Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Align recently added features with SDK v2 conventions #481

Merged
merged 13 commits into from
Feb 3, 2025
Merged

Align recently added features with SDK v2 conventions #481

merged 13 commits into from
Feb 3, 2025

Conversation

dzikowski
Copy link
Collaborator

No description provided.

@dzikowski
Align recently added features with SDK v2 conventions
de5ad18 
Signed-off-by: Jakub Dzikowski <[email protected]>
@dzikowski
Merge branch 'main' into refactor-v2
2b3a65a
@dzikowski
Add missing Type decorator
0236ff9 
Signed-off-by: Jakub Dzikowski <[email protected]>
@dzikowski
Merge remote-tracking branch 'origin/refactor-v2' into refactor-v2
f621116
@dzikowski
Refactor user profile and roles handling
512a715 
- Updated `BurnAndMintDto` to extend `SubmitCallDTO` instead of `ChainCallDTO`.
- Made `roles` in `UserProfile` optional and updated related types to ensure consistency.
- Changed `identityKey` in `ChainUserAPI` to use `UserAlias`.
- Adjusted user role handling in various tests and services to accommodate the new optional roles structure.
- Updated return types in `getUserProfile` functions to use `UserProfileWithRoles` for better type safety.

These changes enhance type safety and align the code with the latest SDK conventions.

Signed-off-by: Jakub Dzikowski <[email protected]>
@dzikowski
Keep .vscode/settings.json in .gitignore
b2ed610 
Signed-off-by: Jakub Dzikowski <[email protected]>
@dzikowski
Refactor DTOs to use SubmitCallDTO and improve user role handling
a8c7c57 
- Updated multiple DTOs (RequestTokenBridgeOutDto, OraclePriceCrossRateAssertionDto, OracleBridgeFeeAssertionDto) to extend SubmitCallDTO instead of ChainCallDTO
- Modified GalaTransaction authentication logic to handle default roles more flexibly
- Adjusted condition order in burnTokens function for better readability
- Removed unused import in validateMintRequest

These changes continue the ongoing refactoring to align with SDK v2 conventions and improve type safety.

Signed-off-by: Jakub Dzikowski <[email protected]>
@dzikowski
Add getCaIdentityAlias utility and update mint request handling
7529de0 
- Introduced new `getCaIdentityAlias` function to extract user identity from CA certificates
- Modified `fulfillMintRequest` to pass calling user explicitly
- Updated `constructVerifiedMints` to accept calling user as a parameter
- Refactored mint-related functions to improve user identity handling
- Removed direct context user access in some functions

This change improves the flexibility of user identity extraction and provides more explicit user context in mint-related operations.

Signed-off-by: Jakub Dzikowski <[email protected]>
dzikowski
dzikowski commented Feb 3, 2025
View reviewed changes
chain-api/src/types/mint.ts
@@ -484,3 +484,17 @@ export class FetchTokenMintConfigurationsResponse extends ChainCallDTO {
@IsString()
bookmark: string;
}

export class DeleteTokenMintConfigurationDto extends SubmitCallDTO {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is required to provide some additional dtos, since the default used (like TokenClassKey does not have uniqueKey defined)

dzikowski
dzikowski commented Feb 3, 2025
View reviewed changes
chaincode/src/contracts/GalaTransaction.ts
Comment on lines -183 to +196
// it means a request where authorization is not required. Intentionally misses alias field
ctx.callingUserData = { roles: [UserRole.EVALUATE] };
// it means a request where authorization is not required. If there is org-based authorization,
// default roles are applied. If not, then only evaluate is possible. Alias is intentionally
// missing.
const roles = !options.allowedOrgs?.length ? [UserRole.EVALUATE] : [...UserProfile.DEFAULT_ROLES];
ctx.callingUserData = { roles };
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's related with Fulfill* calls. If we use org-based authorization, we can make authorization less strict, and allow submit calls, even if no signature is provided

dzikowski
dzikowski commented Feb 3, 2025
View reviewed changes
chaincode/src/contracts/getCaIdentityAlias.ts
* Get the client's account ID from CA user identity. Not recommended for new code.
* @deprecated
*/
export function getCaIdentityAlias(ctx: Context): UserAlias {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also related with FulfillMint and similar calls. If mint is performed, it requires some user to check for allowances. For FullfillMint, we are going to provide a user alias that is derived from the CA user, as it was for SDK v1. Also this method was present in SDK v2 in a similar form.

@dzikowski dzikowski marked this pull request as ready for review February 3, 2025 16:19
@dzikowski
Improve mint request validation and user handling
5b13f61 
- Updated `fulfillMintRequest` to pass calling user explicitly
- Modified `validateMintRequest` to accept calling user as a parameter
- Removed an unnecessary test case in `fulfillMint.spec.ts`
- Updated signature methods in test files to remove redundant parameters
- Added fallback for generating signer public key in ChainCallDTO

These changes enhance user context handling and improve the flexibility of mint-related operations.

Signed-off-by: Jakub Dzikowski <[email protected]>
@dzikowski
Add validation to prevent mint request tampering
dc74c34 
- Implemented `validateMintRequestDtoMatchesOriginal` function to verify mint request integrity
- Added comprehensive field-level validation in `fulfillMintRequest`
- Created a new test case to verify protection against owner tampering
- Throws a `ValidationFailedError` if any mint request details are modified

This change enhances security by preventing unauthorized modifications to mint requests.

Signed-off-by: Jakub Dzikowski <[email protected]>
dzikowski
dzikowski commented Feb 3, 2025
View reviewed changes
chaincode/src/mint/fulfillMint.spec.ts
@@ -442,7 +442,7 @@ describe("FulfillMint", () => {
expect(getWrites()).toEqual({});
});

it("prevents attackers from exploiting the lack of signing requirement", async () => {
it("prevents attackers from tampering with mint request", async () => {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The previous version of the test relied solely on authorization feature that resolved ctx.callingUser from the signature even if the signature was not required. The issue however is broader - we need to verify if the dto provided in the FulfillMint call is the same as the one that is saved on chain. That's why a new validation function was added to fulfillMint.ts file - validateMintRequestDtoMatchesOriginal - which verifies the saved dto to match the one provided in fulfill call parameter.

@dzikowski dzikowski enabled auto-merge (squash) February 3, 2025 19:19
@dzikowski dzikowski merged commit a2e3972 into main Feb 3, 2025
13 checks passed
@dzikowski dzikowski deleted the refactor-v2 branch February 3, 2025 19:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Jehosephat Jehosephat Jehosephat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dzikowski @Jehosephat