feat: local wallets #3976
feat: local wallets #3976
Conversation
lemmih
requested review from
ruseinov and
LesnyRumcajs
and removed request for
a team
src/rpc_api/mod.rs
Outdated
| @@ -58,7 +58,7 @@ pub static ACCESS_MAP: Lazy<HashMap<&str, Access>> = Lazy::new(|| { | |||
| // Message Pool API | |||
| access.insert(mpool_api::MPOOL_GET_NONCE, Access::Read); | |||
| access.insert(mpool_api::MPOOL_PENDING, Access::Read); | |||
| access.insert(mpool_api::MPOOL_PUSH, Access::Write); | |||
| access.insert(mpool_api::MPOOL_PUSH, Access::Read); | |||
There was a problem hiding this comment.
Anyone can push to mpool? Is it safe?
There was a problem hiding this comment.
I'm somewhat convinced that it is safe. Lotus has three ways of receiving signed messages: MPoolPush, MPoolPushUntrusted, and p2p pubsub. MPoolPushUntrusted has a few more sanity checks and a lower cap on outstanding messages. But any peer can send messages through p2p pubsub which does not have a limit and acts just like MPoolPush. Any security we add to MPoolPush is merely security through obscurity since we (and Lotus) blindly accept messages through pubsub.
There was a problem hiding this comment.
Makes sense, thanks for clarification.
There was a problem hiding this comment.
Oh, and glif.io doesn't even expose MPoolPushUntrusted. But they do let everyone use MPoolPush. It's kinda strange. All in all, I think we're best off making MPoolPush public and then making it as difficult to spam as possible.
There was a problem hiding this comment.
Once we have rate-limiting implemented, we could by default limit it to zero.
There was a problem hiding this comment.
Added a note in the code for why we differ from Lotus.
src/wallet/subcommands/wallet_cmd.rs
Outdated
| let Some(dir) = ProjectDirs::from("com", "ChainSafe", "Forest-Wallet") else { | ||
| bail!("Failed to find wallet directory"); | ||
| }; | ||
| // FIXME: Support encrypted wallets |
There was a problem hiding this comment.
Do we have a tracking issue for this?
There was a problem hiding this comment.
Ah, no, I wanted to implement it in this PR, but I forgot. I'll make sure to add it.
src/wallet/subcommands/wallet_cmd.rs
Outdated
| let StrictAddress(address) = StrictAddress::from_str(&address) | ||
| .with_context(|| format!("Invalid address: {address}"))?; | ||
|
|
||
| if let Some(mut keystore) = local_keystore { |
There was a problem hiding this comment.
This if-else proliferation makes it difficult to reason about the code. Can we have it abstracted away?
There was a problem hiding this comment.
could probably be converted into map_or for all the occurrences or any other more eloquent solution.
Another option is to get rid of else and use return in the if block.
There was a problem hiding this comment.
Cleaned it up a bit but it's still kinda ugly. Suggestions welcome.
|
@lemmih is it still WIP (see title)? |
Fixed. |
There was a problem hiding this comment.
It might make sense to paste this to Grammarly to fix potential typos
There was a problem hiding this comment.
Yeah. I was too fast and too furious.
There was a problem hiding this comment.
A side note, don't we have spell checks in CI for md files?
There was a problem hiding this comment.
I could have sworn we had it at one point.
| gas_limit: gas_limit as u64, | ||
| gas_fee_cap: gas_feecap, | ||
| gas_premium, | ||
| // JANK(aatifsyed): Why are we using a testing build of fvm_shared? |
There was a problem hiding this comment.
It's a wrinkle in fvm_shared. I guess we could send a patch upstream.
Co-authored-by: Hubert <hubert@chainsafe.io>
Yeah, it should be deprecated. Done. |
| @@ -113,6 +113,12 @@ Mandatory release that includes: | |||
| - [#3955](https://github.com/ChainSafe/forest/pull/3955) Added support for the | |||
| NV22 _Dragon_ network upgrade, together with the required state migration. | |||
|
|
|||
| ### Changed | |||
|
|
|||
| - [#3976](https://github.com/ChainSafe/forest/pull/3976) `forest-wallet` | |||
There was a problem hiding this comment.
If this is merged after #4152 I believe the position of this log entry needs to be manually adjusted
|
@LesnyRumcajs @hanabi1224 Need re-review due to merge mishaps. |
Summary of changes
Changes introduced in this pull request:
--remote-walletflag toforest-wallet. Without it, the tool will use a locally stored wallet.Reference issue to close (if applicable)
Closes #3957
Other information and links
Change checklist