Release sui_v1.18.0_1706932308_ci: [bridge 31/n] harden bridge authority signing server (#15936) · MystenLabs/sui

sui_v1.18.0_1706932308_ci
8fa8c96
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Verified
Learn about vigilant mode
Compare

Choose a tag to compare

Loading

View all tags

sui_v1.18.0_1706932308_ci: [bridge 31/n] harden bridge authority signing server (#15936)

sui_v1.18.0_1706932308_ci
8fa8c96
Compare

Choose a tag to compare

Loading

View all tags
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Verified
Learn about vigilant mode

longbowlu tagged this 03 Feb 00:55

## Description 

This PR hardens the bridge authority signing server:
1. introduce `ActionVerifier` trait to verify if an action is legit. Two
impls are `SuiActionVerifier` that checks sui initialized transfers, and
`EthActionVerifier` that checks eth initialized transfer. We will soon
have a governance verifier.
2. add a LRU cache in signing server such that duplicated requests will
not lead to wasted work. Non-transient errors will be cached too.

## Test Plan 

unit tests

---
If your changes are not user-facing and do not break anything, you can
skip the following section. Otherwise, please briefly describe what has
changed under the Release Notes section.

### Type of Change (Check all that apply)

- [ ] protocol change
- [ ] user-visible impact
- [ ] breaking change for a client SDKs
- [ ] breaking change for FNs (FN binary must upgrade)
- [ ] breaking change for validators or node operators (must upgrade
binaries)
- [ ] breaking change for on-chain data layout
- [ ] necessitate either a data wipe or data migration

### Release notes

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly