chore: Validate RPC inputs #9672
Merged
+5,990
−3,007
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
spalladino
force-pushed
the
palla/validate-rpc-inputs
branch
2 times, most recently
from
7260917 to
8b713f0
Compare
spalladino
force-pushed
the
palla/validate-rpc-inputs
branch
4 times, most recently
from
072ad42 to
90c592c
Compare
spalladino
force-pushed
the
palla/validate-rpc-inputs
branch
3 times, most recently
from
3e78ec7 to
d9d94e3
Compare
spalladino
force-pushed
the
palla/validate-rpc-inputs
branch
from
16b649c to
369fb71
Compare
Some processes may prefer IPv6 for localhost. Like the nargo external oracle resolver when run in earthly.
ludamad
reviewed
Nov 10, 2024
| @@ -65,7 +65,7 @@ export class PrivateFeePaymentMethod implements FeePaymentMethod { | |||
| caller: this.paymentContract, | |||
| action: { | |||
| name: 'setup_refund', | |||
| args: [this.feeRecipient, this.wallet.getAddress(), maxFee, nonce], | |||
| args: [this.feeRecipient.toField(), this.wallet.getAddress().toField(), maxFee, nonce], | |||
There was a problem hiding this comment.
Very happy to get rid of the inheritance here
ludamad
reviewed
Nov 10, 2024
| import { TxEffect } from '../tx_effect.js'; | ||
| import { type ArchiverApi, ArchiverApiSchema } from './archiver.js'; | ||
|
|
||
| describe('ArchiverApiSchema', () => { |
ludamad
reviewed
Nov 10, 2024
| * @returns Whether the message is synced and ready to be included in a block. | ||
| */ | ||
| isL1ToL2MessageSynced(l1ToL2Message: Fr, startL2BlockNumber: number): Promise<boolean>; |
There was a problem hiding this comment.
Reason this isn't needed anymore?
ludamad
reviewed
Nov 10, 2024
| @@ -121,6 +124,21 @@ export class Tx extends Gossipable { | |||
| ]); | |||
| } | |||
|
|
|||
| static get schema() { | |||
| // TODO(palla/schemas): Use the nested objects schemas as opposed to the toBuffers | |||
ludamad
reviewed
Nov 10, 2024
| @@ -16,7 +16,7 @@ describe('ArtifactHash', () => { | |||
| notes: {}, | |||
| }; | |||
| expect(computeArtifactHash(emptyArtifact).toString()).toMatchInlineSnapshot( | |||
| `"0x0dea64e7fa0688017f77bcb7075485485afb4a5f1f8508483398869439f82fdf"`, | |||
There was a problem hiding this comment.
Interesting, why the change?
ludamad
reviewed
Nov 10, 2024
| @@ -53,11 +53,11 @@ export const ProtocolContractLeaf = { | |||
| AuthRegistry: Fr.fromString('0x295f52c40413b660d817ceea60d07154322a035d28d18927b2ca84e8ec3b2115'), | |||
| ContractInstanceDeployer: Fr.fromString('0x00113ad28d270a493266484d733f73a56b98c74b4e2cdf9fc040b5d3a6560f2d'), | |||
| ContractClassRegisterer: Fr.fromString('0x1d591819cccc4031cc18a7865321c54f6344ae42a205782874d1f72648df2034'), | |||
| MultiCallEntrypoint: Fr.fromString('0x20a2e7e882045d27b3aa9e36188b8e45483b3c11652d4a46406699e5eb4efa9b'), | |||
There was a problem hiding this comment.
Curious why these change?
ludamad
reviewed
Nov 10, 2024
| @@ -1,337 +0,0 @@ | |||
| import cors from '@koa/cors'; | |||
| import http from 'http'; | |||
|
LGTM. Review methodology:
|
ludamad
approved these changes
Nov 10, 2024
ludamad
added a commit
that referenced
this pull request
Nov 11, 2024
Reverts #9672 as it broke some e2e tests and boxes
TomAFrench
added a commit
that referenced
this pull request
Nov 11, 2024
* master: (182 commits) feat(avm): mem specific range check (#9828) refactor: remove public kernel inner (#9865) chore: Revert "chore: Validate RPC inputs" (#9875) Revert "fix: deploy l2 contracts fails on 48 validator" (#9871) fix: deploy l2 contracts fails on 48 validator (#9860) chore: Validate RPC inputs (#9672) fix: fixing devcontainers to use the sandbox docker-compose file (#9782) fix: Revert changes to ci.yml (#9863) chore: Move epoch and slot durations to config (#9861) git subrepo push --branch=master noir-projects/aztec-nr git_subrepo.sh: Fix parent in .gitrepo file. [skip ci] chore: replace relative paths to noir-protocol-circuits git subrepo push --branch=master barretenberg fix: tree heights that last past 3 days (#9760) fix(build): l1-contracts .rebuild_patterns did not cover test files (#9862) fix: bench prover test (#9856) fix: Fix mac build by calling `count` on durations (#9855) feat: zk shplemini (#9830) feat: domain separate block proposals and attestations (#9842) chore: bump runner cache disk size (#9849) ...
spalladino
added a commit
that referenced
this pull request
Nov 11, 2024
Second attempt at #9672 after it broke some e2e tests on master.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds schemas for every API. Every API exposed via JSON RPC now requires a zod schema (see #9656 for more context on the rationale for this change). All schemas are in
circuit-types/interfaces, and look like:aztec-packages/yarn-project/circuit-types/src/interfaces/prover-node.ts
Lines 33 to 45 in 3e78ec7
These schemas are type-checked against the interface via the
ApiSchemaForutility type, so if the interface changes, schemas are required by the compiler to change as well. Schemas are now used in the JSON RPC server to 1) identify which methods are exposed (so we no longer need the method disallowlist) and 2) parse their arguments. The JSON RPC server, once it has identified the method to be called, grabs the arguments schema and funnels the result of a vanilla JSON parse through it.Every type or struct that is exposed via an interface now has an associated schema, which is referenced in the API for parsing. Schemas both validate input and hydrate instances. This means that we no longer set a
typeproperty to identify how to hydrate each object in a request during deserialization, which was a security risk.aztec-packages/yarn-project/circuit-types/src/l2_block.ts
Lines 24 to 32 in 3e78ec7
Schemas are also used in the JSON RPC client for deserializing the result types. Again, this lets us remove the
typeparameter from all serialized entities, though this is still present in since it is required by theTypeRegistry(still to be removed) which is only used in the snapshot manager.All schemas are tested via mini integration tests. These tests define a mock implementation for each service, use it for setting up a JSON RPC server, starting it in a free port, and test calling every method through JSON RPC.
aztec-packages/yarn-project/circuit-types/src/interfaces/prover-node.test.ts
Lines 12 to 31 in 3e78ec7
These changes prompted other changes. For instance, we introduced the following changes to APIs:
ProvingJobSource.rejectProvingJobnow accepts a reasonstringinstead of anErrortypePXE.getEvents(type)is removed in favor ofPXE.getEncryptedEventsandPXE.getUnencryptedEventssince both methods required different argumentsWe also removed service-management methods (ie
stop) from interfaces. We were inadvertently callingstopon remote instances over http when we shouldn't have. We also typed some previously untyped interfaces, such as the TXE's.Fixes #9455