Bug Description
State.verify_transaction_logic() and State.validate_and_apply() do not validate that tx.fee is non-negative before calculating the transaction cost.
As a result, a transaction with a negative fee (e.g. fee = -1000, amount = 0) is accepted, causing total_cost to become negative. When the transaction is applied, the sender's balance increases instead of decreasing because a negative value is subtracted from the balance.
I reproduced this locally on the current codebase: a transaction with amount = 0 and fee = -1000 was accepted successfully, increasing the sender's balance from 10 to 1010. This allows arbitrary balance inflation through invalid transactions.
Steps to Reproduce
-
Create an account with a positive balance (e.g., 10 coins).
-
Construct and sign a transaction with:
amount = 0
fee = -1000
a valid nonce
a valid chain_id
-
Submit the transaction through State.validate_and_apply().
-
Observe that the transaction succeeds and the sender's balance increases instead of remaining unchanged.
Logs and Screenshots
Environment Details
OS: macOS
Python Version: 3.12.13
Virtual Environment: Python venv (.venv)
Project: MiniChain (latest main branch)
Execution Method: Local reproduction using a minimal Python PoC invoking State.validate_and_apply()
Impact
High - Major feature is broken
Code of Conduct
Bug Description
State.verify_transaction_logic() and State.validate_and_apply() do not validate that tx.fee is non-negative before calculating the transaction cost.
As a result, a transaction with a negative fee (e.g. fee = -1000, amount = 0) is accepted, causing total_cost to become negative. When the transaction is applied, the sender's balance increases instead of decreasing because a negative value is subtracted from the balance.
I reproduced this locally on the current codebase: a transaction with amount = 0 and fee = -1000 was accepted successfully, increasing the sender's balance from 10 to 1010. This allows arbitrary balance inflation through invalid transactions.
Steps to Reproduce
Create an account with a positive balance (e.g., 10 coins).
Construct and sign a transaction with:
amount = 0
fee = -1000
a valid nonce
a valid chain_id
Submit the transaction through State.validate_and_apply().
Observe that the transaction succeeds and the sender's balance increases instead of remaining unchanged.
Logs and Screenshots
Environment Details
OS: macOS
Python Version: 3.12.13
Virtual Environment: Python venv (.venv)
Project: MiniChain (latest main branch)
Execution Method: Local reproduction using a minimal Python PoC invoking State.validate_and_apply()
Impact
High - Major feature is broken
Code of Conduct