Fix Passkey Verification #486
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nlordell
requested review from
akshay-ap,
mmv08 and
remedcu
and removed request for
a team
Pull Request Test Coverage Report for Build 10457753594Details
💛 - Coveralls |
In deploying the contracts, I noticed that the local verification script wasn't working as well as Etherscan verification of the FCL verifier contract. This PR fixes both of these things and is related to a couple issues: 1. The `solc` package version was not correctly specified for each `localVerify` script. It was pulling in a `solc` version based on transient dependencies which doesn't necessarily match what the contracts are compiled with (and thus affects local verification). This was an issue shared by all Solidity packages. 2. Local verification was not correctly building the Solidity compiler input JSON. It turns out that the way we build compiler input would sometimes only pass in the Keccak-256 hash of the source instead of the actual Solidity source - so we add an additional condition in the task to read the source from disk if necessary. 3. The `etherscan-verify` task from the `hardhat-deploy` package does not work for contracts with Solidity compiler settings overrides such as the FCL P-256 verifier contract (which has different compiler settings from the rest of the contracts). We have a special manual `hardhat-verify` plugin call in the `deploy-all` task to work around the issue.
nlordell
force-pushed
the
chore/fix-passkey-verification
branch
from
09d3b77
to
9ba9186
Compare
mmv08
approved these changes
Aug 20, 2024
| @@ -4,15 +4,14 @@ coverage/ | |||
| coverage.json | |||
| deployments/ | |||
| dist/ | |||
| typechain-types | |||
| typechain-types/ | |||
| venv/ | |||
There was a problem hiding this comment.
The certora verification uses pip for installing the Certora CLI (source:
)There was a problem hiding this comment.
I am not a Python expert, but it doesn't seem like the virtual env gets initialised anywhere in the script?
There was a problem hiding this comment.
No it does not - I use it locally, since our different projects use different versions of certora-cli, so installing it globally isn't great. I basically follow the instructions from:
https://github.com/safe-global/safe-locking?tab=readme-ov-file#formal-verification
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In deploying the Passkey v0.2.1 contracts, I noticed that the local verification script wasn't working as well as Etherscan verification of the FCL verifier contract. This PR fixes both of these things and is related to a few issues:
solcpackage version was not correctly specified for eachlocalVerifyscript. It was pulling in asolcversion based on transient dependencies which doesn't necessarily match what the contracts are compiled with (and thus affects local verification). This was an issue shared by all Solidity packages.hardhat-deployinconsistency).etherscan-verifytask from thehardhat-deploypackage does not work for contracts with Solidity compiler settings overrides such as the FCL P-256 verifier contract (which has different compiler settings from the rest of the contracts). We have a special manualhardhat-verifyplugin call in thedeploy-alltask to work around the issue.