Merge branch 'main' into feat/custom-query

burnt-labs · Feb 27, 2024 · 015d7b2 · 015d7b2
2 parents 5aa58ef + bbcbf20
commit 015d7b2
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 25 deletions.
diff --git a/account/Cargo.toml b/account/Cargo.toml
@@ -27,8 +27,6 @@ phf               = { workspace = true }
 rsa               = { workspace = true }
 getrandom         = { workspace = true }
 p256              = { workspace = true }
-passkey = { git="https://github.com/aptos-labs/passkey-rs.git"}
-passkey-authenticator = { git="https://github.com/aptos-labs/passkey-rs.git", features = ["testable"] }
 url = "2.4.1"
 coset = "0.3.5"
 futures = "0.3.29"

diff --git a/account/src/auth/jwt.rs b/account/src/auth/jwt.rs
@@ -16,15 +16,12 @@ static AUD_KEY_MAP: Map<&'static str, &'static str> = phf_map! {
     // GA - Testnet - Test  project
     "project-test-5ae234a7-6b74-46af-a7b7-969f3df38cc0" => "4ia1pODcj-BPNblyJ1ao1etK0VltRWQEmeoQtHaCWrOES-2BCFbcOBsDDxrXPzkTUK5j15fpMFbg36vDqXiYDNPHTp7WxUrOKOSyONk4gZUd626GZwKJBryMAhU7mBMByO56sLUHdDPajykYIlpHut75gDqipDI5QY9fh_piLh7OMy-MORaWdmkv1zFqLfjAr2GUKFmd7xiUAYTsjDClTTMn1rGskjBF8qPK9jDrPz9SEwN1n7N0JPsJVRqP6m5Yf_l9JWSKarSLbV9O0qMC7Nl0MpBKTw8HTVlwaBWF-5aGbg3dMQl8Cbn4vNUv-pPjrlvrpw2m_r0Gr5N9CBEKFQ;AQAB",
     // GA - Testnet - Live project
-    "project-live-7e4a3221-79cd-4f34-ac1d-fedac4bde13e" => "7DEDs11mtM85pjdpELjoNBqBPcPf3rUU7llkoycaUfhlQF3ghMVBrIoVs4ivaBGJiBGBEnM64lKeCMYDaTDa67AUsUIahyBtKTHvZ_tEgOiqX6feWg-z6MsoA7HFoxbIzgwTGEVcFzy5y0BQEqffPstSBLUeZRfh7NGSXbGoo5zXPx1oEgrFtzfpnBgz-OP2rg1JLdycMP3YoKFIu5v2nnRobvlEraXil3ETJ-c6TLcaOctd1T4HSFNk5xy7HqiqMqU4Ixy5HfzC7gJqo1g1ppPrkSY36hpPgtpa6xR161cPr9Acvejqt8LK5xpoeW8oS67r1_m-TkKjTOhKzjbVNw;AQAB",
