Skip to content

fix: tagging secrets not being scoped by sender#24772

Open
nventuro wants to merge 1 commit into
merge-train/fairies-v5from
nico/f-830-aztec-packages-out-of-scope-senders-app-tagging-secret
Open

fix: tagging secrets not being scoped by sender#24772
nventuro wants to merge 1 commit into
merge-train/fairies-v5from
nico/f-830-aztec-packages-out-of-scope-senders-app-tagging-secret

Conversation

@nventuro

Copy link
Copy Markdown
Contributor

This fixes a scoping bug where an account's ivsk would be used to produce an ECDH shared secret even if that account was not in scope. The base wallet class was adjusted to put these in scope when an explicit sender is selected for tagged messages.

@nventuro
nventuro requested a review from nchamo July 17, 2026 18:11
Comment on lines +130 to +131
additionalScopes: AztecAddress[] = [],
sendMessagesAs?: AztecAddress,

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really think we shouldn't use default values and optional params. I think we should force each caller to make a decision, or we could end up with another bug like the current one

Suggested change
additionalScopes: AztecAddress[] = [],
sendMessagesAs?: AztecAddress,
additionalScopes: AztecAddress[],
sendMessagesAs: AztecAddress | undefined,

});

describe('getAppTaggingSecret', () => {
it('rejects a sender outside the execution scopes', async () => {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should probably add a test that actually doesn't throw when the sender is scoped correctly?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants