Reject EOA target in Solver helper to surface as simulation failure#4434
Open
squadgazzz wants to merge 2 commits into
Open
Reject EOA target in Solver helper to surface as simulation failure#4434squadgazzz wants to merge 2 commits into
squadgazzz wants to merge 2 commits into
Conversation
jmg-duarte
approved these changes
May 22, 2026
Contributor
jmg-duarte
left a comment
jmg-duarte
left a comment
There was a problem hiding this comment.
Doesn't this require a re-deploy for the solver contract?
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces a validation check in the Solver contract to ensure that the settleCallTarget contains code. This change prevents silent no-ops during EVM calls to Externally Owned Accounts (EOAs), which would otherwise break the expected balance array layout and simulation logic. The contract artifacts and generated Rust bindings have been updated accordingly. No critical issues were found.
Contributor
Author
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
The
Solversimulation helper (contracts/solidity/Solver.sol) calls the settle target via low-levelcall. EVMcallto an address with no code returns success with empty output, so when an order'smetadata.wrappers[0].addresspoints at an EOA (or any address without code),_executeAndMeasuresilently no-ops: the inner settle never runs, the pre/poststoreBalanceinteractions that record trader balances never execute, and the helper returns aqueriedBalancesarray with only the settlement-contract pre/post balances (length2Ninstead of the expected2N + 2).On the Rust side,
SettleOutput::from_swapblindly indexes that array and panics on the missing trader balance entries. PR #4432 adds the defensive bounds check on the Rust side. This PR addresses the root cause: reject EOA targets up front so the verifier produces a normalError::SimulationFailed(unverified quote) rather than a malformed response that downstream code has to defend against.Production wrappers (AAVE FlashLoanRouter, Euler open/close-position, etc.) always have code, so this check only fires for malformed or test-crafted appData.
Changes
require(settleCallTarget.code.length > 0, "settle target has no code")toSolver._executeAndMeasure.artifacts/Solver.jsonand thecow-contract-solverRust bindings viajust generate-contracts.How to test
Existing tests.
Related issues
Companion to #4432.