Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(crypto): error if incorrect ledger public key (backport #19691) #19745

Merged
merged 2 commits into from
Mar 13, 2024
Merged

fix(crypto): error if incorrect ledger public key (backport #19691) #19745

merged 2 commits into from
Mar 13, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Mar 13, 2024

Closes #19690

Summary by CodeRabbit

  • Bug Fixes
    • Enhanced security by ensuring the public key used for signing transactions matches the public key on the ledger device. Now throws an error if there's a mismatch.
  • Refactor
    • Improved organization and efficiency by moving functions and interfaces to more appropriate packages within the types module and removing deprecated functions.
  • Chores
    • Implemented various updates and fixes across different modules to enhance configuration, server context, and calculation methods.
This is an automatic backport of pull request #19691 done by [Mergify](https://mergify.com).

@rootulp @mergify
fix(crypto): error if incorrect ledger public key (#19691)
795aae2 
Co-authored-by: Marko <marbar3778@yahoo.com>
(cherry picked from commit 5424b55)

# Conflicts:
#	CHANGELOG.md
#	crypto/keyring/keyring_ledger_test.go
@mergify mergify bot requested a review from a team as a code owner March 13, 2024 19:16
@mergify mergify bot added the conflicts label Mar 13, 2024
@mergify Mergify
Copy link
Contributor Author

mergify bot commented Mar 13, 2024

Cherry-pick of 5424b55 has failed:

On branch mergify/bp/release/v0.50.x/pr-19691
Your branch is up to date with 'origin/release/v0.50.x'.

You are currently cherry-picking commit 5424b55c5.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   crypto/keyring/keyring.go

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   CHANGELOG.md
	both modified:   crypto/keyring/keyring_ledger_test.go

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

julienrbrt
julienrbrt approved these changes Mar 13, 2024
View reviewed changes
Copy link
Member

@julienrbrt julienrbrt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK

@sontrinh16 sontrinh16 merged commit b8659ae into release/v0.50.x Mar 13, 2024
45 checks passed
@sontrinh16 sontrinh16 deleted the mergify/bp/release/v0.50.x/pr-19691 branch March 13, 2024 19:59
SpicyLemon added a commit to provenance-io/cosmos-sdk that referenced this pull request Jun 10, 2024
@SpicyLemon @mergify
@rootulp @sontrinh16 @dependabot @github-actions @mmsqe @tac0turtle @gibson042 @julienrbrt @cool-develope @akaladarshi @kienn6034 @yihuang @GAtom22 @lucaslopezf @facundomedica @samricotta @Reecepbcups @leonz789 @johnletey @beer-1 @islishude @damiannolan @tianyeyouyou @cocoyeal @polymaer @sergio-mena
Bring in SDK changes up to v0.50.7 and Mark v0.50.7-pio-1. (#610)
8e14244 
* fix(crypto): error if incorrect ledger public key (backport cosmos#19691) (cosmos#19745)

Co-authored-by: Rootul P <rootulp@gmail.com>
Co-authored-by: sontrinh16 <trinhleson2000@gmail.com>

* build(deps): Bump github.com/cometbft/cometbft from 0.38.5 to 0.38.6 (cosmos#19751)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

* fix: align signer extraction adapter for mempool remove (backport cosmos#19759) (cosmos#19773)

Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* fix(x/upgrade): Stop treating inline JSON as a URL (backport cosmos#19706) (cosmos#19767)

Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* fix(client/v2): fix comment parsing (backport cosmos#19377) (cosmos#19777)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* build(deps): Bump github.com/cosmos/iavl from 1.0.1 to 1.1.1 in store (cosmos#19770)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Cool Developer <cool199966@outlook.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* chore(store): add release date (cosmos#19797)

* build(deps): Bump github.com/cosmos/gogoproto from 1.4.11 to 1.4.12 (cosmos#19811)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

* feat(x/gov): emit proposer address in submit proposal event (backport cosmos#19842) (cosmos#19844)

Co-authored-by: Aryan Tikarya <akaladarshi@gmail.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* feat(x/gov): emit depositor in `proposal_deposit` event (backport cosmos#19853) (cosmos#19859)

