From 5a881774300e846473f824ace97d2142feb6b349 Mon Sep 17 00:00:00 2001 From: Andri Schatz Date: Tue, 10 Jun 2025 13:07:59 +0200 Subject: [PATCH 1/5] change origin hash to 32 bytes --- .../src/storage/storable/application.rs | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/internet_identity/src/storage/storable/application.rs b/src/internet_identity/src/storage/storable/application.rs index 7e8c916f96..7e47f97427 100644 --- a/src/internet_identity/src/storage/storable/application.rs +++ b/src/internet_identity/src/storage/storable/application.rs @@ -31,7 +31,7 @@ impl Storable for StorableApplication { #[derive(Clone, Debug, Ord, PartialOrd, Eq, PartialEq)] pub struct StorableOriginHash { - hash: [u8; 8], + hash: [u8; 32], } impl StorableOriginHash { @@ -39,13 +39,10 @@ impl StorableOriginHash { let mut hasher = Sha256::new(); hasher.update(origin.as_bytes()); let full_hash_result = hasher.finalize(); - // Truncate the 32-byte SHA-256 hash to the first 8 bytes. - let truncated_hash_slice: &[u8] = &full_hash_result[0..8]; - let hash_8_bytes: [u8; 8] = truncated_hash_slice - .try_into() - .expect("Failed to truncate SHA256 hash to 8 bytes; slice length should be 8."); - Self { hash: hash_8_bytes } + Self { + hash: full_hash_result.into(), + } } } @@ -61,7 +58,7 @@ impl Storable for StorableOriginHash { } const BOUND: Bound = Bound::Bounded { - max_size: 8, + max_size: 32, is_fixed_size: true, }; } From 55e0c368b3d53294feec8b7f601a409ed4aeaf70 Mon Sep 17 00:00:00 2001 From: Andri Schatz Date: Tue, 10 Jun 2025 15:23:43 +0200 Subject: [PATCH 2/5] add migration and new memory id --- src/internet_identity/src/account_management.rs | 5 +++++ src/internet_identity/src/main.rs | 4 ++++ src/internet_identity/src/storage.rs | 17 ++++++++++++++++- .../src/storage/storable/application.rs | 2 ++ 4 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/internet_identity/src/account_management.rs b/src/internet_identity/src/account_management.rs index 6bcce7572a..e2d05d98c9 100644 --- a/src/internet_identity/src/account_management.rs +++ b/src/internet_identity/src/account_management.rs @@ -228,6 +228,11 @@ pub fn get_account_delegation( }) } +/// This is needed to migrate the +pub fn migrate_application_lookup() { + storage_borrow_mut(|storage| storage.rebuild_lookup_application_with_origin_memory()); +} + /// Checks whether the stored number of accounts as per the counter exceeds the maximum permitted number. /// If it does, it rebuilds the counter. If it still exceeds, it will return an error. fn check_or_rebuild_max_anchor_accounts( diff --git a/src/internet_identity/src/main.rs b/src/internet_identity/src/main.rs index f6f2304652..588380954b 100644 --- a/src/internet_identity/src/main.rs +++ b/src/internet_identity/src/main.rs @@ -1,3 +1,4 @@ +use crate::account_management::migrate_application_lookup; use crate::anchor_management::tentative_device_registration; use crate::anchor_management::tentative_device_registration::{ TentativeDeviceRegistrationError, TentativeRegistrationInfo, VerifyTentativeDeviceError, @@ -514,6 +515,9 @@ fn post_upgrade(maybe_arg: Option) { state::load_persistent_state(); initialize(maybe_arg); + + // XXX: This is to migrate the application lookup to the 32 byte origin hash lookup. Remove it after that has been deployed. + migrate_application_lookup(); } fn initialize(maybe_arg: Option) { diff --git a/src/internet_identity/src/storage.rs b/src/internet_identity/src/storage.rs index cefffb8f75..5b00f4d82e 100644 --- a/src/internet_identity/src/storage.rs +++ b/src/internet_identity/src/storage.rs @@ -163,7 +163,9 @@ const REGISTRATION_CURRENT_RATE_MEMORY_INDEX: u8 = 6u8; const LOOKUP_ANCHOR_WITH_DEVICE_CREDENTIAL_MEMORY_INDEX: u8 = 9u8; const STABLE_ACCOUNT_MEMORY_INDEX: u8 = 10u8; const STABLE_APPLICATION_MEMORY_INDEX: u8 = 11u8; -const LOOKUP_APPLICATION_WITH_ORIGIN_MEMORY_INDEX: u8 = 12u8; +// This memory index has been abandoned, do not use it +// const