Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(crypto): error if incorrect ledger public key (backport #19691) #19746

Merged
merged 4 commits into from
Mar 13, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Mar 13, 2024

Closes #19690

Summary by CodeRabbit

  • Bug Fixes
    • Enhanced security by ensuring the public key used for signing transactions matches the public key on the ledger device. Now throws an error if there's a mismatch.
  • Refactor
    • Improved organization and efficiency by moving functions and interfaces to more appropriate packages within the types module and removing deprecated functions.
  • Chores
    • Implemented various updates and fixes across different modules to enhance configuration, server context, and calculation methods.

This is an automatic backport of pull request #19691 done by [Mergify](https://mergify.com).

Co-authored-by: Marko <marbar3778@yahoo.com>
(cherry picked from commit 5424b55)

# Conflicts:
#	CHANGELOG.md
@mergify mergify bot requested a review from a team as a code owner March 13, 2024 19:16
Copy link
Contributor Author

mergify bot commented Mar 13, 2024

Cherry-pick of 5424b55 has failed:

On branch mergify/bp/release/v0.47.x/pr-19691
Your branch is up to date with 'origin/release/v0.47.x'.

You are currently cherry-picking commit 5424b55c5.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   crypto/keyring/keyring.go
	modified:   crypto/keyring/keyring_ledger_test.go

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   CHANGELOG.md

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@mergify mergify bot added the conflicts label Mar 13, 2024
Copy link
Member

@julienrbrt julienrbrt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK

@sontrinh16 sontrinh16 merged commit b9b1324 into release/v0.47.x Mar 13, 2024
24 of 25 checks passed
@sontrinh16 sontrinh16 deleted the mergify/bp/release/v0.47.x/pr-19691 branch March 13, 2024 20:09
@faddat faddat mentioned this pull request Mar 20, 2024
12 tasks
yihuang added a commit to crypto-org-chain/cosmos-sdk that referenced this pull request May 16, 2024
* fix(server): consensus failure while restart node with wrong `chainId` in genesis (cosmos#18920)

* test: add NodeURI for clientCtx (backport cosmos#18930) (cosmos#18988)

Co-authored-by: mmsqe <tqd0800210105@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* chore: clean-up buf workspace (backport cosmos#18993) (cosmos#18998)

* build(deps): Bump cosmossdk.io/log from 1.2.1 to 1.3.0 (cosmos#19024)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

* build(deps): Bump cosmossdk.io/errors from 1.0.0 to 1.0.1 (cosmos#19025)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

* fix: allow empty public keys when setting signatures (backport cosmos#19106) (cosmos#19108)

Co-authored-by: Callum Waters <cmwaters19@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* chore: prepare v0.47.8 (cosmos#19162)

* docs: fix typo in 06-grpc_rest.md (backport cosmos#19192) (cosmos#19194)

Co-authored-by: Yoksirod <103229163+taramakage@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: skip same-sender non-sequential sequence and then add others txs new solution (backport cosmos#19177) (cosmos#19250)

Co-authored-by: Brann Bronzebeard <90186866+ZiHengLee@users.noreply.github.com>
Co-authored-by: Facundo <facundomedica@gmail.com>
Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: Aleksandr Bezobchuk <alexanderbez@users.noreply.github.com>

* test(baseapp): Refactor tx selector tests + better comments  (backport cosmos#19284) (cosmos#19288)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: Facundo <facundomedica@gmail.com>

* build(deps): Bump cosmossdk.io/log from 1.3.0 to 1.3.1 (cosmos#19359)

* chore: prepare v0.47.9 (cosmos#19451)

* build(deps): Bump github.com/cosmos/cosmos-proto from 1.0.0-beta.2 to 1.0.0-beta.4 (cosmos#19472)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* Merge pull request from GHSA-4j93-fm92-rp4m

* fix(x/auth/vesting): Add `BlockedAddr` check in `CreatePeriodicVestingAccount`

* updates

* build(deps): Bump cosmossdk.io/math from 1.2.0 to 1.3.0 (cosmos#19564)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: use proper `db_backend` type when reading chain-id (cosmos#19573)

* Merge pull request from GHSA-86h5-xcpx-cfqc

* fix slashing logic

* add test

* changelog + release notes

* word

---------

Co-authored-by: Julien Robert <julien@rbrt.fr>

* build(deps): Bump deps (backport cosmos#19655) (cosmos#19712)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix(x/gov): grpc query tally for failed proposal (backport cosmos#19725) (cosmos#19728)

Co-authored-by: David Tumcharoen <david@alleslabs.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix(crypto): error if incorrect ledger public key (backport cosmos#19691) (cosmos#19746)

Co-authored-by: Rootul P <rootulp@gmail.com>
Co-authored-by: sontrinh16 <trinhleson2000@gmail.com>

* build(deps): Bump github.com/cometbft/cometbft from 0.37.4 to 0.37.5 (cosmos#19752)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: Implement gogoproto customtype to secp256r1 keys (backport cosmos#20027) (cosmos#20032)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Marko <marko@baricevic.me>

* fix: secp256r1 json missing quotes (backport cosmos#20060) (cosmos#20070)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>

* build(deps): Bump github.com/cosmos/cosmos-proto from 1.0.0-beta.4 to 1.0.0-beta.5 (cosmos#20094)

* chore: prepare v0.47.11 (cosmos#20088)

* fix: use timestamp for sim log file name (backport cosmos#20108) (cosmos#20112)

Co-authored-by: mmsqe <mavis@crypto.com>

* fix(x/authz,x/feegrant): check blocked address (backport cosmos#20102) (cosmos#20114)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix(testsuite/sims): set all signatures (backport cosmos#20151) (cosmos#20186)

Co-authored-by: Leon <156270887+leonz789@users.noreply.github.com>

* build(deps): Bump github.com/cometbft/cometbft from 0.37.5 to 0.37.6 (cosmos#20205)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

* go mod tidy

* chore: downgrade to go 1.19 (cosmos#20211)

* chore: tidy with go 1.19 (cosmos#20220)

* chore: revert comet 0.37.6 upgrade due to go version bump (cosmos#20247)

* fix: remove txs from mempool when antehandler fails in recheck (backport cosmos#20144) (cosmos#20252)

Co-authored-by: Marko <marko@baricevic.me>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* Revert "chore: downgrade to go 1.19 (cosmos#20211)"

This reverts commit aba4e40.

* Revert "chore: revert comet 0.37.6 upgrade due to go version bump (cosmos#20247)"

This reverts commit 00e4273.

* bump go in ci

* update docker file

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: atheeshp <59333759+atheeshp@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: mmsqe <tqd0800210105@gmail.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Callum Waters <cmwaters19@gmail.com>
Co-authored-by: Yoksirod <103229163+taramakage@users.noreply.github.com>
Co-authored-by: Brann Bronzebeard <90186866+ZiHengLee@users.noreply.github.com>
Co-authored-by: Facundo <facundomedica@gmail.com>
Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: Aleksandr Bezobchuk <alexanderbez@users.noreply.github.com>
Co-authored-by: Kevin Yang <5478483+k-yang@users.noreply.github.com>
Co-authored-by: khanh <50263489+catShaark@users.noreply.github.com>
Co-authored-by: David Tumcharoen <david@alleslabs.com>
Co-authored-by: Rootul P <rootulp@gmail.com>
Co-authored-by: sontrinh16 <trinhleson2000@gmail.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: Marko <marko@baricevic.me>
Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: Leon <156270887+leonz789@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: 🥳 Done
Development

Successfully merging this pull request may close these issues.

3 participants