Comments (11)
@KtorZ wrote:
The PR corresponds to some enhancement that are non-necessary for the ticket itself. But, we might as well wait for them the PR to be merged now...
The error location detection is of course non-essential to this issue.
However, that particular PR (#277) had another component: it added a set of property tests to verify that corrupted Bech32 strings are correctly rejected by the decode function. Corruption is simulated in various ways:
- deleting characters
- inserting characters
- swapping characters
- mutating characters
I think it's fair to say that the above property tests are directly relevant to this issue, and that there's a good case for adding them (whether or not we have the error location detection code).
However, in hindsight, I think it would have been preferable to separate out these two different pieces of work into a pair of PRs.
from cardano-wallet.
@jonathanknowles I have added small pr to #296 to improve coveralls of the bech32 lib. Can you double check if the invalid checksum is expected to produce the corresponding error? (https://github.com/input-output-hk/cardano-wallet/pull/296/files#diff-5f9d3bec57a1b2fd69dbc65646199e44R276)
Hi @piotr-iohk. I've just checked, and this looks good to me.
from cardano-wallet.
I am against reformatting code of vendored dependencies.
It doesn't improve the functionality in any way, and will make applying changes more difficult if the reference implementation changes.
from cardano-wallet.
Current limitations of the reference implementation.
Building
The reference implementation is not available on Hackage.
Testing
-
Several building-block functions are not individually tested for correctness.
convertBits
,toBase32
,toBase256
,bech32HRPExpand
-
Certain properties that should hold between functions are not individually tested. For example:
- the inverse relationship between
toBase32
andtoBase256
- the inverse relationship between
charset
andcharsetMap
- the inverse relationship between
bech32Encode
andbech32Decode
- the inverse relationship between
segwitEncode
andsegwitDecode
- the inverse relationship between
-
Certain properties of the decoder that could be tested are not tested. For example, all of the transformations below should cause the decoder to fail:
- omitting one or more characters from a valid address.
- mutating one or more characters within a valid address.
- swapping pairs of characters within a valid address.
Usability
When a user inputs an address, we would ideally like to be able to give them feedback if the address contains an error. Ideally, our user interface would be able to show something like this:
bc1qw508d6qejxtdg4y5r3zarvary2c5xw7kv8f3t4
^
Invalid character
The bech32 format is actually designed to make it possible to give this kind of feedback in many cases.
However, the Haskell reference implementation doesn't provide this functionality. Although the bech32Decode
and segwitDecode
functions both reject invalid inputs, their return types don't discriminate between different types of failure. If we were to use the reference implementation as-is, then we wouldn't be able to give the user feedback that would allow them to fix their invalid input.
For example, all of the following failure cases will cause the above functions to evaluate to Nothing
:
- The input is too long.
- The input is mixed case (only all-lower-case or all-upper-case addresses are acceptable).
- The human-readable portion contains an invalid character (at an identifiable position).
- The input is missing the
1
separator between the human-readable portion and the data portion. - The data portion contains an invalid character (at an identifiable position).
- The data portion contains one or more characters that don't match the checksum (at an identifiable position). This is possible when the input contains exactly one or two mistakes. See this demonstration decoder, using
bc1qw508d6qejxtdg4y6r3zarvary2c5xw7kv8f3t4
as an example invalid address.
Solutions:
Testing
We could solve 1–3 by building a suite of property tests (but we'd need to patch the original code to export lower-level functions that are not currently exported).
Usability
We could solve the user-feedback limitation by rewriting the bech32Decode
and segwitDecode
functions so that they return more information in the case of failure, using a richer set of types to represent failure. We can transform failure values into rich feedback for the user.
from cardano-wallet.
@rvl wrote:
I am against reformatting code of vendored dependencies.
It doesn't improve the functionality in any way, and will make applying changes more difficult if the reference implementation changes.
Assuming that it's feasible for us to push our changes upstream, and then consume upstream as an ordinary library (the ideal scenario), then I completely agree with this objection.
On the other hand, if we're aiming to (effectively) produce a new library (with code that is substantially different from the reference implementation), then I think this becomes less necessary. We do need to show that our implementation meets the specification, however.
from cardano-wallet.
@rvl Point is we'll probably not push changes upstream as this isn't a vendored dependency but a reference implementation on a repository. I'd be keen to actually publish our revised implementation to hackage (with consent of and credits to its original author) and maintain this published version.
The reference implementation is a good starting point, it gives a baseline for the core logic, but we'll likely att a more user-friendly API on top, more tests and some extra features as highlighted by @jonathanknowles right above ^^^
from cardano-wallet.
@jonathanknowles, @KtorZ This ticket is still in progress, isn't it? (as there is an open PR that's related #277)
from cardano-wallet.
@piotr-iohk Technically ... no. The PR corresponds to some enhancement that are non-necessary for the ticket itself. But, we might as well wait for them the PR to be merged now...
from cardano-wallet.
Didn't realize that. Thanks for the heads up @jonathanknowles 🙏
from cardano-wallet.
Didn't realize that. Thanks for the heads up @jonathanknowles
No problem! :)
from cardano-wallet.
@jonathanknowles I have added small pr to #296 to improve coveralls of the bech32 lib. Can you double check if the invalid checksum is expected to produce the corresponding error? (https://github.com/input-output-hk/cardano-wallet/pull/296/files#diff-5f9d3bec57a1b2fd69dbc65646199e44R276)
from cardano-wallet.
Related Issues (20)
- Wallet takes too long to sync HOT 4
- Preview testnet error for cardano-wallet HOT 7
- Store keys in Hashicorp Vault HOT 2
- Stake pool monitor exit: Unhandled exception: SQLite3 returned ErrorIO while attempting to perform step: disk I/O error HOT 5
- Upgrade cardano-wallet to build with ghc-9.6 HOT 1
- Compatibility with `cardano-node` version `8.0.0` HOT 10
- Adahandle support
- Publish tag 2023-07-18 on Docker hub HOT 2
- Invalid link in `CONTRIBUTING.md` file HOT 2
- Cardano wallet's threads are dying while syncing HOT 1
- MacOS ARM64 builds HOT 3
- Can't sign tx with "mustBeSignedBy" constraint with a stakeKey. HOT 3
- Expose Wallet Engine Sync Progress API HOT 4
- cardano-wallet is not getting synced up HOT 12
- cabal build all with v2023-07-18 tag not working HOT 1
- Documentation / interface for hardware wallets HOT 3
- CHaP release HOT 3
- "The machine terminated part way through evaluation due to overspending the budget" HOT 1
- Quickstart Bash Script Error: tar file cannot be decoded. HOT 1
- cardano-wallet NixOS module not working with cardano-node NixOS module HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cardano-wallet.