Overview
Found while looking into offchain-messages as part of the signOffchainMessage feature. We've decided to make that only support v1 transactions, so I'm just opening this as a bug. Doesn't block that feature because v1 doesn't enforce a max size in the spec.
Description of bug
The checks for max size in eg
|
export function assertIsOffchainMessageContentRestrictedAsciiOf1232BytesMax(putativeContent: { |
have checks like:
const length = getUtf8Encoder().getSizeFromValue(putativeContent.text);
if (length > MAX_BODY_BYTES_HARDWARE_WALLET_SIGNABLE)
That is, they are only checking the length of the text content against the maximum.
The offchain message spec specifies size limits as "Combined length of the message preamble and message body"
The kit functions should throw if the size of the text is smaller than the limit, but the size of the text + preamble is larger than the limit. This is not currently the case.
Overview
Found while looking into offchain-messages as part of the signOffchainMessage feature. We've decided to make that only support v1 transactions, so I'm just opening this as a bug. Doesn't block that feature because v1 doesn't enforce a max size in the spec.
Description of bug
The checks for max size in eg
kit/packages/offchain-messages/src/content.ts
Line 74 in d32d88c
That is, they are only checking the length of the text content against the maximum.
The offchain message spec specifies size limits as "Combined length of the message preamble and message body"
The kit functions should throw if the size of the text is smaller than the limit, but the size of the text + preamble is larger than the limit. This is not currently the case.