From 1f827f00306d147b55eaf9aafef4cb30ebcd7625 Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Mon, 18 Aug 2025 21:00:24 -0400 Subject: [PATCH 01/10] add CI --- .github/workflows/ci.yml | 107 ++++++++++++++++++++++++++ .github/workflows/docs.yml | 137 ++++++++++++++++++++++++++++++++++ .github/workflows/release.yml | 130 ++++++++++++++++++++++++++++++++ README.md | 40 ++++++++++ 4 files changed, 414 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/docs.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..38d837b --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,107 @@ +name: CI + +on: + push: + branches: [ main, develop ] + paths: + - 'lit-rust-sdk/**' + - '.github/workflows/**' + pull_request: + branches: [ main, develop ] + paths: + - 'lit-rust-sdk/**' + - '.github/workflows/**' + +env: + CARGO_TERM_COLOR: always + RUST_BACKTRACE: 1 + +jobs: + test: + name: Test Suite + runs-on: ubuntu-latest + timeout-minutes: 45 + strategy: + matrix: + rust: + - stable + - beta + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Rust + uses: dtolnay/rust-toolchain@master + with: + toolchain: ${{ matrix.rust }} + components: rustfmt, clippy + + - name: Cache cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + lit-rust-sdk/target + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo- + + - name: Check formatting + run: | + cd lit-rust-sdk + cargo fmt --all -- --check + + - name: Run clippy + run: | + cd lit-rust-sdk + cargo clippy --all-targets --all-features -- -D warnings + + - name: Run unit tests + run: | + cd lit-rust-sdk + cargo test --lib + + - name: Run all integration tests + env: + ETHEREUM_PRIVATE_KEY: ${{ secrets.ETHEREUM_PRIVATE_KEY }} + PKP_PUBLIC_KEY: ${{ secrets.PKP_PUBLIC_KEY }} + PKP_TOKEN_ID: ${{ secrets.PKP_TOKEN_ID }} + PKP_ETH_ADDRESS: ${{ secrets.PKP_ETH_ADDRESS }} + ETHEREUM_RPC_URL: ${{ secrets.ETHEREUM_RPC_URL }} + run: | + cd lit-rust-sdk + # Run all tests with single thread to avoid conflicts + cargo test -- --nocapture --test-threads=1 + + security: + name: Security Audit + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + + - name: Install cargo-audit + run: cargo install cargo-audit + + - name: Run security audit + run: | + cd lit-rust-sdk + cargo audit + + - name: Check for cargo-deny + run: | + cd lit-rust-sdk + # Install cargo-deny if not present + cargo install --locked cargo-deny || true + # Run cargo-deny if deny.toml exists + if [ -f "deny.toml" ]; then + cargo deny check + else + echo "No deny.toml found, skipping cargo-deny check" + fi \ No newline at end of file diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml new file mode 100644 index 0000000..cd6a85a --- /dev/null +++ b/.github/workflows/docs.yml @@ -0,0 +1,137 @@ +name: Documentation + +on: + push: + branches: [ main, develop ] + paths: + - 'lit-rust-sdk/src/**' + - 'lit-rust-sdk/Cargo.toml' + - 'README.md' + - 'lit-rust-sdk/README.md' + pull_request: + branches: [ main, develop ] + paths: + - 'lit-rust-sdk/src/**' + - 'lit-rust-sdk/Cargo.toml' + - 'README.md' + - 'lit-rust-sdk/README.md' + +jobs: + docs: + name: Build Documentation + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + + - name: Cache cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + lit-rust-sdk/target + key: ${{ runner.os }}-docs-cargo-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-docs-cargo- + + - name: Check documentation builds + run: | + cd lit-rust-sdk + cargo doc --no-deps --document-private-items + + - name: Check for broken links in docs + run: | + cd lit-rust-sdk + cargo doc --no-deps + # Simple check for common documentation issues + if grep -r "FIXME\|TODO\|XXX" src/ --include="*.rs"; then + echo "Warning: Found TODO/FIXME comments in documentation" + fi + + - name: Validate README examples + run: | + cd lit-rust-sdk + # Check that README examples compile (basic syntax check) + echo "Checking README examples..." + + # Extract rust code blocks from README and check they're valid syntax + grep -A 50 '```rust' README.md | grep -B 50 '```' | sed '/```/d' > temp_example.rs || true + if [ -s temp_example.rs ]; then + echo "Found Rust examples in README, checking syntax..." + # Add basic structure to make it compilable for syntax check + echo "fn main() {" > check_example.rs + cat temp_example.rs >> check_example.rs + echo "}" >> check_example.rs + + # Use rustc to check syntax only + rustc --edition=2021 --crate-type bin -o /dev/null check_example.rs 2>/dev/null || echo "README examples may have syntax issues" + + rm -f temp_example.rs check_example.rs + fi + + - name: Upload documentation + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + uses: actions/upload-artifact@v4 + with: + name: documentation + path: lit-rust-sdk/target/doc + retention-days: 30 + + readme_check: + name: README Validation + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Check README files exist + run: | + echo "Checking README files..." + test -f README.md || (echo "Missing main README.md" && exit 1) + test -f lit-rust-sdk/README.md || (echo "Missing SDK README.md" && exit 1) + echo "✅ README files found" + + - name: Check README content + run: | + echo "Validating README content..." + + # Check main README has key sections + for section in "Features" "Quick Start" "Local Session Signatures" "API Reference"; do + if ! grep -q "## $section\|### $section" README.md; then + echo "❌ Missing '$section' section in main README.md" + exit 1 + fi + done + + # Check SDK README has key sections + for section in "Features" "Quick Start" "Documentation"; do + if ! grep -q "## $section\|### $section" lit-rust-sdk/README.md; then + echo "❌ Missing '$section' section in SDK README.md" + exit 1 + fi + done + + echo "✅ README content validation passed" + + - name: Check for outdated information + run: | + echo "Checking for potentially outdated information..." + + # Check if version numbers look reasonable + if grep -q "lit-rust-sdk.*0\.1\.0" README.md lit-rust-sdk/README.md; then + echo "ℹ️ Version 0.1.0 found - consider updating for releases" + fi + + # Check for placeholder text + if grep -qi "todo\|fixme\|placeholder" README.md lit-rust-sdk/README.md; then + echo "⚠️ Found TODO/FIXME/placeholder text in README files" + grep -n -i "todo\|fixme\|placeholder" README.md lit-rust-sdk/README.md || true + fi + + echo "✅ README validation completed" \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..89e00d7 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,130 @@ +name: Release Tests + +on: + workflow_dispatch: + inputs: + test_network: + description: 'Network to test against' + required: true + default: 'DatilDev' + type: choice + options: + - DatilDev + - DatilTest + - Datil + +env: + CARGO_TERM_COLOR: always + RUST_BACKTRACE: 1 + +jobs: + full_test_suite: + name: Full Test Suite + runs-on: ubuntu-latest + timeout-minutes: 60 + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + + - name: Cache cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + lit-rust-sdk/target + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo- + + - name: Run All Tests + env: + ETHEREUM_PRIVATE_KEY: ${{ secrets.ETHEREUM_PRIVATE_KEY }} + PKP_PUBLIC_KEY: ${{ secrets.PKP_PUBLIC_KEY }} + PKP_TOKEN_ID: ${{ secrets.PKP_TOKEN_ID }} + PKP_ETH_ADDRESS: ${{ secrets.PKP_ETH_ADDRESS }} + ETHEREUM_RPC_URL: ${{ secrets.ETHEREUM_RPC_URL }} + LIT_NETWORK: ${{ github.event.inputs.test_network || 'DatilDev' }} + run: | + cd lit-rust-sdk + echo "Running full test suite against $LIT_NETWORK network" + + # Run all tests with extended timeout + cargo test -- --nocapture --test-threads=1 + + - name: Generate Test Report + if: always() + run: | + cd lit-rust-sdk + echo "## Test Results" > test_report.md + echo "- **Network**: ${{ github.event.inputs.test_network || 'DatilDev' }}" >> test_report.md + echo "- **Date**: $(date)" >> test_report.md + echo "- **Commit**: ${{ github.sha }}" >> test_report.md + echo "- **Status**: ${{ job.status }}" >> test_report.md + + - name: Upload Test Report + if: always() + uses: actions/upload-artifact@v4 + with: + name: test-report-${{ github.run_number }} + path: lit-rust-sdk/test_report.md + retention-days: 30 + + performance_test: + name: Performance Tests + runs-on: ubuntu-latest + needs: full_test_suite + if: success() + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + + - name: Cache cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + lit-rust-sdk/target + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo- + + - name: Run Performance Benchmarks + env: + ETHEREUM_PRIVATE_KEY: ${{ secrets.ETHEREUM_PRIVATE_KEY }} + ETHEREUM_RPC_URL: ${{ secrets.ETHEREUM_RPC_URL }} + run: | + cd lit-rust-sdk + echo "Running performance tests..." + + # Time the local session signature tests + echo "Testing local session signatures performance..." + time cargo test test_local_session_sigs_hello_world -- --nocapture + + # Test connection performance + echo "Testing connection performance..." + time cargo test test_connect_to_lit_network -- --nocapture + + notify_results: + name: Notify Results + runs-on: ubuntu-latest + needs: [full_test_suite, performance_test] + if: always() + + steps: + - name: Create Summary + run: | + echo "## Release Test Summary" >> $GITHUB_STEP_SUMMARY + echo "- **Full Test Suite**: ${{ needs.full_test_suite.result }}" >> $GITHUB_STEP_SUMMARY + echo "- **Performance Tests**: ${{ needs.performance_test.result }}" >> $GITHUB_STEP_SUMMARY + echo "- **Network**: ${{ github.event.inputs.test_network || 'DatilDev' }}" >> $GITHUB_STEP_SUMMARY + echo "- **Trigger**: ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY \ No newline at end of file diff --git a/README.md b/README.md index b4e507a..0b1e785 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,8 @@ # Lit Protocol Rust SDK +[![CI](https://github.com/LIT-Protocol/rust-sdk/actions/workflows/ci.yml/badge.svg)](https://github.com/LIT-Protocol/rust-sdk/actions/workflows/ci.yml) +[![Documentation](https://github.com/LIT-Protocol/rust-sdk/actions/workflows/docs.yml/badge.svg)](https://github.com/LIT-Protocol/rust-sdk/actions/workflows/docs.yml) + A native Rust implementation of the Lit Protocol SDK, providing programmatic access to the Lit Network for distributed key management, conditional access control, and programmable signing. Currently in Beta and only supports Datil, DatilDev, and DatilTest networks. @@ -560,6 +563,30 @@ Common issues and solutions: - **"Invalid signature"**: Verify PKP public key format (should include 0x prefix) - **"Rate limit exceeded"**: Ensure Rate Limit NFT has sufficient capacity +## CI/Development + +The repository includes comprehensive GitHub Actions workflows for testing and validation: + +### CI Pipeline + +- **Basic CI** (`ci.yml`): Runs on every push/PR with formatting, clippy, unit tests, and all integration tests +- **Documentation** (`docs.yml`): Validates README files and builds documentation +- **Release Tests** (`release.yml`): Full test suite that can be run manually for release testing + +### Required GitHub Secrets + +For CI to work properly, the following secrets must be configured in the repository: + +```bash +ETHEREUM_PRIVATE_KEY # Private key for test wallet (should have test ETH) +PKP_PUBLIC_KEY # Existing PKP public key for tests (optional) +PKP_TOKEN_ID # Existing PKP token ID for tests (optional) +PKP_ETH_ADDRESS # Existing PKP Ethereum address for tests (optional) +ETHEREUM_RPC_URL # RPC URL for Ethereum/L2 network interactions +``` + +**Note**: The CI will work with just `ETHEREUM_PRIVATE_KEY` and `ETHEREUM_RPC_URL` for basic tests. PKP-related secrets are only needed for advanced tests. + ## Contributing Contributions are welcome! Please ensure all tests pass before submitting a PR: @@ -570,6 +597,19 @@ cargo fmt cargo clippy ``` +### Running Tests Locally + +```bash +# Run all tests (requires environment variables) +cargo test -- --nocapture + +# Run only local session signature tests (simpler setup) +cargo test local_session_sigs -- --nocapture + +# Run specific test +cargo test test_connect_to_lit_network -- --nocapture +``` + ## License See LICENSE file in the repository root. From 0c83bd7cd5d39f5fa487d0335e578d1f71829620 Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Mon, 18 Aug 2025 21:28:54 -0400 Subject: [PATCH 02/10] fix rust setup --- .github/workflows/ci.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 38d837b..4bef3f0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,20 +21,14 @@ jobs: name: Test Suite runs-on: ubuntu-latest timeout-minutes: 45 - strategy: - matrix: - rust: - - stable - - beta steps: - name: Checkout code uses: actions/checkout@v4 - name: Install Rust - uses: dtolnay/rust-toolchain@master + uses: dtolnay/rust-toolchain@stable with: - toolchain: ${{ matrix.rust }} components: rustfmt, clippy - name: Cache cargo registry From 7b3fcd39de93410dfba90790507a3b8dc96d70ce Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Mon, 18 Aug 2025 22:07:31 -0400 Subject: [PATCH 03/10] lets use stable rust --- lit-rust-sdk/rust-toolchain.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lit-rust-sdk/rust-toolchain.toml b/lit-rust-sdk/rust-toolchain.toml index 366e88f..31578d3 100644 --- a/lit-rust-sdk/rust-toolchain.toml +++ b/lit-rust-sdk/rust-toolchain.toml @@ -1,2 +1,2 @@ [toolchain] -channel = "1.86.0" \ No newline at end of file +channel = "stable" \ No newline at end of file From d8615b2dea30bce3f52da9155b76963d9e15fc67 Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Mon, 18 Aug 2025 22:09:23 -0400 Subject: [PATCH 04/10] cargo fmt --- lit-rust-sdk/src/auth.rs | 25 ++++++--- lit-rust-sdk/src/client/session_sigs.rs | 47 +++++++++------- lit-rust-sdk/tests/execute_js_test.rs | 22 ++++---- lit-rust-sdk/tests/local_session_sigs_test.rs | 55 ++++++++++--------- 4 files changed, 86 insertions(+), 63 deletions(-) diff --git a/lit-rust-sdk/src/auth.rs b/lit-rust-sdk/src/auth.rs index d60884b..129f3f7 100644 --- a/lit-rust-sdk/src/auth.rs +++ b/lit-rust-sdk/src/auth.rs @@ -68,15 +68,18 @@ impl EthWalletProvider { delegatee_addresses: &[String], uses: &str, ) -> Result { + use serde_json::Value; use siwe_recap::Capability; use std::collections::BTreeMap; - use serde_json::Value; - + let address = wallet.address(); // Create the nota bene data for the capability let mut notabene = BTreeMap::new(); - notabene.insert("nft_id".to_string(), Value::from(vec![Value::from(capacity_token_id)])); + notabene.insert( + "nft_id".to_string(), + Value::from(vec![Value::from(capacity_token_id)]), + ); notabene.insert("uses".to_string(), Value::from(uses.to_string())); notabene.insert( "delegate_to".to_string(), @@ -91,7 +94,7 @@ impl EthWalletProvider { addr.to_string() }) }) - .collect::>() + .collect::>(), ), ); @@ -106,7 +109,7 @@ impl EthWalletProvider { let mut capabilities = Capability::::default(); let resource = "Auth/Auth".to_string(); let resource_prefix = format!("lit-ratelimitincrease://{}", capacity_token_id); - + let capabilities = capabilities .with_actions_convert(resource_prefix, [(resource, [notabene])]) .map_err(|e| eyre::eyre!("Failed to create capability: {}", e))?; @@ -121,8 +124,16 @@ impl EthWalletProvider { version: "1".parse().unwrap(), chain_id: 1, nonce: nonce.clone(), - issued_at: issued_at.to_rfc3339_opts(chrono::SecondsFormat::Millis, true).parse().unwrap(), - expiration_time: Some(expiration.to_rfc3339_opts(chrono::SecondsFormat::Millis, true).parse().unwrap()), + issued_at: issued_at + .to_rfc3339_opts(chrono::SecondsFormat::Millis, true) + .parse() + .unwrap(), + expiration_time: Some( + expiration + .to_rfc3339_opts(chrono::SecondsFormat::Millis, true) + .parse() + .unwrap(), + ), not_before: None, request_id: None, resources: vec![], diff --git a/lit-rust-sdk/src/client/session_sigs.rs b/lit-rust-sdk/src/client/session_sigs.rs index 7dc2eef..afd9ad9 100644 --- a/lit-rust-sdk/src/client/session_sigs.rs +++ b/lit-rust-sdk/src/client/session_sigs.rs @@ -34,14 +34,20 @@ impl super::LitNodeClient

{ // Create auth sig with local wallet let auth_sig = self - .create_auth_sig_for_session_sig(wallet, &session_public_key, &resource_ability_requests) + .create_auth_sig_for_session_sig( + wallet, + &session_public_key, + &resource_ability_requests, + ) .await?; info!("Created auth sig for session: {:?}", auth_sig); // Generate session signatures for each node let mut session_sigs = HashMap::new(); let now = chrono::Utc::now(); - let issued_at = now.sub(chrono::Duration::days(1)).to_rfc3339_opts(chrono::SecondsFormat::Millis, true); + let issued_at = now + .sub(chrono::Duration::days(1)) + .to_rfc3339_opts(chrono::SecondsFormat::Millis, true); let capabilities = vec![auth_sig]; @@ -54,13 +60,13 @@ impl super::LitNodeClient

