Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add UserOverrideableDKIMRegistry.sol. #199

Merged
merged 11 commits into from
Jun 11, 2024
Merged

Conversation

wshino
Copy link
Contributor

@wshino wshino commented May 28, 2024

Description

Relates to zkemail/email-tx-builder#22

Type of Change

Please delete options that are not relevant.

  • New feature (non-breaking change which adds functionality)

Checklist:

  • I have discussed with the team prior to submitting this PR
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • My changes generate no new warnings
  • New and existing unit tests pass locally with my changes

Coverage

| File                                                                               | % Lines          | % Statements     | % Branches      | % Funcs         |
| UserOverrideableDKIMRegistry.sol                                                   | 96.55% (56/58)   | 93.06% (67/72)   | 73.21% (41/56)  | 90.00% (9/10)   |

@SoraSuegami
Copy link
Collaborator

Thank you for your PR!
Could you modify the logic as follows?

  1. The contract also stores address mainAuthorizer, which is provided when the contract is initialized.

  2. For every function, if dkimPublicKeyHashes[domainName][publicKeyHash][mainAuthorizer] is true, a variable setThreshold increases by 1. If dkimPublicKeyHashes[domainName][publicKeyHash][msg.sender] is true, a variable setThreshold increases by 2.
    A variable revokeThreshold is defined in the same way for revokedDKIMPublicKeyHashes.

  3. The isDKIMPublicKeyHashValid function returns false if 1) revokeThreshold is larger than or equal to 1 or 2) setThreshold is less than 2. Otherwise, it returns true. This spec implies that 1) either the user or the main authorizer such as the canister signer can revoke a public key alone, and 2) setting a new public key requires the user's signature even when the main authorizer already approves it.

  4. The setDKIMPublicKeyHash function takes as input domainName, publicKeyHash, address authorizer, and bytes signature. First, it computes revokeThreshold for domainName and publicKeyHash and requires revokeThreshold < 2. Second, if msg.sender == authorizer, it sets dkimPublicKeyHashes[domainName][publicKeyHash][authorizer] = true and ends the process. Otherwise, it verifies signature as an EIP1271 signature if authorizer is a contract address, and verifies signature as an ECDSA signature otherwise. If and only if the signature is valid, sets dkimPublicKeyHashes[domainName][publicKeyHash][authorizer] = true.

  5. The revokeDKIMPublicKeyHash function takes as input publicKeyHash, address authorizer, and bytes signature. First, it computes revokeThreshold for publicKeyHash and requires revokeThreshold < 2. Second, if msg.sender == authorizer, it sets revokedDKIMPublicKeyHashes[publicKeyHash][authorizer] = true and ends the process. Otherwise, it verifies signature as an EIP1271 signature if authorizer is a contract address, and verifies signature as an ECDSA signature otherwise. If and only if the signature is valid, sets revokedDKIMPublicKeyHashes[publicKeyHash][authorizer] = true.

@wshino
Copy link
Contributor Author

wshino commented Jun 4, 2024

@SoraSuegami

  1. I've just fixed some test cases and README.md.
  2. Also I updated the natspec for public functions in UserOverrideableDKIMRegistry.sol.
  3. For reference, I've pasted the coverage result of the contract.

Question:
Should I update all of package.json version? -> resolved

Copy link

socket-security bot commented Jun 9, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@types/[email protected] None 0 4.11 kB types
npm/@typescript-eslint/[email protected] Transitive: environment, eval, filesystem, unsafe +50 13.6 MB jameshenry
npm/@typescript-eslint/[email protected] Transitive: environment, eval, filesystem, unsafe +49 7.07 MB jameshenry
npm/@zk-email/[email protected] Transitive: environment, filesystem, shell +1 722 kB sora_suegami
npm/[email protected] None 0 11.7 kB andris
npm/[email protected] None +1 3.17 MB jbaylina
npm/[email protected] Transitive: filesystem, network +3 841 kB jbaylina
npm/[email protected] Transitive: environment, eval, filesystem, network, shell, unsafe +28 15.4 MB jbaylina

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Copy link

socket-security bot commented Jun 9, 2024

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: npm/@zk-email/[email protected]

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@SoraSuegami
Copy link
Collaborator

@saleel Do you think we can ignore the above socket security alert?

@SoraSuegami SoraSuegami requested a review from saleel June 11, 2024 09:08
@saleel
Copy link
Member

saleel commented Jun 11, 2024

@SocketSecurity ignore npm/@zk-email/[email protected]

@saleel
Copy link
Member

saleel commented Jun 11, 2024

@saleel Do you think we can ignore the above socket security alert?

I think its ok. The alert is because of the dependency being a http url, but its from a trusted repo.

@SoraSuegami
Copy link
Collaborator

@SocketSecurity ignore npm/@zk-email/[email protected]

@SoraSuegami SoraSuegami merged commit 919ab82 into main Jun 11, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add individual user overrides to the DKIM Registry contract
3 participants