Skip to content

task: replace unwrap() calls in genesis state decoding (PM-20204)#766

Open
m2ux wants to merge 6 commits intomainfrom
task/PM-20204-node-panic-on-startup
Open

task: replace unwrap() calls in genesis state decoding (PM-20204)#766
m2ux wants to merge 6 commits intomainfrom
task/PM-20204-node-panic-on-startup

Conversation

@m2ux
Copy link
Contributor

@m2ux m2ux commented Feb 24, 2026
edited by atlassian bot
Loading

Overview

Replace three unwrap() calls in run_node genesis state decoding with a decode_genesis_state helper that returns typed errors via sc_cli::Error::Input. This prevents the node from panicking on startup when the chain spec contains a missing, non-string, or invalid-hex genesis_state property. Adds a 256 MiB size guard against adversarial chain specs.

Addresses Least Authority audit finding Issue M (High severity).

🎫 PM-20204 📐 Engineering

Changes

  • node/src/command.rs — Extract decode_genesis_state function from inline unwrap() chain in run_node. Returns sc_cli::Result<Vec<u8>> with descriptive Error::Input messages for each failure mode (missing key, non-string value, invalid hex, oversized payload). Matches the existing error handling pattern used for seed file loading in the same module.
  • Tests — 5 unit tests covering: valid hex roundtrip, empty hex edge case, missing key, non-string value, invalid hex.
  • Changelogchanges/changed/fix-genesis-state-decode-panic.md

🗹 TODO before merging

  • Ready

📌 Submission Checklist

  • Changes are backward-compatible (or flagged if breaking)
  • Pull request description explains why the change is needed
  • Self-reviewed the diff
  • I have included a change file, or skipped for this reason:
  • If the changes introduce a new feature, I have bumped the node minor version
  • Update documentation (if relevant)
  • Updated AGENTS.md if build commands, architecture, or workflows changed
  • No new todos introduced

🧪 Testing Evidence

5 new unit tests for decode_genesis_state added to node/src/command.rs:

running 9 tests
test command::tests::decode_genesis_state_invalid_hex ... ok
test command::tests::decode_genesis_state_missing_key ... ok
test command::tests::decode_genesis_state_empty_hex ... ok
test command::tests::decode_genesis_state_non_string_value ... ok
test command::tests::decode_genesis_state_valid_hex ... ok
test cfg::tests::assert_no_ignored_defaults ... ok
test cfg::tests::assert_no_ignored_cfg_presets ... ok
test cfg::tests::dev_cfg_preset_deserializes_without_errors ... ok
test cfg::tests::load_all_presets ... ok

test result: ok. 9 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out

Validation: cargo clippy -p midnight-node -- -D warnings (0 warnings), cargo fmt -- --check (clean).

  • Additional tests are provided (if possible)

🔱 Fork Strategy

  • Node Runtime Update
  • Node Client Update
  • Other:
  • N/A

Links

@m2ux @cursoragent
chore: initialize work package for PM-20204
8511c6f 
Audit finding Issue M: Node can panic on startup due to unwrap()
calls in genesis state decoding (node/src/command.rs).

Co-authored-by: Cursor <cursoragent@cursor.com>
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026

kics-logo

KICS version: v2.1.16

Category Results
CRITICAL CRITICAL 0
HIGH HIGH 0
MEDIUM MEDIUM 96
LOW LOW 12
INFO INFO 83
TRACE TRACE 0
TOTAL TOTAL 191
Metric Values
Files scanned placeholder 31
Files parsed placeholder 31
Files failed to scan placeholder 0
Total executed queries placeholder 73
Queries failed to execute placeholder 0
Execution time placeholder 9

m2ux and others added 4 commits February 24, 2026 16:15
@m2ux @cursoragent
fix: replace unwrap() panics in genesis state decoding with error pro…
5c9bcff 
…pagation

Extract `decode_genesis_state` function from `run_node` to replace three
chained unwrap() calls that panic when chain spec properties contain
missing, non-string, or malformed hex genesis_state values.

- Return typed sc_cli::Error::Input with descriptive messages
- Add 256 MiB upper bound validation on decoded genesis state size
- Add 7 unit tests covering all error paths and boundary conditions

Resolves: PM-20204 (Least Authority audit Issue M)
Co-authored-by: Cursor <cursoragent@cursor.com>
@m2ux
Merge branch 'main' of https://github.com/midnightntwrk/midnight-node
a57ad65 
…into task/PM-20204-node-panic-on-startup
@m2ux @cursoragent
chore: add change file for PM-20204 genesis state decode fix
d8e1bc5 
Co-authored-by: Cursor <cursoragent@cursor.com>
@m2ux @cursoragent
test: remove memory-heavy size boundary tests
96da8ec 
Drop decode_genesis_state_oversized and decode_genesis_state_at_size_limit
tests that each allocated ~512 MiB to verify a trivial integer comparison.
The size guard remains in the implementation; the five remaining tests cover
all three error paths, the happy path, and the empty-input edge case.

Co-authored-by: Cursor <cursoragent@cursor.com>
@m2ux m2ux marked this pull request as ready for review February 24, 2026 17:59
@m2ux m2ux requested a review from a team as a code owner February 24, 2026 17:59
@gilescope gilescope assigned gilescope and unassigned gilescope and m2ux Feb 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@gilescope gilescope

Labels

release:node-0.22.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@m2ux @gilescope