Skip to content

Comments

Adding aptos service implementation#340

Open
yashnevatia wants to merge 9 commits intodevelopfrom
aptos-service
Open

Adding aptos service implementation#340
yashnevatia wants to merge 9 commits intodevelopfrom
aptos-service

Conversation

@yashnevatia
Copy link

@yashnevatia yashnevatia commented Feb 16, 2026

No description provided.

@yashnevatia yashnevatia requested a review from a team as a code owner February 16, 2026 16:47
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 16, 2026
View reviewed changes
relayer/aptos_service.go

balance, err := client.AccountAPTBalance(addr)
if err != nil {
s.logger.Warnw("failed to get balance for account, skipping", "account", account, "address", addr.String(), "error", err)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High

Sensitive data returned by an access to authKey
Loading
flows to a logging call.

Copilot Autofix

AI 3 days ago

General approach: Remove or obfuscate the logging of the potentially sensitive authKey-derived address (addr.String()) while preserving existing behavior of the method. We do not need to change how addresses are computed or used, only how they are logged.

Best concrete fix: In relayer/aptos_service.go, within getAccountWithHighestBalance, modify the Warnw call in the error path for client.AccountAPTBalance so that it no longer logs addr.String(). The rest of the message, including the account identifier and the error, can remain as-is to preserve debuggability. Since removing a structured log field is backwards-compatible (callers of this code do not consume logs programmatically), this does not alter functional behavior of the relayer.

Changes needed:

  • File relayer/aptos_service.go:
    • At line 201, update the Warnw invocation to drop the "address", addr.String() key/value pair.
    • No additional imports, methods, or definitions are required.
Suggested changeset 1
relayer/aptos_service.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/relayer/aptos_service.go b/relayer/aptos_service.go
--- a/relayer/aptos_service.go
+++ b/relayer/aptos_service.go
@@ -198,7 +198,7 @@
 
 		balance, err := client.AccountAPTBalance(addr)
 		if err != nil {
-			s.logger.Warnw("failed to get balance for account, skipping", "account", account, "address", addr.String(), "error", err)
+			s.logger.Warnw("failed to get balance for account, skipping", "account", account, "error", err)
 			continue
 		}
 
EOF
@@ -198,7 +198,7 @@

balance, err := client.AccountAPTBalance(addr)
if err != nil {
s.logger.Warnw("failed to get balance for account, skipping", "account", account, "address", addr.String(), "error", err)
s.logger.Warnw("failed to get balance for account, skipping", "account", account, "error", err)
continue
}

Copilot is powered by AI and may make mistakes. Always verify output.
relayer/txm/txm.go

select {
case a.broadcastChan <- transactionID:
ctxLogger.Debugw("Tx enqueued", "fromAddr", fromAddress)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High

Sensitive data returned by an access to authKey
Loading
flows to a logging call.

Copilot Autofix

AI 4 days ago

To fix the problem, we should ensure that the potentially sensitive value (fromAddress) is not logged in clear text. The simplest way to do this without changing functional behavior is to either (1) remove the "fromAddr" field from the log entirely, or (2) log only a non-sensitive, obfuscated form (e.g., a truncated address or a stable hash) that still supports debugging without exposing the full address.

The single best minimally invasive fix here is to remove or anonymize the logged address at the debug line in EnqueueCRE in relayer/txm/txm.go. Since the transaction ID is already part of the contextual logger (GetContexedTxLogger), and the tx object contains the FromAddress stored in memory for later use, logging the full fromAddress is not necessary. We can change:

ctxLogger.Debugw("Tx enqueued", "fromAddr", fromAddress)

either to:

ctxLogger.Debugw("Tx enqueued")

or to an obfuscated form like:

ctxLogger.Debugw("Tx enqueued", "fromAddr_suffix", fromAddress[len(fromAddress)-6:])

if you still want some address context. To stay conservative and avoid even partial leakage, the cleanest fix is to remove the address field entirely.

Concretely:

  • File: relayer/txm/txm.go
  • In EnqueueCRE, modify the Debugw call in the case a.broadcastChan <- transactionID: branch to stop including fromAddress.
  • No new imports or helpers are required for the “remove field” approach.
Suggested changeset 1
relayer/txm/txm.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/relayer/txm/txm.go b/relayer/txm/txm.go
--- a/relayer/txm/txm.go
+++ b/relayer/txm/txm.go
@@ -292,7 +292,7 @@
 
 	select {
 	case a.broadcastChan <- transactionID:
-		ctxLogger.Debugw("Tx enqueued", "fromAddr", fromAddress)
+		ctxLogger.Debugw("Tx enqueued")
 	default:
 		// if the channel is full, we drop the transaction.
 		// we do this instead of setting the tx in `a.transactions` post-broadcast to avoid a race
EOF
@@ -292,7 +292,7 @@

select {
case a.broadcastChan <- transactionID:
ctxLogger.Debugw("Tx enqueued", "fromAddr", fromAddress)
ctxLogger.Debugw("Tx enqueued")
default:
// if the channel is full, we drop the transaction.
// we do this instead of setting the tx in `a.transactions` post-broadcast to avoid a race
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yashnevatia