Description
Multiple catch blocks across the EVM and SVM facilitator code silently swallow errors, allowing invalid transactions to proceed to settlement where they fail and waste gas.
Affected Locations
- eip3009.ts (~line 195-197): Balance check — bare
catch {}, balance validation silently skipped
- permit2.ts (~line 194-196): Allowance check — bare
catch {}, allowance validation silently skipped
- permit2.ts (~line 215-217): Balance check — same issue
- eip3009.ts (~line 104-148): Signature verification — bare
catch, assumes all failures are undeployed smart wallets
- SVM scheme.ts (~line 251-257): ATA lookup — all errors return generic "recipient_mismatch"
Impact
- Transactions that would fail at settlement pass verification, wasting gas
- Root causes of failures are invisible — no logs, no error codes
- Debugging production issues becomes extremely difficult
- Network errors, RPC timeouts, and real validation failures are indistinguishable
Fix
- Log the caught error with context before continuing
- Return specific error codes for different failure modes
- For truly non-fatal catches, document why the error is safe to ignore and log at warn level
- Consider retrying transient failures (RPC timeouts) before giving up
Description
Multiple catch blocks across the EVM and SVM facilitator code silently swallow errors, allowing invalid transactions to proceed to settlement where they fail and waste gas.
Affected Locations
catch {}, balance validation silently skippedcatch {}, allowance validation silently skippedcatch, assumes all failures are undeployed smart walletsImpact
Fix