shutter-service: update golangci-lint version and added ignore for eon key conversion as max is already not allowed

Author: blockchainluffy

rolling-shutter/Makefile

@@ -91,7 +91,7 @@ install-oapi-codegen: ${GOPATH}/bin/oapi-codegen
 
 # non code generation tools
 install-golangci-lint:
-	${GO} install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.2
+	${GO} install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.62.2
 
 install-gofumpt:
 	${GO} install mvdan.cc/gofumpt@latest

rolling-shutter/keyperimpl/shutterservice/handlers.go

@@ -39,7 +39,8 @@ func (h *DecryptionKeySharesHandler) ValidateMessage(ctx context.Context, msg p2
 	}
 
 	obsKeyperDB := obskeyperdatabase.New(h.dbpool)
-	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(keyShares.Eon))
+
+	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(keyShares.Eon)) //nolint:gosec // disable G115
 	if err != nil {
 		return pubsub.ValidationReject, errors.Wrapf(err,
 			"failed to get keyper set from database for keyper set index %d",
@@ -90,19 +91,21 @@ func (h *DecryptionKeySharesHandler) HandleMessage(ctx context.Context, msg p2pm
 
 	identitiesHash := computeIdentitiesHashFromShares(keyShares.Shares)
 	err := serviceDB.InsertDecryptionSignature(ctx, database.InsertDecryptionSignatureParams{
-		Eon:            int64(keyShares.Eon),
-		KeyperIndex:    int64(keyShares.KeyperIndex),
+		Eon:            int64(keyShares.Eon),         //nolint:gosec // disable G115
+		KeyperIndex:    int64(keyShares.KeyperIndex), //nolint:gosec // disable G115
 		IdentitiesHash: identitiesHash,
 		Signature:      extra.Signature,
 	})
 	if err != nil {
 		return []p2pmsg.Message{}, errors.Wrap(err, "failed to insert vote")
 	}
 
-	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(keyShares.Eon))
+	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(keyShares.Eon)) //nolint:gosec // disable G115
 	if err != nil {
 		return []p2pmsg.Message{}, errors.Wrapf(err, "failed to get keyper set from database for index %d", keyShares.Eon)
 	}
+
+	//nolint:gosec // disable G115
 	signatures, err := serviceDB.GetDecryptionSignatures(ctx, database.GetDecryptionSignaturesParams{
 		Eon:            int64(keyShares.Eon),
 		IdentitiesHash: identitiesHash,
@@ -117,6 +120,7 @@ func (h *DecryptionKeySharesHandler) HandleMessage(ctx context.Context, msg p2pm
 		keys := []*p2pmsg.Key{}
 		for _, share := range keyShares.GetShares() {
 			decryptionKeyDB, err := keyperCoreDB.GetDecryptionKey(ctx, corekeyperdatabase.GetDecryptionKeyParams{
+				//nolint:gosec // disable G115
 				Eon:     int64(keyShares.Eon),
 				EpochID: share.IdentityPreimage,
 			})
@@ -132,6 +136,7 @@ func (h *DecryptionKeySharesHandler) HandleMessage(ctx context.Context, msg p2pm
 		signerIndices := []uint64{}
 		signaturesCum := [][]byte{}
 		for _, signature := range signatures {
+			//nolint:gosec // disable G115
 			signerIndices = append(signerIndices, uint64(signature.KeyperIndex))
 			signaturesCum = append(signaturesCum, signature.Signature)
 		}
@@ -170,6 +175,7 @@ func validateSignerIndices(extra *p2pmsg.ShutterServiceDecryptionKeysExtra, n in
 				return pubsub.ValidationReject, errors.New("signer indices not ordered")
 			}
 		}
+		//nolint:gosec // disable G115
 		if signerIndex >= uint64(n) {
 			return pubsub.ValidationReject, errors.New("signer index out of range")
 		}
@@ -182,6 +188,7 @@ func ValidateDecryptionKeysSignatures(
 	extra *p2pmsg.ShutterServiceDecryptionKeysExtra,
 	keyperSet *obskeyperdatabase.KeyperSet,
 ) (pubsub.ValidationResult, error) {
+	//nolint:gosec // disable G115
 	if int32(len(extra.SignerIndices)) != keyperSet.Threshold {
 		return pubsub.ValidationReject, errors.Errorf("expected %d signers, got %d", keyperSet.Threshold, len(extra.SignerIndices))
 	}
@@ -230,6 +237,7 @@ func (h *DecryptionKeysHandler) ValidateMessage(ctx context.Context, msg p2pmsg.
 	}
 
 	obsKeyperDB := obskeyperdatabase.New(h.dbpool)
+	//nolint:gosec // disable G115
 	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(keys.Eon))
 	if err != nil {
 		return pubsub.ValidationReject, errors.Wrapf(err, "failed to get keyper set from database for eon %d", keys.Eon)
@@ -256,8 +264,9 @@ func (h *DecryptionKeysHandler) HandleMessage(ctx context.Context, msg p2pmsg.Me
 	identitiesHash := computeIdentitiesHash(identityPreimages)
 	for i, keyperIndex := range extra.SignerIndices {
 		err := serviceDB.InsertDecryptionSignature(ctx, database.InsertDecryptionSignatureParams{
+			//nolint:gosec // disable G115
 			Eon:            int64(keys.Eon),
-			KeyperIndex:    int64(keyperIndex),
+			KeyperIndex:    int64(keyperIndex), //nolint:gosec // disable G115
 			IdentitiesHash: identitiesHash,
 			Signature:      extra.Signature[i],
 		})

rolling-shutter/keyperimpl/shutterservice/handlers_test.go

@@ -91,6 +91,7 @@ func TestHandleDecryptionKeySharesThresholdNotReached(t *testing.T) {
 	assert.Equal(t, len(msgs), 0)
 }
 
+//nolint:funlen
 func TestHandleDecryptionKeySharesThresholdReached(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping integration test")
@@ -393,7 +394,7 @@ func TestInValidateDecryptionKey(t *testing.T) {
 func intTo32ByteArray(num int) []byte {
 	b := make([]byte, 32)
 	tempBuffer := make([]byte, 8)
-	binary.BigEndian.PutUint64(tempBuffer, uint64(num))
+	binary.BigEndian.PutUint64(tempBuffer, uint64(num)) //nolint:gosec // disable G115
 	copy(b[24:], tempBuffer)
 	return b
 }

rolling-shutter/keyperimpl/shutterservice/messagingmiddleware.go

@@ -105,7 +105,7 @@ func (i *MessagingMiddleware) interceptDecryptionKeyShares(
 ) (p2pmsg.Message, error) {
 	queries := database.New(i.dbpool)
 
-	currentDecryptionTrigger, err := queries.GetCurrentDecryptionTrigger(ctx, int64(originalMsg.Eon))
+	currentDecryptionTrigger, err := queries.GetCurrentDecryptionTrigger(ctx, int64(originalMsg.Eon)) //nolint:gosec // disable G115
 	if err == pgx.ErrNoRows {
 		log.Warn().
 			Uint64("eon", originalMsg.Eon).
@@ -114,6 +114,7 @@ func (i *MessagingMiddleware) interceptDecryptionKeyShares(
 	} else if err != nil {
 		return nil, errors.Wrapf(err, "failed to get current decryption trigger for eon %d", originalMsg.Eon)
 	}
+	//nolint:gosec // disable G115
 	if originalMsg.Eon != uint64(currentDecryptionTrigger.Eon) {
 		log.Warn().
 			Uint64("eon-got", originalMsg.Eon).
@@ -151,8 +152,8 @@ func (i *MessagingMiddleware) interceptDecryptionKeyShares(
 	}
 
 	err = queries.InsertDecryptionSignature(ctx, database.InsertDecryptionSignatureParams{
-		Eon:            int64(originalMsg.Eon),
-		KeyperIndex:    int64(originalMsg.KeyperIndex),
+		Eon:            int64(originalMsg.Eon),         //nolint:gosec // disable G115
+		KeyperIndex:    int64(originalMsg.KeyperIndex), //nolint:gosec // disable G115
 		IdentitiesHash: identitiesHash,
 		Signature:      signature,
 	})
@@ -183,7 +184,7 @@ func (i *MessagingMiddleware) interceptDecryptionKeys(
 
 	serviceDB := database.New(i.dbpool)
 	obsKeyperDB := obskeyperdatabase.New(i.dbpool)
-	trigger, err := serviceDB.GetCurrentDecryptionTrigger(ctx, int64(originalMsg.Eon))
+	trigger, err := serviceDB.GetCurrentDecryptionTrigger(ctx, int64(originalMsg.Eon)) //nolint:gosec // disable G115
 	if err == pgx.ErrNoRows {
 		log.Warn().
 			Uint64("eon", originalMsg.Eon).
@@ -194,13 +195,13 @@ func (i *MessagingMiddleware) interceptDecryptionKeys(
 		return nil, errors.Wrapf(err, "failed to get current decryption trigger for eon %d", originalMsg.Eon)
 	}
 
-	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(originalMsg.Eon))
+	keyperSet, err := obsKeyperDB.GetKeyperSetByKeyperConfigIndex(ctx, int64(originalMsg.Eon)) //nolint:gosec // disable G115
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to get keyper set from database for eon %d", originalMsg.Eon)
 	}
 
 	signatures, err := serviceDB.GetDecryptionSignatures(ctx, database.GetDecryptionSignaturesParams{
-		Eon:            int64(originalMsg.Eon),
+		Eon:            int64(originalMsg.Eon), //nolint:gosec // disable G115
 		IdentitiesHash: trigger.IdentitiesHash,
 		Limit:          keyperSet.Threshold,
 	})
@@ -222,6 +223,7 @@ func (i *MessagingMiddleware) interceptDecryptionKeys(
 	signerIndices := []uint64{}
 	signaturesCum := [][]byte{}
 	for _, signature := range signatures {
+		//nolint:gosec // disable G115
 		signerIndices = append(signerIndices, uint64(signature.KeyperIndex))
 		signaturesCum = append(signaturesCum, signature.Signature)
 	}
@@ -252,7 +254,7 @@ func updateEventFlag(ctx context.Context, serviceDB *database.Queries, keys *p2p
 	column1 := make([]int64, 0)
 	column2 := make([][]byte, 0)
 	for _, key := range keys.Keys {
-		column1 = append(column1, int64(keys.Eon))
+		column1 = append(column1, int64(keys.Eon)) //nolint:gosec // disable G115
 		column2 = append(column2, key.IdentityPreimage)
 	}
 

rolling-shutter/keyperimpl/shutterservice/newblock.go

@@ -38,7 +38,7 @@ func (kpr *Keyper) maybeTriggerDecryption(ctx context.Context, block *syncevent.
 
 	lastTriggeredTime := 0
 	if kpr.latestTriggeredTime != nil {
-		lastTriggeredTime = int(*kpr.latestTriggeredTime)
+		lastTriggeredTime = int(*kpr.latestTriggeredTime) //nolint:gosec // disable G115
 	}
 	kpr.latestTriggeredTime = &block.Header.Time
 
@@ -50,7 +50,7 @@ func (kpr *Keyper) maybeTriggerDecryption(ctx context.Context, block *syncevent.
 	nonTriggeredEvents, err := serviceDB.GetNotDecryptedIdentityRegisteredEvents(ctx,
 		servicedatabase.GetNotDecryptedIdentityRegisteredEventsParams{
 			Timestamp:   int64(lastTriggeredTime),
-			Timestamp_2: int64(block.Header.Time),
+			Timestamp_2: int64(block.Header.Time), //nolint:gosec // disable G115
 		})
 	if err != nil && err != pgx.ErrNoRows {
 		// pgx.ErrNoRows is expected if we're not part of the keyper set (which is checked later).
@@ -88,7 +88,7 @@ func (kpr *Keyper) shouldTriggerDecryption(
 		return false
 	}
 
-	if event.Timestamp >= int64(triggeredBlock.Header.Time) {
+	if event.Timestamp >= int64(triggeredBlock.Header.Time) { //nolint:gosec // disable G115
 		return false
 	}
 
