Feature/core enhancements#17
Open
digitsu wants to merge 11 commits into
Open
Conversation
… with Enum.zip/1 `use Bitwise` has been deprecated since Elixir 1.14 in favour of `import Bitwise`. `List.zip/1` is deprecated in favour of `Enum.zip/2` since Elixir 1.12.
Application.get_env/3 at module attribute time is a compile-time read and triggers a warning in Elixir 1.14+. compile_env/3 is the correct replacement.
Credo and mix format prefer `raise(Module, msg)` over `raise Module, msg` in pipeline/guard-adjacent positions for clarity.
Security fixes for BSV.Message ECIES encryption: - Use :crypto.hash_equals/2 for MAC verification to prevent timing side-channel attacks (was using pattern match equality). - Fix PKCS7 padding to always add a padding block (per spec, even when message is block-aligned). Previous implementation skipped padding for aligned messages, which is incorrect per PKCS#7. - Validate all padding bytes during unpadding, not just the last byte. Malformed padding now falls through gracefully instead of silently truncating data.
Handle arbitrary reason values without crashing the error formatter. Binary reasons are returned as-is; other terms are inspected.
Pattern match on %BSV.Address{} and %BSV.KeyPair{} structs explicitly
to provide clear error messages when incorrect types are passed.
Per BIP-32 spec: - Reject derived private keys that are zero or >= curve order - Reject derived public keys at the point at infinity These cases are astronomically unlikely but the spec requires handling them.
BSV requires all signatures to include the FORKID flag. Reject signatures missing this flag early rather than computing the sighash and failing later.
- OP_SPLIT: validate index is within range before splitting - OP_DIV/OP_MOD: explicit division-by-zero error instead of crash - OP_CHECKSIG: rescue malformed pubkey/signature errors gracefully - true?/1: handle negative zero correctly for arbitrary-length binaries (was only handling single-byte 0x80, but Bitcoin script negative zero can be any length with all-zero body and 0x80 MSB)
Prevents memory abuse from oversized script numbers. Default limit is 750KB (BSV post-Genesis has no consensus limit, but we need a practical bound). Callers can pass a custom max_size.
- PrivKey: document BEAM memory model limitation (keys can't be zeroed) - MerkleProof: document CVE-2017-12842 leaf/internal node ambiguity
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Deprecation Fixes (2 commits)
Security Fixes (4 commits)
Robustness (3 commits)
zero handling