[identity] Verify nonce expiration and set TTL to 120s
ClosedPublic
Actions

Authored by bartek on Jan 31 2024, 7:55 AM.

Details

Reviewers

varun
ashoat

Commits

rCOMM2769889f02eb: [identity] Verify nonce expiration and set TTL to 120s

Summary

Addresses ENG-6630.

Set nonce expiration to 120s, according to the whitepaper
In LogInWalletUser RPC call, verify that nonce is not expired, instead of only relying on DynamoDB TTL

Test Plan

Called GenerateNonce RPC
Called LogInWalletUser RPC (temporarily modified to omit SIWE verification, siwe_message = nonce) with the generated nonce after 2 minutes. The call failed with "nonce expired".

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

bartek created this revision.Jan 31 2024, 7:55 AM

Herald added a subscriber: tomek. · View Herald TranscriptJan 31 2024, 7:55 AM

bartek retitled this revision from [identity] Set nonce expiration to 120s and verify it to [identity] Verify nonce expiration and set TTL to 120s.Jan 31 2024, 8:01 AM

bartek edited the summary of this revision. (Show Details)

Harbormaster completed remote builds in B26332: Diff 36385.Jan 31 2024, 8:15 AM

bartek requested review of this revision.Jan 31 2024, 8:15 AM

Seems right to me, but I don't know Rust

varun accepted this revision.Jan 31 2024, 9:06 AM

This revision is now accepted and ready to land.Jan 31 2024, 9:06 AM

Closed by commit rCOMM2769889f02eb: [identity] Verify nonce expiration and set TTL to 120s (authored by bartek). · Explain WhyJan 31 2024, 11:36 PM

This revision was automatically updated to reflect the committed changes.

bartek added a commit: rCOMM2769889f02eb: [identity] Verify nonce expiration and set TTL to 120s.