Skip to content

feat(context): introduce GroupRequest and ContextGroupId types for group management #2043

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
rtb-12 wants to merge 127 commits into
base: master
Choose a base branch
from
Open

feat(context): introduce GroupRequest and ContextGroupId types for group management #2043

Show file tree
Hide file tree
Changes from 120 commits
Commits
Show all changes
127 commits
Select commit Hold shift + click to select a range
c4a74ea
feat(context): introduce GroupRequest and ContextGroupId types for gr…
rtb-12 Feb 18, 2026
9fed2b3
feat(context): add ApproveContextRegistration action and update Unreg…
rtb-12 Feb 19, 2026
073b252
Merge branch 'master' into feat/context-management-proposal
rtb-12 Feb 19, 2026
5a3aa4e
feat(context): add UpgradePolicy and GroupMemberRole enums for contex…
rtb-12 Feb 20, 2026
787e4cd
feat(key): introduce Group-related key components and structures for …
rtb-12 Feb 20, 2026
35dc878
feat(key): add ContextGroupRef and GroupUpgradeKey structures for enh…
rtb-12 Feb 20, 2026
261b77c
feat(group): implement serialization for UpgradePolicy and add GroupM…
rtb-12 Feb 20, 2026
53ac74d
feat(group): add CreateGroupRequest and DeleteGroupRequest structures…
rtb-12 Feb 20, 2026
cc28965
feat(group): add structures for managing group members and retrieving…
rtb-12 Feb 20, 2026
a11cc45
feat(group): enhance context management by adding group_id to CreateC…
rtb-12 Feb 22, 2026
ee32493
feat(group): implement group store functionality with helpers for man…
rtb-12 Feb 22, 2026
a8269ef
feat(group): implement group management handlers for creating, deleti…
rtb-12 Feb 22, 2026
2781dd3
feat(group): add group management API handlers for creating, deleting…
rtb-12 Feb 22, 2026
d704238
feat(group): implement group admin count and validation for member re…
rtb-12 Feb 22, 2026
f8b5908
feat(group): add ListGroupContextsRequest and implement handler for l…
rtb-12 Feb 23, 2026
5ed088c
feat(group): improve error handling in group member addition and add …
rtb-12 Feb 23, 2026
cd1c7dc
feat(group): add upgrade message types and ContextClient methods
rtb-12 Feb 23, 2026
9c7a209
feat(group): implement handlers for group upgrade operations
rtb-12 Feb 23, 2026
83004c1
feat(group): add API endpoints and handlers for group upgrade operations
rtb-12 Feb 23, 2026
2a926f3
feat(group): enhance group upgrade management with lazy upgrade suppo…
rtb-12 Feb 24, 2026
8bbb685
feat(group): add group invitation and joining functionality
rtb-12 Feb 25, 2026
ddb8423
fix(group): fix off-by-one in propagate_upgrade completed counter
rtb-12 Feb 25, 2026
57c9221
fix(group): data integrity and safety invariant fixes (Phase 2)
rtb-12 Feb 25, 2026
b7d24e1
perf(group): storage efficiency improvements (Phase 3)
rtb-12 Feb 25, 2026
40a34ae
refactor(group): clean up code formatting for improved readability
rtb-12 Feb 25, 2026
781c1ff
refactor(group): remove store type leakage from context primitives (P…
rtb-12 Feb 25, 2026
36404bd
perf(group): add count_group_members and inline upgrade key scan
rtb-12 Feb 25, 2026
2e6e71b
fix(store): move group keys to dedicated Column::Group to prevent Siz…
rtb-12 Feb 25, 2026
6dc04c5
fix(store): skip SizeMismatch keys in typed iterators and add group_s…
rtb-12 Feb 25, 2026
badaf5c
fix(group): address bugbot review round 2
rtb-12 Feb 25, 2026
e6253ba
fix(group): prevent concurrent upgrades, fix stale totals, and dedupl…
rtb-12 Feb 25, 2026
c671613
fix(group): use admin identity for lazy upgrade signing
rtb-12 Feb 25, 2026
c7b5f5a
fix(group): skip canary/propagator for LazyOnAccess upgrade policy
rtb-12 Feb 25, 2026
384367b
docs(group): document hardcoded zero revision fields in upgrade tracking
rtb-12 Feb 25, 2026
71e5f43
fix(group): replace hardcoded revision fields with semver version str…
rtb-12 Feb 26, 2026
a669c61
fix(group): persist reset status to store before spawning retry propa…
rtb-12 Feb 26, 2026
c52f3b3
fix(context): skip LazyOnAccess groups in crash recovery and sync upg…
rtb-12 Feb 26, 2026
92e3261
fix(context): use local context identity for group upgrades; dedup ad…
rtb-12 Feb 26, 2026
b70531d
fix(group): save Completed status for LazyOnAccess upgrades to unbloc…
