certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
322 Commits 392 Branches 193 Tags 194 MiB
Commit Graph

322 Commits

Author SHA1 Message Date
Leo 30278397f7 bridge: add erc20 abi for use in tests 2020-11-29 17:07:15 +01:00
Leo 2967653e06 solana: partially revert #82 subsidization changes 
... while keeping the borrowing fixes. Please review carefully whether
any of the remaining changes should've been reverted as well.

Fails due to account ownership check for debits, new tests caught it.
 2020-11-29 17:07:15 +01:00
Leo fddbd01f9d solana: update Rust and Solana to latest stable releases 
Unfortunately, the new release has a much chattier message_processor,
but we cannot do anything about that without losing value debug info.
 2020-11-29 17:07:15 +01:00
Leo de8d1dee31 devnet: pin Dockerfile syntax to digest 
This speeds up the build by ~1.5s by avoiding a remote lookup on
Docker Hub every time this is built (WTF).
 2020-11-29 17:07:15 +01:00
Leo a2f48fdee3 solana/cli: fetch token account balance 
The request needs to include the decimals (part of the derivation path).
 2020-11-29 17:07:15 +01:00
Leo 45837241ed devnet: add readiness checks to most components 2020-11-29 17:07:15 +01:00
Leo 561852d499 bridge: simple readiness check 2020-11-29 17:07:15 +01:00
Leo ee0904adf9 Update assumptions.md 2020-11-27 19:43:57 +01:00
Leo 8c0c902b42 Update assumptions.md 2020-11-27 19:31:11 +01:00
Leo c2c50b3326 Update assumptions.md 2020-11-27 19:28:14 +01:00
Leo 26942d7edb Update assumptions.md 2020-11-27 19:27:11 +01:00
Leo d350731dda Update assumptions.md 2020-11-27 19:26:09 +01:00
Leo 36a025b088 Update to Go 1.15.5 to account for CVE-2020-28362 2020-11-27 19:20:07 +01:00
Leo 540fbbb31b Clarify that we do not automatically rate limit spammy guardians 2020-11-27 19:08:13 +01:00
Leo d4054b4733 Update assumptions.md 2020-11-27 19:00:39 +01:00
Leo 70eddbee6e Document our security assumptions 2020-11-27 18:51:32 +01:00
Leopold Schabel 4658dcb8f1
Update README.md 2020-11-27 15:16:18 +01:00
Leopold Schabel f43e5617f9
Update operations.md 2020-11-24 22:57:50 +01:00
Leopold Schabel 8306a83833
solana/agent: listen on UNIX socket (#122) 
This allows us to use UNIX filesystem permissions for access control.

Previously, any process in the network namespace could connect to it,
which is insecure for obvious reasons.

Verified that correct permissions are set:

```
# ls -lisa /run/bridge/
total 8
31996269 4 drwxrwxrwx 2 root root 4096 Nov 23 21:58 .
14676759 4 drwxr-xr-x 1 root root 4096 Nov 23 21:58 ..
31996306 0 srwx------ 1 root root    0 Nov 23 21:58 agent.sock
```

Fixes #119
 2020-11-24 09:48:44 +01:00
Leo d99977a8ae Commit .run IntelliJ shortcuts to repo 2020-11-23 17:21:41 +01:00
Leo 471417cd6e bridge: use GPG-armored binary protobufs for keys 2020-11-20 22:40:42 +01:00
Leo 0152a00114 all: rename LockupObservation to SignedObservation 
We observe things other than lockups, account for it.
 2020-11-20 22:35:00 +01:00
Leo 50807037a5 Update README.md 2020-11-20 21:32:12 +01:00
Leo e5a81c0db3 Update README.md 
Add flavour
 2020-11-20 21:29:47 +01:00
Leo 3e3e9dd651 bridge: fix typo in flag errors 2020-11-20 21:18:29 +01:00
Leo 14106ea750 Update operations.md 2020-11-20 19:54:40 +01:00
Leo be6320af69 Update README.md 2020-11-20 19:26:03 +01:00
Leo f2aa612ee0 Add nodearchitecture.excalidraw 2020-11-20 19:14:09 +01:00
Leo b9a8b9e345 operations.md draft 2020-11-20 19:13:22 +01:00
Hendrik Hofstad 3e57f475e1 solana: fix borrow issues 2020-11-20 14:23:05 +01:00
Leo 501a63c9eb chmod +x send-eth-lockups.sh 2020-11-20 12:05:39 +01:00
Hendrik Hofstadt 8510140165
subsidize guardian transactions using fees (#82) 
* subsidize guardian transactions using fees

