Associate classical keys with quantus keys#570
Open
illuzen wants to merge 1 commit into
Open
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit d320fc2. Configure here.
| ensure!( | ||
| current_block.saturating_sub(signed_block_number) < validity_window, | ||
| Error::<T>::SignatureExpired | ||
| ); |
There was a problem hiding this comment.
Future blocks pass validity check
High Severity
The associate extrinsic's expiry check fails when signed_block_number is greater than the current block. saturating_sub returns zero, bypassing the validity window. This allows using a future block number, for which frame_system::block_hash returns a predictable zero hash, undermining replay protection.
Reviewed by Cursor Bugbot for commit d320fc2. Configure here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Not sure if this makes sense but kind of interesting.
It's not hooked up to the runtime yet, just starting a conversation.
Note
Medium Risk
New on-chain identity/crypto surface with permanent bindings and signature verification, but it is isolated from the live runtime until integrated and benchmarked.
Overview
Adds a new
pallet-key-associationworkspace crate (registered in rootCargo.toml/ lockfile) that is not wired intoquantus-runtimeyet.The pallet exposes
associate: a signed ML-DSA account can link ECDSA (secp256k1) or Ed25519 public keys after the classical key signs a fixed challenge (Quantus Key Association+ SCALE-encoded account/key + block hash). Replay protection checks the signed block hash against on-chainframe_systemhistory and enforces a window fromBlockHashCount.On success it stores a per-account bounded list (
MaxAssociations), a Blake2-128 reverse index (one classical key → one account, no unlink), emitsKeyAssociated, and ships placeholder weights plus broad unit tests (valid paths, limits, and error cases).Reviewed by Cursor Bugbot for commit d320fc2. Bugbot is set up for automated code reviews on this repo. Configure here.