The VerifyTransfer function located at token/core/fabtoken/v1/transfer.go:184-188 was initially flagged as a critical
security issue because it returned nil without performing any verification. However, upon clarification from the
maintainer, this understanding was incorrect.
Key Points:
- VerifyTransfer is NOT the validator: This function is NOT executed by the token validator during transaction
processing. It is a local verification function that parties can optionally use to verify if a transfer action is
valid locally - primarily for debugging purposes.
- Actual validation happens elsewhere: The real on-chain validation is performed by these properly implemented
validator functions in token/core/fabtoken/v1/validator/:
- TransferActionValidate - Validates the transfer action structure
- TransferSignatureValidate - Validates signatures for inputs spent by an action
- TransferBalanceValidate - Checks that sum of inputs equals sum of outputs
- TransferHTLCValidate - Validates HTLC scripts if present
- Implementation status: The VerifyTransfer function has now been implemented , but this is a
"nice to have" feature for local verification - not a security-critical gap since the actual validation is handled by
the separate validator functions.
The VerifyTransfer function located at token/core/fabtoken/v1/transfer.go:184-188 was initially flagged as a critical
security issue because it returned nil without performing any verification. However, upon clarification from the
maintainer, this understanding was incorrect.
Key Points:
processing. It is a local verification function that parties can optionally use to verify if a transfer action is
valid locally - primarily for debugging purposes.
validator functions in token/core/fabtoken/v1/validator/:
- TransferActionValidate - Validates the transfer action structure
- TransferSignatureValidate - Validates signatures for inputs spent by an action
- TransferBalanceValidate - Checks that sum of inputs equals sum of outputs
- TransferHTLCValidate - Validates HTLC scripts if present
"nice to have" feature for local verification - not a security-critical gap since the actual validation is handled by
the separate validator functions.