Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: add integrity protection for all messages #957

Merged
merged 20 commits into from
Dec 2, 2024
Merged

fix: add integrity protection for all messages #957

merged 20 commits into from
Dec 2, 2024

Conversation

djordon
Copy link
Collaborator

@djordon djordon commented Nov 26, 2024
edited
Loading

Description

Closes #517.

Changes

  • Remove the digest field from the StacksTransactionSignRequest. It was always unnecessary.
  • Sign messages through the protobuf encoding instead of through the wsts::net::Signable trait.
  • Change SignEcdsa::sign_ecdsa to be infallible.
  • Remove unnecessary Serialize/Deserialize implementations.

Testing Information

This is a refactor, so we should be good here.

Checklist:

  • I have performed a self-review of my code

@djordon djordon added the flagged by AR Issue / bug / suggestion filed by Asymmetric Research label Nov 26, 2024
@djordon djordon self-assigned this Nov 26, 2024
@djordon djordon force-pushed the 517-add-integrity-protection-for-all-messages branch from 295735b to 98c1d84 Compare November 26, 2024 20:38
@djordon djordon changed the base branch from feat/use-proto-serialization to main November 26, 2024 20:39
@aldur aldur marked this pull request as draft November 28, 2024 16:21
@aldur
Copy link
Collaborator

aldur commented Nov 28, 2024

As instructed, marked as draft to avoid merging it early.

@matteojug matteojug mentioned this pull request Nov 29, 2024
Merged
@djordon djordon mentioned this pull request Nov 30, 2024
Closed
2 tasks
@djordon djordon marked this pull request as ready for review December 1, 2024 13:22
@matteojug matteojug mentioned this pull request Dec 1, 2024
Open
matteojug
matteojug approved these changes Dec 1, 2024
View reviewed changes
Copy link
Collaborator

@matteojug matteojug left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving as we are relying on prost being deterministic enough. Opened #1001 as a followup to ensure we checked all the types.

signer/src/ecdsa.rs Outdated Show resolved Hide resolved
@djordon djordon merged commit 0dd15d3 into main Dec 2, 2024
4 checks passed
@djordon djordon deleted the 517-add-integrity-protection-for-all-messages branch December 2, 2024 00:05
@cylewitruk cylewitruk added the breaking-protocol Breaking protocol changes label Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matteojug matteojug matteojug approved these changes

@xoloki xoloki Awaiting requested review from xoloki

@Jiloc Jiloc Awaiting requested review from Jiloc

@cylewitruk cylewitruk Awaiting requested review from cylewitruk

Assignees

@djordon djordon

Labels
breaking-protocol Breaking protocol changes flagged by AR Issue / bug / suggestion filed by Asymmetric Research
Projects
sBTC
Status: Done
Milestone
sBTC: Deposits, release candidate
Development

Successfully merging this pull request may close these issues.

[Feature]: Missing integrity protection for Stacks transactions issued by signer
4 participants
@djordon @aldur @matteojug @cylewitruk