* tools: Add unparam linter
unparam detects unused parameters in functions, and a parameter to
a function which only ever takes on one value. The latter is an
indication that more tests are required.
There are many nolints in this PR, as I believe that writing tests
to fix alot of these situations is out of scope for this PR / it
will be changed in future commits. There are some nolints for
when we have to comply to normal api's.
* crypto/keys no longer used by x/gov/client/rest/rest.go
* x/stake: Limit the size of rationals from user input
This commit sets the maximum number of decimal points that can be
passed in from messages. This is enforced on the validate basic of
MsgBeginUnbonding and MsgBeginRedelegation. The cli has been
updated to truncate the user input to the specified precision. This
also updates types/rational to return big ints for Num() and Den().
Closes#887
* Switch NewFromDecimal to error instead of truncating
This is done so that the time spent on bcrypt during test cases
can be reduced. This change reduces the amount of time lcd tests
spend on bcrypt from 76% to 40%. (We need to reduce the number of
calls to bcrypt in a seperate PR, along with fixing other sources
of slowness)
Making the bcrypt security parameter a var shouldn't be a security issue:
One can't verify an invalid key by maliciously changing the bcrypt
parameter during a runtime vulnerability. The main security
threat this then exposes would be something that changes this during
runtime before the user creates their key. This vulnerability must
succeed to update this to that same value before every subsequent call
to gaiacli keys in future startups / or the attacker must get access
to the filesystem. However, with this same threat model (changing
variables in runtime), one can cause the user to sign a different tx
than what they see, which is a significantly cheaper attack then breaking
a bcrypt hash. (Recall that the nonce still exists to break rainbow
tables)
Merges the keybase and Ledger code from go-crypto (which is no more) into the SDK
Adds support for Ledger into gaiacli
Cherry-picks updated error handling from #1158
* tools: Add ineffassign linter
This errors on assignments that don't actually do anything. i.e.
x, err := myFunc(1)
y, err = myFunc(2)
This will call out that the first function's call error was never
used.
* Fix makefile, add misspell to makefile
Ethan Buchman
Dev Ojha
Christopher Goes
Rigel
Yanqing Yang
David Kajpust
Aditya Sripal