Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: upgrade ed25519-dalek dependency to v2 #64

Merged
merged 2 commits into from
Feb 16, 2024

Conversation

chris13524
Copy link
Member

@chris13524 chris13524 commented Feb 14, 2024

Description

Upgrades to the v2 version of ed25519-dalek. Also upgrades rand version which this dependency uses.

This update is to avoid 2 versions of the ed25519-dalek dependency in Notify Server. This is now shared in WalletConnect/notify-server#367

Resolves #53

How Has This Been Tested?

Using it in Notify Server and Relay.

Due Diligence

  • Breaking change
  • Requires a documentation update
  • Requires a e2e/integration test update

@chris13524 chris13524 self-assigned this Feb 14, 2024
@chris13524 chris13524 linked an issue Feb 14, 2024 that may be closed by this pull request
@chris13524 chris13524 changed the base branch from main to 44-tokio-version February 14, 2024 21:06
// We know that the length is correct, so we can just unwrap.
PublicKey::from_bytes(&self.0).unwrap()
VerifyingKey::from_bytes(&self.0).unwrap()
Copy link
Member Author

@chris13524 chris13524 Feb 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function only accepts correct-length arrays, so this comment is wrong. This function may panic for other reasons, we should probably investigate if using unwrap() is dangerous here

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right. It can panic if the bytes are invalid. I think the easiest and non-breaking solution here is to add try_as_public_key() method which wouldn't unwrap. And also adding a doc for as_public_key() that it will panic on invalid key.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Leaving it as-is since this bug already existed, but made an issue to track it

// We know that the length is correct, so we can just unwrap.
PublicKey::from_bytes(&self.0).unwrap()
VerifyingKey::from_bytes(&self.0).unwrap()
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right. It can panic if the bytes are invalid. I think the easiest and non-breaking solution here is to add try_as_public_key() method which wouldn't unwrap. And also adding a doc for as_public_key() that it will panic on invalid key.

@chris13524 chris13524 force-pushed the 53-upgrade-ed25519-dalek-dependency-to-200 branch from 5b45810 to e9fa231 Compare February 15, 2024 15:51
@chris13524 chris13524 force-pushed the 53-upgrade-ed25519-dalek-dependency-to-200 branch from e9fa231 to a76aff0 Compare February 15, 2024 16:22
@chris13524 chris13524 force-pushed the 53-upgrade-ed25519-dalek-dependency-to-200 branch from a76aff0 to 0418c02 Compare February 15, 2024 16:35
@chris13524 chris13524 changed the base branch from 44-tokio-version to main February 15, 2024 16:36
@chris13524 chris13524 merged commit 5d8a12a into main Feb 16, 2024
8 checks passed
@chris13524 chris13524 deleted the 53-upgrade-ed25519-dalek-dependency-to-200 branch February 16, 2024 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrade ed25519-dalek dependency to 2.0.0
3 participants