Skip to content

[PRIV-413/414/415] Misc improvements to the Vault#21458

Open
cedric-cordenier wants to merge 3 commits intodevelopfrom
PRIV-413-414-415-misc-improvements-vault
Open

[PRIV-413/414/415] Misc improvements to the Vault#21458
cedric-cordenier wants to merge 3 commits intodevelopfrom
PRIV-413-414-415-misc-improvements-vault

Conversation

@cedric-cordenier
Copy link
Contributor

@cedric-cordenier cedric-cordenier commented Mar 9, 2026

Requires

Supports

Copilot AI review requested due to automatic review settings March 9, 2026 12:56
@cedric-cordenier cedric-cordenier requested review from a team as code owners March 9, 2026 12:56
@github-actions
Copy link
Contributor

github-actions bot commented Mar 9, 2026

👋 cedric-cordenier, thanks for creating this pull request!

To help reviewers, please consider creating future PRs as drafts first. This allows you to self-review and make any final changes before notifying the team.

Once you're ready, you can mark it as "Ready for review" to request feedback. Thanks!

@cedric-cordenier cedric-cordenier changed the title Priv 413 414 415 misc improvements vault [PRIV-413/414/415] Misc improvements to the Vault Mar 9, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Mar 9, 2026

I see you updated files related to core. Please run make gocs in the root directory to add a changeset as well as in the text include at least one of the following tags:

  • #added For any new functionality added.
  • #breaking_change For any functionality that requires manual action for the node to boot.
  • #bugfix For bug fixes.
  • #changed For any change to the existing functionality.
  • #db_update For any feature that introduces updates to database schema.
  • #deprecation_notice For any upcoming deprecation functionality.
  • #internal For changesets that need to be excluded from the final changelog.
  • #nops For any feature that is NOP facing and needs to be in the official Release Notes for the release.
  • #removed For any functionality/config that is removed.
  • #updated For any functionality that is updated.
  • #wip For any change that is not ready yet and external communication about it should be held off till it is feature complete.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 9, 2026
edited
Loading

✅ No conflicts with other open PRs targeting develop

Copilot AI reviewed Mar 9, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Risk Rating: HIGH (changes touch Vault OCR reporting plugin validation/encryption logic and update shared dependency versions across multiple modules)

Updates Vault OCR plugin limits/validation and associated tests, alongside bumping chainlink-common across the repo’s Go modules.

Changes:

  • Bump github.com/smartcontractkit/chainlink-common to v0.10.1-0.20260309113338-432602d809cc across root, deployment, scripts, and test modules.
  • Add Vault plugin enforcement for max request batch size and max encrypted share length, plus pending-queue observation size caps.
  • Expand Vault plugin test coverage for ciphertext/label validation, batch limits, share sizing, and panic-safety cases.

Areas needing scrupulous human review:

  • core/services/ocr2/plugins/vault/plugin.go: new share encryption helper and the refactored ValidateObservation validation paths (batch limits, share-size checks, pending-queue size cap).
  • core/services/ocr2/plugins/vault/plugin.go: stateTransitionGetSecrets share aggregation behavior with the new share-size enforcement.

Suggested reviewers (per .github/CODEOWNERS):

  • Vault OCR plugin changes (/core/services/ocr*): @smartcontractkit/foundations @smartcontractkit/core
  • Dependency bumps & integration/system test modules: @smartcontractkit/devex-tooling @smartcontractkit/core (and @smartcontractkit/foundations where applicable)

Reviewed changes

Copilot reviewed 10 out of 17 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
core/services/ocr2/plugins/vault/plugin.go Adds new limiters/validation for share size + request batch size; refactors observation validation; adjusts share aggregation.
core/services/ocr2/plugins/vault/plugin_test.go Adds extensive tests covering new validation and edge cases (batch limits, label validation, ciphertext size, panic safety).
core/services/ocr2/plugins/vault/transmitter_test.go Updates test config construction to include the new max request batch size parameter.
go.mod / go.sum Bumps chainlink-common version at repo root.
deployment/go.mod / deployment/go.sum Bumps chainlink-common for deployment module.
core/scripts/go.mod / core/scripts/go.sum Bumps chainlink-common for scripts module.
integration-tests/go.mod / integration-tests/go.sum Bumps chainlink-common for integration tests module.
integration-tests/load/go.mod / integration-tests/load/go.sum Bumps chainlink-common for load tests module.
system-tests/lib/go.mod / system-tests/lib/go.sum Bumps chainlink-common for system-tests lib module.
system-tests/tests/go.mod / system-tests/tests/go.sum Bumps chainlink-common for system-tests tests module.

core/services/ocr2/plugins/vault/plugin.go
Comment on lines +577 to +581
return "", newUserError(fmt.Sprintf("invalid public key size: expected %d bytes, got %d bytes", curve25519.PointSize, len(publicKey)))
}
if secret == nil {
return nil, newUserError("key does not exist")

publicKeyLength := [curve25519.PointSize]byte(publicKey)
encrypted, err := box.SealAnonymous(nil, s.data, &publicKeyLength, rand.Reader)
Copy link

Copilot AI Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

publicKeyLength := [curve25519.PointSize]byte(publicKey) will not compile because publicKey is a []byte returned from hex.DecodeString. Convert by copying into a [curve25519.PointSize]byte (or use var pkArr [curve25519.PointSize]byte; copy(pkArr[:], publicKey)), then pass &pkArr to box.SealAnonymous.

Copilot uses AI. Check for mistakes.
@trunk-io
Copy link

trunk-io bot commented Mar 9, 2026
edited
Loading

Static BadgeStatic BadgeStatic BadgeStatic Badge

View Full Report ↗︎Docs

@cedric-cordenier
PRIV-413: enforce max batch size in ValidateObservation
954a8f4
@cedric-cordenier
Misc improvements for the Vault plugin
e221f32 
- Validate the number of shares provided in an observation
- Validate the max share size
- Add a batch size check to validate observation
- Defence in depth check to ensure Create/Update secrets have a label
- Validate the max ciphertext size in ValidateObservation
- Check against nil secret identifiers
@cedric-cordenier
Fix linting
f60ab57
@cl-sonarqube-production
Copy link

cl-sonarqube-production bot commented Mar 9, 2026

Quality Gate passed Quality Gate passed

Issues
2 New issues
3 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

prashantkumar1982
prashantkumar1982 reviewed Mar 9, 2026
View reviewed changes
core/services/ocr2/plugins/vault/plugin.go
return nil
}

func (r *ReportingPlugin) validateListSecretIdentifiersObservation(o *vaultcommon.Observation) error {
Copy link
Contributor

@prashantkumar1982 prashantkumar1982 Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can also validate here that total responses are less than equal to the maxSecretsPerOwnerLimit right?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prashantkumar1982 prashantkumar1982 prashantkumar1982 left review comments

Copilot code review Copilot Copilot left review comments

@skudasov skudasov Awaiting requested review from skudasov

@agparadiso agparadiso Awaiting requested review from agparadiso

@MStreet3 MStreet3 Awaiting requested review from MStreet3

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cedric-cordenier @prashantkumar1982