Skip to content

Add nonce and chain ID to signature requests #354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ltitanb merged 125 commits into from
Aug 19, 2025
Merged

Add nonce and chain ID to signature requests #354

ltitanb merged 125 commits into from
Aug 19, 2025

Conversation

@jclapis
Copy link
Collaborator

@jclapis jclapis commented Aug 7, 2025

This modifies signature requests (and the way signatures are generated) to include an optional nonce that signer modules can use if they want to, and Commit-Boost's chain ID, as part of the signature tree generation. It's a precursor to an update of #297 as a way to make signatures themselves more robust against replays for module developers.

ltitanb and others added 30 commits May 13, 2025 17:17
@ltitanb @jclapis
bump version
c68125d
@jclapis
Successful cross-compilation, but runtime has memory allocation issues
d9979a2
@jclapis
Working with OpenSSL static-linked
97ef653
@jclapis
Got dynamic linking working, added a feature flag to toggle dynamic v…
91eefe2 
…s. static
@jclapis
Fixed the vendored build arg
de09415
@jclapis
Reintroduced the cargo chef setup
3aee63d
@jclapis
Ported the cross-compilation stuff into PBS
c07c717
@jclapis
Split the dockerfiles into separate builder / image definitions
699b7ec
@jclapis
Added a build guide
7165f12
@jclapis
Refactored the Github release action to use the Docker builder
9438dae
@jclapis
Fixed the Docker image binary filenames
12c020a
@jclapis
Cleaned up the Darwin artifact step
53cafc0
@jclapis
Made the CI workflow and justfile use the same toolchain as the source
58c6117
@jclapis
Revert "Made the CI workflow and justfile use the same toolchain as t…
45e581b 
…he source"

This reverts commit 58c6117.
@jclapis
Testing removal of OpenSSL vendored option
24a10c5
@jclapis
Updating just in the CI workflow
e36da54
@jclapis
Merge branch 'main' into cross-compile
843b110
@jclapis
Refactored the signer to support host and port config settings
e7c6d19
@jclapis
Updated docs
6117219
@jclapis
Fixing Clippy in CI workflow
c0f591d
@jclapis
Removed obviated CI setup
adbd34a
@jclapis
Minor dedup of RwLock guard acquisition
e3488b3
@jclapis
Added rate limiting for signer clients with repeated JWT auth failures
c3d7ec4
@jclapis
Added Signer config validation
9ddad64
@jclapis
Started unit test setup for the Signer
c62185e
@jclapis
Finished a basic signer module unit test
dc73c62
@jclapis
Added a JWT failure unit test
6c3d967
@jclapis
Added a rate limit test and cleaned up a bit
6464638
@jclapis
Added unique ports to unit tests for parallel execution
0313f18
@jclapis
Cleaned up the build Dockerfile and removed an extra dependency layer
346eea4
@jclapis jclapis mentioned this pull request Aug 12, 2025
Merged
@jclapis jclapis mentioned this pull request Aug 13, 2025
Merged
ltitanb
ltitanb reviewed Aug 14, 2025
View reviewed changes
Base automatically changed from signer-json-api to sigp-audit-fixes August 19, 2025 18:41
@jclapis jclapis force-pushed the augment-sign-requests branch from 2c70460 to 66913c3 Compare August 19, 2025 19:06
@ltitanb ltitanb merged commit 0ef8787 into sigp-audit-fixes Aug 19, 2025
1 check passed
@ltitanb ltitanb deleted the augment-sign-requests branch August 19, 2025 19:11
@jclapis jclapis mentioned this pull request Sep 3, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ManuelBilbao ManuelBilbao ManuelBilbao approved these changes

@ltitanb ltitanb ltitanb approved these changes

Assignees

@jclapis jclapis

Labels

signer Signer module

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jclapis @ManuelBilbao @ltitanb