Adding aptos service implementation by yashnevatia · Pull Request #340 · smartcontractkit/chainlink-aptos

yashnevatia · 2026-02-16T16:47:53Z

relayer/aptos_service.go

+
+		balance, err := client.AccountAPTBalance(addr)
+		if err != nil {
+			s.logger.Warnw("failed to get balance for account, skipping", "account", account, "address", addr.String(), "error", err)


In general, to fix clear-text logging of sensitive information, you should avoid logging the sensitive value or, if logging is necessary, log only a redacted or truncated form that cannot be used maliciously (e.g., masking most characters, hashing, or omitting it entirely). The functional behavior of the code (business logic) should remain unchanged; only what is emitted to logs should be adjusted.

For this specific case, the problematic sink is the Warnw call in getAccountWithHighestBalance on line 308 of relayer/aptos_service.go:

s.logger.Warnw("failed to get balance for account, skipping", "account", account, "address", addr.String(), "error", err)

We can fix this by:

Removing the "address", addr.String() field entirely (relying on "account", account for context), or

Replacing it with a redacted form that does not expose the full address.

To preserve debuggability while aligning with the rule, the best minimal-impact change is to log only a truncated version of the address (e.g., first and last few characters) that cannot be used directly as an identifier but is still useful for correlating events. Since we cannot change imports beyond standard libraries and must not modify code outside the shown snippet, we will compute this redacted string inline in the log call.

Concretely:

Edit relayer/aptos_service.go inside getAccountWithHighestBalance.

Replace the Warnw invocation on line 308 with one that logs a redacted address using addr.String() locally, e.g., keeping only the first 6 and last 4 characters and replacing the middle with "...".

No changes are needed in relayer/utils/address.go.

relayer/txm/txm.go

…-aptos into aptos-service

relayer/txm/txm.go

+
+	acc := utils.Ed25519PublicKeyToAddress(ed25519PublicKey)
+	fromAddress := acc.String()
+	a.baseLogger.Infow("TestingAptosWriteCap: EnqueueCRE - resolved from address", "fromAddress", fromAddress)


General approach: Avoid logging the full value derived from the authKey (fromAddress). Either omit it entirely from logs or log only a redacted/partial version that is not considered sensitive under your policy, while preserving all existing functional behavior of the transaction creation and sending logic.

Best concrete fix here: Keep using the full fromAddress for constructing fromAccountAddress and the AptosTx, but change the logging call so that it does not emit the complete address. A common pattern is to log only a prefix/suffix of the address (e.g., first 6 and last 4 characters) and indicate that it is redacted. To implement this in a minimal, contained way:

In relayer/txm/txm.go, just before logging, derive a redacted string from fromAddress (e.g., utils.RedactAddress(fromAddress) or, since we cannot modify utils beyond what’s shown, implement a small local helper inline in this file).

Replace the logging argument "fromAddress", fromAddress with "fromAddress", redactedFromAddress.

Do not change how fromAddress is used for ParseStringRelaxed or in the AptosTx struct.

Since we are constrained to only edit the shown snippets and two files, the simplest is to add a small helper function in relayer/txm/txm.go (e.g., redactAddressString) and use that in the Infow and Errorw where the address appears. This maintains functionality and improves privacy.

Concretely:

In relayer/txm/txm.go, define a helper like:

func redactAddressString(addr string) string { if len(addr) <= 10 { return "REDACTED" } return addr[:6] + "..." + addr[len(addr)-4:] }

Use redactAddressString(fromAddress) in the Infow and Errorw calls that log "fromAddress".

No new imports are required.

relayer/txm/txm.go

+	fromAccountAddress := &aptos.AccountAddress{}
+	err = fromAccountAddress.ParseStringRelaxed(fromAddress)
+	if err != nil {
+		a.baseLogger.Errorw("TestingAptosWriteCap: EnqueueCRE - failed to parse from address", "fromAddress", fromAddress, "error", err)


In general, to fix clear-text logging of sensitive information, remove the sensitive value from log messages, or replace it with a redacted/hashed/shortened form that is safe to expose. The functional behavior of the code (business logic, return values, etc.) should remain unchanged; only what is emitted to logs should change. If the value is only needed for debugging, consider logging a non-reversible fingerprint (e.g., hash, truncated form) instead of the full value.

