Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Session key auth #296

Merged
merged 40 commits into from
Sep 22, 2022
Merged

Session key auth #296

merged 40 commits into from
Sep 22, 2022

Conversation

Orland0x
Copy link
Contributor

@Orland0x Orland0x commented Aug 23, 2022
edited
Loading

Adding 2 session key authenticators, one authorized by an ethereum signature, and one authorized by an ethereum transaction.

closes #254

@Orland0x
removed unused imports
47ddb6a
@Orland0x
created eth sig utils lib
fa6b867
@Orland0x
created eth sig utils lib
71d7abd
@Orland0x
added signature check function
7a193a2
@Orland0x
test for sesion key authentication
3543f40
@Orland0x
merged develop
f95a9e2
@Orland0x
working session key authentication with eth sig
fe656d6
@Orland0x
reordered imports
09f7d15
@Orland0x
creat session key lib
ed8e355
@Orland0x
eth tx lib
53da0a1
@Orland0x
moved authenticate to session key lib
761a590
@Orland0x
removed auth var from starknet commit contract
da8568e
@Orland0x
eth tx session key auth test
e5d928d
@Orland0x
moved external functions out of libs
2aea0cd
@Orland0x
rename eth sig test
62a17be
@Orland0x
added suffix to eth sig session key test
fa0b7ea
@Orland0x
Merge branch 'develop' into session_key_auth
1a0b58a
@Orland0x
moved l1 handler for eth tx auth out of lib
62de0ee
@Orland0x
added public view function to check active session keys
fe3b3ab
@Orland0x
merged develop
dbe9018
@Orland0x
updated eth sig session key
e2279f5
@Orland0x
fixed types in sig bug
488709a
@Orland0x
gen session key
389c70a
@Orland0x
Eth sig session key test working
877d26e
@Orland0x
tests for session key failure cases
84ec8ae
@Orland0x
increased session duration
9b66b51
@Orland0x
eth tx session key test
3f96593
@Orland0x Orland0x marked this pull request as ready for review September 7, 2022 15:10
pscott
pscott requested changes Sep 20, 2022
View reviewed changes
Copy link
Contributor

@pscott pscott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good code! A couple of changes requested but should be fine!

contracts/starknet/Authenticators/EthSigSessionKey.cairo Outdated Show resolved Hide resolved
contracts/starknet/Authenticators/EthTx.cairo Outdated Show resolved Hide resolved
contracts/starknet/Authenticators/EthTxSessionKey.cairo Show resolved Hide resolved
contracts/starknet/Authenticators/EthTxSessionKey.cairo Outdated Show resolved Hide resolved
contracts/starknet/lib/eth_tx.cairo Outdated Show resolved Hide resolved
contracts/starknet/lib/session_key.cairo Outdated Show resolved Hide resolved
contracts/starknet/lib/stark_eip191.cairo Show resolved Hide resolved
scripts/deploySpace1.ts Outdated Show resolved Hide resolved
scripts/test-crosschain.sh Show resolved Hide resolved
test/crosschain/EthTxSessionKeyAuth.test.ts Outdated Show resolved Hide resolved
pscott
pscott reviewed Sep 22, 2022
View reviewed changes
contracts/starknet/lib/session_key.cairo
):
SessionKey_owner_store.write(session_public_key, eth_address)
let (current_timestamp) = get_block_timestamp()
SessionKey_end_timestamp_store.write(session_public_key, current_timestamp + session_duration)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we check for overflow here? What happens if current_timestamp + session_duration overflows? the number will be either negative, or < current_timestamp? This means it simply won't work, so might as well throw an error here right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah nice spot. could also enforce a max session duration?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I think a max duration of a year should be fine to start with, wdyt?

Copy link
Contributor Author

@Orland0x Orland0x Sep 22, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just put an overflow check for now, some people might just want an indefinite session key to be active so seems unnecessary to limit it.

with_attr error_message("Overflow in Session duration, use smaller value"):
        assert_le(current_timestamp, end_timestamp)
    end

pscott
pscott approved these changes Sep 22, 2022
View reviewed changes
Copy link
Contributor

@pscott pscott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one question about overflow but otherwise looks good! Very nice work, I want to try it with a UI! :)

@Orland0x Orland0x merged commit 5c8c792 into develop Sep 22, 2022
@Orland0x Orland0x deleted the session_key_auth branch September 27, 2022 09:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pscott pscott pscott approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use session keys to broadcast vote and propose
2 participants
@Orland0x @pscott