Conference Talk Breakpoint 23

Breakpoint 2023: Simulation of Transaction Limitation

By Solana 🧭 Compass Nov 09, 2023 5 min read

Exploring the intricacies and future developments in the field of cryptocurrency transaction simulations and limitations

The notes below are AI generated and may not be 100% accurate. Watch the video to be sure!

Note: these notes were generated by AI to help surface more Solana content

Summary

In the rapidly evolving world of cryptocurrency, "Breakpoint 2023: Simulation of Transaction Limitation" provides valuable insights into the subtleties of transaction simulation within the wallet ecosystem—a key aspect that often doesn't receive enough attention. Anvit Mangal, a Developer Experience Engineer at Phantom, highlights the role of transaction simulation in helping users understand asset transfers and potential vulnerabilities. While diving into the types of signatures on Solana, Mangal stresses that existing methods pose security risks and need to be replaced with more secure alternatives. He introduces 'sign and send all transactions', a collaborative effort between multiple companies, aiming to improve the security of transactions within the ecosystem. This evolution is not just a technical upgrade but signifies a commitment to user safety and trust in financial technologies.

Key Points:

Transaction Simulation

Transaction simulation serves a crucial role for users by clarifying which assets are moving in and out of their wallets and pointing out potential vulnerabilities. When users are about to approve a transaction, indicators such as red or yellow boxes can highlight the risks involved, offering a preemptive warning system. This is essential in an ecosystem that can sometimes be opaque and challenging for users to understand, especially regarding the mechanics and consequences of their actions on the blockchain.

Durable Nonsense and Its Risks

The concept of durable nonsense—allowing a transaction to be signed and then sent at any future time—poses distinct security threats. Anvit Mangal explains that if a user signs a durable transaction, there is a risk of malicious actors exploiting the signed transaction, altering its parameters, and potentially redirecting funds. While wallets can notify users of the risks associated with durable transactions, there is no foolproof method to simulate or prevent potential future attacks.

Improving Security Through Method Deprecation

Mangal suggests that the path forward lies in the deprecation of sign-only methods like 'sign transaction' and 'sign-all transactions'. He draws a parallel to the Ethereum community's previous shift, where they phased out the 'eth_sign'. This crucial move toward deprecation is geared towards enhancing security and trust in the ecosystem, acknowledging the risks present in older methods and working proactively to address them.

Introducing Signed and Send All Transactions

Offering a solution, Mangal introduces 'sign and send all transactions', an in-development method that would enable safer transaction processes. This new method mitigates risk by ensuring that the wallet, rather than the dapp, is responsible for sending the signed transactions to the blockchain. Not only does it streamline the process but it also considerably reduces the risk of transactions being intercepted and manipulated by malicious parties.

Facts + Figures

Anvit Mangal works as a Developer Experience Engineer at Phantom, focused on improving the developer experience with Solana.
Transaction simulation is indispensable for allowing users to understand asset transfers and recognize potential security vulnerabilities.
Solana provides two main methods for authorizing transactions: block hash with forced mortality and durable nonsense which allows any-time submission post-signing.
Durable transactions are exposed to potential tampering by malicious attackers who could redirect funds.
Wallets can detect the use of durable transactions and warn users but cannot simulate future potential attacks accurately.
Both durable transactions and normal transactions using sign-only methods are prone to security risks.
The recommended resolution is to deprecate the sign-only transaction methods over time.
Phantom is spearheading the effort to create a 'sign and send all transactions' method, with collaboration from Solana Labs, Blowfish, and others.
The new method's tentative spec includes an array of transactions as input and an array of signatures or strings as output, possibly with error messages.
It's essential for wallets to confirm transactions before returning signatures to ensure security.

Top quotes

"Transaction simulation is not only useful for users to understand what assets are being transferred to and from their wallets, but it also helps them understand what kind of vulnerabilities they are exposed to."
"So durable nonsense is very interesting. After you sign a transaction, you can send them at any time in the future as you want."
"Once the user signs a transaction, a durable transaction, a malicious attacker can potentially alter the bits."
"Currently, most wallets in the ecosystem already show these warnings for durable transactions."
"The only safe way to resolve this issue is deprecation of sign-only methods."
"Introducing sign and send all transactions...this is being currently specked out by Phantom and by other wallets with the help of Solana Labs, Blowfish, Jito."
"If you're a Dapp using sign-only methods, we recommend migrating to send also methods."

Questions Answered

What is a transaction simulation?

A transaction simulation allows users to see a preview of a transaction before finalizing it, outlining the assets being transferred and highlighting any potential security risks it may entail.

Why is transaction simulation important?

Transaction simulation is important because it provides users with the opportunity to review and understand the details of their transactions, helping to prevent unintentional transfers or exposure to vulnerabilities.

What are durable nonsense transactions?

Durable nonsense transactions are signed transactions in the Solana ecosystem that can be submitted at any future point, unlike transactions locked to a block hash with time constraints.

Why is the deprecation of sign-only methods being recommended?

The deprecation of sign-only methods is recommended because it significantly reduces the risk of transactions being altered by a malicious party between the signing and sending phases.

What is the 'sign and send all transactions' method?

The 'sign and send all transactions' method is a new approach that aims to enhance security by allowing the wallet to handle the submission of transactions after user approval. It prevents dapps from potentially tampering with signed transactions.

How does the proposed 'sign and send all transactions' method improve security?

This method improves security because it shifts the responsibility of sending the transaction to the blockchain from the dapp to the wallet, minimizing the chance of interception and malicious alteration.

Back to Learn