Closed derekpierre closed 2 weeks ago
netlify[bot]
commented
3 weeks ago | Name | Link |
|---|---|
| Latest commit | 236f2963e68ff116acf55a2c30e0bce67ebe4e0d |
| Latest deploy log | https://app.netlify.com/sites/taco-nft-demo/deploys/66c4e6ce70156c0009928c63 |
netlify[bot]
commented
3 weeks ago | Name | Link |
|---|---|
| Latest commit | 236f2963e68ff116acf55a2c30e0bce67ebe4e0d |
| Latest deploy log | https://app.netlify.com/sites/taco-demo/deploys/66c4e6ceb8611e0008572d8f |
codecov-commenter
commented
3 weeks ago Attention: Patch coverage is 84.61538% with 6 lines in your changes missing coverage. Please review.
Project coverage is 88.55%. Comparing base (
e8f9098) to head (236f296). Report is 177 commits behind head on main.
| Files | Patch % | Lines |
|---|---|---|
| ...ackages/taco-auth/src/providers/eip4361/eip4361.ts | 80.00% | 3 Missing and 1 partial :warning: |
| packages/taco-auth/src/storage.ts | 85.71% | 2 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
derekpierre
commented
2 weeks ago Overall looks good ๐๐ป While I do find this acceptable (and very convenient for implementers) it's interesting to observe the lines between application and library logic blurring a bit here.
Because we opted to cache the message ourselves to prevent users having to sign every time for proof of wallet ownership, it forces us to manage the cache appropriately - this PR does the latter. Definitely open to ideas here if you have any.
Type of PR:
Required reviews:
What this does:
Based over #560 (somewhat of a follow-up PR).
EIP4361AuthProvidercaches the auth signature it first generates perpetually (unless storage is explicitly cleared eg.localStorage.clear()in apps). However, this auth signature can become expired (> 2h old), and so the provider should detect that on cache retrieval and regenerate the auth signature if it becomes expired.SingleSignOnEIP4361AuthProviderfakeProvider()andfakeSigner(); this way they are better linked for tests. This only applies to tests - in real life it is possible to have a signer with no provider, but this was not the case for tests prior to this change anyway.Remove no longer applicable/superfluous API calls from being exposed:
isAuthorized(...)- calls into theCoordinatorcontract to call this function, but we are moving away from this where calls should be made directly to theAccessController. However the accessController only checks forisEncryptionAuthorizedand doesn't provide the ability to check if an encrypted address is authorized - which is what is implemented here. Therefore, it only applies to the GlobalAllowList contracts, but it's unclear if we need that ability intaco-webregisterEncrypters(...)- Was never publicly exposed and it is unclear if we need this ability intaco-web. #324 alluded to it, but not sure if we still care. Let me know if we do (cc @arjunhassard ).If we decide down the road we need them, we can add them back.
Issues fixed/closed:
Closes https://github.com/nucypher/taco-web/issues/324
Why it's needed:
Notes for reviewers: