ethereumjs 代码漏洞怎么修复
问题描述
在下面附片断,如果传递的十进制数到FeeMarketEIP1559Transaction构造函数不抛出任何错误,但会改变默默的值,这可以作为最后的有效载荷非常危险的,当在浏览器环境转换然33974229950.550003- >35624562130324685这是一个比最初通过的数字大得多,从而提高了天然气价格。
const ethereumJsTx = require('@ethereumjs/tx') // "@ethereumjs/tx": "^3.3.0",
const decimal_gas_fee = 33974229950.550003
const base_fee = 5 * 10 ** 9
const rawTx = {
maxPriorityFeePerGas: decimal_gas_fee,
maxFeePerGas: decimal_gas_fee + base_fee,
chainId: 1,
nonce: 0,
gasPrice: null,
gasLimit: 144000,
to: '0x0000000000000000000000000000000000000000',
value: 0,
data: []
}
const tx = ethereumJsTx.FeeMarketEIP1559Transaction.fromTxData(rawTx)
// Browser environment
// maxFeePerGas: 45061746130324685, maxPriorityFeePerGas: 35624562130324685
// Node.js environment
// maxFeePerGas: 2123389402, maxPriorityFeePerGas: 2123389402
console.log(tx.maxFeePerGas.toString(), tx.maxPriorityFeePerGas.toString())
回复区
扫地僧
2021-09-29 22:05:11
官方这两天会修复的,等着就行了
回答