-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(crypto/ledger): Improve error message when deriving paths #22116
Conversation
📝 Walkthrough📝 WalkthroughWalkthroughThe changes introduce a new error handling mechanism in the Changes
Assessment against linked issues
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
Documentation and Community
|
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm! An improvement changelog entry would be nice
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Outside diff range and nitpick comments (1)
crypto/ledger/ledger_secp256k1.go (1)
344-349
: Approve changes with a minor suggestion for improvementThe changes effectively address the PR objective by improving the error message when deriving paths with an index greater than 100. The new error message is informative and provides context about the security measure.
Consider breaking the long error message into multiple lines for better readability:
return nil, "", fmt.Errorf("%w: cannot derive paths where index > 100: %s\n"+ "This is a security measure to avoid very hard to find derivation paths introduced by a possible attacker.\n"+ "You can disable this by setting expert mode in your ledger device. Do this at your own risk", err, path)This formatting will make the error message easier to read in the code while maintaining the same output.
📜 Review details
Configuration used: .coderabbit.yml
Review profile: CHILL
📒 Files selected for processing (1)
- crypto/ledger/ledger_secp256k1.go (1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
crypto/ledger/ledger_secp256k1.go (1)
Pattern
**/*.go
: Review the Golang code for conformity with the Uber Golang style guide, highlighting any deviations.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Outside diff range and nitpick comments (1)
CHANGELOG.md (1)
Line range hint
4-6
: Address TODO comment and add testsThe TODO comment indicates that tests should be added for this function. It's important to implement these tests to ensure the function works as expected, especially given its mathematical operations.
Consider adding unit tests for various input scenarios, including edge cases like very large numbers or negative inputs.
📜 Review details
Configuration used: .coderabbit.yml
Review profile: CHILL
📒 Files selected for processing (1)
- CHANGELOG.md (1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
CHANGELOG.md (1)
Pattern
**/*.md
: "Assess the documentation for misspellings, grammatical errors, missing documentation and correctness"
(cherry picked from commit 5bed965) # Conflicts: # CHANGELOG.md
Description
Closes: #19687
Improve error message when trying to derive paths with index > 100.
Author Checklist
All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.
I have...
!
in the type prefix if API or client breaking changeCHANGELOG.md
Reviewers Checklist
All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.
Please see Pull Request Reviewer section in the contributing guide for more information on how to review a pull request.
I have...
Summary by CodeRabbit
New Features
x/validate
added to enhance functionality.Improvements
Bug Fixes
baseapp
,crypto/keyring
, andx/auth
modules.