MarketTakers/arbiter
5
0
Fork 0
Code Issues 27 Pull Requests 4 Packages Projects Releases Wiki Activity

housekeeping(server): fixed clippy warns
Some checks failed
ci/woodpecker/pr/server-audit Pipeline was successful
Details
ci/woodpecker/pr/server-lint Pipeline failed
Details
ci/woodpecker/pr/server-vet Pipeline failed
Details
ci/woodpecker/pr/server-test Pipeline was successful
Details

Browse Source
This commit is contained in:
hdbg
2026-04-07 16:25:21 +02:00
parent d22ab49e3d
commit a9f9fc2a9d
19 changed files with 68 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/crates/arbiter-client/src/auth.rs
View File

@@ -1,3 +1,4 @@
use arbiter_crypto::authn::{CLIENT_CONTEXT, SigningKey, format_challenge};
use arbiter_proto::{ use arbiter_proto::{
ClientMetadata, ClientMetadata,
proto::{ proto::{
@@ -14,7 +15,6 @@ use arbiter_proto::{
shared::ClientInfo as ProtoClientInfo, shared::ClientInfo as ProtoClientInfo,
}, },
}; };
use arbiter_crypto::authn::{CLIENT_CONTEXT, PublicKey, Signature, SigningKey, format_challenge};
use crate::{ use crate::{
storage::StorageError, storage::StorageError,

2
server/crates/arbiter-crypto/src/lib.rs
View File

@@ -1,7 +1,5 @@
#[cfg(feature = "authn")] #[cfg(feature = "authn")]
pub mod authn; pub mod authn;
#[cfg(feature = "safecell")] #[cfg(feature = "safecell")]
pub mod safecell; pub mod safecell;

2
server/crates/arbiter-crypto/src/safecell.rs
View File

@@ -107,7 +107,7 @@ fn abort_memory_breach(action: &str, err: &memsafe::error::MemoryError) -> ! {
eprintln!("fatal {action}: {err}"); eprintln!("fatal {action}: {err}");
// SAFETY: Intentionally cause a segmentation fault to prevent further execution in a compromised state. // SAFETY: Intentionally cause a segmentation fault to prevent further execution in a compromised state.
unsafe { unsafe {
let unsafe_pointer = 0x0 as *mut u8; let unsafe_pointer = std::ptr::null_mut::<u8>();
std::ptr::write_volatile(unsafe_pointer, 0); std::ptr::write_volatile(unsafe_pointer, 0);
} }
std::process::abort(); std::process::abort();

2
server/crates/arbiter-proto/src/lib.rs
View File

@@ -1,8 +1,6 @@
pub mod transport; pub mod transport;
pub mod url; pub mod url;
use base64::{Engine, prelude::BASE64_STANDARD};
pub mod proto { pub mod proto {
tonic::include_proto!("arbiter"); tonic::include_proto!("arbiter");

7
server/crates/arbiter-server/src/actors/evm/mod.rs
View File

@@ -7,11 +7,11 @@ use kameo::{Actor, actor::ActorRef, messages};
use rand::{SeedableRng, rng, rngs::StdRng}; use rand::{SeedableRng, rng, rngs::StdRng};
use crate::{ use crate::{
actors::keyholder::{CreateNew, Decrypt, GetState, KeyHolder, KeyHolderState}, actors::keyholder::{CreateNew, Decrypt, KeyHolder},
crypto::integrity, crypto::integrity,
db::{ db::{
DatabaseError, DatabasePool, DatabaseError, DatabasePool,
models::{self, SqliteTimestamp}, models::{self},
schema, schema,
}, },
evm::{ evm::{
@@ -21,7 +21,6 @@ use crate::{
ether_transfer::EtherTransfer, token_transfers::TokenTransfer, ether_transfer::EtherTransfer, token_transfers::TokenTransfer,
}, },
}, },
}; };
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
@@ -159,7 +158,7 @@ impl EvmActor {
} }
#[message] #[message]
pub async fn useragent_delete_grant(&mut self, grant_id: i32) -> Result<(), Error> { pub async fn useragent_delete_grant(&mut self, _grant_id: i32) -> Result<(), Error> {
// let mut conn = self.db.get().await.map_err(DatabaseError::from)?; // let mut conn = self.db.get().await.map_err(DatabaseError::from)?;
// let keyholder = self.keyholder.clone(); // let keyholder = self.keyholder.clone();

24
server/crates/arbiter-server/src/actors/keyholder/mod.rs
View File

@@ -9,19 +9,15 @@ use kameo::{Actor, Reply, messages};
use strum::{EnumDiscriminants, IntoDiscriminant}; use strum::{EnumDiscriminants, IntoDiscriminant};
use tracing::{error, info}; use tracing::{error, info};
use crate::{ use crate::crypto::{
crypto::{ KeyCell, derive_key,
KeyCell, derive_key, encryption::v1::{self, Nonce},
encryption::v1::{self, Nonce}, integrity::v1::HmacSha256,
integrity::v1::HmacSha256,
},
}; };
use crate::{ use crate::db::{
db::{ self,
self, models::{self, RootKeyHistory},
models::{self, RootKeyHistory}, schema::{self},
schema::{self},
},
}; };
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
@@ -399,9 +395,7 @@ mod tests {
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;
use crate::{ use crate::db::{self};
db::{self},
};
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use super::*; use super::*;

4
server/crates/arbiter-server/src/actors/user_agent/auth/state.rs
View File

@@ -1,5 +1,5 @@
use arbiter_crypto::authn::{self, USERAGENT_CONTEXT}; use arbiter_crypto::authn::{self, USERAGENT_CONTEXT};
use arbiter_proto::{transport::Bi}; use arbiter_proto::transport::Bi;
use diesel::{ExpressionMethods as _, OptionalExtension as _, QueryDsl, update}; use diesel::{ExpressionMethods as _, OptionalExtension as _, QueryDsl, update};
use diesel_async::{AsyncConnection, RunQueryDsl}; use diesel_async::{AsyncConnection, RunQueryDsl};
use kameo::actor::ActorRef; use kameo::actor::ActorRef;
@@ -183,7 +183,7 @@ async fn register_key(
nonce: NONCE_START, nonce: NONCE_START,
}; };
integrity::sign_entity(conn, &keyholder, &entity, id) integrity::sign_entity(conn, keyholder, &entity, id)
.await .await
.map_err(|e| { .map_err(|e| {
error!(error = ?e, "Failed to sign integrity tag for new user-agent key"); error!(error = ?e, "Failed to sign integrity tag for new user-agent key");

1
server/crates/arbiter-server/src/actors/user_agent/mod.rs
View File

@@ -5,7 +5,6 @@ use crate::{
}; };
use arbiter_crypto::authn; use arbiter_crypto::authn;
#[derive(Debug)] #[derive(Debug)]
pub struct UserAgentCredentials { pub struct UserAgentCredentials {
pub pubkey: authn::PublicKey, pub pubkey: authn::PublicKey,

57
server/crates/arbiter-server/src/actors/user_agent/session/connection.rs
View File

@@ -1,7 +1,10 @@
use std::sync::Mutex; use std::sync::Mutex;
use alloy::{consensus::TxEip1559, primitives::Address, signers::Signature}; use alloy::{consensus::TxEip1559, primitives::Address, signers::Signature};
use arbiter_crypto::{authn, safecell::{SafeCell, SafeCellHandle as _}}; use arbiter_crypto::{
authn,
safecell::{SafeCell, SafeCellHandle as _},
};
use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit}; use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit};
use diesel::{ExpressionMethods as _, QueryDsl as _, SelectableHelper}; use diesel::{ExpressionMethods as _, QueryDsl as _, SelectableHelper};
use diesel_async::{AsyncConnection, RunQueryDsl}; use diesel_async::{AsyncConnection, RunQueryDsl};
@@ -14,23 +17,21 @@ use x25519_dalek::{EphemeralSecret, PublicKey};
use crate::actors::flow_coordinator::client_connect_approval::ClientApprovalAnswer; use crate::actors::flow_coordinator::client_connect_approval::ClientApprovalAnswer;
use crate::actors::keyholder::KeyHolderState; use crate::actors::keyholder::KeyHolderState;
use crate::actors::user_agent::session::Error; use crate::actors::user_agent::session::Error;
use crate::actors::{
evm::{
ClientSignTransaction, Generate, ListWallets, SignTransactionError as EvmSignError,
UseragentCreateGrant, UseragentListGrants,
},
keyholder::{self, Bootstrap, TryUnseal},
user_agent::session::{
UserAgentSession,
state::{UnsealContext, UserAgentEvents, UserAgentStates},
},
};
use crate::db::models::{ use crate::db::models::{
EvmWalletAccess, NewEvmWalletAccess, ProgramClient, ProgramClientMetadata, EvmWalletAccess, NewEvmWalletAccess, ProgramClient, ProgramClientMetadata,
}; };
use crate::evm::policies::{Grant, SpecificGrant}; use crate::evm::policies::{Grant, SpecificGrant};
use crate::{
actors::{
evm::{
ClientSignTransaction, Generate, ListWallets, SignTransactionError as EvmSignError,
UseragentCreateGrant, UseragentDeleteGrant, UseragentListGrants,
},
keyholder::{self, Bootstrap, TryUnseal},
user_agent::session::{
UserAgentSession,
state::{UnsealContext, UserAgentEvents, UserAgentStates},
},
},
};
impl UserAgentSession { impl UserAgentSession {
fn take_unseal_secret(&mut self) -> Result<(EphemeralSecret, PublicKey), Error> { fn take_unseal_secret(&mut self) -> Result<(EphemeralSecret, PublicKey), Error> {
@@ -360,19 +361,21 @@ impl UserAgentSession {
&mut self, &mut self,
grant_id: i32, grant_id: i32,
) -> Result<(), GrantMutationError> { ) -> Result<(), GrantMutationError> {
match self // match self
.props // .props
.actors // .actors
.evm // .evm
.ask(UseragentDeleteGrant { grant_id }) // .ask(UseragentDeleteGrant { grant_id })
.await // .await
{ // {
Ok(()) => Ok(()), // Ok(()) => Ok(()),
Err(err) => { // Err(err) => {
error!(?err, "EVM grant delete failed"); // error!(?err, "EVM grant delete failed");
Err(GrantMutationError::Internal) // Err(GrantMutationError::Internal)
} // }
} // }
let _ = grant_id;
todo!()
} }
#[message] #[message]

