feat: prove basic + sigv4 live end-to-end (publish 0.5.4 + twilio/aws examples)#3
Conversation
The basic/sigv4 auth schemes were built and unit-tested but never published — the live enclave still ran the old bearer-only wasm. Bump CONTRACT_VERSION 0.5.3 -> 0.5.4 (and Cargo to match) and publish the current contract so the enclave can compute Twilio HTTP Basic and AWS SigV4 for real. Published live as contract_id=461; bearer regression (GitHub, Stripe, Gemini) still 200. Note: publishing a new contract resets the secrets-map read ACL (readers: only:[id]), so grantContractReads must be re-run for the new id.
With contract 0.5.4 published (basic/sigv4-capable), demonstrate both flagship
schemes against the live enclave — no external accounts required:
- HTTP Basic (Twilio scheme): seal a known password, agent sends nothing, the
enclave builds base64(user:secret) and httpbin.org/basic-auth validates it →
200 {"authenticated": true}. examples/twilio/.
- AWS SigV4: with AWS's example key, real S3 returns 403 InvalidAccessKeyId —
AWS PARSED our signature and reached credential lookup (not a malformed-
signature error), on top of the byte-exact unit vectors. examples/aws/.
Docs: integration-stack.md records both live proofs + the publish/secrets-ACL
gotcha. examples index updated.
| [package] | ||
| name = "blindfold-proxy" | ||
| version = "0.5.1" | ||
| version = "0.5.4" |
There was a problem hiding this comment.
💡 Quality: Contract version left inconsistent across docs/scripts
This PR advances the published contract to 0.5.4 (bumping CONTRACT_VERSION and contract/Cargo.toml, which jumped 0.5.1 → 0.5.4). However several docs and scripts still hardcode older versions: README.md and explain.md reference 0.5.3, and usage.md, current_status.md, scripts/test-v5-release.ts and scripts/grant-and-call.ts reference 0.5.1. Since the PR explicitly documents a publish gotcha (new contract id resets the secrets-map read ACL, requiring grantContractReads(newId)), stale version strings in the operational scripts (scripts/grant-and-call.ts, scripts/test-v5-release.ts) are the most likely to mislead an operator into targeting the wrong contract id. Consider having these scripts derive the version from CONTRACT_VERSION rather than hardcoding it, and update the docs to 0.5.4. This is non-blocking for the examples/demos themselves, which correctly use the shared client and type definitions.
Derive the version from the single source of truth instead of hardcoding it, so scripts stay in sync with future bumps.:
// scripts/grant-and-call.ts / test-v5-release.ts
import { CONTRACT_VERSION } from "../packages/blindfold/src/constants.ts";
// ...use CONTRACT_VERSION instead of the hardcoded "0.5.1" string
- Apply fix
Check the box to apply the fix or reply for a change | Was this helpful? React with 👍 / 👎
Code Review 👍 Approved with suggestions 0 resolved / 1 findingsPublishes contract version 0.5.4 to enable live HTTP Basic and AWS SigV4 support with accompanying end-to-end examples. Ensure consistent version numbering across all documentation and scripts to resolve the minor inconsistency finding. 💡 Quality: Contract version left inconsistent across docs/scripts📄 contract/Cargo.toml:3 📄 packages/blindfold/src/constants.ts:18 This PR advances the published contract to 0.5.4 (bumping Derive the version from the single source of truth instead of hardcoding it, so scripts stay in sync with future bumps.🤖 Prompt for agentsOptionsAuto-apply is off → Gitar will not commit updates to this branch. Comment with these commands to change:
Was this helpful? React with 👍 / 👎 | Gitar |
What & why
#1 (my own review) flagged that the flagship schemes — Twilio HTTP Basic and AWS SigV4 — were built and unit-tested but never proven live: the enclave still ran the old bearer-only wasm, and there were no live demos. This PR closes that gap.
Changes
CONTRACT_VERSION0.5.3 → 0.5.4 (Cargo to match) and publish it live (contract id 461). The old 0.5.3 stays registered for rollback. Bearer regression (GitHub, Stripe, Gemini) still 200.Proof (live, against the published 0.5.4 enclave)
HTTP Basic (Twilio scheme) — a known password is sealed, the agent sends no credential, the enclave builds
base64(user:secret)and httpbin validates it:httpbin returns 200 only if the enclave's base64 is exactly right.
AWS SigV4 — byte-exact unit vectors (get-vanilla + signing-key derivation) plus a live structural probe against real S3 with AWS's example key:
AWS parsed our SigV4 header (echoed
AWSAccessKeyId=AKIDEXAMPLE) and reached credential lookup — notAuthorizationHeaderMalformed/IncompleteSignature(what a malformed signature yields). A real IAM key → 200.Operational notes (documented in integration-stack.md)
readers: only:[id]) —grantContractReads(newId)must run after everypublish, or forward calls fail withcannot read map "…:secrets". Hit and fixed here.grantreplaces the egress allowlist — grant all hosts in one call.fuel_per_minutequota (surfaces as generic 500s under load).Notes
httpbin_basic_passand AWS example key are public test values; real Twilio/AWS demos just re-seal with real creds.Summary by cubic
Publishes the
blindfold-proxy0.5.4 contract to enable live HTTP Basic (Twilio) and AWS SigV4 in the enclave, and adds runnable demos proving both end-to-end. Bearer flows remain unchanged.New Features
basicandsigv4; 0.5.3 kept for rollback; GitHub/Stripe/Gemini still 200.examples/twilio/(HTTP Basic via httpbin, no Twilio account) andexamples/aws/(SigV4 vs real S3, well-formed signature).examples/README.md,integration-stack.md) and bumpedCONTRACT_VERSIONto0.5.4.Migration
grantContractReads(<newId>)to restore secrets-map read ACLs.grantreplaces, not appends).Written for commit f51dba4. Summary will update on new commits.