LOOKUP_APPLICATION_WITH_ORIGIN_MEMORY_INDEX: u8 = 12u8; +const LOOKUP_APPLICATION_WITH_ORIGIN_MEMORY_INDEX: u8 = 19u8; const STABLE_ACCOUNT_REFERENCE_LIST_MEMORY_INDEX: u8 = 13u8; const STABLE_ANCHOR_ACCOUNT_COUNTER_MEMORY_INDEX: u8 = 14u8; const STABLE_ACCOUNT_COUNTER_MEMORY_INDEX: u8 = 15u8; @@ -749,6 +751,19 @@ impl Storage { .and_then(|application_number| self.stable_application_memory.get(&application_number)) } + /// Used for migrating from 8-byte to 32-byte origin hash + pub fn rebuild_lookup_application_with_origin_memory(&mut self) { + // Check that the memory is empty, otherwise panic + assert_eq!(self.lookup_application_with_origin_memory.len(), 0); + + self.stable_application_memory + .iter() + .for_each(|(app_num, app)| { + self.lookup_application_with_origin_memory + .insert(StorableOriginHash::from_origin(&app.origin), app_num); + }) + } + fn lookup_account_references( &self, anchor_number: AnchorNumber, diff --git a/src/internet_identity/src/storage/storable/application.rs b/src/internet_identity/src/storage/storable/application.rs index 7e47f97427..4903cb2597 100644 --- a/src/internet_identity/src/storage/storable/application.rs +++ b/src/internet_identity/src/storage/storable/application.rs @@ -4,6 +4,8 @@ use minicbor::{Decode, Encode}; use sha2::{Digest, Sha256}; use std::borrow::Cow; +use crate::state::storage_borrow_mut; + #[derive(Encode, Decode, Clone, Debug, PartialEq)] #[cbor(map)] pub struct StorableApplication { From 0adf86c5ae2524fd89d4034233bbc77e359cf6fd Mon Sep 17 00:00:00 2001 From: Andri Schatz Date: Tue, 10 Jun 2025 15:25:56 +0200 Subject: [PATCH 3/5] complete comments --- src/internet_identity/src/account_management.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/internet_identity/src/account_management.rs b/src/internet_identity/src/account_management.rs index e2d05d98c9..840b86f974 100644 --- a/src/internet_identity/src/account_management.rs +++ b/src/internet_identity/src/account_management.rs @@ -228,7 +228,8 @@ pub fn get_account_delegation( }) } -/// This is needed to migrate the +/// This is needed to migrate the application lookup after dropping the 8-byte based version of that table, +/// and moving to the 32-byte version of it. This should be removed after the migration is done. pub fn migrate_application_lookup() { storage_borrow_mut(|storage| storage.rebuild_lookup_application_with_origin_memory()); } From eae895c5585e25e7bbaf9eeee37db020d3d7e3a9 Mon Sep 17 00:00:00 2001 From: Andri Schatz Date: Tue, 10 Jun 2025 15:30:15 +0200 Subject: [PATCH 4/5] clippy --- src/internet_identity/src/storage/storable/application.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/internet_identity/src/storage/storable/application.rs b/src/internet_identity/src/storage/storable/application.rs index 4903cb2597..7e47f97427 100644 --- a/src/internet_identity/src/storage/storable/application.rs +++ b/src/internet_identity/src/storage/storable/application.rs @@ -4,8 +4,6 @@ use minicbor::{Decode, Encode}; use sha2::{Digest, Sha256}; use std::borrow::Cow; -use crate::state::storage_borrow_mut; - #[derive(Encode, Decode, Clone, Debug, PartialEq)] #[cbor(map)] pub struct StorableApplication { From ab2641bff4057ca09ffc148bc5991eeda2246879 Mon Sep 17 00:00:00 2001 From: Andri Schatz Date: Tue, 10 Jun 2025 16:14:26 +0200 Subject: [PATCH 5/5] remove assert --- src/internet_identity/src/storage.rs | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/internet_identity/src/storage.rs b/src/internet_identity/src/storage.rs index 5b00f4d82e..38cb9fa7ed 100644 --- a/src/internet_identity/src/storage.rs +++ b/src/internet_identity/src/storage.rs @@ -753,9 +753,6 @@ impl Storage { /// Used for migrating from 8-byte to 32-byte origin hash pub fn rebuild_lookup_application_with_origin_memory(&mut self) { - // Check that the memory is empty, otherwise panic - assert_eq!(self.lookup_application_with_origin_memory.len(), 0); - self.stable_application_memory .iter() .for_each(|(app_num, app)| {