Merge pull request #1754 from okTurtles/e2e-protocol-ricardo

Bugfix: key rotation on watched contracts
okTurtles · Oct 6, 2023 · 1fc3ec4 · 1fc3ec4
2 parents 893a07b + f079b04
commit 1fc3ec4
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 13 deletions.
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
@@ -538,7 +538,7 @@ export default (sbp('sbp/selectors/register', {
             id: newId,
             meta: {
               private: {
-                content: serializeKey(newKey, true)
+                content: encryptedOutgoingData(groupState, CEKid, serializeKey(newKey, true))
               }
             }
           }))

diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
@@ -88,10 +88,8 @@ const keyRotationHelper = (contractID: string, state: Object, config: Object, up
 
         const signingKeyId = findSuitableSecretKeyId(rootState[cID], requiredPermissions, ['sig'], foreignContractKey.ringLevel)
 
-        const encryptionKeyId = foreignContractKey._private
-
         if (signingKeyId) {
-          return [[name, foreignContractKey.name, encryptionKeyId], signingKeyId, rootState[cID]._vm.authorizedKeys[signingKeyId].ringLevel]
+          return [[name, foreignContractKey.name], signingKeyId, rootState[cID]._vm.authorizedKeys[signingKeyId].ringLevel]
         }
 
         return undefined
@@ -112,9 +110,6 @@ const keyRotationHelper = (contractID: string, state: Object, config: Object, up
             contractID: cID,
             contractName,
             data: keyNamesToUpdate.map(outputMapper).map((v, i) => {
-              if (keyNamesToUpdate[i][2]) {
-                return encryptedOutgoingData(rootState[cID], keyNamesToUpdate[i][2], v)
-              }
               return v
             }),
             signingKeyId
@@ -667,7 +662,8 @@ export default (sbp('sbp/selectors/register', {
       [GIMessage.OP_KEY_UPDATE] (v: GIOpKeyUpdate) {
         if (!state._volatile) config.reactiveSet(state, '_volatile', Object.create(null))
         if (!state._volatile.pendingKeyRevocations) config.reactiveSet(state._volatile, 'pendingKeyRevocations', Object.create(null))
-        const [updatedKeys, keysToDelete] = validateKeyUpdatePermissions(contractID, signingKey, state, v)
+        const [updatedKeys, updatedMap] = validateKeyUpdatePermissions(contractID, signingKey, state, v)
+        const keysToDelete = ((Object.values(updatedMap): any): string[])
         for (const keyId of keysToDelete) {
           if (has(state._volatile.pendingKeyRevocations, keyId)) {
             delete state._volatile.pendingKeyRevocations[keyId]
@@ -689,7 +685,10 @@ export default (sbp('sbp/selectors/register', {
           const updatedKeysMap = Object.create(null)
 
           updatedKeys.forEach((key) => {
-            if (key.data) updatedKeysMap[key.name] = key
+            if (key.data) {
+              updatedKeysMap[key.name] = key
+              updatedKeysMap[key.name].oldKeyId = updatedMap[key.id]
+            }
           })
 
           keyRotationHelper(contractID, state, config, updatedKeysMap, [GIMessage.OP_KEY_UPDATE], 'chelonia/out/keyUpdate', (name) => ({

diff --git a/shared/domains/chelonia/utils.js b/shared/domains/chelonia/utils.js
@@ -217,8 +217,8 @@ export const validateKeyDelPermissions = (contractID: string, signingKey: GIKey,
     })
 }
 
-export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIKey, state: Object, v: (GIKeyUpdate | EncryptedData<GIKeyUpdate>)[]): [GIKey[], string[]] => {
-  const keysToDelete: string[] = []
+export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIKey, state: Object, v: (GIKeyUpdate | EncryptedData<GIKeyUpdate>)[]): [GIKey[], { [k: string]: string }] => {
+  const updatedMap = ((Object.create(null): any): { [k: string]: string })
   const keys = v.map((wuk): GIKey | void => {
     const data = unwrapMaybeEncryptedData(wuk)
     if (!data) return undefined
@@ -241,7 +241,7 @@ export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIK
       throw new Error('Missing private key. Old key ID: ' + uk.oldKeyId)
     }
     if (uk.id && uk.id !== uk.oldKeyId) {
-      keysToDelete.push(uk.oldKeyId)
+      updatedMap[uk.id] = uk.oldKeyId
     }
     const updatedKey = { ...existingKey }
     // Set the corresponding updated attributes
@@ -266,7 +266,7 @@ export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIK
     return updatedKey
   }).filter(Boolean)
   validateKeyAddPermissions(contractID, signingKey, state, keys, true)
-  return [((keys: any): GIKey[]), keysToDelete]
+  return [((keys: any): GIKey[]), updatedMap]
 }
 
 export const keyAdditionProcessor = function (keys: (GIKey | EncryptedData<GIKey>)[], state: Object, contractID: string, signingKey: GIKey) {