This PR upgrades a number of libraries as well as nim itself, to address
security issues and crashes that we've worked to solve over the past few
months on the nimbus-eth2 side leading up to its 1.6 migration - they
include changes that are safe to use in both 1.2 and 1.6 without
requiring 1.6, making the code compatible with both versions.
In particular, 1.6 becomes more strict in several ways including
exception handling, style and certain langauge constructs related to
memory safety - as a result, we've cleaned up said libraries and
improved their stability overall, including fixing several crashes.
* nim 1.2.18 - this is the last release in the 1.2 series we produced
together with upstream based on nimbus' needs - between the version
Desktop is using today and v1.2.18, changes are predominantly backports
from newer Nim versions that we asked for while working on stability in
Nimbus itself.
* chronicles - cleanups
* confutils - cleanups
* faststreams - cleanups & crash fixes
* nim-json-serialization - several important crash fixes for json
parsing edge cases
* metrics - cleanups & threading fixes
* secp256k1 - upstream updates (including security fixes)
* serialization - cleanups
* stew - many convenience fixes and updates to common low-level
utilities, such as Result and hex / base64 / etc parsing
* stint - cleanups
* zlib - cleanups
* nimPNG - cleanups
* nimcrypto - cleanups
This is part 1 of library upgrades and focuses on the low-level
libraries - part 2 will upgrade the network stack (chronos, json-rpc,
web3, etc), keeping the two separate so as to limit the potential impact
of this PR.
This commit is the first of implementing community permissions.
**It is not implementing the complete feature**, rather does it
introduce the first pieces, such that we can get code reviewed and
merged before it grows too big.
To review these features, please make sure to
1. Enable wallet (Settings -> Advanced -> Wallet toggle)
2. Enable community permissions (Settings -> Advanced -> Community
Permissions toggle)
You'll have to restart the app after doing so.
The commit introduces the following:
**UI, API calls and view models to CRUD community permissions**
After creating a community, the user can go to the community
settings and create new token permissions. The user can also update
and delete existing permissions.
**Asset and collectible view models**
To create community token permissions, users have to select
the token criteria. This commit introduces the `assetsModel` for ERC20
tokens and `collectiblesModel` for `ERC721` tokens.
The latter only supports custom minted community tokens at this point.
**This commit requires:** https://github.com/status-im/status-go/pull/3207
As of #9596, task-runner is no longer used.
Due to how the build system works, task-runner was providing nim-stew,
nim-bearssl and nim-chronos to the project, even though these are also
top-level dependencies - effectively this means there were multiple
versions of these libraries in the source tree and it is not entirely
intuitive which is actually used - adding to the confusion, the
submodule was pinning different versions.
This PR removes task-runner and resets the other dependencies to the
versions in task-runner thus minimising collateral changes.
A duplicate copy of bearssl is also removed.
This commit resolves a crash happened due to connection to
`SIGNAL_WALLET_ACCOUNT_TOKENS_REBUILT` when keycard sync
flow was run in the background.
Also updated the keycard synchronization process with the current state of
the application and is the first step of many which leads towards completion
of entire syncing feature.
- Bump status-go head that include the required specific changes
- fetch token balance (native or ERC20) and cache historical token quantity data
- fetch FIAT currency
- Extend presentation layer (NIM and QML) to account for API changes
- Remove timed request and other optimizations from the time of fetching
balance history every time instead of querying cache
- Add C++ integration debugging tests and update network chain configuration (outdated)
Closes: #8175
Previously DOtherSide was an external, standalone library with own
submodule for SortFilterProxyModel. After merging DOtherSide directly
to status-desktop it should be treated as a build tool or part of build
configuration. Instead of owning c++ files by itselft, DOtherSide should
refer to all needed c++ sources in order to compile them and build
status-desktop properly.
Removing SortFilterProxyModel submodule from original DOtherSide and
changing config after merge to status-desktop was needed to be done
along with merge itself because otherwise there would be a conflict -
both DOtherSide and status-desktop had the same submodule
(SortFilterProxyModel).
Closes: #9410
this seems to only happen on some linux platform QPAs where the native
file/folder dialog is returning bogus target directory URL; anyways
manipulating the URL using a QRegExp is fragile, better use builtin QUrl
methods for that
Needed for fixing https://github.com/status-im/status-desktop/issues/9307
this was a memleak and fd leak bomb resulting in the app not starting at
all:
```
(nim_status_client:342629): GLib-ERROR **: 11:16:11.873: Creating pipes for GWakeup: Too many open files
/home/jakubgs/bin/StatusIm: line 2: 342627 Trace/breakpoint trap (core dumped) appimage-run
~/Downloads/Status/StatusIm-Desktop-221206-082906-5ee51a.AppImage
```
Hardcoding this is already far from ideal. We should at least use the
same type that's later used in desktop before sending images to
status-go, **before** this gets fixed properly.
The next step will be to detect codecs and use them them dynamically.
LocalAuthentication class - used to authenticate OS' logged user (using Touch Id)
Keychain class - able to store/read/remove item from the Keychain
KeychainManager class - manages the flow of storing/reading/removing an item from
the Keychain using own sync/async methods
This change is required as part of the feature issue-2675
- DockShowAppEvent
- OSThemeEvent
- OSNotification
are now part of our `Status` namespace
Corresponding files are renamed and moved to appropriate Status folder.
This is corresponding dotherside part of the issue 1725.
So far we had kind of a memory leak, cause objects added to the filter were not
deleted ever. When the app is closing, it just removes filters, but doesn't
delete them.
I faced a logical issue, that we were sending qmlengine pointer to the
installEventFilter method, instead object which may or may not rely on the
qqmlengine instance, that is fixed also.
Fixes: #1725
Add an event filter to `qApp` that can detect a dock icon click (in macos) when the main window is hidden or closed.
Co-authored-by: Boris Melnik <82511785+borismelnik@users.noreply.github.com>
Intended to prevent Nim from inopportunely garbage collecting cstrings passed
through signal_handler/dos_signal as they make their way back to the main
thread
Bumps status-go to include the fix for not fetching balance for
overridden tokens
Add documentation on how to run wallet tests locally using ganache
Closes#9091
Due to changes done in https://github.com/status-im/status-go/pull/3133
we had to update procedure for adding migration keypair (which includes
local keystor files deletion for the accounts being migrated) and procedure
for account deletion, cause in order to delete local keystore file for the
acount which is being deleted, we have to provide a password now (states
only for non keycard accounts, keycard accounts use empty password).
This adjust the front-end for the import tool by handling new
properties that have been added to the discord import progress signals.
Namely, the import is now done in chunks, so the progress signal
contains information about how many chunks have been processed.
This needs: https://github.com/status-im/status-go/pull/3134Closes#9262#9261
Because we've switched to `QuotedMessage` as an attached payload to
messages to make message replies data more reliable, we lost some of
the author information in imported messages, that was available prior
to that move.
This commit introduces `quotedMessageAuthorDisplayName` and
`quotedMessageAuthorAvatar` to our model so it can be set in case
we can't retrieve contact details for a given message (which is always
the case for imported messages)
Generating addresses was done on the status-go side, but now since `ExportPublic`
flow from the keycard library supports deriving addresses for list of derivation paths
we're using it in the desktop app for `SetupNewKeycardNewSeedPhrase` flow.
Fixes#8689
This fixes the emoji reaction not showing, BUT also the delete, edits and pins. They were all not showing because the messages were not encrypted, so they didn't fall in the right topic
Fixes#7512
The problem was twofold.
1. We didn't try to fetch the messages when we re-joined, since the cursor was not reseted
2. The messages are not longer in the DB since they get deleted on joining.
I fixed 1. by reseting the cursor on leave and calling fetch on spectate
I fixed 2. in the status-go PR so that we no longer delete the messages when leaving.
This adds support for receiving copied images from the clipboard
and pasting it into the chat input.
After pasting, chat input will recognize the image and render a preview
similar to how it would do it when selecting images via the file dialog.
**Also important to note**:
At the time of this PR, it seems that desktop only supports sending
jpegs to status-go. I'm not sure if this was deliberately done this way
because the protocol says it supports jpg, png, webp and gif.
Because of this, pasting for example pngs will work, however
transparency will be lost (which is also most likely the cause of #8820)
This PR operates on that assumption. So while it adds support for
copy/pasting images, it does not address the lack of file type support.
Closes#3395
We were ignoring the `removedChats` in the messenger response and
therefore never processed deleted community chats in the client.
This commit adds `removedChats` to `handleCommunityUpdates()` and
ensures that the community channel's ID is used when emitting a signal
to the app.
This needs: https://github.com/status-im/status-go/pull/2973Closes#8000
- do not restrict NicknamePopup's regexp to ASCII characters
- a similar thing could be done to the user's DisplayName but currently
that's blocked on status-go side
- uses RXValidator from dotherside
Needs status-im/dotherside/pull/74
Fixes#8115
DB password for a Keycard user is now `publicKey` of encryption derivation.
kdf iterations for keycard users are set to 256000 so it's the same as we have
for regular users.
Fixes: #8066
The underlying API was mistakenly removed in status-go, then
reintroduced, but as `getLatestVerficiationRequestFrom`.
This commit fixes the RPC call.
Needs https://github.com/status-im/status-go/pull/2934
This includes a fix in message signals that would otherwise break Desktop's
signal encoding.
See: https://github.com/status-im/status-desktop/pull/7888
Hence, it reverts the now unnecessary fix introduced in:
Revert "fix(signals_manager): ensure `savedAddresses` event has `JNull` check"
This reverts commit 013e226c66.
Main changes:
- Bump status-go to include the sync saved addresses implementation
- Use saved addresses modifier API from messaging instead of wallet
in order to have incremental sync
- Update saved addresses model on sync changes for saved addresses
Closes#7229
Depends on statug-go favourite flag extension and merging of `favourites`
with `saved_address` tables and API
Additional changes:
- Remove duplicate name instead of ESN
Closes: #6546
New procs added:
- accounts service `createAccountFromMnemonic`
- accounts service `convertToKeycardAccount`
- accounts service `verifyPassword`
- wallet service `fetchBalanceForAddress`
Keycard library from this commit brings new changes in terms of
signals being sent by the lib in case of reader is not plugged in,
card is not inserted, card is inserted, that means the following
signals are sent only when it's really needed:
`"{\"type\":\"keycard.flow-result\",\"event\":{\"error\":\"connection-error\"}}"`
`"{\"type\":\"keycard.action.insert-card\",\"event\":{\"error\":\"connection-error\"}}"`
`"{\"type\":\"keycard.action.card-inserted\",\"event\":{}}"`
Enable preview for gifs after enabling the gif functionality
Disable gif functionality if the preview was disabled
Addition fixes
- The gifs weren't checked if all images weren't enabled
- The subdomain wasn't checked for whitelisting if the main domain wasn't enabled
- Image clicking
- Dismiss asking for unfurling was not updating the state
Considerations
- Looked into having the "gif enabled" - "tenor unfurling" relation
embedded in the controller but it would require extensive refactoring
by implementing a data-model for unfurling whitelisted domains
Closes: #6829
Fixes#6828
When a contact request is accepted, the 1-1 chat is set to active.
That to this, the chat is added to the model and appears on the
chat list.
exit() the app immediately after encountering QML errors on startup
(updates status-desktop's DOtherSide submodule to status-im/dotherside#69)
Closes#7013
This partially covers factory reset flow. The part where user is able to select which accounts
wants to remove/keep from/on a keycard will be added later once we add the keycard settings part
for storing those data to a keycard.
Fixes: #6790
Keycard implementation affected onboarding/login flows.
