-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: merge upstream form v0.4.0 beta10 #4
Conversation
chore: release v0.3.1
* feat: use metadata field on certificate * fix: lint and UT * fix: comments
Use input_parser.star from kurtosis
* feat use sqlite on lastgersync * apply requests * rm tree migrations * Update lastgersync/processor.go Co-authored-by: Goran Rojovic <100121253+goran-ethernal@users.noreply.github.com> --------- Co-authored-by: Goran Rojovic <100121253+goran-ethernal@users.noreply.github.com>
* feat use sqlite on claimsponsor * wip * pass UTs * fix identation * fix identation * rm cover.out * rm tree migrations * make err a var
This reverts commit a5422d2.
This reverts commit 910b23b.
…ents-for-the-version-command-from-combinations-files refactor: retrieve and parse versions at buildtime
* wip * implementation * fix tests * wip * mdbx is gone * increase coverage * remove ifElseChain from golangci * remove ifElseChain from golangci * remove ifElseChain from golangci * increase coverage * increase coverage * identation * identation * identation * fix kurtosis config
* feat: calculate acc input hash locally (0xPolygon#154)
…pessimistic proof branch (0xPolygon#165) * fix: certificate with no importedBridges set '[]' instead of 'null' * fix: certificate with no importedBridges set '[]' instead of 'null' * feat: adapt to kurtosis-cdk pp * feat: change para SaveCertificatesToFiles to SaveCertificatesToFilesPath * fix: get candidate and proven certificates as well * fix: remove test * fix: small changes * fix: db tx rollback * fix: replace existing certificate * fix: lint and coverage * feat: check for nil fields in certificate * feat: no claims test * fix: comments * fix: lint * fix: shallow copy imported bridge exits and bridge exits * fix: local_config for debug * fix: cdk-erigon-node-001 rename to cdk-erigon-rpc-001 * feat: add logs to check cert * feat: store hash as text, add logs * fix: lint * fix: bump kurtosis-cdk version to 0.2.18 * fix: comments * fix: string conversion error on BridgeExit * fix: lint * fix: update minter key * fix: e2e * fix: e2e tests --------- Co-authored-by: joanestebanr <129153821+joanestebanr@users.noreply.github.com> Co-authored-by: Victor Castell <0x@vcastellm.xyz>
* feat: created and updated timestamps * feat: save raw certificate to db * fix: raw to signed_certificate * fix: indentation
* chore: bump kustoris * Adapt to changes in services names * fix: update minter key * Apply feedback Co-authored-by: Stefan Negovanović <93934272+Stefan-Ethernal@users.noreply.github.com> --------- Co-authored-by: Stefan Negovanović <93934272+Stefan-Ethernal@users.noreply.github.com>
* fix: var zkevm_path_rw_data is defined in kurtosis/main but not yet on 0.2.8, try to override it * fix: bump kurtosis 0.2.19 to have the new variable
* feat: sync UpdateL1InfoTreeV2 * fix linter * use common hash instead of bytes 32 * imporve * imporve * imporve * cover verify trusted aggregator event * cover halted queries * rm coverage file * increase coverage * moar coverage * remove files that shouldnt be there * do not cover smart contracts (generated bindings) * feat: increase coverage (0xPolygon#159) * apply pr suggestions * add context done in handle newblock * add context done in handle newblock * add context done in handle newblock * add context done in handle newblock --------- Co-authored-by: Joan Esteban <129153821+joanestebanr@users.noreply.github.com>
* feat: unpack and log agglayer errors (0xPolygon#158) * feat: unpack and log agglayer errors * feat: agglayer error unpacking * fix: lint and UT * feat: epoch notifier (0xPolygon#144) - Send certificates after a percentage of epoch - Require epoch configuration to AggLayer - Change config of `aggsender` adding: `BlockFinality` and `EpochNotificationPercentage` * refact: GetSequence method (0xPolygon#169) * feat: remove sanity check (0xPolygon#178) (0xPolygon#179) --------- Co-authored-by: Goran Rojovic <100121253+goran-ethernal@users.noreply.github.com> Co-authored-by: Rachit Sonthalia <54906134+rachit77@users.noreply.github.com> Co-authored-by: Toni Ramírez <58293609+ToniRamirezM@users.noreply.github.com>
* ensure oldAccInputHash is ready * feat: updata sync lib * feat: acc input hash sanity check * feat: check acc input hash -1 * feat: refactor * feat: refactor * fix: batch1 acc input hash * fix: timestamp in input prover * fix: timestamp in input prover * fix: timestamp * feat: remove test * fix: test * fix: test * fix: comments * fix: comments
elapsedTime := time.Now().UTC().Sub(time.UnixMilli(certificate.CreatedAt)) | ||
a.log.Debugf("aggLayerClient.GetCertificateHeader status [%s] of certificate %s elapsed time:%s", | ||
certificateHeader.Status, | ||
certificateHeader.String(), |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information such as passwords is not logged in clear text. The best way to fix this is to remove the sensitive information from the string representation methods and ensure it is not included in any logging statements.
