Giter Club home page Giter Club logo

starkcheck's Introduction

Starkcheck

Quality checks

StarkCheck is a module to Ledger Fresh that simulates transaction sent by an user and ensure they respect a defined policy. The goal is to protect the user assets by using a second signature made by StarkCheck to prevent malwares when using a less secured signer.

Wanna chat with us? Join our Telegram group

How it works

The contract account is modified to take a second signature made by Starkcheck to validate its transaction. This signature is returned by this API if the tx respect the policy. A policy is link to a signer of the acccount, so an user can define a policy based on the security of the signer. i.e a nano can be allowed to perform more operations.

API

This API expose a route to submit a sign transaction with the signer pub_key. Under the hood the following steps are done.

  • Fetch the policy on chain using the events.
  • Simulate the transaction to get its trace
  • On the trace get all events that are related to approve and transfer
  • check that the policy is respected
  • Sign the transactionHash is the policy is respected. Else returns the number of events that does not respect the policy

it also exposes routes to encode/decode a Policy

Policy

Policy type and expression

The policy is express as an Array of

interface Policy {
    address: string;
    amount?: string;
    ids?: string[];
}

if Amount is defined -> ERC20 rules for spending (per transaction) if ids is defined -> ERC721 rules for protecting NFT. If ids = [] all NFTs from the collection are protected

Policy storage

The policy is stored on starknet using the cheap storage of Events. Because a signer can be used on many devices we can't rely on local storage and we don't want to store the policy on starkchecks directly.

To save space the following encoding is done to the policy policy

The event looks like this

event policy_Allowlist (signer_pub_key: felt,policy_len: felt,policy: felt*)

Getting Started

Requirements

  • Node >18.X

Install

First install the dependencies

    pnpm install

Then install the pre-push hook using lefthook

    npx lefthook install pre-push

Tests

    pnpm test

Tests are run against real trace transactions made onchain. On note.md you can see on starkscan the transaction. To extract its trace run

starknet get_transaction_trace --hash <txHash> --network alpha-mainnet > trace.json

starkcheck's People

Contributors

cremafr avatar qd-qd avatar apham-ledger avatar yogh333 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.