Skip to content

Disconnect two-way peg data at the connecting block height#95

Merged
Ash-L2L merged 2 commits into
LayerTwo-Labs:masterfrom
1440000bytes:fix-2wpd-disconnect-height
Jun 19, 2026
Merged

Disconnect two-way peg data at the connecting block height#95
Ash-L2L merged 2 commits into
LayerTwo-Labs:masterfrom
1440000bytes:fix-2wpd-disconnect-height

Conversation

@1440000bytes

@1440000bytes 1440000bytes commented Jun 18, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

disconnect_two_way_peg_data asserted that the most recent deposit_blocks record, withdrawal_bundle_event_blocks record and pending withdrawal-bundle status were stamped at block_height - 1 and gated the pending-bundle removal on block_height - last_failure > WITHDRAWAL_BUNDLE_FAILURE_GAP.

connect_two_way_peg_data stamps all of these at block_height and every other status assertion in disconnect already uses block_height. connect and disconnect of the same block run at the same height (connect_prevalidated_block bumps the height before connect_two_way_peg_data and disconnect_two_way_peg_data runs before disconnect_tip reverts it), so the block_height - 1 checks never matched.

As a result, disconnecting a sidechain block that applied a mainchain deposit or withdrawal-bundle event on a reorg panicked on the assertion and a pending bundle created by that block was never removed. This wedges a node on any mainchain reorg that orphans such a block. The off-by-one also underflowed at height 0.

Align the four checks with connect (block_height, >=). This also matches the existing disconnect status assertions. Add a regression test that connects a deposit and disconnects it through the real connect/disconnect paths.

Fuzzing logs

Assertion failure (reorg of a deposit block at height >= 1):

#48  NEW  cov: 871 ft: 1344 corp: 7/14b lim: 4 exec/s: 0 rss: 91Mb
thread '<unnamed>' panicked at lib/state/two_way_peg_data.rs:1097:20:
assertion `left == right` failed
  left: 0
 right: 1
==97316== ERROR: libFuzzer: deadly signal
SUMMARY: libFuzzer: deadly signal

Underflow variant (deposit in the first block, height 0), minimized input [65, 6, 10, 93]:

Running: fuzz/artifacts/twpd_reorg/crash-d4bd2cd642d9180ad4919e39be30c6efbc7cd8e7
thread '<unnamed>' panicked at lib/state/two_way_peg_data.rs:1097:20:
attempt to subtract with overflow
==97405== ERROR: libFuzzer: deadly signal
SUMMARY: libFuzzer: deadly signal
artifact_prefix='.../artifacts/twpd_reorg/';
Test unit written to .../crash-d4bd2cd642d9180ad4919e39be30c6efbc7cd8e7
Base64: QQYKXQ==

Ash-L2L
Ash-L2L approved these changes Jun 19, 2026
View reviewed changes

@Ash-L2L Ash-L2L left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@Ash-L2L Ash-L2L force-pushed the fix-2wpd-disconnect-height branch from 3af8b74 to 76d036a Compare June 19, 2026 09:09
@Ash-L2L Ash-L2L merged commit 8025881 into LayerTwo-Labs:master Jun 19, 2026
8 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Ash-L2L Ash-L2L Ash-L2L approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@1440000bytes @Ash-L2L