Sommelier Protocol Team Weekly Update #3
Welcome to the weekly Protocol team update on the Sommelier protocol upgrades! This is the third week of the Informal's audit and the team's delivery of upgrades to the Sommelier Gravity Bridge.
INFORMAL’S AUDIT ON THE GRAVITY BRIDGE: UNSAFE ERROR HANDLING IN THE ORCHESTRATOR
The orchestrator is a single binary that combines the Eth Signer, Oracle, and Relayer for ease of use by the Validator Operator. One issue that surfaced from Informal’s audit is handling of unsafe error in the Orchestrator.
Since the Orchestrator is built with Rust, there’s constant use of panic causing statements like unwrap(), panic!(), assert(), assert_eq(), and expect() for error handling. Although these methods are safe in most cases, there are some cases where it is not safe. For instance, the network errors or misbehavior/bugs in other Gravity Bridge components can invalidate these error handling statements, causing a panic.
The auditor classified into three categories some cases where panic causing statements can be invalidated. Let’s take a look at these categories and how the Sommelier protocol team resolved them.
Assertions that depend on other Gravity Bridge components
Assertions on components that depend on other components can be unsafe. For example, it is difficult to determine if the assertions are valid or invalid. These assertions will only be valid if the other bridge components behave correctly.
An example is an assertion to ensure that validator signature is valid. If there’s a bug that returns an invalid signature or a malicious validator attaches an invalid signature, this assertion will be invalid. To handle this better, the Sommelier protocol team has made sure that error from an invalid validator signature won’t cause a panic that’ll stop the other processes depending on it. Another case is a bug causing the invalidation of the assertion between the Cosmos valset nonce and Ethereum valset nonce causing a panic which can lead to validator slashing. The Sommelier protocol team has successfully put a medium in place to handle all of these errors safely.
Assertions in the initialization phases or in the client code
This is the second category where panic causing statements can be invalidated. Assertions in the initialization phase of a process or in the client side can throw an invalid panic.
For instance, while trying to get balance of a Cosmos address, a panic can occur due to error connection errors. Since this code is in the client side, a panic can cause the halting of the orchestrator and may lead to a panic occurs a long time after the Orchestrator has been started.
Vacuously true assertions
Although this third category has little or no effects on validator slashing or halting of the Orchestrator, it tries to keep the codebase clean and easy to manage.
For instance Vacuously true assertions are guaranteed to be safe due to the code structure. Keeping them in the codebase makes it difficult to inspect codes as developers spend time on false positives. The Sommelier protocol team has successfully removed vacuously true assertions from the gravity bridge to make managing the bridge easy.
To learn more about Sommelier, please visit https://sommelier.finance/
To use Sommelier, try the Pairings App at https://app.sommelier.finance/
To participate in the community, please join the Telegram group https://t.me/getsomm.
To follow the project on Github, please star the project https://github.com/PeggyJV/sommelier.
More articles
Is Speculation Killing Crypto’s Future?
Sommelier's Path Forward: Embracing Revenue Over Narrative
Sommelier January Update
Sommelier Upgrades Cellar Architecture to Enable the Most Powerful DeFi Strategies in the Market
Real Yield USD is Coming to Maximize Stablecoin Yield
Retrospective on 2022 and the Journey Ahead
FAQ - Patache Digital’s Steady Strategies
Patache Digital: Risk Management Discussion
Strategy Deep Dive: Patache Digital
Strategy Provider Spotlight: Patache Digital
User Guide: How to Participate in Strategies on Sommelier
Sommelier Ambassador Program
Strategy Tokens: What Are They and How Do They Work?
6 Core Principles of Sommelier
10/10/22 - Deep Dive on Cleargate Backtesting
Strategy Provider Spotlight: Seven Seas
Deep Dive on Trend and Momentum Strategies
Strategy Provider Spotlight: ClearGate
Supporting Strategy Providers on Sommelier
Sommelier Protocol Team Weekly Update #11
ELI-5 Explanation of the Data Science behind Sommelier’s First Aave Cellar
Sommelier Protocol Team Weekly Update #10
The Data Science Behind Sommelier’s First Aave Cellar
Sommelier Protocol Design Documents
Sommelier Protocol Team Weekly Update #9
Sommelier Protocol Team Weekly Update #8
Sommelier Protocol Team Weekly Update #7
Twitter Spaces With Sommelier: How to Launch a Cellar on Sommelier
Twitter Spaces With Sommelier: Protocol Upgrade and Community Update
Sommelier Protocol Team Weekly Update #4
Sommelier Protocol Team Weekly Update #6
Twitter Spaces With Sommelier: SOMM Airdrop Proposal Data Analysis
Twitter Spaces With Sommelier: Community Update on the First Cellars to Launch
