(XS) Login.checkKeys not supporting faulty faucet created accounts #45
Assignees
Labels
bug
Something isn't working
Comments
mseaward
changed the title
mseaward
added a commit
that referenced
this issue
Jan 28, 2020
Provide support for prefix assignment in checkKeys without requiring to instantiate the entire chainStore and websocket connection. Document all function within the AccountLogin class. #45
5 tasks
belakon1975
changed the title
|
@mseaward please estimate! xxs=0.5 days, xs=1 day , s=2 days , m=3 days, L=5 days, XL=8 days etc. |
mseaward
added a commit
that referenced
this issue
Jan 29, 2020
Provide support for prefix assignment in checkKeys without requiring to instantiate the entire chainStore and websocket connection. Document all function within the AccountLogin class. #45
mseaward
added a commit
that referenced
this issue
Jan 29, 2020
* fix: remove vesting_balance_type from vesting_balance_withdraw_operation * chore: rebuild * chore(release): 0.6.5 * sync with master (#31) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * Fix merge develop merge conflicts (#42) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * sync with master (#31) (#32) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * 0.6.4 release (#36) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * Sonar (#22) * ci: sonarlint * feat: add param to vesting_balance_create vesting_balance_type new requirement due to gpos additions on mainnet WAL-250 * build(packages): several packages updated some potential breaking changes, test impact on updates * docs: readme update indicating patch change reason PJL-23 * build: rebuild merged tag overlapping which adds sonarcloud files (no source code impact) and added new tag bump PJL-23 * chore: rebuild and merge security PR in * fix: use string instead of bool for balance type in vesting create * build: rebuild * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement: vesting_balance_type enum * improvement: re-add policy items * improvement: re-add policy items * fix: add export data for vesting balance type * Revert "fix: add export data for vesting balance type" This reverts commit 24138cc. * fix: remove wrong export item * fix: add vesting_policy_initializer to exports * feat(account_update): added value.update_last_voting_time added value.update_last_voting_time to account_update serializer extensions object WAL-281 * feat: add balance_type to vesting balance withdraw * chore: sync with master some different versions existed, selected latest version from conflicts and reinstalled hence the update to shrinkwrap file. * chore: rebuild * chore(release): 0.6.4 * fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37) * Revert "fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37)" (#38) This reverts commit 6d3293b. Co-authored-by: Roshan Syed <[email protected]> Co-authored-by: mseaward <[email protected]> Co-authored-by: jotprabh1 <[email protected]> Co-authored-by: Bobinson K B <[email protected]> * Fix merge conflicts (#43) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * sync with master (#31) (#32) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * 0.6.4 release (#36) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * Sonar (#22) * ci: sonarlint * feat: add param to vesting_balance_create vesting_balance_type new requirement due to gpos additions on mainnet WAL-250 * build(packages): several packages updated some potential breaking changes, test impact on updates * docs: readme update indicating patch change reason PJL-23 * build: rebuild merged tag overlapping which adds sonarcloud files (no source code impact) and added new tag bump PJL-23 * chore: rebuild and merge security PR in * fix: use string instead of bool for balance type in vesting create * build: rebuild * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement: vesting_balance_type enum * improvement: re-add policy items * improvement: re-add policy items * fix: add export data for vesting balance type * Revert "fix: add export data for vesting balance type" This reverts commit 24138cc. * fix: remove wrong export item * fix: add vesting_policy_initializer to exports * feat(account_update): added value.update_last_voting_time added value.update_last_voting_time to account_update serializer extensions object WAL-281 * feat: add balance_type to vesting balance withdraw * chore: sync with master some different versions existed, selected latest version from conflicts and reinstalled hence the update to shrinkwrap file. * chore: rebuild * chore(release): 0.6.4 * fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37) * Revert "fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37)" (#38) This reverts commit 6d3293b. * resolved merge conflict Co-authored-by: Roshan Syed <[email protected]> Co-authored-by: mseaward <[email protected]> Co-authored-by: jotprabh1 <[email protected]> Co-authored-by: Bobinson K B <[email protected]> * improvement(accountlogin.js): improve the AccountLogin.js (Login) class Provide support for prefix assignment in checkKeys without requiring to instantiate the entire chainStore and websocket connection. Document all function within the AccountLogin class. #45 * test: adjust scripts, packages, test files resolve issue regarding deprecation in the test suite such that tests can be run. Repair issues with tests related to AccountLogin. Replace instances of 'GPH' with 'PPY' where code references a public key with a 'GPH' prefix (non-Peerplays indicator). #46, #45 * build: rebuild files in lieu of recent changes * refactor(accountlogin.js): resolve sonarcloud code smells * sync with master (#31) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * Fix merge develop merge conflicts (#42) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * sync with master (#31) (#32) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * 0.6.4 release (#36) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * Sonar (#22) * ci: sonarlint * feat: add param to vesting_balance_create vesting_balance_type new requirement due to gpos additions on mainnet WAL-250 * build(packages): several packages updated some potential breaking changes, test impact on updates * docs: readme update indicating patch change reason PJL-23 * build: rebuild merged tag overlapping which adds sonarcloud files (no source code impact) and added new tag bump PJL-23 * chore: rebuild and merge security PR in * fix: use string instead of bool for balance type in vesting create * build: rebuild * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement: vesting_balance_type enum * improvement: re-add policy items * improvement: re-add policy items * fix: add export data for vesting balance type * Revert "fix: add export data for vesting balance type" This reverts commit 24138cc. * fix: remove wrong export item * fix: add