As currently written, the stake account tests do not include any assertions if the state is not initialized or stake:
const assertions: StakeAccountAssertion[] = [];
if (
simulatedAccount.accountType === 'initialized' ||
simulatedAccount.accountType === 'stake'
) {
// add assertions
}
let builder = assertStakeAccountMulti(umi, {
targetAccount: publicKey(simulatedAccount.address),
logLevel,
assertions,
});Assuming a sophisticated attacker can control the simulation result, they could provide a state that is not one of these. The actual transaction could then steal eg the withdraw authority, which there would be no assertion for.
I think we should protect against this by asserting the state is as expected from the simulation result, failing the transaction if the stake account is put into an unexpected state.
As currently written, the stake account tests do not include any assertions if the state is not
initializedorstake:Assuming a sophisticated attacker can control the simulation result, they could provide a state that is not one of these. The actual transaction could then steal eg the withdraw authority, which there would be no assertion for.
I think we should protect against this by asserting the state is as expected from the simulation result, failing the transaction if the stake account is put into an unexpected state.