Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Radix>Threat Model>Actor operations
GeneralOverview
Findings
High (1)
Medium (2)
Low (2)
Informational (1)
DiscussionUnique Characteristics of Radix
Threat ModelWhat are threat models?1-native-blueprints
2-runtimeFlow: Linking of guest codeCostingObject operationsKey-value store operationsActor operationsUtility functions
3-transactions4-kernel
Audit ResultsAssessment Results

Actor operations

Actor field API

The Actor Field API provides operations for managing access to actor object fields, enabling controlled reading and writing of field data while maintaining state consistency and access control.

ACTOR_OPEN_FIELD

This opens a field on the current actor object for reading or writing.

fn open_field( &mut self, field_index: FieldIndex, ) -> Result;

It includes critical validations:

  1. Actor-context validation

    It ensures operation occurs within valid actor context.

    if self.get_actor().actor_type() != ActorType::Method { return Err(RuntimeError::SystemError(SystemError::InvalidActorContext)); }

  2. Field-index validation

    It validates the field index against the blueprint definition.

    let num_fields = self.get_blueprint_interface().state.num_fields(); if field_index >= num_fields { return Err(RuntimeError::SystemError(SystemError::InvalidFieldIndex)); }

  3. Duplicate open prevention

    It prevents opening already opened fields.

if self.is_field_opened(field_index) { return Err(RuntimeError::SystemError(SystemError::FieldAlreadyOpened)); }

FIELD_ENTRY_READ / FIELD_ENTRY_WRITE / FIELD_ENTRY_CLOSE

These operations manage field access after opening:

fn read_field(&mut self, handle: SubstateHandle) -> Result, E>; fn write_field(&mut self, handle: SubstateHandle, data: Vec) -> Result<(), E>; fn close_field(&mut self, handle: SubstateHandle) -> Result<(), E>;

The field operations perform the following validations and state management:

  1. Handle validation

    It verifies a handle corresponds to an opened field.

if !self.is_valid_handle(handle) { return Err(RuntimeError::SystemError(SystemError::InvalidHandle)); }

  1. Access control

    Read requires a field to be opened, write requires mutable access, and close releases a field lock.

match self.get_field_access_type(handle) { AccessType::ReadOnly if is_write => { return Err(RuntimeError::SystemError(SystemError::ReadOnlyField)); } _ => {} }

  1. State consistency

    It maintains field open/close state tracking.

self.opened_fields.remove(&handle); if self.opened_fields.is_empty() { self.clear_actor_state(); }

Actor information API

The Actor Information API provides methods to retrieve identity and contextual information about the currently executing actor, including its object ID, package address, and blueprint name.

ACTOR_GET_OBJECT_ID / ACTOR_GET_PACKAGE_ADDRESS / ACTOR_GET_BLUEPRINT_NAME

These methods provide identity information about the current actor:

fn get_object_id(&self) -> Result; fn get_package_address(&self) -> Result; fn get_blueprint_name(&self) -> Result;

These methods perform the following validations and access control checks:

  1. Context validation

    It ensures operations occur in valid actor context.

if !self.has_active_actor() { return Err(RuntimeError::SystemError(SystemError::NoActiveActor)); } ``` 2. **Information access control** Object ID access is restricted to method context, and package/blueprint info is available in function context. ```rs match self.get_actor_type() { ActorType::Method => Ok(self.get_current_object_id()), _ => Err(RuntimeError::SystemError(SystemError::InvalidActorType)) }

Actor event API

The Actor Event API enables actors to emit events during execution, providing a mechanism for tracking and logging important state changes or notifications with appropriate validation and size constraints.

ACTOR_EMIT_EVENT

This handles event emission from actors:

fn emit_event(&mut self, event_name: &str, event_data: Vec) -> Result<(), E>;

The event emission process includes the following validations and tracking:

  1. Event-schema validation

    It validates the event name and data format.

if !is_valid_event_name(event_name) { return Err(RuntimeError::SystemError(SystemError::InvalidEventName)); }

  1. Size limits

    It enforces size restrictions on event data.

if event_data.len() > MAX_EVENT_SIZE { return Err(RuntimeError::SystemError(SystemError::EventSizeExceeded)); }

  1. Context tracking

    It records the event in the system's event log with the current actor context.

self.event_log.push(Event { emitter: self.get_current_actor(), name: event_name.to_string(), data: event_data });
Zellic © 2025Back to top ↑