 { + panic(fmt.Errorf("received negative block height: %d", blockEpoch.Height)) + } as.btcTipHeight.Store(uint32(blockEpoch.Height)) as.logger.Debug("Received new best btc block", zap.Int32("height", blockEpoch.Height)) // get full BTC block diff --git a/btcstaking-tracker/btcslasher/slasher_utils.go b/btcstaking-tracker/btcslasher/slasher_utils.go index 2571bd0f..d3734c06 100644 --- a/btcstaking-tracker/btcslasher/slasher_utils.go +++ b/btcstaking-tracker/btcslasher/slasher_utils.go @@ -214,6 +214,10 @@ func BuildUnbondingSlashingTxWithWitness( return nil, fmt.Errorf("failed to convert covenant pks to BTC pks: %v", err) } + if d.UnbondingTime > uint32(^uint16(0)) { + panic(fmt.Errorf("unbondingTime (%d) exceeds maximum for uint16", d.UnbondingTime)) + } + // get unbonding info unbondingInfo, err := btcstaking.BuildUnbondingInfo( d.BtcPk.MustToBTCPK(), @@ -322,6 +326,7 @@ func BuildSlashingTxWithWitness( } // get staking info + // #nosec G115 -- performed the conversion check above stakingInfo, err := btcstaking.BuildStakingInfo( d.BtcPk.MustToBTCPK(), fpBtcPkList, diff --git a/btcstaking-tracker/stakingeventwatcher/stakingeventwatcher.go b/btcstaking-tracker/stakingeventwatcher/stakingeventwatcher.go index 295e26f4..7272d351 100644 --- a/btcstaking-tracker/stakingeventwatcher/stakingeventwatcher.go +++ b/btcstaking-tracker/stakingeventwatcher/stakingeventwatcher.go @@ -119,6 +119,9 @@ func (sew *StakingEventWatcher) Start() error { // we registered for notifications with `nil` so we should receive best block immediately select { case block := <-blockEventNotifier.Epochs: + if block.Height < 0 { + panic(fmt.Errorf("received negative block height: %d", block.Height)) + } sew.currentBestBlockHeight.Store(uint32(block.Height)) case <-sew.quit: startErr = errors.New("watcher quit before finishing start") @@ -158,6 +161,9 @@ func (sew *StakingEventWatcher) handleNewBlocks(blockNotifier *notifier.BlockEpo if !ok { return } + if block.Height < 0 { + panic(fmt.Errorf("received negative block height: %d", block.Height)) + } sew.currentBestBlockHeight.Store(uint32(block.Height)) sew.logger.Debugf("Received new best btc block: %d", block.Height) case <-sew.quit: