aboutsummaryrefslogtreecommitdiffstats
path: root/signer/core/auditlog.go
diff options
context:
space:
mode:
authorMartin Holst Swende <martin@swende.se>2018-04-16 20:04:32 +0800
committerPéter Szilágyi <peterke@gmail.com>2018-04-16 20:04:32 +0800
commitec3db0f56c779387132dcf2049ed32bf4ed34a4f (patch)
treed509c580e02053fd133b0402c0838940d4b871d2 /signer/core/auditlog.go
parentde2a7bb764c82dbaa80d37939c5862358174bc6e (diff)
downloaddexon-ec3db0f56c779387132dcf2049ed32bf4ed34a4f.tar.gz
dexon-ec3db0f56c779387132dcf2049ed32bf4ed34a4f.tar.zst
dexon-ec3db0f56c779387132dcf2049ed32bf4ed34a4f.zip
cmd/clef, signer: initial poc of the standalone signer (#16154)
* signer: introduce external signer command * cmd/signer, rpc: Implement new signer. Add info about remote user to Context * signer: refactored request/response, made use of urfave.cli * cmd/signer: Use common flags * cmd/signer: methods to validate calldata against abi * cmd/signer: work on abi parser * signer: add mutex around UI * cmd/signer: add json 4byte directory, remove passwords from api * cmd/signer: minor changes * cmd/signer: Use ErrRequestDenied, enable lightkdf * cmd/signer: implement tests * cmd/signer: made possible for UI to modify tx parameters * cmd/signer: refactors, removed channels in ui comms, added UI-api via stdin/out * cmd/signer: Made lowercase json-definitions, added UI-signer test functionality * cmd/signer: update documentation * cmd/signer: fix bugs, improve abi detection, abi argument display * cmd/signer: minor change in json format * cmd/signer: rework json communication * cmd/signer: implement mixcase addresses in API, fix json id bug * cmd/signer: rename fromaccount, update pythonpoc with new json encoding format * cmd/signer: make use of new abi interface * signer: documentation * signer/main: remove redundant option * signer: implement audit logging * signer: create package 'signer', minor changes * common: add 0x-prefix to mixcaseaddress in json marshalling + validation * signer, rules, storage: implement rules + ephemeral storage for signer rules * signer: implement OnApprovedTx, change signing response (API BREAKAGE) * signer: refactoring + documentation * signer/rules: implement dispatching to next handler * signer: docs * signer/rules: hide json-conversion from users, ensure context is cleaned * signer: docs * signer: implement validation rules, change signature of call_info * signer: fix log flaw with string pointer * signer: implement custom 4byte databsae that saves submitted signatures * signer/storage: implement aes-gcm-backed credential storage * accounts: implement json unmarshalling of url * signer: fix listresponse, fix gas->uint64 * node: make http/ipc start methods public * signer: add ipc capability+review concerns * accounts: correct docstring * signer: address review concerns * rpc: go fmt -s * signer: review concerns+ baptize Clef * signer,node: move Start-functions to separate file * signer: formatting
Diffstat (limited to 'signer/core/auditlog.go')
-rw-r--r--signer/core/auditlog.go110
1 files changed, 110 insertions, 0 deletions
diff --git a/signer/core/auditlog.go b/signer/core/auditlog.go
new file mode 100644
index 000000000..d0ba733d2
--- /dev/null
+++ b/signer/core/auditlog.go
@@ -0,0 +1,110 @@
+// Copyright 2018 The go-ethereum Authors
+// This file is part of go-ethereum.
+//
+// go-ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// go-ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
+
+package core
+
+import (
+ "context"
+
+ "encoding/json"
+
+ "github.com/ethereum/go-ethereum/accounts"
+ "github.com/ethereum/go-ethereum/common"
+ "github.com/ethereum/go-ethereum/common/hexutil"
+ "github.com/ethereum/go-ethereum/internal/ethapi"
+ "github.com/ethereum/go-ethereum/log"
+)
+
+type AuditLogger struct {
+ log log.Logger
+ api ExternalAPI
+}
+
+func (l *AuditLogger) List(ctx context.Context) (Accounts, error) {
+ l.log.Info("List", "type", "request", "metadata", MetadataFromContext(ctx).String())
+ res, e := l.api.List(ctx)
+
+ l.log.Info("List", "type", "response", "data", res.String())
+
+ return res, e
+}
+
+func (l *AuditLogger) New(ctx context.Context) (accounts.Account, error) {
+ return l.api.New(ctx)
+}
+
+func (l *AuditLogger) SignTransaction(ctx context.Context, args SendTxArgs, methodSelector *string) (*ethapi.SignTransactionResult, error) {
+ sel := "<nil>"
+ if methodSelector != nil {
+ sel = *methodSelector
+ }
+ l.log.Info("SignTransaction", "type", "request", "metadata", MetadataFromContext(ctx).String(),
+ "tx", args.String(),
+ "methodSelector", sel)
+
+ res, e := l.api.SignTransaction(ctx, args, methodSelector)
+ if res != nil {
+ l.log.Info("SignTransaction", "type", "response", "data", common.Bytes2Hex(res.Raw), "error", e)
+ } else {
+ l.log.Info("SignTransaction", "type", "response", "data", res, "error", e)
+ }
+ return res, e
+}
+
+func (l *AuditLogger) Sign(ctx context.Context, addr common.MixedcaseAddress, data hexutil.Bytes) (hexutil.Bytes, error) {
+ l.log.Info("Sign", "type", "request", "metadata", MetadataFromContext(ctx).String(),
+ "addr", addr.String(), "data", common.Bytes2Hex(data))
+ b, e := l.api.Sign(ctx, addr, data)
+ l.log.Info("Sign", "type", "response", "data", common.Bytes2Hex(b), "error", e)
+ return b, e
+}
+
+func (l *AuditLogger) EcRecover(ctx context.Context, data, sig hexutil.Bytes) (common.Address, error) {
+ l.log.Info("EcRecover", "type", "request", "metadata", MetadataFromContext(ctx).String(),
+ "data", common.Bytes2Hex(data))
+ a, e := l.api.EcRecover(ctx, data, sig)
+ l.log.Info("EcRecover", "type", "response", "addr", a.String(), "error", e)
+ return a, e
+}
+
+func (l *AuditLogger) Export(ctx context.Context, addr common.Address) (json.RawMessage, error) {
+ l.log.Info("Export", "type", "request", "metadata", MetadataFromContext(ctx).String(),
+ "addr", addr.Hex())
+ j, e := l.api.Export(ctx, addr)
+ // In this case, we don't actually log the json-response, which may be extra sensitive
+ l.log.Info("Export", "type", "response", "json response size", len(j), "error", e)
+ return j, e
+}
+
+func (l *AuditLogger) Import(ctx context.Context, keyJSON json.RawMessage) (Account, error) {
+ // Don't actually log the json contents
+ l.log.Info("Import", "type", "request", "metadata", MetadataFromContext(ctx).String(),
+ "keyJSON size", len(keyJSON))
+ a, e := l.api.Import(ctx, keyJSON)
+ l.log.Info("Import", "type", "response", "addr", a.String(), "error", e)
+ return a, e
+}
+
+func NewAuditLogger(path string, api ExternalAPI) (*AuditLogger, error) {
+ l := log.New("api", "signer")
+ handler, err := log.FileHandler(path, log.LogfmtFormat())
+ if err != nil {
+ return nil, err
+ }
+ l.SetHandler(handler)
+ l.Info("Configured", "audit log", path)
+ return &AuditLogger{l, api}, nil
+}
generated by cgit (git 2.34.1) at 2025-05-24 06:48:49 +0800