Skip to content

Error out if IBC signer is a payment address #4591

New issue
New issue
Open
#4593
Open
Error out if IBC signer is a payment address#4591
#4593
Labels
breaking:consensusConsensus breaking change that requires a hard-forkenhancementNew feature or request
@sug0

Description

@sug0
sug0
opened on Apr 21, 2025

Currently, we allow IBC transfers to target znam addresses. This allows some leakage of information about the identity of the target.

namada/crates/core/src/address.rs

Lines 409 to 425 in 733d6b0

impl TryFrom<&Signer> for Address {
type Error = DecodeError;
fn try_from(signer: &Signer) -> Result<Self> {
// The given address should be an address or payment address. When
// sending a token from a spending key, it has been already
// replaced with the MASP address.
Address::decode(signer.as_ref()).or(
match crate::masp::PaymentAddress::from_str(signer.as_ref()) {
Ok(_) => Ok(MASP),
Err(_) => Err(DecodeError::InvalidInnerEncoding(format!(
"Invalid address for IBC transfer: {signer}"
))),
},
)
}
}

We should modify the TryFrom to error out if the receiver is a znam1... address. All MASP IBC shieldings should target the MASP transparent address, instead. The error message should reflect this, suggesting the usage of the MASP address (as opposed to a payment address).

Metadata

Metadata

Assignees

No one assigned

    Labels

    breaking:consensusConsensus breaking change that requires a hard-forkenhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions