Merge latest updates to Dendrite
Of note, this no longer builds the Dendrite polylith server, which we
never planned to use anyway
I want to make sure I didn't break the clientapi/routing/routing.go
redaction events, our code differs from Dendrite in that call path.
---------
Signed-off-by: Brian Meek <brian@hntlabs.com>
Co-authored-by: Tak Wai Wong <64229756+tak-hntlabs@users.noreply.github.com>
This PR does a couple of things:
1. Adds a flag on `spaceFactory` to check if the `createSpace` function
is gated by a token address
2. Adds a flag on `spaceFactory` to pause the protocol when making
changes like updating the implementations or enabling the token gating
checks; if the protocol is paused, it will also prevent creating new
spaces.
---------
Co-authored-by: Tak Wai Wong <64229756+tak-hntlabs@users.noreply.github.com>
- implement redact authorization check on dendrite
- lower power levels for redaction on client because the permission is
enforced on the server
- added tests to verify that a user can redact his / her own messages,
but not others; moderators with the Redact permission can redact
messages of other people
smart contract now returns the permissions as strings so that the client
doesn't have to parse bytes into strings. Fix spaceShim
to handle the different behaviors between localhost and goerli because contract changes are not yet deployed to goerli.
Impact: High
Likelihood: Low
According to the discussion with the team, it is expected that in Space
contracts, only one Role can have the Permissions.Owner permission.
Currently, multiple Roles can be created containing this permission.
This is caused by Space.sol’s createRole() function allowing the
OpenZeppelin owner to create new owner-permissioned roles without limit.
Remediations to consider:
Do not allow multiple roles to be created with the ownership permission.
This could be done with something like: if Space.sol’s ownerRoleId is
set, do not allow new roles to be created with the Permissions.Owner
permission.
Fixes HNT-703 as well
Removing the OpenZeppelin ownership logic, and, checking directly for
the ownership of the Space’s SpaceOwner NFT. The SpaceFactory could be
the owner during the bootstrapping phase, and afterwards, could transfer
the NFT to the proper owner. Doing a direct check like
_spaceOwner().ownerOf(tokenId) == _msgSender() would be safe because
that’s what the owner entitlement is going to check eventually.
---------
Co-authored-by: Kerem Kazan <kerem.kazan@gmail.com>
this pr computes dendrite docker version from the commit hash, instead
of bumping versions. the previous setup caused issues and conflicts when
branch protection is enabled. this way we can seamlessly keep pushing to
main and it will keep getting built and published
Overloaded isEntitled func in ISpace.sol and Space.sol caused the generated client types to turn into string names. Renaming one of them to isEntitledToChannel.
