-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: local wallets #3976
feat: local wallets #3976
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- It'd be great to have the recommended usage (and alternative one) documented somewhere. Wallet handling is something that should be straightforward and as simple as possible for the end user.
- Is the
--remote-wallet
path covered by tests?
src/rpc_api/mod.rs
Outdated
@@ -58,7 +58,7 @@ pub static ACCESS_MAP: Lazy<HashMap<&str, Access>> = Lazy::new(|| { | |||
// Message Pool API | |||
access.insert(mpool_api::MPOOL_GET_NONCE, Access::Read); | |||
access.insert(mpool_api::MPOOL_PENDING, Access::Read); | |||
access.insert(mpool_api::MPOOL_PUSH, Access::Write); | |||
access.insert(mpool_api::MPOOL_PUSH, Access::Read); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Anyone can push to mpool? Is it safe?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm somewhat convinced that it is safe. Lotus has three ways of receiving signed messages: MPoolPush
, MPoolPushUntrusted
, and p2p pubsub. MPoolPushUntrusted
has a few more sanity checks and a lower cap on outstanding messages. But any peer can send messages through p2p pubsub which does not have a limit and acts just like MPoolPush
. Any security we add to MPoolPush
is merely security through obscurity since we (and Lotus) blindly accept messages through pubsub.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense, thanks for clarification.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, and glif.io doesn't even expose MPoolPushUntrusted
. But they do let everyone use MPoolPush
. It's kinda strange. All in all, I think we're best off making MPoolPush
public and then making it as difficult to spam as possible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Once we have rate-limiting implemented, we could by default limit it to zero.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a note in the code for why we differ from Lotus.
src/wallet/subcommands/wallet_cmd.rs
Outdated
let Some(dir) = ProjectDirs::from("com", "ChainSafe", "Forest-Wallet") else { | ||
bail!("Failed to find wallet directory"); | ||
}; | ||
// FIXME: Support encrypted wallets |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we have a tracking issue for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, no, I wanted to implement it in this PR, but I forgot. I'll make sure to add it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
src/wallet/subcommands/wallet_cmd.rs
Outdated
let StrictAddress(address) = StrictAddress::from_str(&address) | ||
.with_context(|| format!("Invalid address: {address}"))?; | ||
|
||
if let Some(mut keystore) = local_keystore { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This if-else
proliferation makes it difficult to reason about the code. Can we have it abstracted away?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could probably be converted into map_or
for all the occurrences or any other more eloquent solution.
Another option is to get rid of else
and use return
in the if
block.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cleaned it up a bit but it's still kinda ugly. Suggestions welcome.
@lemmih is it still WIP (see title)? |
Fixed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should forest-cli send
be deprecated / removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It might make sense to paste this to Grammarly to fix potential typos
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah. I was too fast and too furious.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A side note, don't we have spell checks in CI for md
files?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I could have sworn we had it at one point.
gas_limit: gas_limit as u64, | ||
gas_fee_cap: gas_feecap, | ||
gas_premium, | ||
// JANK(aatifsyed): Why are we using a testing build of fvm_shared? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do we do with this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a wrinkle in fvm_shared
. I guess we could send a patch upstream.
Co-authored-by: Hubert <hubert@chainsafe.io>
Yeah, it should be deprecated. Done. |
@@ -113,6 +113,12 @@ Mandatory release that includes: | |||
- [#3955](https://github.com/ChainSafe/forest/pull/3955) Added support for the | |||
NV22 _Dragon_ network upgrade, together with the required state migration. | |||
|
|||
### Changed | |||
|
|||
- [#3976](https://github.com/ChainSafe/forest/pull/3976) `forest-wallet` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this is merged after #4152 I believe the position of this log entry needs to be manually adjusted
@LesnyRumcajs @hanabi1224 Need re-review due to merge mishaps. |
Summary of changes
Changes introduced in this pull request:
--remote-wallet
flag toforest-wallet
. Without it, the tool will use a locally stored wallet.Reference issue to close (if applicable)
Closes #3957
Other information and links
Change checklist