rtb-12 Feb 26, 2026
0fa675b
fix(group): prevent completed counter from exceeding total when canar…
rtb-12 Feb 26, 2026
e5643bf
fix(group): fix retry loop off-by-one and prevent concurrent propagators
rtb-12 Feb 26, 2026
f87bbea
feat(context): enhance CreateContextRequest with group_id and identit…
rtb-12 Mar 4, 2026
13c1126
feat(context-config): add group mutate builder methods to SDK
rtb-12 Mar 4, 2026
6fd4407
feat(context-config): add group query request types and SDK methods
rtb-12 Mar 4, 2026
446740c
feat(context): add ExternalGroupClient for on-chain group operations
rtb-12 Mar 4, 2026
29bff4f
feat(context): add signing_key to group message types and admin API
rtb-12 Mar 4, 2026
1889796
feat(context): wire group handlers through on-chain contract
rtb-12 Mar 4, 2026
14b0708
fix(context): resolve compilation errors in group wiring
rtb-12 Mar 4, 2026
55b505c
style(context): apply cargo fmt formatting
rtb-12 Mar 4, 2026
0a93f8d
feat(context): add 5 missing group/context API endpoints
rtb-12 Mar 4, 2026
f69394f
fix(server): accept hex strings for group_id and identity_secret in C…
rtb-12 Mar 4, 2026
cbd2c7d
feat(groups): store signing keys on node instead of requiring key tra…
rtb-12 Mar 4, 2026
a4cee5b
Merge branch 'master' into feat/context-management-proposal
rtb-12 Mar 4, 2026
af82536
feat(groups): add cross-node group sync and related gaps
rtb-12 Mar 4, 2026
6845238
feat(meroctl): add group subcommand hierarchy
rtb-12 Mar 4, 2026
d7c7d8f
feat(groups): add P2P gossip notifications for group mutations
rtb-12 Mar 4, 2026
89a5cec
fix(groups): fix group list/join/sync bugs and add --group-id to cont…
rtb-12 Mar 4, 2026
a8ef7c7
Merge branch 'master' into feat/context-management-proposal
rtb-12 Mar 5, 2026
375d35d
fix(groups): enforce admin permission on group context deletion and f…
rtb-12 Mar 5, 2026
0d97589
feat(groups): implement commit/reveal invitation flow for group joining
rtb-12 Mar 5, 2026
f0b129b
feat(groups): add group state propagation and join-context-via-group
rtb-12 Mar 5, 2026
bac3f1f
feat(groups): decouple group identity from NEAR signer key
rtb-12 Mar 5, 2026
b429d75
feat(groups): auto-resolve requester identity and fix join-group-context
rtb-12 Mar 5, 2026
3a03672
fix(groups): sync context configs after member removals
rtb-12 Mar 6, 2026
aad2273
fix(groups): propagate lazy upgrades to peer nodes
rtb-12 Mar 6, 2026
cb19ab4
fix(groups): announce target app blob on DHT during upgrade
rtb-12 Mar 6, 2026
f821603
refactor: clean up code formatting and improve readability
rtb-12 Mar 9, 2026
dcb4192
feat(context): add group permission types and external client methods
rtb-12 Mar 9, 2026
060b2bb
feat(store,context): add local storage keys and sync for group permis…
rtb-12 Mar 9, 2026
d2d66ba
feat(server,context): add HTTP API endpoints for group permissions
rtb-12 Mar 9, 2026
3768dda
feat(meroctl): add CLI commands for group permissions management
rtb-12 Mar 9, 2026
db06adc
test(context): add unit tests for group permission store operations
rtb-12 Mar 9, 2026
159b70e
Merge branch 'master' into feat/context-management-proposal
rtb-12 Mar 9, 2026
7aed757
fix(groups): fix auto-sync gaps, blob fetch timeout, and data orphaning
rtb-12 Mar 9, 2026
1a33042
fix(groups,server,auth): fix 6 HIGH/MEDIUM bugs from PR #2043 bot review
rtb-12 Mar 9, 2026
294b403
feat(groups,cli): surface server errors and add group diagnostic comm…
rtb-12 Mar 10, 2026
c7babef
fix(merod): pass keypair instead of IdentityConfig to fetch_storage_key
rtb-12 Mar 10, 2026
839f8c2
refactor(groups): update GroupUpgradeStatus to use Option<u64> for co…
rtb-12 Mar 10, 2026
d7555ff
feat(groups): implement per-context migration tracking
rtb-12 Mar 10, 2026
b69fb22
fix(groups,context): fix stale migration on re-sync and silent identi…
rtb-12 Mar 11, 2026
7f32fdb
fix(context-config): replace UB Vec transmute with safe ptr::from_ref…
rtb-12 Mar 11, 2026
aa720f0
feat(node): add group topic subscribe/unsubscribe and rework broadcas…
rtb-12 Mar 11, 2026
79d086f
feat(node): subscribe to all group topics on startup
rtb-12 Mar 11, 2026
37c6975
feat(groups): subscribe/unsubscribe on group lifecycle events
rtb-12 Mar 11, 2026
3fc2165
refactor(groups): remove context enumeration from all mutation handlers
rtb-12 Mar 11, 2026
8f2a126
fix(context-config): remove unnecessary line in ContextConfigMutate i…
rtb-12 Mar 11, 2026
89fa042
fix(groups): sync group state when peer subscribes to group topic
rtb-12 Mar 11, 2026
f1396d9
fix(groups): broadcast ContextAttached when context is registered in …
rtb-12 Mar 11, 2026
1dcb00d
fix(groups): broadcast ContextDetached when context is deleted from g…
rtb-12 Mar 11, 2026
8fe6e15
refactor(groups): replace opaque Base58 GroupInvitationPayload with S…
rtb-12 Mar 11, 2026
0510256
Merge branch 'master' into feat/context-management-proposal
rtb-12 Mar 13, 2026
e583faa
feat(groups): add context ID parsing functionality
rtb-12 Mar 13, 2026
317cfbb
fix(context): add membership verification to group read handlers
rtb-12 Mar 13, 2026
9263ff8
feat(groups): add context alias support for group contexts
rtb-12 Mar 15, 2026
0814e2d
fix(groups): re-broadcast context aliases on peer subscription
rtb-12 Mar 16, 2026
f4e7f7b
fix(groups): re-broadcast local-only state on peer subscription
rtb-12 Mar 16, 2026
c5c129e
feat(store): add GroupMemberAlias key type (prefix 0x2D)
rtb-12 Mar 16, 2026
6ffcbcf
feat(context): add member alias store helpers (set/get/enumerate)
rtb-12 Mar 16, 2026
6d90322
feat(node-primitives): add MemberAliasSet GroupMutationKind variant (…
rtb-12 Mar 16, 2026
db9ae5f
feat(context-primitives): add alias to GroupMemberEntry; add SetMembe…
rtb-12 Mar 16, 2026
e7c8201
feat(context-primitives): add SetMemberAlias/StoreMemberAlias Context…
rtb-12 Mar 16, 2026
6e64680
feat(context-primitives): add set_member_alias/store_member_alias Con…
rtb-12 Mar 16, 2026
b89cd59
feat(context): add set_member_alias and store_member_alias handlers
rtb-12 Mar 16, 2026
3c9d30b
feat(context): wire alias handlers; include alias in list_group_membe…
rtb-12 Mar 16, 2026
5e0e559
feat(context): re-broadcast member aliases on peer subscription
rtb-12 Mar 16, 2026
710d012
feat(node): handle MemberAliasSet gossip in network_event.rs
rtb-12 Mar 16, 2026
f99c63d
feat(server-primitives): add alias to GroupMemberApiEntry; add SetMem…
rtb-12 Mar 16, 2026
e509f0f
feat(server): add PUT /groups/:group_id/members/:identity/alias endpoint
rtb-12 Mar 16, 2026
a3c42ea
style: apply cargo fmt to member alias implementation
rtb-12 Mar 16, 2026
df1c30e
feat(groups): add human-friendly group aliases
rtb-12 Mar 16, 2026
d90d289
Merge branch 'master' into feat/context-management-proposal
rtb-12 Mar 17, 2026
05033b9
fix(meroctl): fill new alias fields in group create/join CLI commands
rtb-12 Mar 17, 2026
9b40075
fix(groups): broadcast registered contexts to newly joined nodes
rtb-12 Mar 17, 2026
14f50e8
chore: remove accidentally committed CLAUDE.md and plan files
rtb-12 Mar 17, 2026
59980d4
chore: remove accidentally committed docs and proposal files
rtb-12 Mar 17, 2026
de21a28
chore: remove accidentally committed IMPL-context-groups.md
rtb-12 Mar 17, 2026
6dc4b02
fix(groups): sync group state from contract after join to show pre-ex…
rtb-12 Mar 17, 2026
76829bd
fix(merod): access keypair field on IdentityConfig in kms probe command
rtb-12 Mar 17, 2026
e5fc75b
fix(context): address PR #2043 review comments
rtb-12 Mar 17, 2026
de457cc
refactor(context): streamline function signatures and clean up whites…
rtb-12 Mar 17, 2026
af83204
test(client): add wiremock unit tests for 28 group API methods
rtb-12 Mar 17, 2026
fc6adc2
refactor(context): add From/to_bytes to SignerId, simplify borsh roun…
rtb-12 Mar 17, 2026
525d22d
refactor(repr): add slice_from_inner helper with compile-time layout …
rtb-12 Mar 17, 2026
231bc27
refactor(client): move group API methods into client/group.rs sub-module
rtb-12 Mar 17, 2026
125f298
fix(context): guard auto-store signing key to node identity only
rtb-12 Mar 17, 2026
7d3a2c3
fix(review): address PR #2043 bugbot comments
rtb-12 Mar 17, 2026
b73d448
feat(docs): add Context Group Management documentation
rtb-12 Mar 18, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 8 additions & 0 deletions crates/auth/src/auth/service.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,14 @@ impl AuthService {
self.token_manager.verify_token_from_headers(headers).await
}

