Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[watchtower/lookout]: on-chain breach monitoring #2124
This PR introduces the
At a high level, the lookout service receives input via two sources: block events and it's database. Incoming state updates are continually written to the database, and are made available to the lookout as soon as the tower successfully persists the encrypted blob. As new blocks come in, the tower searches for any breach hints matching the txid prefixes contained in the newly found block. If any matches are generated from the query, the lookout service will dispatch an attempt to decrypt and sweep the transaction on behalf of the user.
Some slight modifications have been made to the
Some open questions:
Builds on #2122
left a comment
One small step for
I've completed an initial pass, will likely do another to cover the set of unit tests added. The only major comment concerns the nonce generation. I'm a bit weary of using a sequence based nonce, as it puts a lot of responsibility on the client to ensure it doesn't send with a duplicate nonce lest it leaks plaintext blobs.