Sigp audit fixes by JasonVranek · Pull Request #438 · Commit-Boost/commit-boost-client

JasonVranek · 2026-03-19T18:22:31Z

Implements the recommended changes to address issues from the Sigma Prime audit report.

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Co-authored-by: ltitanb <[email protected]>

…st-client into sigp-audit-fixes

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Co-authored-by: ltitanb <[email protected]>

Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

…st-client into sigp-audit-fixes

Co-authored-by: Joe Clapis <[email protected]>

… rightmost setup (#410)

…t.rs

… 1.91 as required. Add audit.toml to ignore irrevelent audit error in CI.

- add missing ADMIN_JWT_ENV and SIGNER_TLS_CERTIFICATES_PATH_ENV - support https healthchecks

…eserialization error message

…which conflicted with deserializing `SignConsensusRequest`

…fault to readlock

…estart

Will address in next PR

ManuelBilbao and others added 30 commits July 27, 2025 22:13

CBST2-04: Update JWT secrets on reload and revoke module endpoint (#295)

5935659

Merge branch 'main' into sigp-audit-fixes

91f2cb4

Merge branch 'main' into sigp-audit-fixes

46e6f94

Merge branch 'main' into sigp-audit-fixes

b802fec

Merge branch 'main' into sigp-audit-fixes

151e811

CBST2-02: Make proposer commitment signatures unique to modules (#329)

498eed9

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Split request_signature into separate paths that return JSON (#350)

af13089

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Add nonce and chain ID to signature requests (#354)

0ef8787

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Merge branch 'main' into sigp-audit-fixes

ee18aa1

Merge main to sigp-audit-fixes (#361)

6988444

Co-authored-by: ltitanb <[email protected]>

Merge branch 'sigp-audit-fixes' of github.com:Commit-Boost/commit-boo…

25bd5a6

…st-client into sigp-audit-fixes

Add payload hash to signer JWT claims (#356)

52aec57

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Merge branch 'main' into sigp-audit-fixes

f2a275b

Add TLS to signer (#357)

6b14d77

Co-authored-by: eltitanb <[email protected]> Co-authored-by: ltitanb <[email protected]> Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Removed old dependency (#370)

eb61667

Merge main to sigp audit fixes (#371)

2dfe96b

Co-authored-by: ltitanb <[email protected]>

Fix misc findings from reaudit (#376)

d566dea

Co-authored-by: Manuel Iñaki Bilbao <[email protected]>

Added make to the build file

8ddb055

Merge branch 'main' into sigp-audit-fixes

9103b51

fix(signer): Mark a JWT failure if payload conversion fail (#387)

a3f8d9d

Merge branch 'sigp-audit-fixes' of github.com:Commit-Boost/commit-boo…

7bf2589

…st-client into sigp-audit-fixes

Removed a test that was deleted in main

b66f411

Merge branch 'main' into sigp-audit-fixes

b541ffa

Merge branch 'main' into sigp-audit-fixes

58b4eb9

refactor(signer): Use config-based header to extract IP from (#388)

e58d67e

Co-authored-by: Joe Clapis <[email protected]>

fix(signer): introduce config to set the amount of trusted proxies in…

85382a5

… rightmost setup (#410)

fix(signer): rightmost header fixes (#420)

19121f3

Merge branch 'main' into sigp-audit-fixes

d4d5260

Merge branch 'main' into sigp-audit-fixes

02364f3

Merge branch 'main' into sigp-audit-fixes

533e4c0

JasonVranek commented Mar 20, 2026

View reviewed changes

Comment thread crates/cli/src/docker_init.rs

Comment thread crates/common/src/commit/request.rs

Comment thread crates/common/src/config/pbs.rs Outdated

Comment thread crates/common/src/config/utils.rs Outdated

more util test coverage and remove duplicate env read from docker_ini…

bb28eb0

…t.rs

JasonVranek requested a review from a team March 20, 2026 21:57

JasonVranek added 2 commits March 22, 2026 10:50

Bump lh from v8.0.0-rc.0 to stable v8.0.0, and bump rust from 1.89 to…

511d07d

… 1.91 as required. Add audit.toml to ignore irrevelent audit error in CI.

bump rust toolchain to nightly-2026-01-01

4afbf35

ninaiiad approved these changes Mar 24, 2026

View reviewed changes

address review comments

717390e

ninaiiad approved these changes Mar 24, 2026

View reviewed changes

ltitanb previously approved these changes Mar 25, 2026

View reviewed changes

Comment thread crates/common/src/signature.rs

JasonVranek added 2 commits March 25, 2026 12:10

address Dirk issues in docker_init.rs:

04ae8b7

- add missing ADMIN_JWT_ENV and SIGNER_TLS_CERTIFICATES_PATH_ENV - support https healthchecks

cleaner error message if TLS CryptoProvider fails

6ec3782

JasonVranek dismissed ltitanb’s stale review via 6ec3782 March 25, 2026 19:32

JasonVranek added 3 commits March 25, 2026 13:03

users get error message on missing [signer] section instead of toml d…

58b4b22

…eserialization error message

support partial jwt reloads

001b312

require the nonce in signer-api.yml - previously was marked optional …

76905de

…which conflicted with deserializing `SignConsensusRequest`

github-advanced-security AI found potential problems Mar 25, 2026

View reviewed changes

Comment thread crates/common/src/commit/request.rs Dismissed

Comment thread crates/common/src/commit/request.rs Dismissed

JasonVranek added 5 commits March 25, 2026 15:43

fix suffix when displaying X-Forwaded-For

8268572

only take the jwt_auth_failures writelock if strictly necessary, de…

7c8cce6

…fault to readlock

remove mark_jwt_failure() calls from failures unrelated to jwts

4a9aff7

add round-trip sign->verify unit tests

d834242

Merge remote-tracking branch 'upstream/main' into sigp-audit-fixes

a9a5c11

ninaiiad previously requested changes Apr 7, 2026

View reviewed changes

Comment thread crates/signer/src/service.rs

Comment thread crates/signer/src/service.rs Outdated

ManuelBilbao reviewed Apr 7, 2026

View reviewed changes

Comment thread crates/common/Cargo.toml Outdated

Comment thread docs/docs/get_started/configuration.md Outdated

Comment thread crates/common/src/signer/schemes/ecdsa.rs Outdated

Comment thread crates/signer/src/manager/dirk.rs

Comment thread crates/signer/src/service.rs

address comments. /reload now allows new module jwts without a full r…

2c3efde

…estart

ninaiiad reviewed Apr 10, 2026

View reviewed changes

Comment thread crates/signer/src/service.rs

Comment thread crates/signer/src/service.rs

ltitanb approved these changes Apr 10, 2026

View reviewed changes

ManuelBilbao approved these changes Apr 10, 2026

View reviewed changes

JasonVranek merged commit 77f11ec into main Apr 10, 2026
6 checks passed

JasonVranek deleted the sigp-audit-fixes branch April 10, 2026 21:45

Conversation

JasonVranek commented Mar 19, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

JasonVranek commented Mar 19, 2026 •

edited

Loading