{ expiration: expiration.to_string(), node_address: node_url.to_owned(), }; - + // Serialize to JSON string let message = serde_json::to_string(&session_key_signed_message)?; - + // Sign message with session key let signature = session_keypair.sign(message.as_bytes()); - + let session_sig = SessionSignature { sig: signature.to_string(), derived_via: "litSessionSignViaNacl".to_string(), @@ -68,7 +74,7 @@ impl super::LitNodeClient

{ address: session_public_key.clone(), algo: Some("ed25519".to_string()), }; - + session_sigs.insert(node_url.clone(), session_sig); } @@ -77,7 +83,7 @@ impl super::LitNodeClient

{ "Failed to create session signatures for any node" )); } - + Ok(session_sigs) } @@ -90,13 +96,13 @@ impl super::LitNodeClient

{ use alloy::signers::Signer; use siwe::Message; use siwe_recap::Capability; - + let wallet_address = wallet.address(); - + // Create resource capabilities let mut resources = vec![]; let mut resource_prefixes = vec![]; - + for resource_ability_request in resource_ability_requests.iter() { let (resource, resource_prefix) = ( "*/*".to_string(), @@ -108,20 +114,20 @@ impl super::LitNodeClient

{ resources.push(resource); resource_prefixes.push(resource_prefix); } - + let mut capabilities = Capability::::default(); for (resource, resource_prefix) in resources.iter().zip(resource_prefixes.iter()) { let _ = capabilities .with_actions_convert(resource_prefix.clone(), [(resource.clone(), [])]); } - + // Get latest blockhash for nonce let nonce = self.get_latest_ethereum_blockhash().await?; - + let now = chrono::Utc::now(); let siwe_issued_at = now.sub(chrono::Duration::days(1)); let siwe_expiration_time = now.add(chrono::Duration::days(7)); - + // Build SIWE message with capabilities let siwe_message = capabilities .build_message(Message { @@ -131,7 +137,9 @@ impl super::LitNodeClient

{ "I am creating a session for {}.", session_public_key )), - uri: format!("lit:session:{}", session_public_key).parse().unwrap(), + uri: format!("lit:session:{}", session_public_key) + .parse() + .unwrap(), version: siwe::Version::V1, chain_id: 1, nonce: nonce, @@ -150,14 +158,14 @@ impl super::LitNodeClient

{ resources: vec![], }) .map_err(|e| eyre::eyre!("Could not create SIWE message: {}", e))?; - + let message_str = siwe_message.to_string(); info!("Created SIWE message for auth sig: {}", message_str); - + // Sign the SIWE message with the wallet let signature = wallet.sign_message(&message_str.as_bytes()).await?; let sig_hex = format!("0x{}", hex::encode(signature.as_bytes())); - + Ok(AuthSig { sig: sig_hex, derived_via: "web3.eth.personal.sign".to_string(), @@ -166,5 +174,4 @@ impl super::LitNodeClient

{ algo: None, }) } - -} \ No newline at end of file +} diff --git a/lit-rust-sdk/tests/execute_js_test.rs b/lit-rust-sdk/tests/execute_js_test.rs index 987c062..2a68d0b 100644 --- a/lit-rust-sdk/tests/execute_js_test.rs +++ b/lit-rust-sdk/tests/execute_js_test.rs @@ -1,4 +1,7 @@ -use alloy::{network::EthereumWallet, primitives::U256, providers::ProviderBuilder, signers::local::PrivateKeySigner}; +use alloy::{ + network::EthereumWallet, primitives::U256, providers::ProviderBuilder, + signers::local::PrivateKeySigner, +}; use chrono::{Datelike, Duration as ChronoDuration, TimeZone, Utc}; use lit_rust_sdk::{ auth::{load_wallet_from_env, EthWalletProvider}, @@ -735,7 +738,7 @@ async fn test_execute_js_with_capacity_delegation_datil() { async fn test_execute_js_with_auth_methods() { // This test demonstrates how to pass multiple auth methods to a Lit Action // and access them via Lit.Auth - + // Initialize tracing for debugging let _ = tracing_subscriber::fmt().try_init(); @@ -753,11 +756,11 @@ async fn test_execute_js_with_auth_methods() { // Create 3 additional random wallets println!("🎲 Creating 3 random wallets for auth methods..."); - + let wallet1 = PrivateKeySigner::random(); let wallet2 = PrivateKeySigner::random(); let wallet3 = PrivateKeySigner::random(); - + println!(" 📱 Wallet 1: {}", wallet1.address()); println!(" 📱 Wallet 2: {}", wallet2.address()); println!(" 📱 Wallet 3: {}", wallet3.address()); @@ -823,7 +826,7 @@ async fn test_execute_js_with_auth_methods() { // Create auth methods for the three additional wallets println!("🔄 Creating auth methods for additional wallets..."); - + let auth_method1 = match EthWalletProvider::authenticate(&wallet1, &client).await { Ok(method) => { println!("✅ Created auth method for wallet 1"); @@ -955,12 +958,11 @@ go(); if let Some(response_obj) = response.response.as_object() { if let Some(auth_count) = response_obj.get("authMethodCount") { let count = auth_count.as_u64().unwrap_or(0); - assert_eq!( - count, 3, - "Expected 3 auth methods, got {}", + assert_eq!(count, 3, "Expected 3 auth methods, got {}", count); + println!( + "✅ Confirmed: {} auth methods were accessible in Lit.Auth", count ); - println!("✅ Confirmed: {} auth methods were accessible in Lit.Auth", count); } } @@ -969,7 +971,7 @@ go(); response.logs.contains("Auth Method Context"), "Logs should contain auth method context information" ); - + // Verify each wallet address appears in the logs (check full address with 0x prefix) assert!( response.logs.contains(&wallet1.address().to_string()), diff --git a/lit-rust-sdk/tests/local_session_sigs_test.rs b/lit-rust-sdk/tests/local_session_sigs_test.rs index 3fdf1f7..b2c64a9 100644 --- a/lit-rust-sdk/tests/local_session_sigs_test.rs +++ b/lit-rust-sdk/tests/local_session_sigs_test.rs @@ -1,6 +1,8 @@ use lit_rust_sdk::{ auth::load_wallet_from_env, - types::{ExecuteJsParams, LitAbility, LitResourceAbilityRequest, LitResourceAbilityRequestResource}, + types::{ + ExecuteJsParams, LitAbility, LitResourceAbilityRequest, LitResourceAbilityRequestResource, + }, LitNetwork, LitNodeClient, LitNodeClientConfig, }; use std::time::Duration; @@ -25,8 +27,8 @@ async fn test_local_session_sigs_hello_world() { dotenv::from_path(".env").ok(); // Load wallet from environment - let wallet = load_wallet_from_env() - .expect("Failed to load wallet from ETHEREUM_PRIVATE_KEY env var"); + let wallet = + load_wallet_from_env().expect("Failed to load wallet from ETHEREUM_PRIVATE_KEY env var"); println!("🔑 Using wallet address: {}", wallet.address()); @@ -60,22 +62,21 @@ async fn test_local_session_sigs_hello_world() { let expiration = (chrono::Utc::now() + chrono::Duration::minutes(10)).to_rfc3339(); println!("🔐 Creating local session signatures (no PKP)..."); - + // Generate local session signatures without a PKP let session_sigs = client - .get_local_session_sigs( - &wallet, - resource_ability_requests, - &expiration, - ) + .get_local_session_sigs(&wallet, resource_ability_requests, &expiration) .await .expect("Failed to create local session signatures"); - println!("✅ Created session signatures for {} nodes", session_sigs.len()); + println!( + "✅ Created session signatures for {} nodes", + session_sigs.len() + ); // Execute the Lit Action with local session signatures println!("🚀 Executing Lit Action with local session signatures..."); - + let execute_params = ExecuteJsParams { code: Some(HELLO_WORLD_LIT_ACTION.to_string()), ipfs_id: None, @@ -96,8 +97,11 @@ async fn test_local_session_sigs_hello_world() { // The response should be a string for simple use cases assert!(response.response.is_string()); let message = response.response.as_str().unwrap(); - assert_eq!(message, "This action was executed with local session signatures, no PKP required!"); - + assert_eq!( + message, + "This action was executed with local session signatures, no PKP required!" + ); + println!("✅ Test passed! Successfully executed Lit Action with local session signatures"); } @@ -109,8 +113,8 @@ async fn test_local_session_sigs_with_params() { dotenv::from_path(".env").ok(); // Load wallet from environment - let wallet = load_wallet_from_env() - .expect("Failed to load wallet from ETHEREUM_PRIVATE_KEY env var"); + let wallet = + load_wallet_from_env().expect("Failed to load wallet from ETHEREUM_PRIVATE_KEY env var"); println!("🔑 Using wallet address: {}", wallet.address()); @@ -144,18 +148,17 @@ async fn test_local_session_sigs_with_params() { let expiration = (chrono::Utc::now() + chrono::Duration::minutes(10)).to_rfc3339(); println!("🔐 Creating local session signatures (no PKP)..."); - + // Generate local session signatures without a PKP let session_sigs = client - .get_local_session_sigs( - &wallet, - resource_ability_requests, - &expiration, - ) + .get_local_session_sigs(&wallet, resource_ability_requests, &expiration) .await .expect("Failed to create local session signatures"); - println!("✅ Created session signatures for {} nodes", session_sigs.len()); + println!( + "✅ Created session signatures for {} nodes", + session_sigs.len() + ); // Lit Action that demonstrates local session signature capabilities let lit_action_with_params = r#" @@ -177,9 +180,9 @@ async fn test_local_session_sigs_with_params() { go(); "#; - // Execute the Lit Action + // Execute the Lit Action println!("🚀 Executing Lit Action with local session signatures..."); - + let execute_params = ExecuteJsParams { code: Some(lit_action_with_params.to_string()), ipfs_id: None, @@ -202,6 +205,6 @@ async fn test_local_session_sigs_with_params() { let message = response.response.as_str().unwrap(); assert!(message.contains("Lit Action executed successfully")); assert!(message.contains("94")); // Our computation result: 42 * 2 + 10 = 94 - + println!("✅ Test passed! Successfully executed Lit Action with local session signatures and additional functionality"); -} \ No newline at end of file +} From 1b81e045d6e285a17854d53bdd38c4cdea343797 Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Mon, 18 Aug 2025 23:25:16 -0400 Subject: [PATCH 05/10] clippy --- lit-rust-sdk/src/auth.rs | 12 ++++++------ lit-rust-sdk/src/blockchain/staking.rs | 2 ++ lit-rust-sdk/src/bls.rs | 2 +- lit-rust-sdk/src/client/connect.rs | 2 +- lit-rust-sdk/src/client/execute.rs | 2 +- lit-rust-sdk/src/client/mod.rs | 2 +- lit-rust-sdk/src/client/pkp.rs | 2 +- lit-rust-sdk/src/client/session_sigs.rs | 4 ++-- lit-rust-sdk/tests/execute_js_test.rs | 4 ++-- lit-rust-sdk/tests/pkp_session_sigs_test.rs | 2 +- 10 files changed, 18 insertions(+), 16 deletions(-) diff --git a/lit-rust-sdk/src/auth.rs b/lit-rust-sdk/src/auth.rs index 129f3f7..f93cdc5 100644 --- a/lit-rust-sdk/src/auth.rs +++ b/lit-rust-sdk/src/auth.rs @@ -22,7 +22,7 @@ impl EthWalletProvider { let address = wallet.address(); // Create nonce - let nonce = format!("0x{}", hex::encode(&rand::random::<[u8; 32]>())); + let nonce = format!("0x{}", hex::encode(rand::random::<[u8; 32]>())); // Create SIWE message for authentication let issued_at = chrono::Utc::now().to_rfc3339(); @@ -41,7 +41,7 @@ impl EthWalletProvider { info!("Parsed message: {:?}", parsed_message); // Sign the SIWE message - let signature = wallet.sign_message(&siwe_message.as_bytes()).await?; + let signature = wallet.sign_message(siwe_message.as_bytes()).await?; // Convert signature to hex string let sig_hex = format!("0x{}", hex::encode(signature.as_bytes())); @@ -88,8 +88,8 @@ impl EthWalletProvider { .iter() .map(|addr| { // Remove 0x prefix if present for the delegate_to field - Value::from(if addr.starts_with("0x") { - addr[2..].to_string() + Value::from(if let Some(stripped) = addr.strip_prefix("0x") { + stripped.to_string() } else { addr.to_string() }) @@ -99,7 +99,7 @@ impl EthWalletProvider { ); // Create nonce - use a random hex string - let nonce = format!