This repository has been archived by the owner on Nov 8, 2023. It is now read-only.
Protection against rushing adversary #70
Assignees
Labels
enhancement
New feature or request
Comments
tmpfs
added a commit
that referenced
this issue
Apr 26, 2022
Prepare for separate links for each invite which will help prevent a rushing adversary attack, see #70.
tmpfs
added a commit
that referenced
this issue
May 16, 2022
* Add basic snap template. * Experiment with snap_manageState. * Setup watch script to build snap. * Update meta data and move to rpc directory. * Update script, remove unused script. * Work in progress migrating to client package. Currently webpack cannot find the typescript definitions. * Configure shared package for client code. * Rename client -> demo. * Rename server -> cli. * Update Dockerfile. * Move shared Javascript and webassembly to packages. * Format and update CI tasks. * Experiment with getting the bip44 entropy. * Set up linting for client package. * Fix lint errors in client. Updated JsDoc comments, closes #65. * Skeleton react frontend for snap. * Continue frontend setup with parcel and react@18. Need the typescript definitions for window.ethereum. See: MetaMask/types#16 * Fix type checking for ethereum global. * Remove React.StrictMode as it renders twice. * Trying to figure out snap/parcel workflow. * Draft logic for running snap in parcel. * Stub wasm library for snap utilities. * Add xchacha20poly1305 wasm utilities. * Add redux store. * Exploring state management in redux. * Tidy dapp meta data. * Improve dapp scripts. * Routines for encryption and decryption. * Initial state persistence logic. Exposes the thunks for clearState(), loadState() and saveState(). The state is an array of KeyShare instances which currently just encapsulate a label but later will also include the key share information generated using multi-party-ecdsa. The data is encrypted and decrypted using xchacha20poly1305 functions that are exposed via webassembly in the @metamask/mpc-snap-wasm package. Currently, the webassembly is executed on the main UI thread as we are dealing with small amounts of data it should execute fast enough. * Add material and theme handling. * Sketch connect page. * Show snackbar on connect failure. * Setup prettier for dapp. * Set up linting. * Navigate to keys view on connect. * Add route for creating a key share. * Sketch layout for parameters view. * Improve key share creation layout. * Create group and draft invitation layout. * Improve layout on invite screen. * Pass parameters to join screen. * Improve flow for joining keygen sessions. * Prepare views for joining key generation. * Prepare session info for key generation. * Preparing for web worker. * Wait for web worker to be ready. So that we are sure we can call the web worker webassembly functions when we need them. * Prepare helper to cleanup listeners. * Generate key share, draft save layout. * Draft logic for listing key shares. * Improve listing of key shares. * Improve key listing view. * Prepare for explicit action to save key share. * Draft key share view. * Show balance and chain on key view. * Support deleting key shares. * Draft support for deleting key shares. Requires work to show a dialog to confirm the permanent deletion of the key share. * Improve navigation when deleting key shares. * Set up dialogs reducer. * Use confirmation dialog for key share deletion. * Improve snackbar handling. Use redux dispatch with a singleton component. * Prepare keystore import/export WASM functions. * Support exporting key shares. * Show alert when exporting a key share. * Prepare import key store dialog. * Improve logic for loading key shares. Prepare to gather password for keystore import. * Fix file input bug. * Draft logic for importing a key share. * Use stepper for key share import. * Add beta chip and warning. * Prepare sign links and routes. * Form for message to sign. * Improve lazy loading of key shares. So that deep links to key shares and signing work as expected. * Expose keccak256 helper function in snap wasm. * Improve invite card layout. Prepare for separate links for each invite which will help prevent a rushing adversary attack, see #70. * Helper functions for creating and joining groups. So that this logic can be shared between the key generation and signing flows. * Prepare signing session join invites. * Prepare views to join signing session. * Support public associated data with a session. This will allow signing sessions to associate some public information with the session and clients that join a session to pull that information from the server. This will deprecates the logic for proposal notifications. * Improve doc comments. * Show message preview when joining sign session. * Prepare signing approval view. * Move session state to separate reducer. The keys reducer has no business dealing with the session information. * Load party number into session. This is done for the person creating the message to sign but we also still need to do it for the parties joining the signing session. * WIP on compute view. * Prepare sign candidate state. * Fix off by one error for sessionLoad event. Needs to load the party number into the session before testing the threshold for the notification handling. * Prepare data for signing. * Find signing key share. Currently hanging on round zero when signing, requires debugging. * Debugging signing participants. * Improve ListenerCleanup handling. * Fix expected number of messages for signing. When preparing the transports we needed a conditional to set the expected number of messages correctly for signing sessions. * Switch from sha256 to keccak256 for the demo. So that the demo and snap code are in sync for the message type used for signing. * Update SignResult types. So it matches the value returned from webassembly. * Prepare the save proof screen. * Move state management to a separate module. * Prepare for more complex app state. So that we can also save message signing proofs in the app state. * Add worker progress view for key generation. * Support custom onTransition for signing. * Use worker progress view for signing. Fix a bug with signing multiple times, needed to clear the redux state with signCandidate and signProof. * Support downloading message signing proofs. * Draft logic for saving signing proofs. * Support listing message proofs. * Improve message proof handling. Support deleting message proofs. * Fix return bug deleting message proofs. * Confirmation dialog when deleting message proofs. * Fix type error.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Links to join sessions could include a unique party identifier that would prevent the participant from joining the same session multiple times.
The text was updated successfully, but these errors were encountered: