Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bypassable limits #25

Open
adria0 opened this issue Apr 26, 2017 · 2 comments
Open

Bypassable limits #25

adria0 opened this issue Apr 26, 2017 · 2 comments

Comments

@adria0
Copy link

adria0 commented Apr 26, 2017
edited
Loading

A malicius administrador is able to create n vaultcontroller childs under his control.
Since each child has the same limits as the parent controller, the effective total limits for this malicius administrador is n*_dailyAmountLimit n*_dailyTxnLimit n*_txnAmountLimit

initializeChildVault should check that the sum of the limits for the current childres does not exceed the parent limits.

setChildVaultLimits/setVaultLimits should also propagate total limits.
@jbaylina
Copy link
Contributor

Each vault has his limits. But we need to talk about this..

@GriffGreen
Copy link
Member

That is a very interesting potential scam.

I think there should be a daily limit on topUpVault()to prevent this at the source

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jbaylina @adria0 @GriffGreen