/// Return the `public_key` field stored for `key_id`, if any.
Copy link

@meroreviewer meroreviewer bot Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 New public key lookup should be audited for information disclosure

The new get_key_public_key method exposes public keys by key_id; while public keys are generally safe to disclose, ensure this endpoint cannot be used to enumerate valid key_ids.

Suggested fix:

Consider rate-limiting or requiring authentication for this lookup if key_id enumeration is a concern.

Copy link

@meroreviewer meroreviewer bot Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Public key lookup by key_id should verify caller authorization

The new get_key_public_key method returns the public key for any key_id; if this endpoint is accessible without proper authorization checks, it could allow enumeration of valid key identities.

Suggested fix:

Ensure this method is only called from authenticated contexts where the caller has permission to query key information.

Copy link

@meroreviewer meroreviewer bot Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Public key lookup should document authorization model

The new get_key_public_key method returns the public key for any key_id; while used for injecting authenticated identity, callers must ensure the key_id was validated via JWT verification first to prevent identity spoofing.

Suggested fix:

Add a doc comment explicitly stating that callers must only call this after successful JWT verification of the key_id.

Copy link

@meroreviewer meroreviewer bot Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Public key lookup by key_id could enable enumeration

The new get_key_public_key method allows looking up public keys by key_id; ensure this is only called after authentication to prevent attackers from enumerating valid key IDs.

Suggested fix:

Verify that all code paths calling this method occur after successful authentication, and consider rate limiting lookups.

///
/// Used by the server auth guard to inject the authenticated identity into
/// request extensions so handlers can use it as the effective requester.
pub async fn get_key_public_key(&self, key_id: &str) -> Result<Option<String>, AuthError> {
self.token_manager.get_public_key_for_key_id(key_id).await
}

/// Authenticate a token request
///
/// This method authenticates the user using the provided token request
Expand Down
13 changes: 13 additions & 0 deletions crates/auth/src/auth/token/jwt.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -419,6 +419,19 @@ impl TokenManager {
Ok(())
}

/// Return the `public_key` field stored for a given `key_id`, if any.
pub async fn get_public_key_for_key_id(
&self,
key_id: &str,
) -> Result<Option<String>, AuthError> {
let key = self
.key_manager
.get_key(key_id)
.await
.map_err(|e| AuthError::StorageError(e.to_string()))?;
Ok(key.and_then(|k| k.public_key))
}

/// Refresh a token pair using a refresh token
///
/// This method verifies the refresh token and generates new tokens based on the key type.
Expand Down
Loading
Loading