-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release finding #585
Release finding #585
Changes from all commits
f9f7c39
f4032d0
9f51ef3
019531a
95d0d28
d8ce8ae
e6834bf
0f1ba1f
9c66421
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -34,6 +34,7 @@ func NewTxCmd() *cobra.Command { | |
NewSubmitFindingCmd(), | ||
NewHostAcceptFindingCmd(), | ||
NewHostRejectFindingCmd(), | ||
NewReleaseFindingCmd(), | ||
) | ||
|
||
return bountyTxCmds | ||
|
@@ -166,7 +167,6 @@ func NewSubmitFindingCmd() *cobra.Command { | |
|
||
poc, _ := cmd.Flags().GetString(FlagFindingPoc) | ||
|
||
//func EncryptMsg(cmd *cobra.Command, programID uint64, desc, poc string) (descAny, pocAny *codectypes.Any, err error) { | ||
descAny, pocAny, err := EncryptMsg(cmd, pid, desc, poc) | ||
if err != nil { | ||
return err | ||
|
@@ -208,7 +208,7 @@ func EncryptMsg(cmd *cobra.Command, programID uint64, desc, poc string) (descAny | |
return nil, nil, err | ||
} | ||
encDesc := types.EciesEncryptedDesc{ | ||
EncryptedDesc: encryptedDescBytes, | ||
FindingDesc: encryptedDescBytes, | ||
} | ||
descAny, err = codectypes.NewAnyWithValue(&encDesc) | ||
if err != nil { | ||
|
@@ -220,7 +220,7 @@ func EncryptMsg(cmd *cobra.Command, programID uint64, desc, poc string) (descAny | |
return nil, nil, err | ||
} | ||
encPoc := types.EciesEncryptedPoc{ | ||
EncryptedPoc: encryptedPocBytes, | ||
FindingPoc: encryptedPocBytes, | ||
} | ||
pocAny, err = codectypes.NewAnyWithValue(&encPoc) | ||
if err != nil { | ||
|
@@ -350,7 +350,7 @@ func HostProcessFinding(cmd *cobra.Command, args []string) (fid uint64, | |
return fid, commentAny, hostAddr, err | ||
} | ||
encComment := types.EciesEncryptedComment{ | ||
EncryptedComment: encryptedComment, | ||
FindingComment: encryptedComment, | ||
} | ||
commentAny, err = codectypes.NewAnyWithValue(&encComment) | ||
if err != nil { | ||
|
@@ -359,3 +359,97 @@ func HostProcessFinding(cmd *cobra.Command, args []string) (fid uint64, | |
|
||
return fid, commentAny, hostAddr, nil | ||
} | ||
|
||
func NewReleaseFindingCmd() *cobra.Command { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This was deprecated in favor of providing the decrypted plaintext for each finding to be verified by encrypting it again and matching it with the on-chain encrypted ciphertext There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. so you'd only be able to release findings one by one There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. make sense |
||
cmd := &cobra.Command{ | ||
Use: "release-finding", | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think all commands should use the same command format There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yes, there are currently 2 formats, and should be unified. |
||
Short: "release encrypted part of a finding ", | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
clientCtx, err := client.GetClientTxContext(cmd) | ||
if err != nil { | ||
return err | ||
} | ||
hostAddr := clientCtx.GetFromAddress() | ||
|
||
fid, err := cmd.Flags().GetUint64(FlagFindingID) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
encKeyFile, err := cmd.Flags().GetString(FlagEncKeyFile) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
findingDesc, findingPoc, findingComment, err := GetFindingPlainText(cmd, fid, encKeyFile) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
msg := types.NewReleaseFinding( | ||
hostAddr.String(), | ||
fid, | ||
findingDesc, | ||
findingPoc, | ||
findingComment, | ||
) | ||
|
||
return tx.GenerateOrBroadcastTxCLI(clientCtx, cmd.Flags(), msg) | ||
}, | ||
} | ||
|
||
cmd.Flags().String(FlagEncKeyFile, "", "The program's encryption key file to decrypt findings") | ||
cmd.Flags().Uint64(FlagFindingID, 0, "The program's ID") | ||
flags.AddTxFlagsToCmd(cmd) | ||
|
||
_ = cmd.MarkFlagRequired(flags.FlagFrom) | ||
_ = cmd.MarkFlagRequired(FlagFindingID) | ||
_ = cmd.MarkFlagRequired(FlagEncKeyFile) | ||
|
||
return cmd | ||
} | ||
|
||
func GetFindingPlainText(cmd *cobra.Command, fid uint64, encKeyFile string) ( | ||
desc, poc, comment string, err error) { | ||
// get finding info | ||
finding, err := GetFinding(cmd, fid) | ||
if err != nil { | ||
return "", "", "", err | ||
} | ||
|
||
prvKey := LoadPrvKey(encKeyFile) | ||
|
||
if finding.FindingDesc == nil { | ||
desc = "" | ||
} else { | ||
encryptedDescBytes := finding.FindingDesc.GetValue() | ||
descBytes, err := prvKey.Decrypt(encryptedDescBytes[2:], nil, nil) | ||
if err != nil { | ||
return "", "", "", err | ||
} | ||
desc = string(descBytes) | ||
} | ||
|
||
if finding.FindingPoc == nil { | ||
poc = "" | ||
} else { | ||
encryptedPocBytes := finding.FindingPoc.GetValue() | ||
pocBytes, err := prvKey.Decrypt(encryptedPocBytes[2:], nil, nil) | ||
if err != nil { | ||
return "", "", "", err | ||
} | ||
poc = string(pocBytes) | ||
} | ||
|
||
if finding.FindingComment == nil { | ||
comment = "" | ||
} else { | ||
encryptedCommentBytes := finding.FindingComment.GetValue() | ||
commentBytes, err := prvKey.Decrypt(encryptedCommentBytes[2:], nil, nil) | ||
if err != nil { | ||
return "", "", "", err | ||
} | ||
comment = string(commentBytes) | ||
} | ||
return desc, poc, comment, nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might also need release all or some findings of a given program.