- new user - first run - new keys into keycard
- new user - first run - import seed phrase into keycard
- old user - first run - login importing from keycard
- login the app using keycard
Fixes: #5972
We no longer send community invites to users, instead we just share the
community and let users request access.
That request will either be automatically or manually accepted by the owner/admin.
Depends on https://github.com/status-im/status-go/pull/2682Closes#5115
Contains minimal account creation and login
Considerations:
- migrated status-go wrapper and login code from the fix/cpp-structure (241eec)
- Minimal refactoring and changes at the moment. Expect further refactoring
follow up to reach the desired state.
- Fix missing keychain initialization
- Fix accounts DB initialization call done by startup -> Controller.openedAccounts -> status-go.OpenAccounts calls
- Small refactoring and todos for other steps
- fix SignalsManager
- fix async access to dereferenced status-go memory from SignalsManager
- fix SignalsManager not starting when registering
- finish dev end to end test for create account and login
- small improvements and added TODOs for future work
- add onboarding test helpers and start messaging test
- Refactoring towards Login UI integration
Closes: #5909Closes: #6028
Considerations
- Use versioned files. Versioned Qt CMake APIs are disabled to force explicit calls and say that we don't support older `QT`s
- Don't use blobbing. Use `target_sources` and `qt_target_qml_sources`
- Distribute `CMake` definitions closer to the context: main folders with their own `CMakeLists.txt`
- Everything in libraries under `Status` namespace for cleaner code.
- Includes are exposed with Module folder externally and without prefix internally
- File/Folders name matches definitions they contain for uniformity that leads to cleaner code
- All source files (cpp, qml, js ...) have to be added to one of the CMakeLists.txt files to be tracked by CMake build system.
- Use BUILD_DEBUG, BUILD_RELEASE and BUILD_DEVELOPMENT variables from Helpers library
- Avoid Include directories. Not needed anymore CMake `target_*` APIs handles this through `INTERFACE`, `PUBLIC` and `PRIVATE` scope identifiers
- `StatusQ` is meant to be compiled as an external library, therefore StatusQ tests are kept inside its own directory
- Forced CMake version to `3.21` for the latest features and fixes. It is desired to be kept as recent as possible due to its backward compatibility. Following Qt's shipped version might be an option
- Depends on status-go changes to allow forcing of arm for apple silicon
Found limitations to CMake Qt API with Qt 6.3
- Having `0` as major version when using `qt_add_qml_module` doesn't work. Qml engine reports loading the `qmldir` but won't load the plugin library and no error is reported outside that exposed types are not found.
- `qt_target_qml_sources` doesn't work now, it generate a double copy error when deploying qml files in bin-directory. For now we stick with adding files using `qt_add_qml_module` central place
- Need to add `OUTPUT_DIRECTORY` to `qt_add_qml_module` to use the workaround
- If `MACOSX_BUNDLE` target property is set breaks importing of QML files. Disabled until fixed or workaround found
- For an unknown reason application executable tries to include the `QML_ELEMENT` include files, therefore for now I include all the C++ qml elements in INTERFACE
Bookmarks were only synced when devices were synced, but not when
bookmarks were added/removed/updated.
To account for this, there's are new messenger APIs in status-go
proposed here: https://github.com/status-im/status-go/pull/2709
Based on those APIs, desktop can now add/remove/update bookmarks and the
changes are automatically synced to other devices in real-time.
This commit also ensures that changes from other devices with regards to
bookmarks are handled and updated on the current device.
Partially addresses #5201
Use new `PrivacyStore` method getPasswordStrengthScore and link it to the new password strength bar value.
Used backend/general to call to `status-go` method and services/general to define the common `GetPasswordStrengthScore` service.
Added onboarding chain to get password strength score information from `OnboardingStore` to `status-go` call.
Closes#5096
- all unused/unnecessary files remove
- `status-lib` references updated due to cleaning on that side
- necessary submodules added (those removed from status lib)
Qt provides support for various input methods through plugins.
Since the fcitx plugin is not delivered with Qt, it needs to be
built and deployed by us.
