Stas - Gitea: Git with a cup of tea

Stas Skipper

0 Followers · 0 Following

My pronounces are: your/fucking/boss
Joined on 2025-09-03

Skipper created pull request MarketTakers/arbiter#76

2026-04-06 10:57:44 +00:00

fix(server): added chain_id check and covered check_shared_constraints with unit tests

Skipper pushed to push-stpqsyooorwm at MarketTakers/arbiter

2026-04-06 10:57:30 +00:00

f6b62ab884 fix(server): added chain_id check and covered check_shared_constraints with unit tests

Skipper created branch push-stpqsyooorwm in MarketTakers/arbiter

2026-04-06 10:57:29 +00:00

Skipper pushed to main at MarketTakers/arbiter

2026-04-06 10:04:09 +00:00

2dd5a3f32f tests(server): initial cargo-mutants

1aca9d4007 fix(server): simplify hash function for debug profile

Compare 2 commits »

Skipper opened issue MarketTakers/arbiter#75

2026-04-06 10:02:21 +00:00

Mutation Testing: Missing Test Coverage (~184 genuine gaps from 225 mutations)

Skipper deleted branch integrity-envelope from MarketTakers/arbiter

2026-04-05 16:26:52 +00:00

Skipper pushed to main at MarketTakers/arbiter

2026-04-05 16:26:52 +00:00

5ee1b49c43 Merge pull request 'feat(server): integrity envelope engine for EVM grants with HMAC verification' (#51) from integrity-envelope into main

00745bb381 tests(server): fixed for new integrity checks

b122aa464c refactor(server): rework envelopes and integrity check

9fab945a00 fix(server): remove stale mentions of miette

aeed664e9a chore: inline integrity proto types

Compare 6 commits »

Skipper merged pull request MarketTakers/arbiter#51

2026-04-05 16:26:51 +00:00

feat(server): integrity envelope engine for EVM grants with HMAC verification

Skipper commented on pull request MarketTakers/arbiter#53

2026-04-05 16:26:34 +00:00

feat(server): implement useragent_delete_grant hard delete cleanup

Well, after some chill I though of another idea: we could just use shared_grant_id (id of evm_basic_grant) instead of grant specific id. In this way, we would avoid writing generic invocation…

Skipper opened issue MarketTakers/arbiter#73

2026-04-05 16:23:12 +00:00

Consumed bootstrap token is not zeroized in memory

Skipper opened issue MarketTakers/arbiter#74

2026-04-05 16:23:12 +00:00

Zombie user-agent sessions can block all new client approvals

Skipper opened issue MarketTakers/arbiter#71

2026-04-05 16:23:11 +00:00

Wallet-access revocation deletes by wallet_id instead of entry id

Skipper opened issue MarketTakers/arbiter#72

2026-04-05 16:23:11 +00:00

Bootstrap token comparison is not constant-time

Skipper opened issue MarketTakers/arbiter#70

2026-04-05 16:23:10 +00:00

Client approval quorum differs from documented consensus model

Skipper opened issue MarketTakers/arbiter#69

2026-04-05 16:23:10 +00:00

Integrity MAC depends on unordered SQLite row ordering

Skipper opened issue MarketTakers/arbiter#68

2026-04-05 16:23:09 +00:00

RequestTracker allows arbitrary gaps across request flows

Skipper opened issue MarketTakers/arbiter#67

2026-04-05 16:23:09 +00:00

Bootstrap token RNG seeding should be made explicit

Skipper opened issue MarketTakers/arbiter#66

2026-04-05 16:23:08 +00:00

Transaction logs can be tampered with to reset rate limits

Skipper opened issue MarketTakers/arbiter#65

2026-04-05 16:23:08 +00:00

Integrity envelopes do not survive root key rotation

Skipper opened issue MarketTakers/arbiter#63

2026-04-05 16:23:07 +00:00

SDK client metadata is silently rewritten on reconnect

1 2 3 4 5 ...