-
Notifications
You must be signed in to change notification settings - Fork 663
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Validate amount with signer key authorizations #4461
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## next #4461 +/- ##
==========================================
+ Coverage 83.17% 83.20% +0.02%
==========================================
Files 451 451
Lines 324497 325724 +1227
Branches 318 323 +5
==========================================
+ Hits 269908 271015 +1107
- Misses 54581 54701 +120
Partials 8 8
... and 24 files with indirect coverage changes Continue to review full report in Codecov by Sentry.
|
@kantai I just re-requested review after pushing some documentation improvements |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! :D extensive testing is great.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is some great work here @hstove, good job on the thorough tests in pox_4_tests. Couldn't see anything in pox-4 or related works that called my attention.
LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If it's not too much of a hassle, could you add signer key to the pox4 increase
synthetic event? If that's a pain we can do in a later PR
This PR implements some of the changes discussed in #4424.
signer-key
to*-increase
pox events #4417The primary change is the addition of two fields to signer key authorization messages, which are validated either via a signature or a previously stored authorization. These fields are
max-amount
andauth-id
.max-amount
reflects the maximum amount of STX that can be used in that specific stacking action. Theauth-id
field is used to prevent replay attacks, which would allow a stacker to go beyondmax-amount
over multiple transactions.Note that
stack-extend
doesn't verify theamount
field in the authorization, because there are no additional STX added. In that function, the primary purpose of the authorization is around the number of reward cycles being extended.stack-increase
is also changed. It now includes thesigner-key
, along with the signature and related fields. Along with the same signature / authorization verifications that other stacking functions have, this function also checks to ensure that thesigner-key
parameter matches thesigner-key
for each updated cycle. This means that you cannot callstack-increase
if you've calledstack-extend
with a different signer key.In
pox-4
there is also a new map,used-signer-key-authorizations
, which tracks whether a(signer-key, pox-addr, reward-cycle, period, topic, max-amount, auth-id)
tuple has been used.