4
server/crates/arbiter-server/src/crypto/encryption/v1.rs
View File

@@ -59,9 +59,7 @@ mod tests {
use std::ops::Deref as _; use std::ops::Deref as _;
use super::*; use super::*;
use crate::{ use crate::crypto::derive_key;
crypto::derive_key
};
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
#[test] #[test]

15
server/crates/arbiter-server/src/crypto/integrity/v1.rs
View File

@@ -1,7 +1,5 @@
use crate::{ use crate::{actors::keyholder, crypto::integrity::hashing::Hashable};
actors::keyholder, crypto::integrity::hashing::Hashable use arbiter_crypto::safecell::SafeCellHandle as _;
};
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use hmac::{Hmac, Mac as _}; use hmac::{Hmac, Mac as _};
use sha2::Sha256; use sha2::Sha256;
@@ -128,7 +126,7 @@ pub async fn sign_entity<E: Integrable>(
insert_into(integrity_envelope::table) insert_into(integrity_envelope::table)
.values(NewIntegrityEnvelope { .values(NewIntegrityEnvelope {
entity_kind: E::KIND.to_owned(), entity_kind: E::KIND.to_owned(),
entity_id: entity_id, entity_id,
payload_version: E::VERSION, payload_version: E::VERSION,
key_version, key_version,
mac: mac.to_vec(), mac: mac.to_vec(),
@@ -205,20 +203,19 @@ mod tests {
use diesel::{ExpressionMethods as _, QueryDsl}; use diesel::{ExpressionMethods as _, QueryDsl};
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;
use kameo::{actor::ActorRef, prelude::Spawn}; use kameo::{actor::ActorRef, prelude::Spawn};
use rand::seq::SliceRandom;
use sha2::Digest; use sha2::Digest;
use proptest::prelude::*;
use crate::{ use crate::{
actors::keyholder::{Bootstrap, KeyHolder}, actors::keyholder::{Bootstrap, KeyHolder},
db::{self, schema}, db::{self, schema},
}; };
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _}; use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use super::{Error, Integrable, sign_entity, verify_entity}; use super::{Error, Integrable, sign_entity, verify_entity};
use super::{hashing::Hashable, payload_hash}; use super::hashing::Hashable;
#[derive(Clone)] #[derive(Clone)]
struct DummyEntity { struct DummyEntity {

8
server/crates/arbiter-server/src/crypto/integrity/v1/hashing.rs
View File

@@ -62,10 +62,10 @@ impl<T: Hashable> Hashable for Option<T> {
fn hash<H: Digest>(&self, hasher: &mut H) { fn hash<H: Digest>(&self, hasher: &mut H) {
match self { match self {
Some(value) => { Some(value) => {
hasher.update(&[1]); hasher.update([1]);
value.hash(hasher); value.hash(hasher);
} }
None => hasher.update(&[0]), None => hasher.update([0]),
} }
} }
} }
@@ -96,12 +96,12 @@ impl Hashable for alloy::primitives::U256 {
impl Hashable for chrono::Duration { impl Hashable for chrono::Duration {
fn hash<H: Digest>(&self, hasher: &mut H) { fn hash<H: Digest>(&self, hasher: &mut H) {
hasher.update(&self.num_seconds().to_be_bytes()); hasher.update(self.num_seconds().to_be_bytes());
} }
} }
impl Hashable for chrono::DateTime<chrono::Utc> { impl Hashable for chrono::DateTime<chrono::Utc> {
fn hash<H: Digest>(&self, hasher: &mut H) { fn hash<H: Digest>(&self, hasher: &mut H) {
hasher.update(&self.timestamp_millis().to_be_bytes()); hasher.update(self.timestamp_millis().to_be_bytes());
} }
} }

2
server/crates/arbiter-server/src/evm/safe_signer.rs
View File

@@ -1,12 +1,12 @@
use std::sync::Mutex; use std::sync::Mutex;
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use alloy::{ use alloy::{
consensus::SignableTransaction, consensus::SignableTransaction,
network::{TxSigner, TxSignerSync}, network::{TxSigner, TxSignerSync},
primitives::{Address, B256, ChainId, Signature}, primitives::{Address, B256, ChainId, Signature},
signers::{Error, Result, Signer, SignerSync, utils::secret_key_to_address}, signers::{Error, Result, Signer, SignerSync, utils::secret_key_to_address},
}; };
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use async_trait::async_trait; use async_trait::async_trait;
use k256::ecdsa::{self, RecoveryId, SigningKey, signature::hazmat::PrehashSigner}; use k256::ecdsa::{self, RecoveryId, SigningKey, signature::hazmat::PrehashSigner};

2
server/crates/arbiter-server/tests/common/mod.rs
View File

@@ -1,9 +1,9 @@
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use arbiter_proto::transport::{Bi, Error, Receiver, Sender}; use arbiter_proto::transport::{Bi, Error, Receiver, Sender};
use arbiter_server::{ use arbiter_server::{
actors::keyholder::KeyHolder, actors::keyholder::KeyHolder,
db::{self, schema}, db::{self, schema},
}; };
use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}};
use async_trait::async_trait; use async_trait::async_trait;
use diesel::QueryDsl; use diesel::QueryDsl;

3
server/crates/arbiter-server/tests/keyholder/concurrency.rs
View File

@@ -1,11 +1,10 @@
use std::collections::{HashMap, HashSet}; use std::collections::{HashMap, HashSet};
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use arbiter_server::{ use arbiter_server::{
actors::keyholder::{CreateNew, Error, KeyHolder}, actors::keyholder::{CreateNew, Error, KeyHolder},
db::{self, models, schema}, db::{self, models, schema},
}; };
use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}};
use diesel::{ExpressionMethods as _, QueryDsl, SelectableHelper, dsl::sql_query}; use diesel::{ExpressionMethods as _, QueryDsl, SelectableHelper, dsl::sql_query};
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;

2
server/crates/arbiter-server/tests/keyholder/lifecycle.rs
View File

@@ -1,9 +1,9 @@
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use arbiter_server::{ use arbiter_server::{
actors::keyholder::{Error, KeyHolder}, actors::keyholder::{Error, KeyHolder},
crypto::encryption::v1::{Nonce, ROOT_KEY_TAG}, crypto::encryption::v1::{Nonce, ROOT_KEY_TAG},
db::{self, models, schema}, db::{self, models, schema},
}; };
use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}};
use diesel::{QueryDsl, SelectableHelper}; use diesel::{QueryDsl, SelectableHelper};
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;

3
server/crates/arbiter-server/tests/keyholder/storage.rs
View File

@@ -1,12 +1,11 @@
use std::collections::HashSet; use std::collections::HashSet;
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use arbiter_server::{ use arbiter_server::{
actors::keyholder::Error, actors::keyholder::Error,
crypto::encryption::v1::Nonce, crypto::encryption::v1::Nonce,
db::{self, models, schema}, db::{self, models, schema},
}; };
use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}};
use diesel::{ExpressionMethods as _, QueryDsl, SelectableHelper, dsl::update}; use diesel::{ExpressionMethods as _, QueryDsl, SelectableHelper, dsl::update};
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;

5
server/crates/arbiter-server/tests/user_agent/auth.rs
View File

@@ -1,4 +1,7 @@
use arbiter_crypto::{authn::{self, format_challenge, USERAGENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}}; use arbiter_crypto::{
authn::{self, USERAGENT_CONTEXT, format_challenge},
safecell::{SafeCell, SafeCellHandle as _},
};
use arbiter_proto::transport::{Receiver, Sender}; use arbiter_proto::transport::{Receiver, Sender};
use arbiter_server::{ use arbiter_server::{

5
server/crates/arbiter-server/tests/user_agent/unseal.rs
View File

@@ -1,3 +1,4 @@
use arbiter_crypto::safecell::{SafeCell, SafeCellHandle as _};
use arbiter_server::{ use arbiter_server::{
actors::{ actors::{
GlobalActors, GlobalActors,
@@ -8,13 +9,9 @@ use arbiter_server::{
}, },
}, },
db, db,
}; };
use arbiter_crypto::{authn::{self, format_challenge, CLIENT_CONTEXT}, safecell::{SafeCell, SafeCellHandle as _}};
use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit}; use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit};
use diesel::{ExpressionMethods as _, QueryDsl as _, insert_into};
use diesel_async::RunQueryDsl;
use kameo::actor::Spawn as _; use kameo::actor::Spawn as _;
use x25519_dalek::{EphemeralSecret, PublicKey}; use x25519_dalek::{EphemeralSecret, PublicKey};