Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new validation and limit for storage #621

Merged
merged 2 commits into from
Jul 19, 2022
Merged

Add new validation and limit for storage #621

merged 2 commits into from
Jul 19, 2022

Conversation

david0xd
Copy link
Contributor

@david0xd david0xd commented Jul 13, 2022
edited by FrederikBolding
Loading

The main goal of this PR is to enforce JSON serializability of the Snap state and limit its size.

This PR will introduce new utility functions for JSON sizing and validation implemented here: MetaMask/utils#14

Fix: #209

Fixes: #571

@david0xd david0xd self-assigned this Jul 13, 2022
FrederikBolding
FrederikBolding requested changes Jul 13, 2022
View reviewed changes
packages/rpc-methods/src/restricted/manageState.ts Outdated Show resolved Hide resolved
packages/rpc-methods/src/restricted/manageState.ts Outdated
@@ -87,6 +92,8 @@ export enum ManageStateOperation {
updateState = 'update',
}

export const STORAGE_SIZE_LIMIT = 10000; // In bytes
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should decide with the team what this value should be.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is now limited with 100MB in size, as discussed on standup call.

@david0xd
Add new validation and limit for storage
06bf370 
Return isObject check

Update utils version

Return old message

Refactor and change size limit
@david0xd david0xd marked this pull request as ready for review July 19, 2022 07:58
@david0xd david0xd requested a review from a team as a code owner July 19, 2022 07:58
@codecov-commenter
Copy link

codecov-commenter commented Jul 19, 2022
edited
Loading

Codecov Report

Merging #621 (8f38558) into main (bb0c266) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #621   +/-   ##
=======================================
  Coverage   87.57%   87.57%           
=======================================
  Files          88       88           
  Lines        2664     2664           
  Branches      488      488           
=======================================
  Hits         2333     2333           
  Misses        311      311           
  Partials       20       20

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bb0c266...8f38558. Read the comment docs.

@david0xd david0xd merged commit 4a81176 into main Jul 19, 2022
@david0xd david0xd deleted the dd/snaps-storage-limit branch July 19, 2022 08:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FrederikBolding FrederikBolding FrederikBolding approved these changes

Assignees

@david0xd david0xd

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Limit Snaps storage to ensure they can't break Metamask storage Enforce JSON serializability of snap state
3 participants
@david0xd @codecov-commenter @FrederikBolding