clippy: fix
This commit is contained in:
@@ -3,6 +3,6 @@ disallowed-methods = [
|
||||
# We only use RSA for Windows Hello (KeyCredentialManager) public-key verification — decryption
|
||||
# is never required and must not be introduced.
|
||||
{ path = "rsa::RsaPrivateKey::decrypt", reason = "RSA decryption is forbidden (RUSTSEC-2023-0071 Marvin Attack). Only PSS signing/verification is permitted." },
|
||||
{ path = "rsa::pkcs1v15::DecryptingKey::decrypt", reason = "RSA decryption is forbidden (RUSTSEC-2023-0071 Marvin Attack). Only PSS signing/verification is permitted." },
|
||||
{ path = "rsa::oaep::DecryptingKey::decrypt", reason = "RSA decryption is forbidden (RUSTSEC-2023-0071 Marvin Attack). Only PSS signing/verification is permitted." },
|
||||
{ path = "rsa::pkcs1v15::DecryptingKey::decrypt", reason = "RSA decryption is forbidden (RUSTSEC-2023-0071 Marvin Attack). Only PSS signing/verification is permitted.", allow-invalid = true },
|
||||
{ path = "rsa::oaep::DecryptingKey::decrypt", reason = "RSA decryption is forbidden (RUSTSEC-2023-0071 Marvin Attack). Only PSS signing/verification is permitted.", allow-invalid = true },
|
||||
]
|
||||
|
||||
@@ -17,7 +17,10 @@ use kameo::error::SendError;
|
||||
use tracing::error;
|
||||
|
||||
use crate::{
|
||||
actors::{client::ClientConnection, router::{self, RequestClientApproval}},
|
||||
actors::{
|
||||
client::ClientConnection,
|
||||
router::{self, RequestClientApproval},
|
||||
},
|
||||
db::{self, schema::program_client},
|
||||
};
|
||||
|
||||
@@ -100,7 +103,9 @@ async fn approve_new_client(
|
||||
) -> Result<(), Error> {
|
||||
let result = actors
|
||||
.router
|
||||
.ask(RequestClientApproval { client_pubkey: pubkey })
|
||||
.ask(RequestClientApproval {
|
||||
client_pubkey: pubkey,
|
||||
})
|
||||
.await;
|
||||
|
||||
match result {
|
||||
@@ -166,18 +171,18 @@ async fn challenge_client(
|
||||
Error::Transport
|
||||
})?;
|
||||
|
||||
let AuthChallengeSolution { signature } = expect_message(
|
||||
&mut *props.transport,
|
||||
|req: ClientRequest| match req.payload? {
|
||||
ClientRequestPayload::AuthChallengeSolution(s) => Some(s),
|
||||
_ => None,
|
||||
},
|
||||
)
|
||||
.await
|
||||
.map_err(|e| {
|
||||
error!(error = ?e, "Failed to receive challenge solution");
|
||||
Error::Transport
|
||||
})?;
|
||||
let AuthChallengeSolution { signature } =
|
||||
expect_message(&mut *props.transport, |req: ClientRequest| {
|
||||
match req.payload? {
|
||||
ClientRequestPayload::AuthChallengeSolution(s) => Some(s),
|
||||
_ => None,
|
||||
}
|
||||
})
|
||||
.await
|
||||
.map_err(|e| {
|
||||
error!(error = ?e, "Failed to receive challenge solution");
|
||||
Error::Transport
|
||||
})?;
|
||||
|
||||
let formatted = format_challenge(nonce, &challenge.pubkey);
|
||||
let sig = signature.as_slice().try_into().map_err(|_| {
|
||||
@@ -196,9 +201,9 @@ async fn challenge_client(
|
||||
fn connect_error_code(err: &Error) -> ConnectErrorCode {
|
||||
match err {
|
||||
Error::ApproveError(ApproveError::Denied) => ConnectErrorCode::ApprovalDenied,
|
||||
Error::ApproveError(ApproveError::Upstream(router::ApprovalError::NoUserAgentsConnected)) => {
|
||||
ConnectErrorCode::NoUserAgentsOnline
|
||||
}
|
||||
Error::ApproveError(ApproveError::Upstream(
|
||||
router::ApprovalError::NoUserAgentsConnected,
|
||||
)) => ConnectErrorCode::NoUserAgentsOnline,
|
||||
_ => ConnectErrorCode::Unknown,
|
||||
}
|
||||
}
|
||||
@@ -234,7 +239,7 @@ async fn authenticate(props: &mut ClientConnection) -> Result<VerifyingKey, Erro
|
||||
|
||||
pub async fn authenticate_and_create(mut props: ClientConnection) -> Result<ClientSession, Error> {
|
||||
match authenticate(&mut props).await {
|
||||
Ok(pubkey) => Ok(ClientSession::new(props, pubkey)),
|
||||
Ok(_pubkey) => Ok(ClientSession::new(props)),
|
||||
Err(err) => {
|
||||
let code = connect_error_code(&err);
|
||||
let _ = props
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
use arbiter_proto::proto::client::{ClientRequest, ClientResponse};
|
||||
use ed25519_dalek::VerifyingKey;
|
||||
use kameo::Actor;
|
||||
use tokio::select;
|
||||
use tracing::{error, info};
|
||||
@@ -10,12 +9,11 @@ use crate::{actors::{
|
||||
|
||||
pub struct ClientSession {
|
||||
props: ClientConnection,
|
||||
key: VerifyingKey,
|
||||
}
|
||||
|
||||
impl ClientSession {
|
||||
pub(crate) fn new(props: ClientConnection, key: VerifyingKey) -> Self {
|
||||
Self { props, key }
|
||||
pub(crate) fn new(props: ClientConnection) -> Self {
|
||||
Self { props }
|
||||
}
|
||||
|
||||
pub async fn process_transport_inbound(&mut self, req: ClientRequest) -> Output {
|
||||
@@ -24,9 +22,8 @@ impl ClientSession {
|
||||
ClientError::MissingRequestPayload
|
||||
})?;
|
||||
|
||||
match msg {
|
||||
_ => Err(ClientError::UnexpectedRequestPayload),
|
||||
}
|
||||
let _ = msg;
|
||||
Err(ClientError::UnexpectedRequestPayload)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -92,7 +89,6 @@ impl ClientSession {
|
||||
use arbiter_proto::transport::DummyTransport;
|
||||
let transport: super::Transport = Box::new(DummyTransport::new());
|
||||
let props = ClientConnection::new(db, transport, actors);
|
||||
let key = VerifyingKey::from_bytes(&[0u8; 32]).unwrap();
|
||||
Self { props, key }
|
||||
Self { props }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
use alloy::{consensus::TxEip1559, network::TxSigner, primitives::Address, signers::Signature};
|
||||
use alloy::{consensus::TxEip1559, primitives::Address, signers::Signature};
|
||||
use diesel::{ExpressionMethods, OptionalExtension as _, QueryDsl, SelectableHelper as _, dsl::insert_into};
|
||||
use diesel_async::RunQueryDsl;
|
||||
use kameo::{Actor, actor::ActorRef, messages};
|
||||
|
||||
@@ -67,7 +67,7 @@ async fn request_client_approval(
|
||||
client_pubkey: VerifyingKey,
|
||||
) -> Result<bool, ApprovalError> {
|
||||
if user_agents.is_empty() {
|
||||
return Err(ApprovalError::NoUserAgentsConnected).into();
|
||||
return Err(ApprovalError::NoUserAgentsConnected);
|
||||
}
|
||||
|
||||
let mut pool = JoinSet::new();
|
||||
@@ -76,7 +76,6 @@ async fn request_client_approval(
|
||||
for weak_ref in user_agents {
|
||||
match weak_ref.upgrade() {
|
||||
Some(agent) => {
|
||||
let client_pubkey = client_pubkey.clone();
|
||||
let cancel_rx = cancel_rx.clone();
|
||||
pool.spawn(async move {
|
||||
agent
|
||||
@@ -167,7 +166,7 @@ impl MessageRouter {
|
||||
// handle in subtask to not to lock the actor
|
||||
tokio::task::spawn(async move {
|
||||
let result = request_client_approval(&weak_refs, client_pubkey).await;
|
||||
let _ = reply_sender.send(result);
|
||||
reply_sender.send(result);
|
||||
});
|
||||
|
||||
reply
|
||||
|
||||
@@ -117,7 +117,8 @@ async fn check_shared_constraints(
|
||||
let now = Utc::now();
|
||||
|
||||
// Validity window
|
||||
if shared.valid_from.map_or(false, |t| now < t) || shared.valid_until.map_or(false, |t| now > t)
|
||||
if shared.valid_from.is_some_and(|t| now < t)
|
||||
|| shared.valid_until.is_some_and(|t| now > t)
|
||||
{
|
||||
violations.push(EvalViolation::InvalidTime);
|
||||
}
|
||||
@@ -125,8 +126,8 @@ async fn check_shared_constraints(
|
||||
// Gas fee caps
|
||||
let fee_exceeded = shared
|
||||
.max_gas_fee_per_gas
|
||||
.map_or(false, |cap| U256::from(context.max_fee_per_gas) > cap);
|
||||
let priority_exceeded = shared.max_priority_fee_per_gas.map_or(false, |cap| {
|
||||
.is_some_and(|cap| U256::from(context.max_fee_per_gas) > cap);
|
||||
let priority_exceeded = shared.max_priority_fee_per_gas.is_some_and(|cap| {
|
||||
U256::from(context.max_priority_fee_per_gas) > cap
|
||||
});
|
||||
if fee_exceeded || priority_exceeded {
|
||||
@@ -228,7 +229,7 @@ impl Engine {
|
||||
.values(&NewEvmBasicGrant {
|
||||
wallet_id: full_grant.basic.wallet_id,
|
||||
chain_id: full_grant.basic.chain as i32,
|
||||
client_id: client_id,
|
||||
client_id,
|
||||
valid_from: full_grant.basic.valid_from.map(SqliteTimestamp),
|
||||
valid_until: full_grant.basic.valid_until.map(SqliteTimestamp),
|
||||
max_gas_fee_per_gas: full_grant
|
||||
|
||||
@@ -41,17 +41,12 @@ pub struct Meaning {
|
||||
}
|
||||
impl Display for Meaning {
|
||||
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
||||
write!(
|
||||
f,
|
||||
"Ether transfer of {} to {}",
|
||||
self.value,
|
||||
self.to.to_string()
|
||||
)
|
||||
write!(f, "Ether transfer of {} to {}", self.value, self.to)
|
||||
}
|
||||
}
|
||||
impl Into<SpecificMeaning> for Meaning {
|
||||
fn into(self) -> SpecificMeaning {
|
||||
SpecificMeaning::EtherTransfer(self)
|
||||
impl From<Meaning> for SpecificMeaning {
|
||||
fn from(val: Meaning) -> SpecificMeaning {
|
||||
SpecificMeaning::EtherTransfer(val)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -61,9 +56,9 @@ pub struct Settings {
|
||||
limit: VolumeRateLimit,
|
||||
}
|
||||
|
||||
impl Into<SpecificGrant> for Settings {
|
||||
fn into(self) -> SpecificGrant {
|
||||
SpecificGrant::EtherTransfer(self)
|
||||
impl From<Settings> for SpecificGrant {
|
||||
fn from(val: Settings) -> SpecificGrant {
|
||||
SpecificGrant::EtherTransfer(val)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -51,9 +51,9 @@ impl std::fmt::Display for Meaning {
|
||||
)
|
||||
}
|
||||
}
|
||||
