feat: add metadata hash checks #924
Conversation
ntn-x2
requested review from
rflechtner and
Dudleyneedham
and removed request for
rflechtner
We introduce a new feature for peregrine and spiritnet runtimes, which adds the metadata hash signed extension, for wallets that need it. The Gitlab build pipeline has also been updated to include the new feature only when building the production WASMs. ## How to test Change any integration tests in the SDK based on this PR (KILTprotocol/sdk-js#924), and verify the metadata is verified (e.g., by enabling logs via a Chopsticks deployment).
|
@rflechtner I am not understanding what I am doing wrong. I have inconsistent results running |
|
Check your node version. Also, check what version of Yarn you are running compared to the package.json |
ntn-x2
force-pushed
the
aa/metadata-hash
branch
from
da3f47e to
d4144a3
Compare
|
@rflechtner after changing the dependency type from peer dependency back to regular dependency, everything seems to be building ok and tests seem to pass (minor what was already broken on develop). I would then ask you to provide your feedback, or if you think the dependency should be a peer dependency, to try to fix it yourself as I honestly have no clue. |
Peer dependencies have no effect besides issuing warnings in the CLI, so my guess the dependency was not actually being installed. I'm fine with leaving it as a regular dependency, given that it's from an entirely different stack of dependencies than the |
|
@rflechtner gotcha 👌 As for the library, unfortunately pjs itself does not offer the feature. The available options are the ones listed in this Polkadot Forum. Even the Polkadot Apps code relies on the |
|
Anyway, in order to test this, we first must fix an issue with our build pipeline that is failing to push new Docker images on DockerHub (just found out). @ggera is on it. Once that's resolved, I will try to push an empty commit to re-trigger the tests, and see if everything works fine. This should also fix the broken pipeline currently on |
I see! https://www.npmjs.com/package/merkleized-metadata seems lighter on additional dependencies, but choose whichever you think gets the job done. |
You can also just hit the 'Re-run jobs' button on the actions status page (https://github.com/KILTprotocol/sdk-js/actions/runs/12633893068?pr=924) |
|
@rflechtner The only concern with this package it doesn't seem maintained. I offered this yesterday but I think we should find another package if possible that is maintained or stick with Papi. |
|
I think re-running the same job does not pull the latest version of a Docker image, does it? I think I tried this once, but sure I will try first to re-run the job once the new images are available. |
+1 on this. I think we should stick with papi. |
ntn-x2
force-pushed
the
aa/metadata-hash
branch
from
9e976e3 to
6d7961e
Compare
|
@rflechtner resetting to |
|
After spending a lot of time on this and not understanding why tests would pass when using Chopsticks but not when using the standalone-node binary, I came across this notice that says that the metadata check extension does not work with native runtimes. At the moment, we still use the |
|
@rflechtner the CI is still broken due to missing runtime API decorations, but you can verify the changes work by running the new |
Co-authored-by: Raphael Flechtner <39338561+rflechtner@users.noreply.github.com>
Not a breaking change, users can opt in based on the new feature PR introduced in KILTprotocol/kilt-node#835. I did not write any tests yet, but I have modified some and run them against a local instance with the new feature, and everything works flawlessly.
Checklist
yarn.lockissuelatest-developDocker image issuelatest-developimage for metadata hash checks