-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: upgrade ed25519-dalek dependency to v2 #64
Conversation
// We know that the length is correct, so we can just unwrap. | ||
PublicKey::from_bytes(&self.0).unwrap() | ||
VerifyingKey::from_bytes(&self.0).unwrap() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function only accepts correct-length arrays, so this comment is wrong. This function may panic for other reasons, we should probably investigate if using unwrap()
is dangerous here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right. It can panic if the bytes are invalid. I think the easiest and non-breaking solution here is to add try_as_public_key()
method which wouldn't unwrap. And also adding a doc for as_public_key()
that it will panic on invalid key.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Leaving it as-is since this bug already existed, but made an issue to track it
// We know that the length is correct, so we can just unwrap. | ||
PublicKey::from_bytes(&self.0).unwrap() | ||
VerifyingKey::from_bytes(&self.0).unwrap() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right. It can panic if the bytes are invalid. I think the easiest and non-breaking solution here is to add try_as_public_key()
method which wouldn't unwrap. And also adding a doc for as_public_key()
that it will panic on invalid key.
5b45810
to
e9fa231
Compare
d3ad57a
to
e856e0a
Compare
e9fa231
to
a76aff0
Compare
a76aff0
to
0418c02
Compare
Description
Upgrades to the v2 version of ed25519-dalek. Also upgrades rand version which this dependency uses.
This update is to avoid 2 versions of the ed25519-dalek dependency in Notify Server. This is now shared in WalletConnect/notify-server#367
Resolves #53
How Has This Been Tested?
Using it in Notify Server and Relay.
Due Diligence