MarketTakers/arbiter
5
0
Fork 0
Code Issues 27 Pull Requests 4 Packages Projects Releases Wiki Activity
Pulse Contributors Code Frequency Recent Commits

2026-04-02 - 2026-04-09
Period: 1 week
1 day 3 days 1 week 1 month 3 months 6 months 1 year

Overview

16 Active Pull Requests
32 Active Issues
13
Merged Pull Requests 3
Proposed Pull Requests 11
Closed Issues 27
New Issues
Excluding merges, 2 authors have pushed 15 commits to main and 64 commits to all branches. On main, 49 files have changed and there have been 1534 additions and 790 deletions.

13 Pull requests merged by 2 users

Merged #82 refactor(hashing): introduce Hashable derive macro and migrate server types 2026-04-08 00:18:41 +00:00

Merged #80 Post-quantum crypto and better useragent security 2026-04-07 19:26:55 +00:00

Merged #78 feat(server): add integrity verification for client keys 2026-04-06 16:26:11 +00:00

Merged #77 fix(server): replaced postcard-based integrity fingerprint with custom trait providing order-independent hashing 2026-04-06 15:42:47 +00:00

Merged #76 fix(server): added chain_id check and covered check_shared_constraints with unit tests 2026-04-06 11:38:52 +00:00

Merged #51 feat(server): integrity envelope engine for EVM grants with HMAC verification 2026-04-05 16:26:51 +00:00

Merged #46 doc: multi-operator rules 2026-04-05 08:27:37 +00:00

Merged #43 feat(auth): add seal-key-derived pubkey integrity tags with auth enforcement and unseal backfill 2026-04-05 08:26:59 +00:00

Merged #47 refactor(server): removed miette out of server 2026-04-05 07:57:41 +00:00

Merged #49 fix(client): evm-feature's code for new proto 2026-04-04 14:10:44 +00:00

Merged #50 ci(server-test): ensure that all features are compiling 2026-04-04 14:09:56 +00:00

Merged #45 refactor(protocol): split into domain-based nesting 2026-04-04 08:24:17 +00:00

Merged #38 feat(evm): implement EVM sign transaction handling in client and user agent 2026-04-02 19:26:06 +00:00

3 Pull requests proposed by 1 user

Proposed #53 feat(server): implement useragent_delete_grant hard delete cleanup 2026-04-05 16:05:05 +00:00

Proposed #81 feat(server): unify integrity API and propagate verified IDs through auth/EVM flows 2026-04-07 19:27:12 +00:00

Proposed #83 security(server): bind grant revocation state (revoked_at) to integrity hash 2026-04-08 10:10:23 +00:00

11 Issues closed from 1 user

Closed #58 Client key is not integrity-protected 2026-04-07 19:04:05 +00:00

Closed #72 Bootstrap token comparison is not constant-time 2026-04-06 16:34:01 +00:00

Closed #61 User-agent auth accepts integrity-unavailable state while sealed 2026-04-06 16:27:28 +00:00

Closed #55 Client identity rebinding 2026-04-06 16:26:33 +00:00

Closed #69 Integrity MAC depends on unordered SQLite row ordering 2026-04-06 15:42:49 +00:00

Closed #57 Chain id is not verified 2026-04-06 11:38:57 +00:00

Closed #11 Implement User Agent client library 2026-04-05 15:00:08 +00:00

Closed #40 Client key replacement attack 2026-04-05 08:27:00 +00:00

Closed #10 Implement Rust SDK client library 2026-04-04 18:01:28 +00:00

Closed #3 Implement SDK client registration via User Agent 2026-04-04 18:01:28 +00:00

Closed #12 Implement Flutter desktop app 2026-04-04 18:01:14 +00:00

27 Issues created by 2 users

Opened #52 Come up with mechanism for enforcing integrity protection usage 2026-04-05 15:05:14 +00:00

Opened #54 Encrypted key material not bound to wallet address — cross-wallet signing possible 2026-04-05 16:07:17 +00:00

Opened #55 Client identity rebinding 2026-04-05 16:09:27 +00:00

Opened #56 revoked_at is not included in signature 2026-04-05 16:11:01 +00:00

Opened #57 Chain id is not verified 2026-04-05 16:13:05 +00:00

Opened #58 Client key is not integrity-protected 2026-04-05 16:15:41 +00:00

Opened #60 Unseal and bootstrap handshake lack brute-force protection 2026-04-05 16:23:05 +00:00

Opened #59 Bootstrap token persists on disk with weak file permissions 2026-04-05 16:23:05 +00:00

Opened #61 User-agent auth accepts integrity-unavailable state while sealed 2026-04-05 16:23:06 +00:00

Opened #62 Bootstrap token registration lacks proof of possession 2026-04-05 16:23:06 +00:00

Opened #63 SDK client metadata is silently rewritten on reconnect 2026-04-05 16:23:07 +00:00

Opened #64 User-agent signing endpoint accepts arbitrary client_id 2026-04-05 16:23:07 +00:00

Opened #66 Transaction logs can be tampered with to reset rate limits 2026-04-05 16:23:08 +00:00

Opened #65 Integrity envelopes do not survive root key rotation 2026-04-05 16:23:08 +00:00

Opened #67 Bootstrap token RNG seeding should be made explicit 2026-04-05 16:23:09 +00:00

Opened #68 RequestTracker allows arbitrary gaps across request flows 2026-04-05 16:23:09 +00:00

Opened #69 Integrity MAC depends on unordered SQLite row ordering 2026-04-05 16:23:10 +00:00

Opened #70 Client approval quorum differs from documented consensus model 2026-04-05 16:23:10 +00:00

Opened #71 Wallet-access revocation deletes by wallet_id instead of entry id 2026-04-05 16:23:11 +00:00

Opened #72 Bootstrap token comparison is not constant-time 2026-04-05 16:23:11 +00:00

Opened #73 Consumed bootstrap token is not zeroized in memory 2026-04-05 16:23:12 +00:00

Opened #74 Zombie user-agent sessions can block all new client approvals 2026-04-05 16:23:12 +00:00

Opened #75 Mutation Testing: Missing Test Coverage (~184 genuine gaps from 225 mutations) 2026-04-06 10:02:20 +00:00

Opened #79 Not using quantum-resistant schemes 2026-04-07 08:09:46 +00:00

Opened #84 The apocalypse due to casting i64 timestamp to sql Integer(i32) 2026-04-08 20:33:01 +00:00

Opened #85 push_len_prefixed casts usize to u32 that may truncate on 64-bit targets 2026-04-09 13:58:26 +00:00

Opened #86 suspicious as keywords 2026-04-09 16:37:28 +00:00

1 Unresolved Conversation

Open #44 refactor(server): extract shared runtime and implement service install/run in arbiter-server.exe 2026-04-03 16:30:34 +00:00