+    "project-live-7e4a3221-79cd-4f34-ac1d-fedac4bde13e" => "qm5TbnKO8tCEVdwQK1Zit0_ig2nitUzA4V_m7oePByX1oSMismJOpbgEY2xjLVCMl_JdZOUIBQvaoFx169GS0-PrKEA8sXS-20Dp8rjiEG1hSaHapRfrDPjyN5TvPPp_xNAi8YBpZ5-msK0TZmG13Rcwn9xcu74AVW0PE19s0xWGAeukoaALfgk66RdwA7_C3KKeFkaEk9VpTtVJS7e-H815L2utXaqMC7uf-Qg93l0ifVBqaJj318BdV1dBj4cliMd1k7LlSD_qmcrqYUdggJB5FquVHjSj6-j5SMBne2IzWh4GLMneS_HGoTclRCHsOGi_3BhsjgkaZt6QCLr0_fafWUinJYrnEcIjojFlWuDvzPfoSV3bRefe_IQT4-Ht8fvwVcw5wEDhBiE2lfjHjMyRG-knlM910xnEJjJjxYWbyb_fLW-NVWULFH-L91DhxlXjDwO7hbbMlGlviTcsEa3ahwszNooQ63JJdp96iSA2JgWY6JPvWHG0mNrEU3AC6UMHLUtI2Hpg1ij6tiieFUMvFLvjj7dCozpDnZr2z6msCyTgUAmO3KQHaQ3Rvo2WwyuJPzOJLBnefLZIqZzAOXHAjI_bPTTOte1vPYkfLJxLKncdd-1OCwoLMyWAdCpD4gpIsam3jPhhQfAOio1XI1BXtDMxqIyXtCQD94ycwtU;AQAB",
     // Exodvs - Test project
     "project-test-185e9a9f-8bab-42f2-a924-953a59e8ff94" => "sQKkA829tzjU2VA-INHvdrewkbQzjpsMn0PNM7KJaBODbB4ItZM4x1NVSWBiy2DGHkaDDvADRbbq1BZsC1iXVtIYm0AoD7x4QC1w89kp2_s0wmvUOSPiQZlYrgJqRDXirXJZX3MNku2McXbwdyPajDaR4nBBQOoUOF21CHqLDqBHs2R6tHyL80R_8mgueiqQ-4wg6SSVcB_6ZOh59vRcjKr34upKPWGQzvMGCkeTO9whzbIWbA1j-8ykiS63EhjWBZU_sSolsf1ZGq8peVrADDLhOvHtZxCZLKwB46k2kb8GKAWlO4wRP6BDVjzpnea7BsvZ6JwULKg3HisH9gzaiQ;AQAB",
     "integration-test-project" => "olg7TF3aai-wR4HTDe5oR-WRhEsdW3u-O3IJHl0BiHkmR4MLskHG9HzivWoXsloUBnBMrFNxOH0x5cNMI07oi4PeRbHySiogRW9CXPjJaNlTi-pT_IgKFsyJNXsLyzrnajLkDbQU6pRsHmNeL0hAOUv48rtXv8VVWWN8okJehD2q9N7LHoFAOmIUEPg_VTHTt8K__O-9eMZKN4eMjh_4-sxRX6NXPSPT87XRlrK4GZ4pUdp86K0tOFLhwO4Uj0JkMNfI82eVZ1tAbDlqjd8jFnAb8fWm8wtdaTNbL_AAXmbDhswwJOyrw8fARZIhrXSdKBWa6e4k7sLwTIy-OO8saebnlARsjGst7ZCzmw5KCm2ctEVl3hYhHwyXu_A5rOblMrV3H0G7WqeKMCMVSJ11ssrlsmfVhNIwu1Qlt5GYmPTTJiCgGUGRxZkgDyOyjFNHglYpZamCGyJ9oyofsukEGoqMQ6WzjFi_hjVapzXi7Li-Q0OjEopIUUDDgeUrgjbGY0eiHI6sAz5hoaD0Qjc9e3Hk6-y7VcKCTCAanZOlJV0vJkHB98LBLh9qAoVUei_VaLFe2IcfVlrL_43aXlsHhr_SUQY5pHPlUMbQihE_57dpPRh31qDX_w6ye8dilniP8JmpKM2uIwnJ0x7hfJ45Qa0oLHmrGlzY9wi-RGP0YUk;AQAB",
 };
 
-// The average block time of 2 blocks.
-const AVERAGE_BLOCK_TIME_OF_TWO_BLOCKS: u64 = 12;
-
 #[derive(Debug, Serialize, Deserialize)]
 struct Claims {
     aud: Box<[String]>, // Optional. Audience
@@ -94,26 +91,20 @@ pub fn verify(
         return Err(InvalidToken);
     }
 