("{}", hex::encode(&rand::random::<[u8; 16]>())); + let nonce = hex::encode(rand::random::<[u8; 16]>()); // Create SIWE message for capacity delegation let issued_at = chrono::Utc::now(); @@ -144,7 +144,7 @@ impl EthWalletProvider { let message_str = siwe_message.to_string(); // Sign the SIWE message - let signature = wallet.sign_message(&message_str.as_bytes()).await?; + let signature = wallet.sign_message(message_str.as_bytes()).await?; let sig_hex = format!("0x{}", hex::encode(signature.as_bytes())); diff --git a/lit-rust-sdk/src/blockchain/staking.rs b/lit-rust-sdk/src/blockchain/staking.rs index ab54fb0..69b6c80 100644 --- a/lit-rust-sdk/src/blockchain/staking.rs +++ b/lit-rust-sdk/src/blockchain/staking.rs @@ -1,3 +1,5 @@ +#![allow(clippy::too_many_arguments)] + use alloy::sol; sol!(// `all_derives` - derives standard Rust traits. diff --git a/lit-rust-sdk/src/bls.rs b/lit-rust-sdk/src/bls.rs index a0af729..08ce450 100644 --- a/lit-rust-sdk/src/bls.rs +++ b/lit-rust-sdk/src/bls.rs @@ -14,7 +14,7 @@ where T: core::borrow::Borrow, { let shares = signature_shares - .map(|s| s.borrow().signature_share.clone()) + .map(|s| s.borrow().signature_share) .collect::>(); let sig = Signature::from_shares(&shares)?; Ok(sig) diff --git a/lit-rust-sdk/src/client/connect.rs b/lit-rust-sdk/src/client/connect.rs index bc1b8db..9bd9c32 100644 --- a/lit-rust-sdk/src/client/connect.rs +++ b/lit-rust-sdk/src/client/connect.rs @@ -56,7 +56,7 @@ impl super::LitNodeClient

{ async fn handshake_with_nodes(&mut self, urls: &[String]) -> Result<()> { let mut successful_connections = 0; for url in urls { - match self.handshake_with_node(&url).await { + match self.handshake_with_node(url).await { Ok(response) => { info!("Successfully connected to node: {}", url); self.connection_state.insert( diff --git a/lit-rust-sdk/src/client/execute.rs b/lit-rust-sdk/src/client/execute.rs index c0bc889..4a328fb 100644 --- a/lit-rust-sdk/src/client/execute.rs +++ b/lit-rust-sdk/src/client/execute.rs @@ -186,7 +186,7 @@ impl super::LitNodeClient

{ if !response.success { continue; } - for (_key, signed_data) in &response.signed_data { + for signed_data in response.signed_data.values() { let sig_name = signed_data.sig_name.clone(); signatures_by_name .entry(sig_name) diff --git a/lit-rust-sdk/src/client/mod.rs b/lit-rust-sdk/src/client/mod.rs index 4ca8e78..930ee01 100644 --- a/lit-rust-sdk/src/client/mod.rs +++ b/lit-rust-sdk/src/client/mod.rs @@ -37,7 +37,7 @@ impl LitNodeClient { let http_client = Client::builder().timeout(config.connect_timeout).build()?; let rpc_url = config.lit_network.rpc_url(); - let provider = ProviderBuilder::new().connect(&rpc_url).await?; + let provider = ProviderBuilder::new().connect(rpc_url).await?; let staking_address = config.lit_network.staking_contract_address()?; let staking = Staking::new(staking_address, provider.erased()); diff --git a/lit-rust-sdk/src/client/pkp.rs b/lit-rust-sdk/src/client/pkp.rs index a851ce1..37134c3 100644 --- a/lit-rust-sdk/src/client/pkp.rs +++ b/lit-rust-sdk/src/client/pkp.rs @@ -143,7 +143,7 @@ impl super::LitNodeClient

{ uri: session_key_uri.parse().unwrap(), version: siwe::Version::V1, chain_id: 1, - nonce: nonce, + nonce, issued_at: siwe_issued_at .to_rfc3339_opts(chrono::SecondsFormat::Millis, true) .parse() diff --git a/lit-rust-sdk/src/client/session_sigs.rs b/lit-rust-sdk/src/client/session_sigs.rs index afd9ad9..86163c8 100644 --- a/lit-rust-sdk/src/client/session_sigs.rs +++ b/lit-rust-sdk/src/client/session_sigs.rs @@ -142,7 +142,7 @@ impl super::LitNodeClient

{ .unwrap(), version: siwe::Version::V1, chain_id: 1, - nonce: nonce, + nonce, issued_at: siwe_issued_at .to_rfc3339_opts(chrono::SecondsFormat::Millis, true) .parse() @@ -163,7 +163,7 @@ impl super::LitNodeClient

{ info!("Created SIWE message for auth sig: {}", message_str); // Sign the SIWE message with the wallet - let signature = wallet.sign_message(&message_str.as_bytes()).await?; + let signature = wallet.sign_message(message_str.as_bytes()).await?; let sig_hex = format!("0x{}", hex::encode(signature.as_bytes())); Ok(AuthSig { diff --git a/lit-rust-sdk/tests/execute_js_test.rs b/lit-rust-sdk/tests/execute_js_test.rs index 2a68d0b..6850782 100644 --- a/lit-rust-sdk/tests/execute_js_test.rs +++ b/lit-rust-sdk/tests/execute_js_test.rs @@ -163,7 +163,7 @@ async fn test_execute_js_hello_world() { println!("📊 Number of session signatures: {}", session_sigs.len()); // Print session signature keys (node URLs) - for (node_url, _sig) in &session_sigs { + for node_url in session_sigs.keys() { println!(" 📋 Session sig from node: {}", node_url); } @@ -665,7 +665,7 @@ async fn test_execute_js_with_capacity_delegation_datil() { println!("📊 Number of session signatures: {}", session_sigs.len()); // Print session signature keys (node URLs) - for (node_url, _sig) in &session_sigs { + for node_url in session_sigs.keys() { println!(" 📋 Session sig from node: {}", node_url); } diff --git a/lit-rust-sdk/tests/pkp_session_sigs_test.rs b/lit-rust-sdk/tests/pkp_session_sigs_test.rs index a4704c8..d6ab3cd 100644 --- a/lit-rust-sdk/tests/pkp_session_sigs_test.rs +++ b/lit-rust-sdk/tests/pkp_session_sigs_test.rs @@ -98,7 +98,7 @@ async fn test_get_pkp_session_sigs() { println!("Number of session signatures: {}", session_sigs.len()); // Print session signature keys (node URLs) - for (node_url, _sig) in &session_sigs { + for node_url in session_sigs.keys() { println!