Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Harden all endowments #585

Closed
rekmarks opened this issue Jun 23, 2022 · 4 comments
Closed

Harden all endowments #585

rekmarks opened this issue Jun 23, 2022 · 4 comments
Assignees
@david0xd
Labels
Epic type-security Related to enforcing our security model.

Comments

@rekmarks
Copy link
Member

rekmarks commented Jun 23, 2022
edited
Loading

To the greatest extent possible, endowment made available to a snap should be hardened via SES's harden() function. This is to preclude the existence of sandbox escapes by e.g. walking properties to obtain a reference to the root realm globalThis.

This effort is complicated by the existence of endowments that may depend on mutable properties, for example the wallet provider object.

For all of the endowments we pass to snaps, we should:

  1. Attempt to harden the endowment by passing it to harden().
  2. If that doesn't work, ensure that its prototype has been passed to harden(), and take whatever other measures may be necessary to close unsanctioned communications channels with the root realm.
@rekmarks rekmarks added type-security Related to enforcing our security model. type-research A research task. and removed type-research A research task. labels Jun 24, 2022
@Mrtenz Mrtenz self-assigned this Jun 29, 2022
@rekmarks
Copy link
Member Author

Hey team! Please add your planning poker estimate with Zenhub @david0xd @FrederikBolding @GuillaumeRx @hmalik88 @Mrtenz @ritave

@david0xd david0xd self-assigned this Nov 21, 2022
@kenhkan
Copy link

kenhkan commented Nov 21, 2022
edited by rekmarks
Loading

Note from standup: This should be done prior to any external audits. Date to be determined.

@david0xd david0xd mentioned this issue Nov 22, 2022
Closed
@david0xd
Copy link
Contributor

It is found that the Jest test framework does not work with SES. That makes impossible to test code that includes SES functions such as harden({...}). Replacement of the test framework is needed in the snaps-execution-environments package in order to continue work on this task properly.

Research of the potential test framework that can be used with SES is followed up in another ticket here: #1003

@kenhkan kenhkan added Epic and removed Epic labels Nov 23, 2022
@kenhkan
Copy link

kenhkan commented Nov 23, 2022

Additional work in this epic to be defined after initial investigation in https://app.zenhub.com/workspaces/snaps-platform-615b3a7c08d2b20015eb6c4e/issues/metamask/snaps-monorepo/1003

This was referenced Nov 25, 2022
Closed
Closed
@david0xd david0xd mentioned this issue Dec 20, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@david0xd david0xd

Labels
Epic type-security Related to enforcing our security model.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kenhkan @FrederikBolding @Mrtenz @david0xd @rekmarks