-    // complete the time checks
-    // because the provided time is the completion of the the last block, we add
-    // the average block time to allow for a more realistic timestamp. this has
-    // implications for the "not before" and "expiration" timestamps, in that we
-    // are more forgiving for "not before" and less forgiving for "expiration"
-    let working_time = &current_time.plus_seconds(AVERAGE_BLOCK_TIME_OF_TWO_BLOCKS);
-    let expiration = Timestamp::from_seconds(claims.exp as u64);
-    if expiration.lt(working_time) {
+    // complete the time check
+    //
+    // timing in cosmos is unstable to say the least. therefore we have noticed
+    // that the perceived time in the chain can swing quite a bit, and is almost
+    // exclusively in the past. Therefore, NBF (not before) checks, which are
+    // primarily set at time of JWT creation, almost always fail. Knowing this,
+    // we have decided to only check expiration
+    let expiration = Timestamp::from_seconds(claims.exp);
+    if expiration.lt(current_time) {
         return Err(InvalidTime {
             current: current_time.seconds(),
             received: expiration.seconds(),
         });
     }
-    let not_before = Timestamp::from_seconds(claims.nbf as u64);
-    if not_before.gt(working_time) {
-        return Err(InvalidTime {
-            current: current_time.seconds(),
-            received: not_before.seconds(),
-        });
-    }
     // make sure the provided hash matches the one from the tx
     if tx_hash.eq(&claims.transaction_hash) {
         Ok(true)

diff --git a/account/src/auth/sign_arb.rs b/account/src/auth/sign_arb.rs
@@ -31,7 +31,6 @@ fn wrap_message(msg_bytes: &[u8], signer: Addr) -> Vec<u8> {
 mod tests {
     use crate::auth::sign_arb::wrap_message;
     use crate::auth::util;
-    use crate::auth::Authenticator::Secp256K1;
     use crate::contract::instantiate;
     use crate::msg::InstantiateMsg;
     use crate::proto::XionCustomQuery;

diff --git a/account/src/contract.rs b/account/src/contract.rs
@@ -4,8 +4,9 @@ use cosmwasm_std::{
 
 use absacc::AccountSudoMsg;
 
+use crate::error::ContractError;
 use crate::execute::{add_auth_method, assert_self, remove_auth_method};
-use crate::msg::ExecuteMsg;
+use crate::msg::{ExecuteMsg, MigrateMsg};
 use crate::proto::XionCustomQuery;
 use crate::{
     error::ContractResult,
@@ -74,3 +75,9 @@ pub fn query(deps: Deps, _env: Env, msg: QueryMsg) -> StdResult<Binary> {
         }
     }
 }
+
+#[entry_point]
+pub fn migrate(_deps: DepsMut, _env: Env, _msg: MigrateMsg) -> Result<Response, ContractError> {
+    // No state migrations performed, just returned a Response
+    Ok(Response::default())
+}
diff --git a/account/src/execute.rs b/account/src/execute.rs
@@ -3,7 +3,6 @@ use std::borrow::BorrowMut;
 use cosmwasm_std::{Addr, Binary, Deps, DepsMut, Env, Event, Order, Response};
 
 use crate::auth::{passkey, AddAuthenticator, Authenticator};
-use crate::error::ContractError::OverridingIndex;
 use crate::proto::XionCustomQuery;
 use crate::{
     error::{ContractError, ContractResult},
@@ -243,7 +242,7 @@ pub fn save_authenticator(
     authenticator: &Authenticator,
 ) -> ContractResult<()> {
     if AUTHENTICATORS.has(deps.storage, id) {
-        return Err(OverridingIndex { index: id });
+        return Err(ContractError::OverridingIndex { index: id });
     }
 
     AUTHENTICATORS.save(deps.storage, id, authenticator)?;

diff --git a/account/src/msg.rs b/account/src/msg.rs
@@ -23,3 +23,6 @@ pub enum QueryMsg {
     #[returns(Binary)]
     AuthenticatorByID { id: u8 },
 }
+
+#[cw_serde]
+pub enum MigrateMsg {}