@@ -154,13 +154,13 @@ func (kpr *Keyper) triggerDecryption(ctx context.Context,
 
 		trigger := epochkghandler.DecryptionTrigger{
 			// sending last block available for that eon as the key shares will be generated based on the eon associated with this block number
-			BlockNumber:       uint64(lastEonBlock[eon]),
+			BlockNumber:       uint64(lastEonBlock[eon]), //nolint:gosec // disable G115
 			IdentityPreimages: sortedIdentityPreimages,
 		}
 
 		event := broker.NewEvent(&trigger)
 		log.Debug().
-			Uint64("block-number", uint64(lastEonBlock[eon])).
+			Uint64("block-number", uint64(lastEonBlock[eon])). //nolint:gosec // disable G115
 			Int("num-identities", len(trigger.IdentityPreimages)).
 			Msg("sending decryption trigger")
 		kpr.decryptionTriggerChannel <- event

rolling-shutter/keyperimpl/shutterservice/newblock_test.go

@@ -69,6 +69,7 @@ func TestProcessBlockSuccess(t *testing.T) {
 	keyperConfigIndex := uint64(1)
 
 	err := coreKeyperDB.InsertEon(ctx, corekeyperdatabase.InsertEonParams{
+		//nolint:gosec // disable G115
 		Eon:                   int64(config.GetEon()),
 		Height:                0,
 		ActivationBlockNumber: int64(activationBlockNumber),
@@ -77,10 +78,11 @@ func TestProcessBlockSuccess(t *testing.T) {
 	assert.NilError(t, err)
 
 	_, err = serviceDB.InsertIdentityRegisteredEvent(ctx, servicedatabase.InsertIdentityRegisteredEventParams{
-		BlockNumber:    int64(activationBlockNumber + 1),
-		BlockHash:      blockHash,
-		TxIndex:        1,
-		LogIndex:       1,
+		BlockNumber: int64(activationBlockNumber + 1),
+		BlockHash:   blockHash,
+		TxIndex:     1,
+		LogIndex:    1,
+		//nolint:gosec // disable G115
 		Eon:            int64(config.GetEon()),
 		IdentityPrefix: identityPrefix,
 		Sender:         sender.Hex(),
@@ -103,6 +105,7 @@ func TestProcessBlockSuccess(t *testing.T) {
 			case <-ctx.Done():
 				return
 			case ev := <-decryptionTriggerChannel:
+				//nolint:gosec // disable G115
 				assert.Equal(t, ev.Value.BlockNumber, uint64(activationBlockNumber+1))
 				assert.DeepEqual(t, ev.Value.IdentityPreimages, []identitypreimage.IdentityPreimage{identity})
 			}
@@ -115,7 +118,7 @@ func TestProcessBlockSuccess(t *testing.T) {
 		},
 		BlockHash: common.Hash(blockHash),
 		Header: &types.Header{
-			Time:   uint64(blockTimestamp),
+			Time:   uint64(blockTimestamp), //nolint:gosec // disable G115
 			Number: big.NewInt(int64(blockNumber)),
 		},
 	})
@@ -176,7 +179,7 @@ func TestShouldTriggerDecryption(t *testing.T) {
 				Int: big.NewInt(int64(blockNumber)),
 			},
 			Header: &types.Header{
-				Time:   uint64(blockTimestamp),
+				Time:   uint64(blockTimestamp), //nolint:gosec // disable G115
 				Number: big.NewInt(int64(blockNumber)),
 			},
 		},
@@ -238,6 +241,7 @@ func TestShouldNotTriggerDecryption(t *testing.T) {
 				Int: big.NewInt(int64(blockNumber)),
 			},
 			Header: &types.Header{
+				//nolint:gosec // disable G115
 				Time:   uint64(blockTimestamp),
 				Number: big.NewInt(int64(blockNumber)),
 			},

rolling-shutter/keyperimpl/shutterservice/newkeyperset.go

@@ -50,7 +50,7 @@ func (kpr *Keyper) processNewKeyperSet(ctx context.Context, ev *syncevent.Keyper
 			KeyperConfigIndex:     keyperConfigIndex,
 			ActivationBlockNumber: activationBlockNumber,
 			Keypers:               shdb.EncodeAddresses(ev.Members),
-			Threshold:             int32(threshold),
+			Threshold:             int32(threshold), //nolint:gosec // disable G115
 		})
 	})
 }

rolling-shutter/keyperimpl/shutterservice/registrysyncer.go

@@ -131,7 +131,7 @@ func (s *RegistrySyncer) Sync(ctx context.Context, header *types.Header) error {
 	if err == pgx.ErrNoRows {
 		start = s.SyncStartBlockNumber
 	} else {
-		start = uint64(syncedUntil.BlockNumber + 1)
+		start = uint64(syncedUntil.BlockNumber + 1) //nolint:gosec // disable G115
 	}
 	endBlock := header.Number.Uint64()
 	log.Debug().
@@ -169,7 +169,7 @@ func (s *RegistrySyncer) syncRange(
 			return err
 		}
 		return database.New(tx).SetIdentityRegisteredEventSyncedUntil(ctx, database.SetIdentityRegisteredEventSyncedUntilParams{
-			BlockNumber: int64(end),
+			BlockNumber: int64(end), //nolint:gosec // disable G115
 			BlockHash:   header.Hash().Bytes(),
 		})
 	})
@@ -239,15 +239,17 @@ func (s *RegistrySyncer) insertIdentityRegisteredEvents(
 	for _, event := range events {
 		identity := computeIdentity(event)
 		_, err := queries.InsertIdentityRegisteredEvent(ctx, database.InsertIdentityRegisteredEventParams{
+			//nolint:gosec // disable G115
 			BlockNumber:    int64(event.Raw.BlockNumber),
 			BlockHash:      event.Raw.BlockHash[:],
-			TxIndex:        int64(event.Raw.TxIndex),
-			LogIndex:       int64(event.Raw.Index),
-			Eon:            int64(event.Eon),
+			TxIndex:        int64(event.Raw.TxIndex), //nolint:gosec // disable G115
+			LogIndex:       int64(event.Raw.Index),   //nolint:gosec // disable G115
+			Eon:            int64(event.Eon),         //nolint:gosec // disable G115
 			IdentityPrefix: event.IdentityPrefix[:],
 			Sender:         shdb.EncodeAddress(event.Sender),
-			Timestamp:      int64(event.Timestamp),
-			Identity:       identity,
+			//nolint:gosec // disable G115
+			Timestamp: int64(event.Timestamp),
+			Identity:  identity,
 		})
 		if err != nil {
 			return errors.Wrap(err, "failed to insert identity registered event into db")

rolling-shutter/keyperimpl/shutterservice/registrysyncer_test.go

@@ -28,10 +28,11 @@ func TestFilterIdentityRegisteredEvents(t *testing.T) {
 		_, sender, err := generateRandomAccount()
 		assert.NilError(t, err)
 		events[i] = &registryBindings.ShutterregistryIdentityRegistered{
+			//nolint:gosec // disable G115
 			Eon:            uint64(i),
 			IdentityPrefix: [32]byte(identityPrefix),
 			Sender:         sender,
-			Timestamp:      uint64(time.Now().Unix()),
+			Timestamp:      uint64(time.Now().Unix()), //nolint:gosec // disable G115
 		}
 	}
 
@@ -54,10 +55,10 @@ func TestInsertIdentityRegisteredEvents(t *testing.T) {
 		_, sender, err := generateRandomAccount()
 		assert.NilError(t, err)
 		events[i] = &registryBindings.ShutterregistryIdentityRegistered{
-			Eon:            uint64(i),
+			Eon:            uint64(i), //nolint:gosec // disable G115
 			IdentityPrefix: [32]byte(identityPrefix),
 			Sender:         sender,
-			Timestamp:      uint64(time.Now().Unix()),
+			Timestamp:      uint64(time.Now().Unix()), //nolint:gosec // disable G115
 		}
 	}