Add documentation for audit #645
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎ |
| // other Pyth contracts that may live on the same chain). | ||
| if instruction.module != GovernanceModule::Target { | ||
| return Err(PythContractError::InvalidGovernancePayload)?; | ||
| } |
There was a problem hiding this comment.
this is the one check that moved. we used to fail to deserialize governance instructions if they pointed to the other module, which doesn't really make sense.
There was a problem hiding this comment.
what do you mean by other Pyth contracts that may live on the same chain?
is the intention here the generated governance vaa should only run in target chain contract? Was there a problem we faced or is it something we can face in future.
There was a problem hiding this comment.
good question. The governance message format encompasses all Pyth contracts, and this sort of target chain receiver contract is only one such type. At the moment, we only have one other module (an executor contract on pythnet), but we could add more in the future.
Add some docs to each function to make like easier for our auditors.
I moved one
ifstatement as well because I couldn't find the check and got scared for a second. Turns out we just had it in a weird place. There's a test case for this check which passes before/after the change.