In this specific case, the problematic logging occurs in relayer/txm/txm.go at the error log:

a.baseLogger.Errorw("TestingAptosWriteCap: EnqueueCRE - failed to parse from address", "fromAddress", fromAddress, "error", err)

We should avoid logging fromAddress in clear text. The simplest change that preserves functionality is to remove "fromAddress", fromAddress from this log line. The address is not needed to continue the logic (the function is returning an error immediately after logging), and the error itself already describes what failed. If we still want some context, we could replace it with a redacted version (e.g., the last few characters), but that introduces extra code and still may be considered sensitive. Given the instructions to avoid logging sensitive data, the safest fix is to drop the address from the log entry altogether.

No additional imports or helper methods are required. Only the single Errorw call in relayer/txm/txm.go around line 286 needs to be updated.

relayer/txm/txm.go

+
+	select {
+	case a.broadcastChan <- transactionID:
+		ctxLogger.Infow("TestingAptosWriteCap: EnqueueCRE - tx enqueued to broadcast channel", "fromAddr", fromAddress, "transactionID", transactionID)


To fix this, we should stop logging the full fromAddress value in clear text, and instead log a safely derived representation (for example, a truncated form that keeps only a small prefix/suffix, or a hash) that still allows operators to correlate log entries without exposing the complete address. This preserves functionality (transaction enqueueing, parsing, broadcasting) while removing the sensitive value from logs.

The minimal, targeted change is in relayer/txm/txm.go:

Introduce a small helper in this file that redacts an address string for logging, e.g. returning "***" on empty input and otherwise <first 6>...<last 4>. This is purely local to logging and does not change any business logic.

Change the two logging calls that currently log fromAddress:

The Infow call at line 281: "resolved from address", "fromAddress", fromAddress.

The Infow call at line 325: "fromAddr", fromAddress.
Replace the logged value with a redacted form, e.g. redactAddressForLog(fromAddress).

No external dependencies are needed; we only add one small helper function in the same file.

No changes are required in relayer/utils/address.go because the computation of the address is correct and only the logging is problematic.

…-aptos into aptos-service

yashnevatia · 2026-03-10T15:29:20Z

relayer/chain/chain.go

+	lggr     logger.Logger
+	ds       sqlutil.DataSource
+	keyStore loop.Keystore



passing in keystore to use the highest balance transmitter account.
Check aptos_service.SubmitTransaction

Adding aptos service implementation

eac7f5c

yashnevatia requested a review from a team as a code owner February 16, 2026 16:47

github-advanced-security bot found potential problems Feb 16, 2026

View reviewed changes

yashnevatia added 2 commits February 17, 2026 12:11

Adding EnqueueCRE test, cannot run locally, trying on CI

4283546

Merge branch 'develop' of ssh://github.com/smartcontractkit/chainlink…

e5b0369

…-aptos into aptos-service

yashnevatia had a problem deploying to integration February 17, 2026 12:17 — with GitHub Actions Error

tidy

3ce182f

yashnevatia had a problem deploying to integration February 17, 2026 12:22 — with GitHub Actions Error

tidy

55d4e2c

yashnevatia temporarily deployed to integration February 17, 2026 12:32 — with GitHub Actions Inactive

function name

c7c93d0

yashnevatia temporarily deployed to integration February 17, 2026 13:17 — with GitHub Actions Inactive

wait for cre txs

9bee276

yashnevatia temporarily deployed to integration February 17, 2026 13:42 — with GitHub Actions Inactive

adding serialised params

aafdb92

yashnevatia temporarily deployed to integration February 17, 2026 14:08 — with GitHub Actions Inactive