* reuse transfer function

* evict signature state on inbound transfers

* fix mutability issues due to copying

* add fee refund

* unify fee calculation

* add fee documentation

* Unflip tables

* type annotation
 2020-11-19 22:47:09 +01:00
Yuriy Savchenko ee5d07c929
Fixes to VAA submission to Terra smart contract (#115) 
* Terra smart contract binary interface changed from vector to base64 string

* Added initial guardian set submission to Terra
 2020-11-19 20:05:05 +01:00
Leo e39fb2abec Update README.md 2020-11-19 16:33:34 +01:00
Leo 90f1c9703a Update README.md 2020-11-19 16:30:13 +01:00
Leo dc82826ef3 Update overview image to properly describe Terra flow 2020-11-19 16:24:34 +01:00
Leo a3c745ace7 bridge/pkg/ethereum: remove channel unsubscribes 
Unsubscribe() does blocking I/O that ignores the runnable context
and can block forever: #107

It would appear that removing the Unsubscribe calls is the only
way to work around this go-ethereum bug.

ghstack-source-id: 93f287efc0
Pull Request resolved: https://github.com/certusone/wormhole/pull/109
 2020-11-19 12:57:21 +01:00
Leo 66430cb5be bridge: implement guardian set update submission node admin service 
Tested on a live devnet via `scripts/test-injection.sh 0`.

ghstack-source-id: 92489c2455
Pull Request resolved: https://github.com/certusone/wormhole/pull/104
 2020-11-19 12:57:21 +01:00
Leo 7545d2b803 terra: disable in production mode 
ghstack-source-id: c22885f121
Pull Request resolved: https://github.com/certusone/wormhole/pull/103
 2020-11-19 12:57:21 +01:00
Leo 5f8ca60ab1 bridge: refactor out broadcastSignature to prepare for injection path 
ghstack-source-id: e3b8aee5a0
Pull Request resolved: https://github.com/certusone/wormhole/pull/102
 2020-11-19 12:57:21 +01:00
Leo fdc2be10b3 solana: verify that new guardian set isn't empty 
ghstack-source-id: 4fc1d94152
Pull Request resolved: https://github.com/certusone/wormhole/pull/101
 2020-11-19 12:57:21 +01:00
Leo ee71c73611 docs: add simple overview image 
ghstack-source-id: 275b38858a
Pull Request resolved: https://github.com/certusone/wormhole/pull/92
 2020-11-19 12:57:21 +01:00
Leo 798ffec09c bridge: implement keygen command 
Tested using `/guardiand keygen /bar --desc foobar`.

ghstack-source-id: 9f96ce7c0c
Pull Request resolved: https://github.com/certusone/wormhole/pull/91
 2020-11-19 12:57:21 +01:00
Leo d9f8174d76 bridge: implement bridge key serialization 
ghstack-source-id: f218021514
Pull Request resolved: https://github.com/certusone/wormhole/pull/90
 2020-11-19 12:57:21 +01:00
Leo 114524a096 ethereum: update packages and use package-lock.json 
Ran `npm update`. This resolves a ganache crash.

We can't really use `npm ci` because it's intentionally incompatible
with our incremental development workflow. We'll want to use it for
production builds, though.

ghstack-source-id: c66c5d4647
Pull Request resolved: https://github.com/certusone/wormhole/pull/89
 2020-11-19 12:57:21 +01:00
Yuriy Savchenko 84600ad9f5
terra: include block timestamp in VAAs (#94) 
Fixes #93
 2020-11-18 19:16:29 +01:00
Leo bbf479871f pkg/devnet: split up deterministic key generation functions 
Only moved code, no functional changes.
 2020-11-18 14:30:25 +01:00
Leo da768a09c4 ethereum: mine ganache blocks in the background 
Fixes #75.
 2020-11-18 13:56:56 +01:00
Leo 22368def3e Clarify maintainer for Terra integration. 2020-11-18 13:35:53 +01:00
Yuriy Savchenko 24d5be2cba
Readme added for the Terra contracts, several security issues fixed in the contracts (#88) 2020-11-18 13:07:36 +01:00