Co-authored-by: Kien <kien@notional.ventures>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* reuse fromAddrString (minor cleanup) (cosmos#19881)

* feat(client): replace `event-query-tx-for` with `wait-tx` (backport cosmos#19870) (cosmos#19887)

* feat(server): add custom start handler (backport cosmos#19854) (cosmos#19884)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* build(deps): Bump cosmossdk.io/store from 1.0.2 to 1.1.0 (cosmos#19810)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* docs(x/mint): Fix inconsistency in mint docs  (backport cosmos#19915) (cosmos#19925)

* build(deps): Bump github.com/cosmos/iavl from 1.1.1 to 1.1.2 (cosmos#19985)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix(client/v2): add encoder for `cosmos.base.v1beta1.DecCoin` (backport cosmos#19976) (cosmos#20001)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix(mempool): use no-op mempool as default (backport cosmos#19970) (cosmos#20008)

Co-authored-by: Tom <54514587+GAtom22@users.noreply.github.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* feat: Conditionally emit metrics based on enablement (backport cosmos#19903) (cosmos#20017)

Co-authored-by: Lucas Francisco López <lucaslopezf@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix(x/bank): align query with multi denoms for send-enabled (backport cosmos#20028) (cosmos#20029)

Co-authored-by: mmsqe <mavis@crypto.com>

* fix: Implement gogoproto customtype to secp256r1 keys (backport cosmos#20027) (cosmos#20031)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>

* fix(client/v2): respect output format from client ctx (backport cosmos#20033) (cosmos#20046)

Co-authored-by: mmsqe <mavis@crypto.com>

* build(deps): Bump cosmossdk.io/x/tx from 0.13.1 to 0.13.2 (cosmos#20042)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* feat(x/bank): support depinject for send restrictions (backport cosmos#20014) (cosmos#20024)

* fix(baseapp): don't share global gas meter in tx execution (backport cosmos#19616) (cosmos#20050)

* fix: secp256r1 json missing quotes (backport cosmos#20060) (cosmos#20069)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>

* build(deps): Bump github.com/cosmos/cosmos-proto from 1.0.0-beta.4 to 1.0.0-beta.5 (cosmos#20095)

* feat(client/v2): implement version filtering using annotation (backport cosmos#20083) (cosmos#20099)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* chore: prepare v0.50.6 (cosmos#19998)

* fix: use timestamp for sim log file name (backport cosmos#20108) (cosmos#20111)

Co-authored-by: mmsqe <mavis@crypto.com>

* fix(x/authz,x/feegrant): check blocked address (cosmos#20102)

* chore: update v0.50.6 release notes (cosmos#20124)

* build(deps): bump sdk in modules (cosmos#20126)

* docs(gas/fees): Update block gas documentation (backport cosmos#20128) (cosmos#20131)

Co-authored-by: samricotta <37125168+samricotta@users.noreply.github.com>

* fix(baseapp): avoid header height overwrite block height (backport cosmos#20107) (cosmos#20129)

Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* docs: fix broken link (backport cosmos#20133) (cosmos#20138)

* build(deps): bump modules in simapp (cosmos#20137)

* build(deps): Bump cosmossdk.io/x/tx from 0.13.2 to 0.13.3 (cosmos#20152)

* docs: add authz reference info in the circuit antehandler (backport cosmos#20146) (cosmos#20155)

Co-authored-by: Reece Williams <31943163+Reecepbcups@users.noreply.github.com>

* fix(testsuite/sims): set all signatures (backport cosmos#20151) (cosmos#20185)

Co-authored-by: Leon <156270887+leonz789@users.noreply.github.com>

* build(deps): Bump github.com/cometbft/cometbft from 0.38.6 to 0.38.7 (cosmos#20206)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

* fix(server): bootstrap-state command can't parse latest genesis format (backport cosmos#20020) (cosmos#20045)

Co-authored-by: yihuang <huang@crypto.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: sontrinh16 <trinhleson2000@gmail.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* fix: remove txs from mempool when antehandler fails in recheck (backport cosmos#20144) (cosmos#20251)

