Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(forge): sensitive broadcast logs #4892

Merged
merged 8 commits into from
May 18, 2023
Merged

fix(forge): sensitive broadcast logs #4892

merged 8 commits into from
May 18, 2023

Conversation

devanoneth
Copy link
Contributor

Motivation

Remove sensitive values from broadcast logs. Namely rpc and path. Fixes #4730.

Solution

As proposed in #4730, saves sensitive values into a file with the same name / folder path but instead of the broadcast dir, we use the cache dir. It introduces a ScriptSequenceSensitive struct which can be used to write sensitive values and later load them back into the ScriptSequence struct.

Also fixes and extends the check_broadcast_log test so the changes can be tested.

@Evalir Evalir self-requested a review May 8, 2023 12:37
@Evalir Evalir requested a review from mattsse May 9, 2023 01:43
Evalir
Evalir reviewed May 9, 2023
View reviewed changes
Copy link
Member

@Evalir Evalir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey hey thanks for this!

logic looks ok, but haven't tested. some nits re docs/comments/naming:

cli/src/cmd/forge/script/sequence.rs Outdated
@@ -45,6 +48,29 @@ pub struct ScriptSequence {
pub commit: Option<String>,
}

#[derive(Deserialize, Serialize, Clone, Default)]
pub struct TransactionWithMetadataSensitive {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add some docs about what this struct is?

Also, I think we could have a better name e.g SensitiveTxMetadata—We only really have the sensitive logged info here, rather than being a full blown tx that has sensitive info.

cli/src/cmd/forge/script/sequence.rs Outdated

/// Sensitive info from the script sequence which is saved into the cache folder
#[derive(Deserialize, Serialize, Clone, Default)]
pub struct ScriptSequenceSensitive {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ditto on above comment—let's try and look for a more intuitive/accurate name

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would SensitiveScriptSequence be better? I wanted to keep the name close to the ScriptSequence struct as that's where these values come from.

That way you have your ScriptSequence which can be committed and SensitiveScriptSequence which shouldn't be.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, this sounds good!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool, that's already in my last commit :)

cli/src/cmd/forge/script/sequence.rs
)?),
&script_sequence_sensitive,
)?;

shell::println(format!("\nTransactions saved to: {path}\n"))?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe we should print an extra message indicating sensitive info has been written to a separate path?

@Evalir Evalir self-requested a review May 12, 2023 02:04
@Evalir
Copy link
Member

Evalir commented May 12, 2023

hey hey, will TAL tomorrow and hopefully merge this! looks solid, just haven't fully tested yet

@devanoneth
Copy link
Contributor Author

No prob @Evalir, you're smashing PRs out lately! <3

Evalir
Evalir approved these changes May 13, 2023
View reviewed changes
Copy link
Member

@Evalir Evalir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this lgtm!
ptal @mattsse

mattsse
mattsse requested changes May 17, 2023
View reviewed changes
Copy link
Member

@mattsse mattsse left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cool!

test lgtm!

@Evalir do we need to put this in the changelog?

I believe we need to add this to the default gitignore as well for forge init

@mds1 mds1 mentioned this pull request May 17, 2023
Merged
@devanoneth
Copy link
Contributor Author

@mattsse thanks for reviewing! I'm not sure why this would need changes in the default .gitignore? I just checked and it ignores cache and doesn't ignore broadcast for any chain without id 31337:

# Compiler files
cache/
out/

# Ignores development broadcast logs
!/broadcast
/broadcast/*/31337/
/broadcast/**/dry-run/

# Docs
docs/

# Dotenv file
.env

@mattsse
Copy link
Member

mattsse commented May 18, 2023

I see, so the senstive logs are always ignored?

@devanoneth
Copy link
Contributor Author

@mattsse Yeah, the sensitive logs go into directories under the cache directory. See the get_paths function in sequence.rs for more details.

mattsse
mattsse approved these changes May 18, 2023
View reviewed changes
Copy link
Member

@mattsse mattsse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

gg

@mattsse mattsse merged commit b294694 into foundry-rs:master May 18, 2023
@devanoneth devanoneth deleted the fix/sensitive-broadcast branch May 18, 2023 13:57
This was referenced May 25, 2023
Closed
Closed
@klkvr klkvr mentioned this pull request Nov 28, 2023
Merged
@DaniPopes DaniPopes mentioned this pull request Feb 19, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattsse mattsse mattsse approved these changes

@Evalir Evalir Evalir approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bug: remove sensitive info from broadcast files
3 participants
@devanoneth @Evalir @mattsse