zecfoundation
/
zcashd
mirror of https://github.com/ZcashFoundation/zcashd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add audits for updates to futures-* 0.3.28 and redjubjub 0.7.0. 

Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Emma Hopwood 2023-04-04 02:03:40 +01:00
parent ff49b812da
commit d55d12d6e2
3 changed files with 56 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
qa/supply-chain/audits.toml
View File

@ -385,6 +385,12 @@ who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.26 -> 0.3.27"
[[audits.futures-channel]]
who = "Daira Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.27 -> 0.3.28"
notes = "Dependency updates, and an MSRV update to Rust 1.56."
[[audits.futures-core]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
@ -396,6 +402,15 @@ who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.26 -> 0.3.27"
[[audits.futures-core]]
who = "Daira Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.27 -> 0.3.28"
notes = """
Adds an optimization in unsafe code (https://github.com/rust-lang/futures-rs/pull/2723).
The new code in AtomicWaker calls self.waker.get() twice assuming the same resulting pointer, but this appears to be correct because the AtomicWaker is in the required locked state.
"""
[[audits.futures-task]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
@ -406,6 +421,18 @@ who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.26 -> 0.3.27"
[[audits.futures-task]]
who = "Daira Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.26 -> 0.3.28"
notes = "Dependency updates, and an MSRV update to Rust 1.56."
[[audits.futures-task]]
who = "Daira Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.27 -> 0.3.28"
notes = "Dependency updates, and an MSRV update to Rust 1.56."
[[audits.futures-util]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
@ -845,6 +872,23 @@ who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.5.0"
[[audits.redjubjub]]
who = "Daira Emma Hopwood <daira@jacaranda.org>"
criteria = ["safe-to-deploy", "crypto-reviewed"]
version = "0.7.0"
notes = """
This crate is a thin wrapper around the `reddsa` crate, which I did not review. I also
did not review tests or verify test vectors.
The comment on `batch::Verifier::verify` has an error in the batch verification equation,
filed as https://github.com/ZcashFoundation/redjubjub/issues/163 . It does not affect the
implementation which just delegates to `reddsa`. `reddsa` has the same comment bug filed as
https://github.com/ZcashFoundation/reddsa/issues/52 , but its batch verification implementation
is correct. (I checked the latter against https://zips.z.cash/protocol/protocol.pdf#reddsabatchvalidate
which has had previous cryptographic review by NCC group; see finding NCC-Zcash2018-009 in
https://research.nccgroup.com/wp-content/uploads/2020/07/NCC_Group_Zcash2018_Public_Report_2019-01-30_v1.3.pdf ).
"""
[[audits.regex]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"

12
qa/supply-chain/config.toml
View File

@ -203,14 +203,6 @@ criteria = "safe-to-deploy"
version = "2.0.0"
criteria = "safe-to-deploy"
[[exemptions.futures-channel]]
version = "0.3.21"
criteria = "safe-to-deploy"
[[exemptions.futures-core]]
version = "0.3.21"
criteria = "safe-to-deploy"
[[exemptions.futures-task]]
version = "0.3.21"
criteria = "safe-to-deploy"
@ -507,10 +499,6 @@ criteria = "safe-to-deploy"
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.redjubjub]]
version = "0.5.0"
criteria = "safe-to-deploy"
[[exemptions.redox_syscall]]
version = "0.2.16"
criteria = "safe-to-deploy"

12
qa/supply-chain/imports.lock
View File

@ -52,6 +52,18 @@ who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
delta = "0.9.0 -> 0.10.3"
[[audits.bytecode-alliance.audits.futures-channel]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
[[audits.bytecode-alliance.audits.futures-core]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
[[audits.bytecode-alliance.audits.memoffset]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"