Co-authored-by: Marko <marko@baricevic.me>

* feat(baseapp): expose grpc query router via depinject. (cosmos#20264)

* feat(client/v2): override short description in generated command (backport cosmos#20266) (cosmos#20269)

Co-authored-by: John Letey <j@letey.de>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* feat(runtime): Add missing NewTransientStoreService (backport cosmos#20261) (cosmos#20327)

Co-authored-by: beer-1 <147697694+beer-1@users.noreply.github.com>

* fix: allow tx decoding to fail in GetBlockWithTxs (backport cosmos#20323) (cosmos#20329)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* fix(client/v2): correctly check subcommand short descriptions (backport cosmos#20330) (cosmos#20340)

* build(deps): Bump cosmossdk.io/api from 0.7.4 to 0.7.5 (cosmos#20338)

* style: Fix gov query proposals examples syntax (backport cosmos#20353) (cosmos#20357)

* feat(client): add consensus address for debug cmd (backport cosmos#20328) (cosmos#20366)

Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* feat(client): overwrite client context instead of setting new one (backport cosmos#20356) (cosmos#20383)

Co-authored-by: Shude Li <islishude@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: correctly assign `execModeSimulate` to context for `simulateTx` (backport cosmos#20342) (cosmos#20346)

Co-authored-by: Damian Nolan <damiannolan@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* docs: update diagram to be shown properly (backport cosmos#20454) (cosmos#20460)

Co-authored-by: tianyeyouyou <150894831+tianyeyouyou@users.noreply.github.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* docs: fix note blocks display failure (backport cosmos#20457) (cosmos#20459)

Co-authored-by: cocoyeal <150209682+cocoyeal@users.noreply.github.com>

* docs: update link contents (backport cosmos#20437) (cosmos#20462)

Co-authored-by: PolyMa <151764357+polymaer@users.noreply.github.com>

* fix(x/consensus): harden consensus params proposal (cosmos#20381)

Co-authored-by: Sergio Mena <sergio@informal.systems>
Co-authored-by: sontrinh16 <trinhleson2000@gmail.com>

* docs: add docs on permissions (backport cosmos#20526) (cosmos#20527)

Co-authored-by: Marko <marko@baricevic.me>

* chore(x/upgrade): bump vulnerable `go-getter` library (cosmos#20530)

* chore: prepare v0.50.7 (cosmos#20475)

* Add changelog entry and mark v0.50.7-pio-1 in the changelog.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Rootul P <rootulp@gmail.com>
Co-authored-by: sontrinh16 <trinhleson2000@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: Cool Developer <cool199966@outlook.com>
Co-authored-by: Aryan Tikarya <akaladarshi@gmail.com>
Co-authored-by: Kien <kien@notional.ventures>
Co-authored-by: yihuang <huang@crypto.com>
Co-authored-by: Tom <54514587+GAtom22@users.noreply.github.com>
Co-authored-by: Lucas Francisco López <lucaslopezf@gmail.com>
Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: samricotta <37125168+samricotta@users.noreply.github.com>
Co-authored-by: Reece Williams <31943163+Reecepbcups@users.noreply.github.com>
Co-authored-by: Leon <156270887+leonz789@users.noreply.github.com>
Co-authored-by: Marko <marko@baricevic.me>
Co-authored-by: John Letey <j@letey.de>
Co-authored-by: beer-1 <147697694+beer-1@users.noreply.github.com>
Co-authored-by: Shude Li <islishude@gmail.com>
Co-authored-by: Damian Nolan <damiannolan@gmail.com>
Co-authored-by: tianyeyouyou <150894831+tianyeyouyou@users.noreply.github.com>
Co-authored-by: cocoyeal <150209682+cocoyeal@users.noreply.github.com>
Co-authored-by: PolyMa <151764357+polymaer@users.noreply.github.com>
Co-authored-by: Sergio Mena <sergio@informal.systems>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julienrbrt julienrbrt julienrbrt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@julienrbrt @sontrinh16 @rootulp