Fixes: #4436
- Remove unneded mailserver request when joining a channel
- Add extra details to mailserver logs (request id, and num batches)
- Add signal emitted each time a batch is processed
refactor: wallet: connect current account
refactor(@wallet): load collection and connect to store
refactor(@wallet): add boilerplate for accounts creation/generation
refactor(@wallet): watch account
refactor(@wallet): Add account generation
refactor(@wallet): display all accounts
refactor(@wallet): switch account
refactor(@desktop): update current currency
refactor(@desktop/wallet): token action
refactor(@desktop/wallet): Add update account
refactor(@desktop/wallet): filter chat account from wallet
refactor(@desktop/wallet): Update currency attribute
refactor(@desktop/wallet): Fix display of various balances
refactor(@dekstop/wallet): handle current account changed
refactor(@wallet/desktop): add notify event on main section
refactor(@desktop/wallet): Push events from service
refactor(@desktop/wallet): handle all tokens event
refactor(@desktop/wallet): refresh accounts on event
refactor(@wallet/desktop): formatting of currency balances
refactor(@desktop/wallet): load collectible
refactor: refactor wallet transaction history to the new architecture
update status-lib
refactor: add back events for the transaction history
refactor: support multiple accounts in the transaction history
Initial structure for MainModule containing ChatSectionModule and
CommunitySectionModule is added, as well as initial structure for
StartupModule containing OnboardingModule and LoginModule.
Order of execution is updated and adapted to the current app state.
Main module gets loaded once a user is successfully logged in.
Turns out we've been accidentally resetting the channel's `position`
property to `0` by not sending it over to status-lib's underlying
`editCommunityChat` API.
This fixes it by using a newer version of status-lib which supports
the `position` paramter in `editCommunityChat` and then sending that
value along from the edit channel popup.
Fixes#3672
- Display loading indicator on login when mailserver messages are requested
- Fix bug where the mailserver that's selected as soon as you login is disconnected while being still in the process of connecting instead of waiting until 10s have passed to try connecting to a different mailserver
- Use status-go version that fixes an issue fetching mailserver messages when more than 999 messages are being verified if they're in the cache
- Display loading indicator on login when mailserver messages are requested
- Fix bug where the mailserver that's selected as soon as you login is disconnected while being still in the process of connecting instead of waiting until 10s have passed to try connecting to a different mailserver
- Use status-go version that fixes an issue fetching mailserver messages when more than 999 messages are being verified if they're in the cache
fixes#3659
Wallet2 needs its own event otherwise they wallet1/2 mixes
and as not everything is implemented in wallet2, it crashes
In this particular case, the account is added into wallet1 but trigger
an event intercepted by wallet2, wallet2 doesn't have the new account
and crash
Fixes: #3473.
Sometimes when blocking users and changes channels, blocked user messages would still appear.
This PR fixes the issue by toggling a `hide` property on messages from a contact when that contact is blocked or unblocked. Previously, the messages were only removed from the view when the contact was blocked, but when the view was reloaded, that state was not tracked correctly.
In case clicked channel:
- exists in a community -> the app will switch you to it
- doesn't exist in a community, but exists in the public chat list -> the app
will switch to `Chat` section and also to the appropriate channel there
- doesn't exist in a community and doesn't exist in the public chat list -> the app
will switch to `Chat` section and join new channel
Fixes: #3489
This feature works for MacOs only, for now.
On login, whether new or already created user may select between options:
"Store" - store password to the Keychain
"Not now" - don't store it now, but ask next time again
"Never" - don't store them ever and don't ask again
Selected preference may be changed later in:
`ProfileSettings > Privacy and security > Store pass to Keychain`
On the next app run, if `Store` was selected, a user will be asked to confirm
his identity using Touch Id in order to log in the app. If any error happens
he will be able to login using password.
Fixes: #2675
From now on we are able to access local settings (settings and global settings)
on the nim side, not only through the qml.
This change is required as part of the feature issue-2675.