Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SEC-526 #118

Open
wants to merge 10 commits into
base: dev
Choose a base branch
from
Open

SEC-526 #118

wants to merge 10 commits into from
+1,797 −1,167

Conversation

abdulazeem-tk4vr
Copy link
Member

@abdulazeem-tk4vr abdulazeem-tk4vr commented Dec 26, 2024
edited
Loading

@abdulazeem-tk4vr abdulazeem-tk4vr changed the title Sec 526 SEC-526 Dec 26, 2024
@abdulazeem-tk4vr abdulazeem-tk4vr force-pushed the SEC-526 branch 2 times, most recently from 121a685 to 3813532 Compare December 26, 2024 09:52
@abdulazeem-tk4vr abdulazeem-tk4vr force-pushed the SEC-526 branch 2 times, most recently from 43124cc to b1e3a03 Compare December 27, 2024 05:57
aniketdivekar
aniketdivekar reviewed Jan 1, 2025
View reviewed changes
src/Data/Collector.ts
console.log('Execution Shard Key in receipt does not match the calculated key from transaction data.')
}
if (nestedCountersInstance) nestedCountersInstance.countEvent('receipt', 'executionShardKey mismatch')
executionShardKey = extractedKey
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if fallback should be to the key which we received in receipt. Just in case our extraction logic has some flaws. We can discuss with design team.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, I was thinking about the possibility that the incoming execution shard key from the receipt might contain malicious/falsified information. So, we should instead rely on the shard key we have calculated now.

src/Data/ExtractShardKey.ts Outdated
return response.accounts
}

throw new Error(`Secure account data not found on node ${node.ip}`)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we add some logs here?if there is any error in response from /secure_accounts api, we lose the error message.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this will not be used anymore. We are going to use a local config file to fetch the secure accounts

src/test/shardKey.ts
@@ -0,0 +1,32 @@
import * as fs from 'fs'
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can this be written as unit test? what's the purpose of the file?
Also, filePath is hardcoded

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are multiple different unit tests to cover because of different transaction types and the receipt logs are quite large. I thought this was the most efficient way to test out the function by fetching the receipt logs from the archiver. Testing is still incomplete, QA help is needed.

FilePath was just an example. It can be modified to anything you like. I shall keep it generic and add a disclaimer that this needs to be modified.

@abdulazeem-tk4vr abdulazeem-tk4vr self-assigned this Jan 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aniketdivekar aniketdivekar aniketdivekar left review comments

@S0naliThakur S0naliThakur Awaiting requested review from S0naliThakur

At least 1 approving review is required to merge this pull request.

Assignees

@abdulazeem-tk4vr abdulazeem-tk4vr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@abdulazeem-tk4vr @aniketdivekar @S0naliThakur