tendermint lite init and fix the proxy
#970
Comments
|
running |
Noticed while investigating #970 As reported by @zramsay, we'd get the warning from tendermint/rpc/lib because we were passing in scheme-less addresses, so by default use "tcp". Also by default, "node" (nodeAddr) has been set to: "tcp://localhost:46657" instead of the bare: "localhost:46657" This change is just to clean up such warnings as they spuriously would spook users for a package "lite" that claims to be secure.
Could you please elaborate on what this means? That would be nice for easy pickup of the work by anyone such as me as well as new Tendermint coders i.e. that isn't always looking at the code, thank you! |
|
Okay I found some context for this issue: tendermint/lite/proxy/certifier.go Lines 17 to 27 in 3d5c05e which was added in 11761d1 |
Noticed while investigating #970 As reported by @zramsay, we'd get the warning from tendermint/rpc/lib because we were passing in scheme-less addresses, so by default use "tcp". Also by default, "node" (nodeAddr) has been set to: "tcp://localhost:46657" instead of the bare: "localhost:46657" This change is just to clean up such warnings as they spuriously would spook users for a package "lite" that claims to be secure.
|
@zramsay your concern in #970 (comment)
has been addressed in #1297 |
|
Closing this issue as addressed. Please reopen if I'm wrong. |
…ackport tendermint#865) (tendermint#970) * fix: avoid recursive call after rename to (*PeerState).MarshalJSON (tendermint#865) * avoid recursive call after rename to (*PeerState).MarshalJSON * add test * add change doc * explain for nolint * fix lint * fix golangci-lint to v1.52.2 * fix golangci-lint to v1.52.2 * Revert "fix golangci-lint to v1.52.2" This reverts commit 598a9ef4c86fc29cf038251676c33a222217826c. * Revert "fix golangci-lint to v1.52.2" This reverts commit a8aad121e27382813e95b1911b1b560c62e1c7c3. * Reintroduced `cmtjson` * Avoid copying Mutex * Avoid copying Mutex -- 2nd try, more succint * Update .changelog/unreleased/bug-fixes/865-fix-peerstate-marshaljson.md * Update consensus/reactor_test.go --------- Co-authored-by: Sergio Mena <sergio@informal.systems> (cherry picked from commit f6ea091) # Conflicts: # consensus/reactor_test.go * Revert "fix: avoid recursive call after rename to (*PeerState).MarshalJSON (tendermint#865)" * fix: avoid recursive call after rename to (*PeerState).MarshalJSON (tendermint#865) * avoid recursive call after rename to (*PeerState).MarshalJSON * add test * add change doc * explain for nolint * fix lint * fix golangci-lint to v1.52.2 * fix golangci-lint to v1.52.2 * Revert "fix golangci-lint to v1.52.2" This reverts commit 598a9ef4c86fc29cf038251676c33a222217826c. * Revert "fix golangci-lint to v1.52.2" This reverts commit a8aad121e27382813e95b1911b1b560c62e1c7c3. * Reintroduced `cmtjson` * Avoid copying Mutex * Avoid copying Mutex -- 2nd try, more succint * Update .changelog/unreleased/bug-fixes/865-fix-peerstate-marshaljson.md * Update consensus/reactor_test.go --------- Co-authored-by: Sergio Mena <sergio@informal.systems> --------- Co-authored-by: mmsqe <mavis@crypto.com> Co-authored-by: Sergio Mena <sergio@informal.systems>
Running the lite proxy requires an init step that's currently insecurely skipped.
Also some code is commented out to make it (insecurely) work without init
The text was updated successfully, but these errors were encountered: