diff --git a/server/crates/arbiter-client/src/auth.rs b/server/crates/arbiter-client/src/auth.rs index 7f7378f..e6068e5 100644 --- a/server/crates/arbiter-client/src/auth.rs +++ b/server/crates/arbiter-client/src/auth.rs @@ -1,3 +1,4 @@ +use arbiter_crypto::authn::{CLIENT_CONTEXT, SigningKey, format_challenge}; use arbiter_proto::{ ClientMetadata, proto::{ @@ -14,7 +15,6 @@ use arbiter_proto::{ shared::ClientInfo as ProtoClientInfo, }, }; -use arbiter_crypto::authn::{CLIENT_CONTEXT, PublicKey, Signature, SigningKey, format_challenge}; use crate::{ storage::StorageError, diff --git a/server/crates/arbiter-crypto/src/lib.rs b/server/crates/arbiter-crypto/src/lib.rs index feac900..5015af2 100644 --- a/server/crates/arbiter-crypto/src/lib.rs +++ b/server/crates/arbiter-crypto/src/lib.rs @@ -1,7 +1,5 @@ - #[cfg(feature = "authn")] pub mod authn; - #[cfg(feature = "safecell")] -pub mod safecell; \ No newline at end of file +pub mod safecell; diff --git a/server/crates/arbiter-crypto/src/safecell.rs b/server/crates/arbiter-crypto/src/safecell.rs index 6249325..80dc57e 100644 --- a/server/crates/arbiter-crypto/src/safecell.rs +++ b/server/crates/arbiter-crypto/src/safecell.rs @@ -107,7 +107,7 @@ fn abort_memory_breach(action: &str, err: &memsafe::error::MemoryError) -> ! { eprintln!("fatal {action}: {err}"); // SAFETY: Intentionally cause a segmentation fault to prevent further execution in a compromised state. unsafe { - let unsafe_pointer = 0x0 as *mut u8; + let unsafe_pointer = std::ptr::null_mut::(); std::ptr::write_volatile(unsafe_pointer, 0); } std::process::abort(); diff --git a/server/crates/arbiter-proto/src/lib.rs b/server/crates/arbiter-proto/src/lib.rs index 3d68b06..5f63aa1 100644 --- a/server/crates/arbiter-proto/src/lib.rs +++ b/server/crates/arbiter-proto/src/lib.rs @@ -1,8 +1,6 @@ pub mod transport; pub mod url; -use base64::{Engine, prelude::BASE64_STANDARD}; - pub mod proto { tonic::include_proto!("arbiter"); diff --git a/server/crates/arbiter-server/src/actors/evm/mod.rs b/server/crates/arbiter-server/src/actors/evm/mod.rs index a31de61..c31cdd0 100644 --- a/server/crates/arbiter-server/src/actors/evm/mod.rs +++ b/server/crates/arbiter-server/src/actors/evm/mod.rs @@ -7,11 +7,11 @@ use kameo::{Actor, actor::ActorRef, messages}; use rand::{SeedableRng, rng, rngs::StdRng}; use crate::{ - actors::keyholder::{CreateNew, Decrypt, GetState, KeyHolder, KeyHolderState}, + actors::keyholder::{CreateNew, Decrypt, KeyHolder}, crypto::integrity, db::{ DatabaseError, DatabasePool, - models::{self, SqliteTimestamp}, + models::{self}, schema, }, evm::{ @@ -21,7 +21,6 @@ use crate::{ ether_transfer::EtherTransfer, token_transfers::TokenTransfer, }, }, - }; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; @@ -159,7 +158,7 @@ impl EvmActor { } #[message] - pub async fn useragent_delete_grant(&mut self, grant_id: i32) -> Result<(), Error> { + pub async fn useragent_delete_grant(&mut self, _grant_id: i32) -> Result<(), Error> { // let mut conn = self.db.get().await.map_err(DatabaseError::from)?; // let keyholder = self.keyholder.clone(); diff --git a/server/crates/arbiter-server/src/actors/keyholder/mod.rs b/server/crates/arbiter-server/src/actors/keyholder/mod.rs index d139f0d..64387bc 100644 --- a/server/crates/arbiter-server/src/actors/keyholder/mod.rs +++ b/server/crates/arbiter-server/src/actors/keyholder/mod.rs @@ -9,19 +9,15 @@ use kameo::{Actor, Reply, messages}; use strum::{EnumDiscriminants, IntoDiscriminant}; use tracing::{error, info}; -use crate::{ - crypto::{ - KeyCell, derive_key, - encryption::v1::{self, Nonce}, - integrity::v1::HmacSha256, - }, +use crate::crypto::{ + KeyCell, derive_key, + encryption::v1::{self, Nonce}, + integrity::v1::HmacSha256, }; -use crate::{ - db::{ - self, - models::{self, RootKeyHistory}, - schema::{self}, - }, +use crate::db::{ + self, + models::{self, RootKeyHistory}, + schema::{self}, }; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; @@ -399,9 +395,7 @@ mod tests { use diesel_async::RunQueryDsl; - use crate::{ - db::{self}, - }; + use crate::db::{self}; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use super::*; diff --git a/server/crates/arbiter-server/src/actors/user_agent/auth/state.rs b/server/crates/arbiter-server/src/actors/user_agent/auth/state.rs index 76dc079..60bcf6f 100644 --- a/server/crates/arbiter-server/src/actors/user_agent/auth/state.rs +++ b/server/crates/arbiter-server/src/actors/user_agent/auth/state.rs @@ -1,5 +1,5 @@ use arbiter_crypto::authn::{self, USERAGENT_CONTEXT}; -use arbiter_proto::{transport::Bi}; +use arbiter_proto::transport::Bi; use diesel::{ExpressionMethods as _, OptionalExtension as _, QueryDsl, update}; use diesel_async::{AsyncConnection, RunQueryDsl}; use kameo::actor::ActorRef; @@ -183,7 +183,7 @@ async fn register_key( nonce: NONCE_START, }; - integrity::sign_entity(conn, &keyholder, &entity, id) + integrity::sign_entity(conn, keyholder, &entity, id) .await .map_err(|e| { error!(error = ?e, "Failed to sign integrity tag for new user-agent key"); diff --git a/server/crates/arbiter-server/src/actors/user_agent/mod.rs b/server/crates/arbiter-server/src/actors/user_agent/mod.rs index de1a8c9..ac571d9 100644 --- a/server/crates/arbiter-server/src/actors/user_agent/mod.rs +++ b/server/crates/arbiter-server/src/actors/user_agent/mod.rs @@ -5,7 +5,6 @@ use crate::{ }; use arbiter_crypto::authn; - #[derive(Debug)] pub struct UserAgentCredentials { pub pubkey: authn::PublicKey, diff --git a/server/crates/arbiter-server/src/actors/user_agent/session/connection.rs b/server/crates/arbiter-server/src/actors/user_agent/session/connection.rs index a71b894..71f4067 100644 --- a/server/crates/arbiter-server/src/actors/user_agent/session/connection.rs +++ b/server/crates/arbiter-server/src/actors/user_agent/session/connection.rs @@ -1,7 +1,10 @@ use std::sync::Mutex; use alloy::{consensus::TxEip1559, primitives::Address, signers::Signature}; -use arbiter_crypto::{authn, safecell::{SafeCell, SafeCellHandle as _}}; +use arbiter_crypto::{ + authn, + safecell::{SafeCell, SafeCellHandle as _}, +}; use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit}; use diesel::{ExpressionMethods as _, QueryDsl as _, SelectableHelper}; use diesel_async::{AsyncConnection, RunQueryDsl}; @@ -14,23 +17,21 @@ use x25519_dalek::{EphemeralSecret, PublicKey}; use crate::actors::flow_coordinator::client_connect_approval::ClientApprovalAnswer; use crate::actors::keyholder::KeyHolderState; use crate::actors::user_agent::session::Error; +use crate::actors::{ + evm::{ + ClientSignTransaction, Generate, ListWallets, SignTransactionError as EvmSignError, + UseragentCreateGrant, UseragentListGrants, + }, + keyholder::{self, Bootstrap, TryUnseal}, + user_agent::session::{ + UserAgentSession, + state::{UnsealContext, UserAgentEvents, UserAgentStates}, + }, +}; use crate::db::models::{ EvmWalletAccess, NewEvmWalletAccess, ProgramClient, ProgramClientMetadata, }; use crate::evm::policies::{Grant, SpecificGrant}; -use crate::{ - actors::{ - evm::{ - ClientSignTransaction, Generate, ListWallets, SignTransactionError as EvmSignError, - UseragentCreateGrant, UseragentDeleteGrant, UseragentListGrants, - }, - keyholder::{self, Bootstrap, TryUnseal}, - user_agent::session::{ - UserAgentSession, - state::{UnsealContext, UserAgentEvents, UserAgentStates}, - }, - }, -}; impl UserAgentSession { fn take_unseal_secret(&mut self) -> Result<(EphemeralSecret, PublicKey), Error> { @@ -360,19 +361,21 @@ impl UserAgentSession { &mut self, grant_id: i32, ) -> Result<(), GrantMutationError> { - match self - .props - .actors - .evm - .ask(UseragentDeleteGrant { grant_id }) - .await - { - Ok(()) => Ok(()), - Err(err) => { - error!(?err, "EVM grant delete failed"); - Err(GrantMutationError::Internal) - } - } + // match self + // .props + // .actors + // .evm + // .ask(UseragentDeleteGrant { grant_id }) + // .await + // { + // Ok(()) => Ok(()), + // Err(err) => { + // error!(?err, "EVM grant delete failed"); + // Err(GrantMutationError::Internal) + // } + // } + let _ = grant_id; + todo!() } #[message] diff --git a/server/crates/arbiter-server/src/crypto/encryption/v1.rs b/server/crates/arbiter-server/src/crypto/encryption/v1.rs index 6f1a6a2..e2b7c04 100644 --- a/server/crates/arbiter-server/src/crypto/encryption/v1.rs +++ b/server/crates/arbiter-server/src/crypto/encryption/v1.rs @@ -59,9 +59,7 @@ mod tests { use std::ops::Deref as _; use super::*; - use crate::{ - crypto::derive_key - }; + use crate::crypto::derive_key; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; #[test] diff --git a/server/crates/arbiter-server/src/crypto/integrity/v1.rs b/server/crates/arbiter-server/src/crypto/integrity/v1.rs index 2114cc2..4b67217 100644 --- a/server/crates/arbiter-server/src/crypto/integrity/v1.rs +++ b/server/crates/arbiter-server/src/crypto/integrity/v1.rs @@ -1,7 +1,5 @@ -use crate::{ - actors::keyholder, crypto::integrity::hashing::Hashable -}; -use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; +use crate::{actors::keyholder, crypto::integrity::hashing::Hashable}; +use arbiter_crypto::safecell::SafeCellHandle as _; use hmac::{Hmac, Mac as _}; use sha2::Sha256; @@ -128,7 +126,7 @@ pub async fn sign_entity( insert_into(integrity_envelope::table) .values(NewIntegrityEnvelope { entity_kind: E::KIND.to_owned(), - entity_id: entity_id, + entity_id, payload_version: E::VERSION, key_version, mac: mac.to_vec(), @@ -205,20 +203,19 @@ mod tests { use diesel::{ExpressionMethods as _, QueryDsl}; use diesel_async::RunQueryDsl; use kameo::{actor::ActorRef, prelude::Spawn}; - use rand::seq::SliceRandom; + use sha2::Digest; - use proptest::prelude::*; + use crate::{ actors::keyholder::{Bootstrap, KeyHolder}, db::{self, schema}, - }; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use super::{Error, Integrable, sign_entity, verify_entity}; - use super::{hashing::Hashable, payload_hash}; + use super::hashing::Hashable; #[derive(Clone)] struct DummyEntity { diff --git a/server/crates/arbiter-server/src/crypto/integrity/v1/hashing.rs b/server/crates/arbiter-server/src/crypto/integrity/v1/hashing.rs index d172359..ec1aa71 100644 --- a/server/crates/arbiter-server/src/crypto/integrity/v1/hashing.rs +++ b/server/crates/arbiter-server/src/crypto/integrity/v1/hashing.rs @@ -62,10 +62,10 @@ impl Hashable for Option { fn hash(&self, hasher: &mut H) { match self { Some(value) => { - hasher.update(&[1]); + hasher.update([1]); value.hash(hasher); } - None => hasher.update(&[0]), + None => hasher.update([0]), } } } @@ -96,12 +96,12 @@ impl Hashable for alloy::primitives::U256 { impl Hashable for chrono::Duration { fn hash(&self, hasher: &mut H) { - hasher.update(&self.num_seconds().to_be_bytes()); + hasher.update(self.num_seconds().to_be_bytes()); } } impl Hashable for chrono::DateTime { fn hash(&self, hasher: &mut H) { - hasher.update(&self.timestamp_millis().to_be_bytes()); + hasher.update(self.timestamp_millis().to_be_bytes()); } } diff --git a/server/crates/arbiter-server/src/evm/safe_signer.rs b/server/crates/arbiter-server/src/evm/safe_signer.rs index 8604b57..e2f8100 100644 --- a/server/crates/arbiter-server/src/evm/safe_signer.rs +++ b/server/crates/arbiter-server/src/evm/safe_signer.rs @@ -1,12 +1,12 @@ use std::sync::Mutex; -use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use alloy::{ consensus::SignableTransaction, network::{TxSigner, TxSignerSync}, primitives::{Address, B256, ChainId, Signature}, signers::{Error, Result, Signer, SignerSync, utils::secret_key_to_address}, }; +use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use async_trait::async_trait; use k256::ecdsa::{self, RecoveryId, SigningKey, signature::hazmat::PrehashSigner}; diff --git a/server/crates/arbiter-server/tests/common/mod.rs b/server/crates/arbiter-server/tests/common/mod.rs index cf6bee6..c4e6878 100644 --- a/server/crates/arbiter-server/tests/common/mod.rs +++ b/server/crates/arbiter-server/tests/common/mod.rs @@ -1,9 +1,9 @@ +use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_proto::transport::{Bi, Error, Receiver, Sender}; use arbiter_server::{ actors::keyholder::KeyHolder, db::{self, schema}, }; -use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; use async_trait::async_trait; use diesel::QueryDsl; diff --git a/server/crates/arbiter-server/tests/keyholder/concurrency.rs b/server/crates/arbiter-server/tests/keyholder/concurrency.rs index 51ddda0..f128beb 100644 --- a/server/crates/arbiter-server/tests/keyholder/concurrency.rs +++ b/server/crates/arbiter-server/tests/keyholder/concurrency.rs @@ -1,11 +1,10 @@ use std::collections::{HashMap, HashSet}; +use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_server::{ actors::keyholder::{CreateNew, Error, KeyHolder}, db::{self, models, schema}, - }; -use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; use diesel::{ExpressionMethods as _, QueryDsl, SelectableHelper, dsl::sql_query}; use diesel_async::RunQueryDsl; diff --git a/server/crates/arbiter-server/tests/keyholder/lifecycle.rs b/server/crates/arbiter-server/tests/keyholder/lifecycle.rs index 0228e6f..bd50b6f 100644 --- a/server/crates/arbiter-server/tests/keyholder/lifecycle.rs +++ b/server/crates/arbiter-server/tests/keyholder/lifecycle.rs @@ -1,9 +1,9 @@ +use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_server::{ actors::keyholder::{Error, KeyHolder}, crypto::encryption::v1::{Nonce, ROOT_KEY_TAG}, db::{self, models, schema}, }; -use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; use diesel::{QueryDsl, SelectableHelper}; use diesel_async::RunQueryDsl; diff --git a/server/crates/arbiter-server/tests/keyholder/storage.rs b/server/crates/arbiter-server/tests/keyholder/storage.rs index 4bb7351..71ebccf 100644 --- a/server/crates/arbiter-server/tests/keyholder/storage.rs +++ b/server/crates/arbiter-server/tests/keyholder/storage.rs @@ -1,12 +1,11 @@ use std::collections::HashSet; +use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_server::{ actors::keyholder::Error, crypto::encryption::v1::Nonce, db::{self, models, schema}, - }; -use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; use diesel::{ExpressionMethods as _, QueryDsl, SelectableHelper, dsl::update}; use diesel_async::RunQueryDsl; diff --git a/server/crates/arbiter-server/tests/user_agent/auth.rs b/server/crates/arbiter-server/tests/user_agent/auth.rs index 00abf17..aeccc8a 100644 --- a/server/crates/arbiter-server/tests/user_agent/auth.rs +++ b/server/crates/arbiter-server/tests/user_agent/auth.rs @@ -1,4 +1,7 @@ -use arbiter_crypto::{authn::{self, format_challenge, USERAGENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; +use arbiter_crypto::{ + authn::{self, USERAGENT_CONTEXT, format_challenge}, + safecell::{SafeCell, SafeCellHandle as _}, +}; use arbiter_proto::transport::{Receiver, Sender}; use arbiter_server::{ diff --git a/server/crates/arbiter-server/tests/user_agent/unseal.rs b/server/crates/arbiter-server/tests/user_agent/unseal.rs index ce15095..15cf475 100644 --- a/server/crates/arbiter-server/tests/user_agent/unseal.rs +++ b/server/crates/arbiter-server/tests/user_agent/unseal.rs @@ -1,3 +1,4 @@ +use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_server::{ actors::{ GlobalActors, @@ -8,13 +9,9 @@ use arbiter_server::{ }, }, db, - }; -use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit}; -use diesel::{ExpressionMethods as _, QueryDsl as _, insert_into}; -use diesel_async::RunQueryDsl; use kameo::actor::Spawn as _; use x25519_dalek::{EphemeralSecret, PublicKey};