Twitter Spaces With Sommelier: Exploring NFT Cellars
Sommelier Protocol Team Weekly Update #1
Sommelier Protocol Team Weekly Update #2
Sommelier Protocol Team Weekly Update #3
Three Things You Need to Know About Sommelier Governance This Week
Sommelier On the Road: PROOF OF…REPUTATION
Introducing Ukpai Ugochi - Working on The Sommelier Cellars Rebalancer
Sommelier Announces 23MM Series A Mainnet Round to launch Automated DeFi via the Cosmos
Twitter Spaces With Sommelier: Mainnet Launch & Gravity Bridge
Twitter Spaces With Sommelier: Introducing SOMM Tokenomics
Twitter Spaces With Sommelier: Mysten Labs AMA With Evan Cheng
Introducing SIPS and Sommelier’s Governance Structure
Twitter Spaces With Sommelier: End of Year AMA 2021
Twitter Spaces With Sommelier: Intro to SIPS & Lisbon Blockchain Week
Twitter Spaces With the Sommeliers: Mainnet Update and Governance Launch
Sommelier Partners With Mysten Labs to Make Sommelier and All Cosmos Blockchains the Fastest Protocols on the Planet
Twitter Spaces With the Sommeliers: Sushi AMA With Joseph Delong
Introducing the Sommelier Network Mainnet and Ethereum Gravity Bridge
The Top Five Features of the Sommelier Protocol
Call for Validators: The Two Step Process for 2021
Two New Features Launched to Test Liquidity Management on Uniswap v3
Uniswap v3 Remove Smart Contract Incident Post Mortem for Sommelier
Call for Validators: Road to Sommelier Mainnet
Sommelier Liquidity AMA With Yenwen and Nick From Perpetual Protocol
Sommelier Liquidity AMA With Tascha Pan From Alpha Finance
Sommelier Liquidity AMA With Loi Luu From Kyber Network
Sommelier Liquidity AMA With Alex From Peanut
Sommelier Liquidity AMA With JP From THORChain
Sommelier Liquidity AMA With Alan Chiu From OMGX Network
Sommelier Liquidity AMA With Ari From Gelato Network
Sommelier Liquidity AMA With Sunny Aggarwal From Osmosis
A Fine Sommelier Explanation of Bollinger Bands With Kevin Kennis
Sommelier Liquidity AMA With Mona El Isa From Enzyme
Sommelier Liquidity AMA With Haxor From Method Finance
Sommelier Liquidity AMA With Tor From Secret Network
Liquidity Provider Insights With Zaki Manian - Ep. 7 - DeFi Automation Space on Uniswap v3 and Where Sommelier’s Heading
Sommelier Liquidity AMA With Geralt From CyberFi
A Pairings Tutorial of Two Sided Liquidity Addition with Sommelier
Liquidity Provider Insights with Zaki Manian - Ep. 6 - Liquidity Providers Need to Gear Up for a Multi-Chain World
Three New Summer Features for Liquidity Providers
Sommelier Liquidity AMA with Tom C and Max W from Charm
Sommelier Liquidity AMA with Dereek69 & Shalaquiana from BIOPset
Sommelier This Week - June 3rd 2021: The Road to Mainnet
Sommelier Liquidity AMA with Federico Landini from DefiLab
Sommelier Liquidity AMA with Michael Egorov from Curve
Liquidity Provider Insights with Zaki Manian - Ep. 5 - A Bright Light at the End of a Long, Tough Weekend for Bitcoin
Sommelier This Week - May 27th 2021: What Aspiring Sommelier Validators Need to Know on Last Week’s Protocol and App Progress
Liquidity Provider Insights with Zaki Manian (Special Edition) - Ep. 4 - New Pairings Release
Sommelier R&D AMA With Yaniv Tal From the Graph
Sommelier Liquidity AMA with MacLane Wilkison from NuCypher
The Eight Steps to Become a Liquidity Provider with Pairings
Sommelier NFT Awards - May 18th, 2021
Pairings By Sommelier: The FAQ
Zaki Manian Breaks Down What Liquidity Providers Need to Know Under Uniswap v3
Sommelier This Week - May 6th 2021: How This Week’s Protocol and App Progress Weaves Together to Make a Product
Sommelier Liquidity AMA with Dan Thomson from InsurAce
Sommelier This Week - April 29th 2021: Weeks Away From a Taste of the Sommelier App Experience and How the Dev Team Stays on Track
Zaki Manian Breaks Down a Phase Change Liquidity Providers Need to Know About Automated Market Makers
Introducing Jehan Tremback: Sommelier Core Developer and Althea Co-Founder that pushes the Limits of the Blockchain Bridge with Gravity
Sommelier This Week - April 22nd 2021: An Inside Look at Progress on Coordinating Sommelier Components That Contribute to the Chain
Sommelier This Week - April 15th 2021: Providing a Best-in-Class Experience for Uniswap Liquidity Providers
Sommelier Announces $1M R&D Grant from The Graph Foundation
Introducing LP Rewards: This Week With Cellframe
Introducing Deborah Simpier: Althea CEO and Sommelier Co-Founder Who Brought the Gravity Bridge to Life in The Cosmos
Sommelier This Week - April 8th 2021: What Uniswap v3 Means For Sommelier Architecture and Validators
Introducing Sommelier LP Rewards Program
Sommelier This Week - April 1st 2021: Gravity Bridge and Private Testnets
Blockchain startup decides to acquire a California winery and host NFT wine parties
Introducing Justin Kilpatrick: The Blockchain Bridge Wizard Who Maintains Gravity
Five Ways UniswapV3 changes the world for Liquidity Providers on the AMM
Introducing Jack Zampolin: On Becoming A Sommelier in The Cosmos
Sommelier: Welcome To The New CoProcessor For Ethereum
© 2024 Somm by Bajanss OÜ –Maakri 36-50, Tallinn, Estonia 10145