(" Session sig from node: {}", node_url); } From baf0d7ee259a4f4d9401e11bae685e804fcfcffd Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Tue, 19 Aug 2025 00:22:24 -0400 Subject: [PATCH 06/10] add deny.toml --- lit-rust-sdk/deny.toml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 lit-rust-sdk/deny.toml diff --git a/lit-rust-sdk/deny.toml b/lit-rust-sdk/deny.toml new file mode 100644 index 0000000..b6eac44 --- /dev/null +++ b/lit-rust-sdk/deny.toml @@ -0,0 +1,14 @@ +# Configuration for cargo-deny - security-focused only +# Full license and dependency management can be added later + +[advisories] +# Check for critical security vulnerabilities only +version = 2 +yanked = "allow" # Many transitive deps in web3 are yanked but safe +unmaintained = "all" # Allow all unmaintained crates +ignore = [ + # Allow these specific advisories for now + "RUSTSEC-2021-0141", # dotenv unmaintained but safe + "RUSTSEC-2024-0370", # proc-macro-error unmaintained but safe + "RUSTSEC-2024-0436", # paste unmaintained but safe +] \ No newline at end of file From 5fea0f9a494da89945f89bba80647af0b6d92fce Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Tue, 19 Aug 2025 00:26:43 -0400 Subject: [PATCH 07/10] remove some steps --- .github/workflows/docs.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index cd6a85a..e81b2a9 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -73,14 +73,6 @@ jobs: rm -f temp_example.rs check_example.rs fi - - - name: Upload documentation - if: github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: actions/upload-artifact@v4 - with: - name: documentation - path: lit-rust-sdk/target/doc - retention-days: 30 readme_check: name: README Validation From a0c3fbb5cedc49498d39590877dfbe018e060701 Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Tue, 19 Aug 2025 00:27:29 -0400 Subject: [PATCH 08/10] remove docs.yml --- .github/workflows/docs.yml | 129 ------------------------------------- 1 file changed, 129 deletions(-) delete mode 100644 .github/workflows/docs.yml diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml deleted file mode 100644 index e81b2a9..0000000 --- a/.github/workflows/docs.yml +++ /dev/null @@ -1,129 +0,0 @@ -name: Documentation - -on: - push: - branches: [ main, develop ] - paths: - - 'lit-rust-sdk/src/**' - - 'lit-rust-sdk/Cargo.toml' - - 'README.md' - - 'lit-rust-sdk/README.md' - pull_request: - branches: [ main, develop ] - paths: - - 'lit-rust-sdk/src/**' - - 'lit-rust-sdk/Cargo.toml' - - 'README.md' - - 'lit-rust-sdk/README.md' - -jobs: - docs: - name: Build Documentation - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Install Rust - uses: dtolnay/rust-toolchain@stable - - - name: Cache cargo registry - uses: actions/cache@v4 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - lit-rust-sdk/target - key: ${{ runner.os }}-docs-cargo-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-docs-cargo- - - - name: Check documentation builds - run: | - cd lit-rust-sdk - cargo doc --no-deps --document-private-items - - - name: Check for broken links in docs - run: | - cd lit-rust-sdk - cargo doc --no-deps - # Simple check for common documentation issues - if grep -r "FIXME\|TODO\|XXX" src/ --include="*.rs"; then - echo "Warning: Found TODO/FIXME comments in documentation" - fi - - - name: Validate README examples - run: | - cd lit-rust-sdk - # Check that README examples compile (basic syntax check) - echo "Checking README examples..." - - # Extract rust code blocks from README and check they're valid syntax - grep -A 50 '```rust' README.md | grep -B 50 '```' | sed '/```/d' > temp_example.rs || true - if [ -s temp_example.rs ]; then - echo "Found Rust examples in README, checking syntax..." - # Add basic structure to make it compilable for syntax check - echo "fn main() {" > check_example.rs - cat temp_example.rs >> check_example.rs - echo "}" >> check_example.rs - - # Use rustc to check syntax only - rustc --edition=2021 --crate-type bin -o /dev/null check_example.rs 2>/dev/null || echo "README examples may have syntax issues" - - rm -f temp_example.rs check_example.rs - fi - - readme_check: - name: README Validation - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Check README files exist - run: | - echo "Checking README files..." - test -f README.md || (echo "Missing main README.md" && exit 1) - test -f lit-rust-sdk/README.md || (echo "Missing SDK README.md" && exit 1) - echo "✅ README files found" - - - name: Check README content - run: | - echo "Validating README content..." - - # Check main README has key sections - for section in "Features" "Quick Start" "Local Session Signatures" "API Reference"; do - if ! grep -q "## $section\|### $section" README.md; then - echo "❌ Missing '$section' section in main README.md" - exit 1 - fi - done - - # Check SDK README has key sections - for section in "Features" "Quick Start" "Documentation"; do - if ! grep -q "## $section\|### $section" lit-rust-sdk/README.md; then - echo "❌ Missing '$section' section in SDK README.md" - exit 1 - fi - done - - echo "✅ README content validation passed" - - - name: Check for outdated information - run: | - echo "Checking for potentially outdated information..." - - # Check if version numbers look reasonable - if grep -q "lit-rust-sdk.*0\.1\.0" README.md lit-rust-sdk/README.md; then - echo "ℹ️ Version 0.1.0 found - consider updating for releases" - fi - - # Check for placeholder text - if grep -qi "todo\|fixme\|placeholder" README.md lit-rust-sdk/README.md; then - echo "⚠️ Found TODO/FIXME/placeholder text in README files" - grep -n -i "todo\|fixme\|placeholder" README.md lit-rust-sdk/README.md || true - fi - - echo "✅ README validation completed" \ No newline at end of file From fcabf3225fc2142f8861cb35505b5b77b7453e3f Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Tue, 19 Aug 2025 00:28:04 -0400 Subject: [PATCH 09/10] remove release.yml --- .github/workflows/release.yml | 130 ---------------------------------- 1 file changed, 130 deletions(-) delete mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 89e00d7..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,130 +0,0 @@ -name: Release Tests - -on: - workflow_dispatch: - inputs: - test_network: - description: 'Network to test against' - required: true - default: 'DatilDev' - type: choice - options: - - DatilDev - - DatilTest - - Datil - -env: - CARGO_TERM_COLOR: always - RUST_BACKTRACE: 1 - -jobs: - full_test_suite: - name: Full Test Suite - runs-on: ubuntu-latest - timeout-minutes: 60 - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Install Rust - uses: dtolnay/rust-toolchain@stable - - - name: Cache cargo registry - uses: actions/cache@v4 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - lit-rust-sdk/target - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo- - - - name: Run All Tests - env: - ETHEREUM_PRIVATE_KEY: ${{ secrets.ETHEREUM_PRIVATE_KEY }} - PKP_PUBLIC_KEY: ${{ secrets.PKP_PUBLIC_KEY }} - PKP_TOKEN_ID: ${{ secrets.PKP_TOKEN_ID }} - PKP_ETH_ADDRESS: ${{ secrets.PKP_ETH_ADDRESS }} - ETHEREUM_RPC_URL: ${{ secrets.ETHEREUM_RPC_URL }} - LIT_NETWORK: ${{ github.event.inputs.test_network || 'DatilDev' }} - run: | - cd lit-rust-sdk - echo "Running full test suite against $LIT_NETWORK network" - - # Run all tests with extended timeout - cargo test -- --nocapture --test-threads=1 - - - name: Generate Test Report - if: always() - run: | - cd lit-rust-sdk - echo "## Test Results" > test_report.md - echo "- **Network**: ${{ github.event.inputs.test_network || 'DatilDev' }}" >> test_report.md - echo "- **Date**: $(date)" >> test_report.md - echo "- **Commit**: ${{ github.sha }}" >> test_report.md - echo "- **Status**: ${{ job.status }}" >> test_report.md - - - name: Upload Test Report - if: always() - uses: actions/upload-artifact@v4 - with: - name: test-report-${{ github.run_number }} - path: lit-rust-sdk/test_report.md - retention-days: 30 - - performance_test: - name: Performance Tests - runs-on: ubuntu-latest - needs: full_test_suite - if: success() - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Install Rust - uses: dtolnay/rust-toolchain@stable - - - name: Cache cargo registry - uses: actions/cache@v4 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - lit-rust-sdk/target - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo- - - - name: Run Performance Benchmarks - env: - ETHEREUM_PRIVATE_KEY: ${{ secrets.ETHEREUM_PRIVATE_KEY }} - ETHEREUM_RPC_URL: ${{ secrets.ETHEREUM_RPC_URL }} - run: | - cd lit-rust-sdk - echo "Running performance tests..." - - # Time the local session signature tests - echo "Testing local session signatures performance..." - time cargo test test_local_session_sigs_hello_world -- --nocapture - - # Test connection performance - echo "Testing connection performance..." - time cargo test test_connect_to_lit_network -- --nocapture - - notify_results: - name: Notify Results - runs-on: ubuntu-latest - needs: [full_test_suite, performance_test] - if: always() - - steps: - - name: Create Summary - run: | - echo "## Release Test Summary" >> $GITHUB_STEP_SUMMARY - echo "- **Full Test Suite**: ${{ needs.full_test_suite.result }}" >> $GITHUB_STEP_SUMMARY - echo "- **Performance Tests**: ${{ needs.performance_test.result }}" >> $GITHUB_STEP_SUMMARY - echo "- **Network**: ${{ github.event.inputs.test_network || 'DatilDev' }}" >> $GITHUB_STEP_SUMMARY - echo "- **Trigger**: ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY \ No newline at end of file From 2f1d2df8dedd45fa2d9d9e578efb68cfca54568d Mon Sep 17 00:00:00 2001 From: Chris Cassano Date: Tue, 19 Aug 2025 00:58:45 -0400 Subject: [PATCH 10/10] update security ci check --- .github/workflows/ci.yml | 4 ++-- lit-rust-sdk/deny.toml | 13 ++++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4bef3f0..3b77885 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -93,9 +93,9 @@ jobs: cd lit-rust-sdk # Install cargo-deny if not present cargo install --locked cargo-deny || true - # Run cargo-deny if deny.toml exists + # Run cargo-deny if deny.toml exists (skip license checking) if [ -f "deny.toml" ]; then - cargo deny check + cargo deny check advisories bans sources else echo "No deny.toml found, skipping cargo-deny check" fi \ No newline at end of file diff --git a/lit-rust-sdk/deny.toml b/lit-rust-sdk/deny.toml index b6eac44..0bd491c 100644 --- a/lit-rust-sdk/deny.toml +++ b/lit-rust-sdk/deny.toml @@ -1,5 +1,4 @@ -# Configuration for cargo-deny - security-focused only -# Full license and dependency management can be added later +# Configuration for cargo-deny - security-focused with permissive license checking [advisories] # Check for critical security vulnerabilities only @@ -11,4 +10,12 @@ ignore = [ "RUSTSEC-2021-0141", # dotenv unmaintained but safe "RUSTSEC-2024-0370", # proc-macro-error unmaintained but safe "RUSTSEC-2024-0436", # paste unmaintained but safe -] \ No newline at end of file +] + +# Skip license checking entirely - focus only on security +# [licenses] + +[bans] +# Warn about multiple versions but don't fail +multiple-versions = "warn" +wildcards = "allow" \ No newline at end of file