vesting_policy_initializer to exports * feat(account_update): added value.update_last_voting_time added value.update_last_voting_time to account_update serializer extensions object WAL-281 * feat: add balance_type to vesting balance withdraw * chore: sync with master some different versions existed, selected latest version from conflicts and reinstalled hence the update to shrinkwrap file. * chore: rebuild * chore(release): 0.6.4 * fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37) * Revert "fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37)" (#38) This reverts commit 6d3293b. Co-authored-by: Roshan Syed <[email protected]> Co-authored-by: mseaward <[email protected]> Co-authored-by: jotprabh1 <[email protected]> Co-authored-by: Bobinson K B <[email protected]> * Fix merge conflicts (#43) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * sync with master (#31) (#32) * Pbsa develop (#28) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * PJL-24: security patches (#26) * Sonar (#22) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * ci(packages): update packages to latest where possible two audit reports cannot be resolved as we cannot update a packages dependencies ourself. They are dev only issues so production is safe from these warnings PJL-24-security-patches * build: rebuild after npm package upgrades * chore: rebuild after pbsa-develop merge sync and conflict resolution * Patch npmignore file (#29) * chore(release): 0.6.2 * chore(release): 0.6.3 * chore(.npmignore): patch npmignore file ignore irrelevant files when publishing to NPM * Update readme with sonar scan badges (#30) * chore(release): 0.6.2 * chore(release): 0.6.3 * docs(readne): update readme to show status reports of repo status reports are automatically synced/updated with sonarcloud * 0.6.4 release (#36) * ci: sonarlint WAL-223 * chore: rebuild * chore(release): 0.6.1 * Sonar (#22) * ci: sonarlint * feat: add param to vesting_balance_create vesting_balance_type new requirement due to gpos additions on mainnet WAL-250 * build(packages): several packages updated some potential breaking changes, test impact on updates * docs: readme update indicating patch change reason PJL-23 * build: rebuild merged tag overlapping which adds sonarcloud files (no source code impact) and added new tag bump PJL-23 * chore: rebuild and merge security PR in * fix: use string instead of bool for balance type in vesting create * build: rebuild * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement(vesting_balance_create): use enumerator for balance_type vesting_balance_create balance_type parameter using enumerator now for serializing the transaction to match the blockchain type for balance_type * improvement: vesting_balance_type enum * improvement: re-add policy items * improvement: re-add policy items * fix: add export data for vesting balance type * Revert "fix: add export data for vesting balance type" This reverts commit 24138cc. * fix: remove wrong export item * fix: add vesting_policy_initializer to exports * feat(account_update): added value.update_last_voting_time added value.update_last_voting_time to account_update serializer extensions object WAL-281 * feat: add balance_type to vesting balance withdraw * chore: sync with master some different versions existed, selected latest version from conflicts and reinstalled hence the update to shrinkwrap file. * chore: rebuild * chore(release): 0.6.4 * fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37) * Revert "fix: remove vesting_balance_type from vesting_balance_withdraw_operation (#37)" (#38) This reverts commit 6d3293b. * resolved merge conflict Co-authored-by: Roshan Syed <[email protected]> Co-authored-by: mseaward <[email protected]> Co-authored-by: jotprabh1 <[email protected]> Co-authored-by: Bobinson K B <[email protected]> * improvement(accountlogin.js): improve the AccountLogin.js (Login) class Provide support for prefix assignment in checkKeys without requiring to instantiate the entire chainStore and websocket connection. Document all function within the AccountLogin class. #45 * test: adjust scripts, packages, test files resolve issue regarding deprecation in the test suite such that tests can be run. Repair issues with tests related to AccountLogin. Replace instances of 'GPH' with 'PPY' where code references a public key with a 'GPH' prefix (non-Peerplays indicator). #46, #45 * build: rebuild files in lieu of recent changes * refactor(accountlogin.js): resolve sonarcloud code smells * chore(npm): sync with pbsa-dev new version was cut prior and changes needed on this branch * build: rebuild after syncing with pbsa-develop * build: rebuild after syncing with pbsa-develop Co-authored-by: jotprabh1 <[email protected]> Co-authored-by: Adrian Metzler <[email protected]> Co-authored-by: Roshan Syed <[email protected]> Co-authored-by: Bobinson K B <[email protected]>
This was referenced Jan 29, 2020
belakon1975
changed the title
belakon1975
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
Some older accounts were registered on a faucet that had a bug associated with key allocation. The accounts that were created through this faucet in the time frame that the bug existed has their owner and active keys swapped. This causes login attempts to fail on any dapp that does not have support for this issue.
The peerplays-core-gui (Peerplays wallet) has some code within its login functions to handle this issue. Unfortunately, this fix has not been implemented into the peerplaysjs-lib.
Details
Within the Login.checkKeys function,
additional code may be required. If a checkKeys attempt fails, the owner key is to be checked against the active key instead (swap)keys provided to the function are checked recursively against the active key on chain. Under ideal usage, a user will provide the Login class the correct array of roles (['owner', 'active', 'memo']) and the checkKeys function will iterate over all keys provided. This way, each key passed in will be checked against the active public key that exists on the Peerplays blockchain.There is also a dependency of the prefix. For simple dapps, one cannot reliably use the peerplaysjs-lib without instantiating a websocket connection and using that for all blockchain interactions. There needs to be support added to the checkKeys function to pass in a custom prefix so that users are not forced to instantiate the ws chainstore and set the prefix through it.
Impact
There will be a bit more time required to re-process the key check as a result of this required fix but it is a low complexity solution and the algorithms in use are also low complexity so there ends up being no human noticeable increase in login time.
Estimate
3-4 development hours (xxs)
PBSA / Developer tasks
The text was updated successfully, but these errors were encountered: