Skip to content

fix: remove metadata for unsupported keyrings #5725

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

fix: remove metadata for unsupported keyrings #5725

wants to merge 1 commit into from

Conversation

mikesposito
Copy link
Member

@mikesposito mikesposito commented Apr 29, 2025
edited
Loading

Explanation

When the user vault is decrypted and there is an attempt to restore an unsupported/deprecated/faulty keyring there's no mechanism to remove related metadata, which leads to a situation where no further action can be made on the controller, because checks for keyrings and metadata length will fail.

We can remove the related metadata object when the keyring restore fails.

References

Changelog

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed, highlighting breaking changes as necessary
  • I've prepared draft pull requests for clients and consumer packages to resolve any breaking changes

mikesposito
mikesposito commented Apr 29, 2025
View reviewed changes
packages/keyring-controller/src/KeyringController.ts
Comment on lines +2528 to +2532
if (this.#keyringsMetadata.length > this.#keyrings.length) {
// There was already a metadata entry for the keyring, so
// we need to remove it
this.#keyringsMetadata.splice(this.#keyrings.length, 1);
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The downside of this solution is that if we consider the following scenario:

  • There is some metadata for a keyring
  • The keyring fails to restore, for any reason, and metadata will be removed
  • The keyring is then supported again

The keyring will then have a different ID, compared to what it had initially. Unfortunately, to avoid this, we'd have to store the metadata along with its keyring in the vault directly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Keyring metadata mismatch for unsupported keyrings
1 participant
@mikesposito