d350731dda
Update assumptions.md
2020-11-27 19:26:09 +01:00
36a025b088
Update to Go 1.15.5 to account for CVE-2020-28362
2020-11-27 19:20:07 +01:00
540fbbb31b
Clarify that we do not automatically rate limit spammy guardians
2020-11-27 19:08:13 +01:00
d4054b4733
Update assumptions.md
2020-11-27 19:00:39 +01:00
70eddbee6e
Document our security assumptions
2020-11-27 18:51:32 +01:00
4658dcb8f1
Update README.md
2020-11-27 15:16:18 +01:00
f43e5617f9
Update operations.md
2020-11-24 22:57:50 +01:00
8306a83833
solana/agent: listen on UNIX socket ( #122 )
...
This allows us to use UNIX filesystem permissions for access control.
Previously, any process in the network namespace could connect to it,
which is insecure for obvious reasons.
Verified that correct permissions are set:
```
# ls -lisa /run/bridge/
total 8
31996269 4 drwxrwxrwx 2 root root 4096 Nov 23 21:58 .
14676759 4 drwxr-xr-x 1 root root 4096 Nov 23 21:58 ..
31996306 0 srwx------ 1 root root 0 Nov 23 21:58 agent.sock
```
Fixes #119
2020-11-24 09:48:44 +01:00
d99977a8ae
Commit .run IntelliJ shortcuts to repo
2020-11-23 17:21:41 +01:00
471417cd6e
bridge: use GPG-armored binary protobufs for keys
2020-11-20 22:40:42 +01:00
0152a00114
all: rename LockupObservation to SignedObservation
...
We observe things other than lockups, account for it.
2020-11-20 22:35:00 +01:00
50807037a5
Update README.md
2020-11-20 21:32:12 +01:00
e5a81c0db3
Update README.md
...
Add flavour
2020-11-20 21:29:47 +01:00
3e3e9dd651
bridge: fix typo in flag errors
2020-11-20 21:18:29 +01:00
14106ea750
Update operations.md
2020-11-20 19:54:40 +01:00
be6320af69
Update README.md
2020-11-20 19:26:03 +01:00
f2aa612ee0
Add nodearchitecture.excalidraw
2020-11-20 19:14:09 +01:00
b9a8b9e345
operations.md draft
2020-11-20 19:13:22 +01:00
3e57f475e1
solana: fix borrow issues
2020-11-20 14:23:05 +01:00
501a63c9eb
chmod +x send-eth-lockups.sh
2020-11-20 12:05:39 +01:00
8510140165
subsidize guardian transactions using fees ( #82 )
...
* subsidize guardian transactions using fees
* reuse transfer function
* evict signature state on inbound transfers
* fix mutability issues due to copying
* add fee refund
* unify fee calculation
* add fee documentation
* Unflip tables
* type annotation
2020-11-19 22:47:09 +01:00
ee5d07c929
Fixes to VAA submission to Terra smart contract ( #115 )
...
* Terra smart contract binary interface changed from vector to base64 string
* Added initial guardian set submission to Terra
2020-11-19 20:05:05 +01:00
e39fb2abec
Update README.md
2020-11-19 16:33:34 +01:00
90f1c9703a
Update README.md
2020-11-19 16:30:13 +01:00
dc82826ef3
Update overview image to properly describe Terra flow
2020-11-19 16:24:34 +01:00
a3c745ace7
bridge/pkg/ethereum: remove channel unsubscribes
...
Unsubscribe() does blocking I/O that ignores the runnable context
and can block forever: #107
It would appear that removing the Unsubscribe calls is the only
way to work around this go-ethereum bug.
ghstack-source-id: 93f287efc0https://github.com/certusone/wormhole/pull/109
2020-11-19 12:57:21 +01:00
66430cb5be
bridge: implement guardian set update submission node admin service
...
Tested on a live devnet via `scripts/test-injection.sh 0`.
ghstack-source-id: 92489c2455https://github.com/certusone/wormhole/pull/104
2020-11-19 12:57:21 +01:00
7545d2b803
terra: disable in production mode
...
ghstack-source-id: c22885f121https://github.com/certusone/wormhole/pull/103
2020-11-19 12:57:21 +01:00
5f8ca60ab1
bridge: refactor out broadcastSignature to prepare for injection path
...
ghstack-source-id: e3b8aee5a0https://github.com/certusone/wormhole/pull/102
2020-11-19 12:57:21 +01:00
fdc2be10b3
solana: verify that new guardian set isn't empty
...
ghstack-source-id: 4fc1d94152https://github.com/certusone/wormhole/pull/101
2020-11-19 12:57:21 +01:00
ee71c73611
docs: add simple overview image
...
ghstack-source-id: 275b38858ahttps://github.com/certusone/wormhole/pull/92
2020-11-19 12:57:21 +01:00
798ffec09c
bridge: implement keygen command
...
Tested using `/guardiand keygen /bar --desc foobar`.
ghstack-source-id: 9f96ce7c0chttps://github.com/certusone/wormhole/pull/91
2020-11-19 12:57:21 +01:00
d9f8174d76
bridge: implement bridge key serialization
...
ghstack-source-id: f218021514https://github.com/certusone/wormhole/pull/90
2020-11-19 12:57:21 +01:00
114524a096
ethereum: update packages and use package-lock.json
...
Ran `npm update`. This resolves a ganache crash.
We can't really use `npm ci` because it's intentionally incompatible
with our incremental development workflow. We'll want to use it for
production builds, though.
ghstack-source-id: c66c5d4647https://github.com/certusone/wormhole/pull/89
2020-11-19 12:57:21 +01:00
84600ad9f5
terra: include block timestamp in VAAs ( #94 )
...
Fixes #93
2020-11-18 19:16:29 +01:00
bbf479871f
pkg/devnet: split up deterministic key generation functions
...
Only moved code, no functional changes.
2020-11-18 14:30:25 +01:00
da768a09c4
ethereum: mine ganache blocks in the background
...
Fixes #75 .
2020-11-18 13:56:56 +01:00
22368def3e
Clarify maintainer for Terra integration.
2020-11-18 13:35:53 +01:00
24d5be2cba
Readme added for the Terra contracts, several security issues fixed in the contracts ( #88 )
2020-11-18 13:07:36 +01:00
b93fdabf4c
Update README.md
2020-11-16 22:52:53 +01:00
3264f7622d
terra: split and clean up k8s configs
2020-11-16 17:45:17 +01:00
7d617095e2
terra: fix watcher ws argument
2020-11-16 16:59:58 +01:00
53c994b1ac
ethereum: a wild node-gyp python dependency appeared
...
¯\_(ツ)_/¯
2020-11-16 14:09:21 +01:00
07da9f10ef
go mod tidy
2020-11-16 13:51:22 +01:00
f072e8c36a
Clean up some style nits.
2020-11-16 13:34:19 +01:00
1ca2e29916
Terra support added ( #79 )
...
This commit adds initial support for the Terra blockchain.
2020-11-16 13:28:07 +01:00
e0ca52deb5
Update README.md
2020-11-15 18:48:53 +01:00
0d12e142f1
Remove broken .run files
2020-11-14 10:25:53 +01:00
cee28540bd
Upgrade SDK; add balance rpc call ( #80 )
2020-11-13 14:14:56 +01:00
aed8f6637c
Remove outdated TODO comments
2020-11-13 11:44:09 +01:00
Leo
Hendrik Hofstad
Hendrik Hofstadt
Yuriy Savchenko