feat: useable and tested scratchpads #2671
Conversation
grumbach
commented
Jan 27, 2025
•
grumbach
commented
- Now scratchpad have their own module clearly separated from Vault and Vaults use the generic Scratchpad API.
- Exactly like Pointers, Scratchpads have a put/get/create/update API that allows for manual or user friendly use of the scratchpad.
- E2E tests for Scratchpad to prove they work as intended. They could serve as usage examples as well.
- GraphEntry, Pointer and Scratchpad use PaymentOption now, unifying the payment process
grumbach
force-pushed
the
useable_scratchpads
branch
2 times, most recently
from
f4c263a to
28e8c26
Compare
| /// Create a new Scratchpad without provding the secret key | ||
| /// It is the caller's responsibility to ensure the signature is valid (signs [`Scratchpad::bytes_for_signature`]) and the data is encrypted | ||
| /// It is recommended to use the [`Scratchpad::new`] method instead when possible | ||
| pub fn new_with_signature( |
There was a problem hiding this comment.
to make the public API cleaner, this function shall not be exposed ?
also, this function means input_data is not encrypted, which is un-consistent with new function and claims made in other places.
also, this one doesn't call the is_valid self check ?
I'd suggest:
- not use this in the public API
- make
newfunction use this (if retained as a private helper)
There was a problem hiding this comment.
I was thinking of keeping this for folks that cannot provide us with the Secret key but can sign messages/encrypt. This is typically the case with hardware wallets, where one cannot get the secret key out, but can perfectly sign messages.
There was a problem hiding this comment.
even we accept such input, the signature and size shall still be checked.
i.e. the verify function shall be called
| /// Create a new Scratchpad without provding the secret key | ||
| /// It is the caller's responsibility to ensure the signature is valid (signs [`Scratchpad::bytes_for_signature`]) and the data is encrypted | ||
| /// It is recommended to use the [`Scratchpad::new`] method instead when possible | ||
| pub fn new_with_signature( |
There was a problem hiding this comment.
even we accept such input, the signature and size shall still be checked.
i.e. the verify function shall be called
| counter, | ||
| signature, | ||
| } | ||
| } |
There was a problem hiding this comment.
shall the self.verify() function still to be called ?
| false | ||
| } | ||
| /// Verifies that the Scratchpad signature is valid | ||
| pub fn verify(&self) -> bool { |
There was a problem hiding this comment.
shall the size to be checked as well?
same to the other data_types
Also, I notice there is scratchpad_verify which checks both signature and size for ScratchPad
I think normally, the verify indicates both, verify_signature and verify_size (or is_size_too_big) verifies individual part.
I'd suggest update the names/function calls of all data_types' verify to make them consistant.
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
maqi
force-pushed
the
useable_scratchpads
branch
from
317b98b to
ab8327d
Compare
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
