feat(attestation_engine): verifier-allowlist-abuse-cases-rate-limits-…#380
Open
ritik4ever wants to merge 1 commit intoCommitlabs-Org:masterfrom
Conversation
…audit-log-events - add_verifier: rate-limit per caller, detect duplicate adds (VerifAddAbuse event), enhanced VerifierAdded audit event with caller+timestamp - remove_verifier: rate-limit per caller, detect remove of non-existent verifier (VerifRmAbuse event), enhanced VerifierRemoved audit event - fix(shared_utils): remove duplicate explicit+glob re-exports causing E0255 compile error - fix(shared_utils/pausable): remove unused paused_key variable - tests: 8 new tests covering success, idempotent abuse cases, unauthorized failure modes, and rate-limit-exceeded panic cases
|
@ritik4ever Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
Author
|
@1nonlypiece please reveiw my pr |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rate limiting on add_verifier / remove_verifier via RateLimiter (configure with set_rate_limit using symbols "add_verif" / "rm_verif")
Duplicate add → emits VerifAddAbuse event, returns idempotently
Remove of non-existent verifier → emits VerifRmAbuse event, returns idempotently
Enhanced VerifierAdded / VerifierRemoved events now include caller + timestamp
Fix pre-existing E0255 compile error in shared_utils (duplicate explicit + glob re-exports)
Test plan
Run cargo test -p attestation_engine --features testutils — all 8 new tests pass
Security notes
require_auth() + admin check runs before rate-limit check — unauthenticated callers cannot consume quota
Rate limits are a no-op when unconfigured (safe default)
Closes #229