Api Key Rework - PRO-467 #17
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Dzejkop
reviewed
Jan 18, 2024
src/api_key.rs
Outdated
| #[derive(Debug, Clone, PartialEq, Eq)] | ||
| pub struct ApiKey { | ||
| pub relayer_id: String, | ||
| pub api_key: [u8; 32], | ||
| pub secret: [u8; SECRET_LEN], |
There was a problem hiding this comment.
We actually need to make it into a Vec<u8> or some sort of small vec. We already have 32 byte secret keys running in the dev env
There was a problem hiding this comment.
Sorry could you elaborate? You mean you'd like to keep backwards compatibility with 32byte secrets? (48byte total for the api key?)
There was a problem hiding this comment.
Yes, exactly. I see that you already implemented that
|
@Dzejkop I've updated this to have the api keys be of variable length. I've also made the internals of |
|
I've updated this PR again as I discovered that API keys were being inadvertently revealed in logs in plain text. To remedy this I created a new type, |
Dzejkop
approved these changes
Jan 22, 2024
Dzejkop
added a commit
that referenced
this pull request
Mar 19, 2024
* Update readme * Only saved fee estimates on mined blocks * Fixes & improvements * Update stuff * Prune blocks * Networks in DB - Handling reorgs (#2) * Update TODO * Update TODO * Allow updating relayers - max inflight txs in relayer * Start indexing chains at startup * Estimate block fees in a separate task * Add support for cross-chain gas price limits * Cleanup * Add transaction priority * Refactor routes * Fix manual test * RPC Access * Minor fixes * Parallelize broadcast per relayer + error handling * Expose unsent status * Update TODO * Add item to TODO * Consistent formatting of SQL * Minor cleanup * WIP * Add TODO item * Add TODO item * misc * Section TODO * Dzejkop/api-keys (#3) * Dzejkop/dockerize (#4) * Update API routes * Log more * Save all txs * Fetch block hashes * Update AWS libs * Minor fixes * Build and push image * Allow parts for db settings * Prefetch deps + use sparse registries + log connection string * Add GH actions * Enable auth for admin routes * Speed up tests * Install foundry for tests * Add health endpoint * Fix anvil issue * Cache dependencies in docker builds * Remove secrets leak * Use cache * Use buildx * Add clippy * Add getTxs endpoint * WIP: Integrate telemetry-batteries * Change service tag * Update telemetry-batteries * fmt * Don't destroy the db * Remove redundant relayer id * Try unnested fields * Use new telemetry-batteries * Fix * Emit metrics periodically * Fix get_txs bug * misc * Big query & mining metrics * More logging & metrics * Fix escalation fee logic * fmt * Metrics for gas * Better logging * Add tx created log * Add relayers endpoint * Fix * Fix race condition * Add relayer reset endpoint * Fix * Fix * Fix * Remove hard coded gas limit * Remove surge logic * added .gitignore, increased allowable db setup time * fix: typo * Make transfers in tests more parallel * updated logic to back fill blocks that have been missed * adding comments * updated tests * updated get_latest_block_number * updated comments * cargo clippy * Preconfigured start - for dockerization (#6) * Allow preconfigured networks & relayers * Only allow single network and relayer * Allow filtering txs by status (#7) * Allow filtering txs by status * Minor refactor * insert into tx_hashes and sent_transactions seperatley, added raw_signed_tx for UniversalSigner * Example .env * Fix * added logic to recover simulated txs * cargo clippy, cargo sort * formatting * removed recover simulated tx * updated insert_into_tx_hashes to do nothing on conflict * on conflict, update tx_hashes * updated tx_hashes to add constraint on tx_id, do nothing on conflict when inserting into table * added insert_tx_broadcast * write to database after successful simulation * removed unneeded function * updated cargo toml to match dev branch * removed comments and todo * Build for multiple platforms * Don't build for arm/v7 * Tags * TEMP: Don't build for arm64 * Bring back arm64 * Update action versions * Add annotations * No more matrix * Remove matrix reference * Reorg & Escalation testing (#11) * Further dockerization support (#12) * Predefined api key for dockerization * Fix Dockerfile * Fix owned deserialization (#13) * Allow disabling relayers (#14) * Update DB * Integrate with db code * Escalate per relayer & don't if relayer disabled * clippy * Improve-logging (#15) * Improve logging * Clippy & fmt * Minor improvements * Remove redundant comment * instrument db txs (#19) * Api Key Rework - PRO-467 (#17) * shortened api key and fixed predefined toml * dynamic length api key * Fix for security issue where api keys were being exposed in logs and traces * redact api key (#20) * update tel batteries (#21) * Remove transaction simulation (#22) * More instrumentation * Docker compose setup * Misc * Additional logs * More logs * Abort on panic + better instrumentation * Fix escalation fees calculation logic * Bring back metrics (#24) * Config sanity check * Add max_queued_txs * Update metrics * Cleanup Cargo.toml * Add log to start service * Revert "Add max_queued_txs" This reverts commit 83c517d. * Add shutdown listening (non-graceful) * clippy + fmt * Fix telemetry issues (#27) * Fix telemetry issues * Update dep * Add max_queued_txs column + minor client improvement (#25) * Add max_queued_txs column * Implement logic (WIP) * Serialize errors * Update errors in client + update logic * Instrument remaining db methods + fix * Fix in code condition * Reenable test * Fix and refactor tests --------- Co-authored-by: 0xKitsune <[email protected]> Co-authored-by: 0xKitsune <[email protected]> Co-authored-by: Eric Woolsey <[email protected]>
