Skip to content

Add remote node parsing for increased security #217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
simonmcl wants to merge 14 commits into
base: master
Choose a base branch
from
Open

Add remote node parsing for increased security #217

simonmcl wants to merge 14 commits into from

Conversation

@simonmcl
Copy link
Collaborator

@simonmcl simonmcl commented Jun 30, 2020

Addresses: #212

  • Added another parameter to TezosClient and NetworkClient to take a remoteNodeParseURL so that a second server can be used to verify the forged transactions.
  • Changed forgeSignPreapplyAndInject to forgeParseSignPreapplyAndInject and added a parse flow.
  • The returned JSON from the parse will be compared to the operations requested to be sent.
  • Operation will fail if the comparison fails.
  • Change Tez.rpcRepresentation to always return a minimum of "0", as the Node will always replace "" with "0".

@simonmcl
- changed forgeSignPreapplyAndInject to include remote node parsing a…
aeb615e 
…s an extra layer of security

- changed Tez rpc representation to return "0" at a minimum to avoid conflicts with the node
@simonmcl simonmcl added enhancement New feature or request security labels Jun 30, 2020
@simonmcl simonmcl requested a review from keefertaylor June 30, 2020 15:12
@simonmcl simonmcl self-assigned this Jun 30, 2020
simonmcl added 13 commits July 2, 2020 12:48
@simonmcl
Fixed an issue with OperationResponseInternalResultError not parsing …
bd2b190 
…due to multiple different types of responses
@simonmcl
Change parsing to use operation payload so reveal operations can be a…
127a6c9 
…ccounted for
@simonmcl
update Fa1.2 token send
032f2a6
@simonmcl
update dexter contract calls to new storage format
4a0ce05
@simonmcl
temporarily add one kind of burnFee to operationFees to deal with iss…
77ade4e 
…ue sending fees to balance-less acocunts
@simonmcl
BugFix: conseil orderby not being used due to typo
da10719 
BugFix: conseil `orderBy` not using correct format of array of dictionaries
@simonmcl
update to Michelson params
7a3c375
@simonmcl
fix dexter exchange, token pool query
92339a9
@simonmcl
fixing broken storage_limit processing
c224ec0
@simonmcl
PreapplicationService error checker doesn't report the correct errors…
5571cd0 
… for Dexter contracts. OperationResponse is not catching these responses first, as /preapply returns an array, were as all others return a dictionary. Adding a quick hack to detect this difference and parse the errors correctly.
@simonmcl
- hack: add an errorCallback to NetworkClient so that apps can do som…
584dc85 
…ething with errors inaccessible, such as estimation errors

- hack: make everything public on TezosNodeClient so settings can be accessed and modified by app
@simonmcl
- fix: Dexter bug when devices are using 12 hour format
48a0fbe
@simonmcl
- update dexter query for edonet
882af15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@keefertaylor keefertaylor Awaiting requested review from keefertaylor

Assignees

@simonmcl simonmcl

Labels

enhancement New feature or request security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@simonmcl