Skip to content

v3.2.0
Compare
Choose a tag to compare
@github-actions github-actions released this 20 Sep 18:18
· 3 commits to main since this release
v3.2.0
23a4a9a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode. 
Feat/bls poc (#244)

* verify bls signatures
Fix return type and add comment
fix(bls): Fixed wrong data size in constants
ping to ic_bls12_381 to 0.9.1

* Remove unnecessary cargo patch holder code that was commented out

* Initial parser for icp certificates

* add some useful methods and lookup funtion

* Implement the reconstruct function and enhance a bit the lookup function which needs to be rewritten

* Add the lookup_path_list and fix simple lookup function

* Fix delegation parser

* Update error definitions

* Complete Certificate parsing and verification

* Add more test and ensure parser/root_hash/lookup are working

* New testing dependencies

* enhance verification

* Improve tests and error handling, add C interface meant to parse certificates

* some improvements

* fix typo

* Initial candid parser for irc21-consent-message-response type

* Add license note

* Implement candid parser for ConsentMessageResponse and add unit test

* Many improvements and add UI for MessageResponse type and full parser along with some unit tests

* Add helper lines function

* Document code better

* new function to compute message

* shore: Re-structure the project better by moving certificate related parts into a separate folder

* Add parser for call_request argument in apdu instruction

* Add parser for consent_msg_request argument in apdu instruction

* Update value() method and add canister ranges parsing

* Add method to check if a canister is within certain ranges, add test

* Implement UI functions and export entry points

* add some new files and placeholders for bls parsing

* add apdu js interface

* adding new nvdata functions to save bls info

* update js package and add simple zemu test

* add rust ffi for parsing

* improve root_key handling and cleaning

* root_key as global value

* save call hash to be signed

* improve sign apdu

* add placeholder for certificate verifying function

* type fix

* Restructure files

* prefix state names

* Implement checks for payload and consent request plus minor fixes

* Fill handler path with processing functions in tx module and parser

* use config.toml

* Separate icrc21 types into their own module, and implement request_id computation

* Add utility functions to compute hashes

* Minor updates, and checks

* Add type table parsing and use it to parse candid values

* Fix icrc21 consentmessage request parsing and update other parts to use type_table

* use little endiannes and add extra checks in test

* Nonce is optional

* Add request_id method and tests along with conversion methods

* Use request_id to check also for certificate validation and add simple test

* Use inner arg and method name to set ffi struct for certificate verification

* Add signing method for bls certificate and update actions

* Use proper constants to define type lengths in ffi

* Remove unused method to compute request_id

* Some improvements and fixing warnings

* Add compilation flag to enable/disable bls certificate verification depending on ledger target

* Conditional compilation and fix tests and js library

* Remove decode trait implementation reducing stack usage

* Use ledger-rust bindings to create static resources for call/consent request and update C api and handlers

* Update build command in cargo for ledger-rust

* Add bls_message to build digest used in certificate signature verification and update from_bytes_into implementation

* Use certificate resource and improve certificate handler

* Fix bls test key

* Fix signing and resource cleaning

* Some improvements

* Some cleanups

* Fix test and add snapshot

* Add logs

* Add prefix to exported rust functions

* Print to std-out in tests

* Many clean-ups and fix js instruction to verify certificate

* Use constant and implement FromBytes

* Remove from_bytes impl in delegation and fix certificate::from_bytes_into

* Add timestamp check

* Add consent message formatting

* Add utilities for testing with cargo insta later

* Update test snapshots

* Use TryFrom impl and add pubkey test

* Ensure resources are freed and state is reset after signing

* Define a state at creation level

* Enable certificate verification using official key for testing

* Add test with/without custom root key

* Improve parsing by using from_bytes_into which reduces stack usage

* Fix ingress_expiry and method_name checks

* Add new constants

* use from_bytes_into

* Remove table logging

* Remove check on root_key as it could be an optional parameters

* Update testing data

* export C function to rust to handle principal request and use it to verify certificate

* Import rslib if BLS feature is enable

* Improve CI for rust parser

* fix clippy and test

* fix clippy and zemu tests

* Improve zemu testing

* fix clippy

* fix zemu

* fix flex compilation

* filter out nanos for bls testing in zemu

* some CI fixes

* Re-structuring code to reduce stack usage relying on lazy parsing and ensuring table lenght is sized to a reasonable size

* Reduce stack usage

* Add test to verify ffi verification flow

* fix ffi test

* Reduce stack usage and more logging

* update dep

* Add more logging

* update cargo.lock

* move from stack to nvm

* Disable nanox for now on zemu tests

* Remove BLS support for nanoX

* Fix hashing computation, now we hash name and value separately and update the global hasher

* Ensure jest reporter module gets installed

* Ensure jest reporter module gets installed

* Fix warnings and compile c api on bls feature only

* Add try script for bls verification

* Adjust time expiryti offset as requested to 10 minutes and not 12

* Update testing data and snapshots

* Update submodules

* Fix compilation error with protobuf

* Update testing data

* remove flow which is not compatible with our hybrid app

* remove dead code

* Update error type in C code to match Rust new errors

* Removed commemted code and add more notes to clarify design desitions

* Rename test for bls to avoid snapshots overlapping

Ensure state gets restarted in case of errors

Remove unnecessary SDK modules

Document and more comments

consice header

Fix typo

* Fix canister ranges comparisson and update testing data in ffi-test

* Bum app version and update snapshots

* Add a new set of tests, and increase time offset to 12 minutes

* Minor fix and use call request for sender validation

* Add new zemu test to ensure principal verification agains certificate data

* Use default device principal in our unit tests

* Increate time offset to 12 minutes, so a call request is valid if made within those 12 minutes window since certificate creation

* Update sender verification to follow what they suggested

---------

Co-authored-by: Carlos Medeiros <[email protected]>
Assets 6
Loading