- Modify the
String
method of theConfig
struct inaggsender/config.go
to exclude theAggsenderPrivateKey.Password
field. - Ensure that the
String
method of theCertificateHeader
struct inagglayer/types.go
does not include any sensitive information. - Update the logging statements in
aggsender/aggsender.go
to avoid logging sensitive information.
-
Copy modified line R511 -
Copy modified line R516 -
Copy modified line R529
@@ -510,3 +510,3 @@ | ||
certificateHeader.Status, | ||
certificateHeader.String(), | ||
certificateHeader.CertificateID.String(), | ||
elapsedTime) | ||
@@ -515,3 +515,3 @@ | ||
a.log.Infof("certificate %s changed status from [%s] to [%s] elapsed time: %s", | ||
certificateHeader.String(), certificate.Status, certificateHeader.Status, elapsedTime) | ||
certificateHeader.CertificateID.String(), certificate.Status, certificateHeader.Status, elapsedTime) | ||
|
||
@@ -528,3 +528,3 @@ | ||
a.log.Infof("certificate %s is still pending, elapsed time:%s ", | ||
certificateHeader.String(), elapsedTime) | ||
certificateHeader.CertificateID.String(), elapsedTime) | ||
thereArePendingCerts = true |
-
Copy modified lines R554-R555
@@ -553,9 +553,4 @@ | ||
func (c CertificateHeader) String() string { | ||
errors := "" | ||
if c.Error != nil { | ||
errors = c.Error.String() | ||
} | ||
|
||
return fmt.Sprintf("Height: %d, CertificateID: %s, NewLocalExitRoot: %s. Status: %s. Errors: [%s]", | ||
c.Height, c.CertificateID.String(), c.NewLocalExitRoot.String(), c.Status.String(), errors) | ||
return fmt.Sprintf("Height: %d, CertificateID: %s, NewLocalExitRoot: %s. Status: %s", | ||
c.Height, c.CertificateID.String(), c.NewLocalExitRoot.String(), c.Status.String()) | ||
} |
@@ -40,3 +40,2 @@ | ||
"AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
"AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
"URLRPCL2: " + c.URLRPCL2 + "\n" + |
certificate.Status = certificateHeader.Status | ||
if certificateHeader.Status != certificate.Status { | ||
a.log.Infof("certificate %s changed status from [%s] to [%s] elapsed time: %s", | ||
certificateHeader.String(), certificate.Status, certificateHeader.Status, elapsedTime) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information such as passwords is not logged in clear text. The best way to fix this without changing existing functionality is to remove the logging of the sensitive information or obfuscate it before logging. In this case, we will remove the logging of the AggsenderPrivateKey.Password
from the String
method in the Config
struct.
@@ -40,3 +40,2 @@ | ||
"AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
"AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
"URLRPCL2: " + c.URLRPCL2 + "\n" + |
a.log.Errorf("error updating certificate status in storage: %w", err) | ||
continue | ||
err = fmt.Errorf("error updating certificate %s status in storage: %w", certificateHeader.String(), err) | ||
a.log.Error(err) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information such as passwords is not logged in clear text. Instead, we can either omit the sensitive information from the logs or obfuscate it. In this case, we will omit the AggsenderPrivateKey.Password
from the log output.
- In the
aggsender/config.go
file, we will modify theString
method of theConfig
struct to exclude theAggsenderPrivateKey.Password
from the returned string. - This change will ensure that the password is not logged when the
Config
struct is converted to a string.
-
Copy modified line R41
@@ -40,3 +40,3 @@ | ||
"AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
"AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
// "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
"URLRPCL2: " + c.URLRPCL2 + "\n" + |
} | ||
} | ||
if slices.Contains(nonSettledStatuses, certificateHeader.Status) { | ||
a.log.Infof("certificate %s is still pending, elapsed time:%s ", | ||
certificateHeader.String(), elapsedTime) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 26 days ago
To fix the problem, we need to ensure that sensitive information such as passwords is not logged in clear text. The best way to fix this is to modify the String
method in aggsender/config.go
to exclude the password from the output. This way, when the String
method is called and its output is logged, the sensitive information will not be included.
-
Copy modified line R41
@@ -40,3 +40,3 @@ | ||
"AggsenderPrivateKeyPath: " + c.AggsenderPrivateKey.Path + "\n" + | ||
"AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + | ||
// "AggsenderPrivateKeyPassword: " + c.AggsenderPrivateKey.Password + "\n" + // Removed for security reasons | ||
"URLRPCL2: " + c.URLRPCL2 + "\n" + |
Description
Merge form https://github.com/0xPolygon/cdk/releases/tag/v0.4.0-beta10