Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(fix): correctly redact private keys in traces #6995 #7049

Merged
merged 8 commits into from
Feb 8, 2024
Merged

(fix): correctly redact private keys in traces #6995 #7049

merged 8 commits into from
Feb 8, 2024

Conversation

zerosnacks
Copy link
Member

@zerosnacks zerosnacks commented Feb 8, 2024
edited
Loading

Motivation

Fixes issue of private keys not being redacted in traces.

Previously there was a logical error causing inputs to not correctly be redacted.

Closes #6995

Solution

This change should cover all cheatcode cases where a private key is passed (directly or through the Wallet struct) or is returned.

This includes missing cases:

  • createWallet(...)
  • getNonce(Wallet)
  • signP256(uint256,bytes32)
  • sign(Wallet,bytes32)

I've added a parameterized test to verify all cases (incl. exceptions) and in a way so it is easy to maintain.

To be able to quickly check the proposed fixes I've created a minimal repo: https://github.com/zerosnacks/foundry-pr-6995

PS: dummy data included in the test was generated using the dummy private key of 0x90F79bf6EB2c4f870365E785982E1f101E93b906, one of the Anvil defaults.

mattsse
mattsse approved these changes Feb 8, 2024
View reviewed changes
Copy link
Member

@mattsse mattsse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tysm, this is great, smol nit

pending @klkvr and @DaniPopes

klkvr
klkvr approved these changes Feb 8, 2024
View reviewed changes
Copy link
Member

@klkvr klkvr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

DaniPopes
DaniPopes approved these changes Feb 8, 2024
View reviewed changes
Copy link
Member

@DaniPopes DaniPopes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@mattsse mattsse merged commit b174c3a into foundry-rs:master Feb 8, 2024
19 checks passed
@zerosnacks zerosnacks deleted the fix/redact-pk-in-traces branch March 8, 2024 11:28
This was referenced Apr 26, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattsse mattsse mattsse approved these changes

@Evalir Evalir Evalir approved these changes

@DaniPopes DaniPopes DaniPopes approved these changes

@klkvr klkvr klkvr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

forge script call traces should not print private key.
5 participants
@zerosnacks @mattsse @Evalir @DaniPopes @klkvr