cichaczem
pushed a commit
that referenced
this pull request
Jun 4, 2024
* Update readme * Only saved fee estimates on mined blocks * Fixes & improvements * Update stuff * Prune blocks * Networks in DB - Handling reorgs (#2) * Update TODO * Update TODO * Allow updating relayers - max inflight txs in relayer * Start indexing chains at startup * Estimate block fees in a separate task * Add support for cross-chain gas price limits * Cleanup * Add transaction priority * Refactor routes * Fix manual test * RPC Access * Minor fixes * Parallelize broadcast per relayer + error handling * Expose unsent status * Update TODO * Add item to TODO * Consistent formatting of SQL * Minor cleanup * WIP * Add TODO item * Add TODO item * misc * Section TODO * Dzejkop/api-keys (#3) * Dzejkop/dockerize (#4) * Update API routes * Log more * Save all txs * Fetch block hashes * Update AWS libs * Minor fixes * Build and push image * Allow parts for db settings * Prefetch deps + use sparse registries + log connection string * Add GH actions * Enable auth for admin routes * Speed up tests * Install foundry for tests * Add health endpoint * Fix anvil issue * Cache dependencies in docker builds * Remove secrets leak * Use cache * Use buildx * Add clippy * Add getTxs endpoint * WIP: Integrate telemetry-batteries * Change service tag * Update telemetry-batteries * fmt * Don't destroy the db * Remove redundant relayer id * Try unnested fields * Use new telemetry-batteries * Fix * Emit metrics periodically * Fix get_txs bug * misc * Big query & mining metrics * More logging & metrics * Fix escalation fee logic * fmt * Metrics for gas * Better logging * Add tx created log * Add relayers endpoint * Fix * Fix race condition * Add relayer reset endpoint * Fix * Fix * Fix * Remove hard coded gas limit * Remove surge logic * added .gitignore, increased allowable db setup time * fix: typo * Make transfers in tests more parallel * updated logic to back fill blocks that have been missed * adding comments * updated tests * updated get_latest_block_number * updated comments * cargo clippy * Preconfigured start - for dockerization (#6) * Allow preconfigured networks & relayers * Only allow single network and relayer * Allow filtering txs by status (#7) * Allow filtering txs by status * Minor refactor * insert into tx_hashes and sent_transactions seperatley, added raw_signed_tx for UniversalSigner * Example .env * Fix * added logic to recover simulated txs * cargo clippy, cargo sort * formatting * removed recover simulated tx * updated insert_into_tx_hashes to do nothing on conflict * on conflict, update tx_hashes * updated tx_hashes to add constraint on tx_id, do nothing on conflict when inserting into table * added insert_tx_broadcast * write to database after successful simulation * removed unneeded function * updated cargo toml to match dev branch * removed comments and todo * Build for multiple platforms * Don't build for arm/v7 * Tags * TEMP: Don't build for arm64 * Bring back arm64 * Update action versions * Add annotations * No more matrix * Remove matrix reference * Reorg & Escalation testing (#11) * Further dockerization support (#12) * Predefined api key for dockerization * Fix Dockerfile * Fix owned deserialization (#13) * Allow disabling relayers (#14) * Update DB * Integrate with db code * Escalate per relayer & don't if relayer disabled * clippy * Improve-logging (#15) * Improve logging * Clippy & fmt * Minor improvements * Remove redundant comment * instrument db txs (#19) * Api Key Rework - PRO-467 (#17) * shortened api key and fixed predefined toml * dynamic length api key * Fix for security issue where api keys were being exposed in logs and traces * redact api key (#20) * update tel batteries (#21) * Remove transaction simulation (#22) * More instrumentation * Docker compose setup * Misc * Additional logs * More logs * Abort on panic + better instrumentation * Fix escalation fees calculation logic * Bring back metrics (#24) * Config sanity check * Add max_queued_txs * Update metrics * Cleanup Cargo.toml * Add log to start service * Revert "Add max_queued_txs" This reverts commit 83c517d. * Add shutdown listening (non-graceful) * clippy + fmt * Fix telemetry issues (#27) * Fix telemetry issues * Update dep * Add max_queued_txs column + minor client improvement (#25) * Add max_queued_txs column * Implement logic (WIP) * Serialize errors * Update errors in client + update logic * Instrument remaining db methods + fix * Fix in code condition * Reenable test * Fix and refactor tests --------- Co-authored-by: 0xKitsune <[email protected]> Co-authored-by: 0xKitsune <[email protected]> Co-authored-by: Eric Woolsey <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Shortened api keys to 32 bytes total, 16 for the uuid and 16 for the secret. Also fixed the missing/incorrect attributes for the predefined settings in the config.toml.