Fix/docs#151
Conversation
- Added the PolyTorusUtxoExecutionLayer struct for managing eUTXO transactions, including script execution, UTXO set management, and transaction processing. - Introduced UtxoExecutionConfig for configurable execution parameters. - Implemented methods for executing single transactions and batches, validating scripts, and managing UTXO states. - Created a comprehensive demo in utxo_demo.rs to showcase UTXO creation, transaction execution, block mining, and consensus validation. - Included tests for the execution layer to ensure functionality and correctness.
- Refactor UTXO execution and consensus layer imports in utxo_demo.rs - Add eUTXO consensus layer implementation in consensus_engine.rs - Includes block validation, mining, and slot-based timing - Implements UtxoConsensusLayer trait - Add eUTXO execution layer implementation in execution_engine.rs - Supports UTXO transaction processing, script execution, and UTXO set management - Implements UtxoExecutionLayer trait - Introduce configuration structs for both layers with sensible defaults - Implement unit tests for both consensus and execution layers to ensure functionality
… improved metadata tracking
… and HD wallet support - Added Address struct with various formats (Hex, Base58, Bech32, Blake3) and encoding methods. - Implemented encoding and decoding functions for hexadecimal and Base58 formats. - Created comprehensive error handling using WalletError enum for various wallet operations. - Developed HD wallet structure with mnemonic generation and key derivation methods. - Introduced KeyPair management for Ed25519 and secp256k1 cryptographic schemes. - Implemented Signature struct with verification utilities for Ed25519 and secp256k1 signatures. - Created Wallet and WalletManager for managing multiple wallets and signing operations. - Added unit tests for all major functionalities to ensure correctness and reliability.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| name: Test | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Install Rust | ||
| uses: dtolnay/rust-toolchain@stable | ||
|
|
||
| - name: Cache dependencies | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: | | ||
| ~/.cargo/bin/ | ||
| ~/.cargo/registry/index/ | ||
| ~/.cargo/registry/cache/ | ||
| ~/.cargo/git/db/ | ||
| target/ | ||
| key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | ||
|
|
||
| - name: Run tests | ||
| run: cargo test --verbose | ||
|
|
||
| - name: Run layer tests | ||
| run: | | ||
| cargo test -p execution --verbose | ||
| cargo test -p settlement --verbose | ||
| cargo test -p consensus --verbose | ||
| cargo test -p data-availability --verbose | ||
|
|
||
| lint: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
| name: Auto Format | ||
| runs-on: ubuntu-latest | ||
| if: github.event_name == 'pull_request' | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
| ref: ${{ github.head_ref }} | ||
|
|
||
| - name: Install Rust | ||
| uses: dtolnay/rust-toolchain@stable | ||
| with: | ||
| components: rustfmt | ||
|
|
||
| - name: Run cargo fmt | ||
| run: cargo fmt | ||
|
|
||
| - name: Commit changes | ||
| run: | | ||
| git config --local user.email "action@github.com" | ||
| git config --local user.name "GitHub Action" | ||
| git add -A | ||
| if git diff --staged --quiet; then | ||
| echo "No formatting changes needed" | ||
| else | ||
| git commit -m "Auto-format code with cargo fmt" | ||
| git push | ||
| fi | ||
|
|
||
| test: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 months ago
To fix the problem, we should explicitly set the permissions key in the workflow. The best approach is to set the default permissions at the workflow level to the most restrictive (contents: read), and then override them at the job level where more permissions are needed. In this case, the format job needs to push changes, so it requires contents: write, while the test and lint jobs only need contents: read.
Steps:
- Add a
permissions: contents: readblock at the top level of the workflow (aftername:and beforeon:). - Add a
permissions: contents: writeblock to theformatjob. - No changes are needed for the
testandlintjobs, as they will inherit the defaultcontents: readpermission.
| @@ -1,2 +1,4 @@ | ||
| name: CI | ||
| permissions: | ||
| contents: read | ||
|
|
||
| @@ -16,2 +18,4 @@ | ||
| if: github.event_name == 'pull_request' | ||
| permissions: | ||
| contents: write | ||
| steps: |
| name: Build Release | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Install Rust | ||
| uses: dtolnay/rust-toolchain@stable | ||
| with: | ||
| targets: x86_64-unknown-linux-gnu | ||
|
|
||
| - name: Cache dependencies | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: | | ||
| ~/.cargo/bin/ | ||
| ~/.cargo/registry/index/ | ||
| ~/.cargo/registry/cache/ | ||
| ~/.cargo/git/db/ | ||
| target/ | ||
| key: ${{ runner.os }}-cargo-release-${{ hashFiles('**/Cargo.lock') }} | ||
|
|
||
| - name: Build release | ||
| run: cargo build --release --target x86_64-unknown-linux-gnu | ||
|
|
||
| - name: Package binary | ||
| run: | | ||
| cd target/x86_64-unknown-linux-gnu/release | ||
| tar czf ../../../polytorus-linux-amd64.tar.gz polytorus | ||
|
|
||
| - name: Upload artifact | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: polytorus-linux-amd64 | ||
| path: polytorus-linux-amd64.tar.gz |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 months ago
To fix the problem, explicitly set the permissions key in the workflow file to restrict the GITHUB_TOKEN to the minimum required privileges. Since this workflow only checks out code, builds, and uploads artifacts (and does not push code, create releases, or interact with issues or pull requests), it only needs read access to repository contents. The best way to fix this is to add permissions: contents: read at the top level of the workflow (just after the name: line and before on:), so it applies to all jobs in the workflow. No other changes are needed.
| @@ -1,2 +1,4 @@ | ||
| name: Build | ||
| permissions: | ||
| contents: read | ||
|
|
| name: Lint | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Install Rust | ||
| uses: dtolnay/rust-toolchain@stable | ||
| with: | ||
| components: clippy | ||
|
|
||
| - name: Run clippy | ||
| run: cargo clippy No newline at end of file |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 months ago
To fix the issue, we need to add a permissions block to the lint job to explicitly limit the permissions of the GITHUB_TOKEN. Since the lint job only runs cargo clippy and does not require write access, the permissions can be set to contents: read. This ensures that the job has the minimum required permissions and adheres to security best practices.
| @@ -71,2 +71,4 @@ | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| steps: |
- Fix is_multiple_of() method calls by removing unnecessary references - Use contract name parameter in deploy_contract() for better logging and identification - Include contract name in init_params for deployed contracts 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2 participants
Closes #
📋 Description
🔄 Type of Change
🧪 Testing
make pre-commitand all checks pass📸 Screenshots (if applicable)
📝 Checklist
🔗 Related Issues
📋 Additional Notes
Is this a breaking change (Yes/No):
Additional Information