impl Into<SpecificMeaning> for Meaning {
|
||||
fn into(self) -> SpecificMeaning {
|
||||
SpecificMeaning::TokenTransfer(self)
|
||||
impl From<Meaning> for SpecificMeaning {
|
||||
fn from(val: Meaning) -> SpecificMeaning {
|
||||
SpecificMeaning::TokenTransfer(val)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,9 +63,9 @@ pub struct Settings {
|
||||
target: Option<Address>,
|
||||
volume_limits: Vec<VolumeRateLimit>,
|
||||
}
|
||||
impl Into<SpecificGrant> for Settings {
|
||||
fn into(self) -> SpecificGrant {
|
||||
SpecificGrant::TokenTransfer(self)
|
||||
impl From<Settings> for SpecificGrant {
|
||||
fn from(val: Settings) -> SpecificGrant {
|
||||
SpecificGrant::TokenTransfer(val)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -156,10 +156,10 @@ impl Policy for TokenTransfer {
|
||||
return Ok(violations);
|
||||
}
|
||||
|
||||
if let Some(allowed) = grant.settings.target {
|
||||
if allowed != meaning.to {
|
||||
violations.push(EvalViolation::InvalidTarget { target: meaning.to });
|
||||
}
|
||||
if let Some(allowed) = grant.settings.target
|
||||
&& allowed != meaning.to
|
||||
{
|
||||
violations.push(EvalViolation::InvalidTarget { target: meaning.to });
|
||||
}
|
||||
|
||||
let rate_violations = check_volume_rate_limits(grant, db).await?;
|
||||
|
||||
@@ -94,13 +94,13 @@ impl SafeSigner {
|
||||
&self,
|
||||
tx: &mut dyn SignableTransaction<Signature>,
|
||||
) -> Result<Signature> {
|
||||
if let Some(chain_id) = self.chain_id {
|
||||
if !tx.set_chain_id_checked(chain_id) {
|
||||
return Err(Error::TransactionChainIdMismatch {
|
||||
signer: chain_id,
|
||||
tx: tx.chain_id().unwrap(),
|
||||
});
|
||||
}
|
||||
if let Some(chain_id) = self.chain_id
|
||||
&& !tx.set_chain_id_checked(chain_id)
|
||||
{
|
||||
return Err(Error::TransactionChainIdMismatch {
|
||||
signer: chain_id,
|
||||
tx: tx.chain_id().unwrap(),
|
||||
});
|
||||
}
|
||||
self.sign_hash_inner(&tx.signature_hash()).map_err(Error::other)
|
||||
}
|
||||
|
||||
@@ -9,7 +9,6 @@ use diesel_async::RunQueryDsl;
|
||||
use memsafe::MemSafe;
|
||||
use tokio::sync::mpsc;
|
||||
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub async fn bootstrapped_keyholder(db: &db::DatabasePool) -> KeyHolder {
|
||||
let mut actor = KeyHolder::new(db.clone()).await.unwrap();
|
||||
@@ -31,13 +30,14 @@ pub async fn root_key_history_id(db: &db::DatabasePool) -> i32 {
|
||||
id.expect("root_key_id should be set after bootstrap")
|
||||
}
|
||||
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub struct ChannelTransport<T, Y> {
|
||||
receiver: mpsc::Receiver<T>,
|
||||
sender: mpsc::Sender<Y>,
|
||||
}
|
||||
|
||||
impl<T, Y> ChannelTransport<T, Y> {
|
||||
#[allow(dead_code)]
|
||||
pub fn new() -> (Self, ChannelTransport<Y, T>) {
|
||||
let (tx1, rx1) = mpsc::channel(10);
|
||||
let (tx2, rx2) = mpsc::channel(10);
|
||||
@@ -54,8 +54,6 @@ impl<T, Y> ChannelTransport<T, Y> {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
#[async_trait]
|
||||
impl<T, Y> Bi<T, Y> for ChannelTransport<T, Y>
|
||||
where
|
||||
|
||||
Reference in New Issue
Block a user