yashnevatia added 7 commits February 17, 2026 20:21

clean

e180775

wip

517566a

forwarder comments

1bbc29e

wip

abfd050

comments

01d90e1

adding beholder monitoring to aptos txm

8731df5

bump common to main

7979213

yashnevatia marked this pull request as draft March 5, 2026 18:51

yashnevatia requested a review from Fletch153 March 6, 2026 10:09

support for hash and status

c254a66

github-advanced-security bot found potential problems Mar 6, 2026

View reviewed changes

yashnevatia added 3 commits March 9, 2026 10:01

wip

d01ecbb

wip: 2026-03-09T11:26:56

a0ac81d

wip: 2026-03-09T12:24:41

dfe4213

yashnevatia added 4 commits March 10, 2026 11:21

wip: 2026-03-10T11:21:48

9660d08

move beholder to another PR

f0c1749

wip

68e606a

Merge branch 'develop' of ssh://github.com/smartcontractkit/chainlink…

31ed00e

…-aptos into aptos-service

yashnevatia had a problem deploying to integration March 10, 2026 15:26 — with GitHub Actions Error

merge

62750a5

yashnevatia had a problem deploying to integration March 10, 2026 15:28 — with GitHub Actions Error

yashnevatia commented Mar 10, 2026

View reviewed changes

wip

be14a2b

yashnevatia had a problem deploying to integration March 10, 2026 15:31 — with GitHub Actions Error

yashnevatia added 2 commits March 10, 2026 15:35

remove comment

cb8f47e

remove shell.nix

69439d9

yashnevatia had a problem deploying to integration March 10, 2026 15:36 — with GitHub Actions Error

adding back

8c1a636

yashnevatia had a problem deploying to integration March 10, 2026 15:40 — with GitHub Actions Failure

@@ -305,7 +305,11 @@
             		balance, err := client.AccountAPTBalance(addr)
             		if err != nil {
-            			s.logger.Warnw("failed to get balance for account, skipping", "account", account, "address", addr.String(), "error", err)
+            			addrStr := addr.String()
+            			if len(addrStr) > 10 {
+            				addrStr = addrStr[:6] + "..." + addrStr[len(addrStr)-4:]
+            			}
+            			s.logger.Warnw("failed to get balance for account, skipping", "account", account, "redactedAddress", addrStr, "error", err)
             			continue
             		}

@@ -27,6 +27,19 @@
             var _ services.Service = &AptosTxm{}
+            // redactAddressForLog returns a redacted representation of an account address
+            // suitable for logging without exposing the full value.
+            func redactAddressForLog(addr string) string {
+            	if len(addr) == 0 {
+            		return ""
+            	}
+            	// If the address is very short, avoid panics and just return a fixed mask.
+            	if len(addr) <= 10 {
+            		return "***"
+            	}
+            	// Keep a small prefix and suffix to aid debugging while redacting the rest.
+            	return addr[:6] + "..." + addr[len(addr)-4:]
+            }
             type AptosTxm struct {
             	baseLogger logger.Logger
             	keystore   loop.Keystore
@@ -278,7 +291,7 @@
             	acc := utils.Ed25519PublicKeyToAddress(ed25519PublicKey)
             	fromAddress := acc.String()
-            	a.baseLogger.Infow("TestingAptosWriteCap: EnqueueCRE - resolved from address", "fromAddress", fromAddress)
+            	a.baseLogger.Infow("TestingAptosWriteCap: EnqueueCRE - resolved from address", "fromAddress", redactAddressForLog(fromAddress))
             	fromAccountAddress := &aptos.AccountAddress{}
             	err = fromAccountAddress.ParseStringRelaxed(fromAddress)
@@ -322,7 +335,7 @@
             	select {
             	case a.broadcastChan <- transactionID:
-            		ctxLogger.Infow("TestingAptosWriteCap: EnqueueCRE - tx enqueued to broadcast channel", "fromAddr", fromAddress, "transactionID", transactionID)
+            		ctxLogger.Infow("TestingAptosWriteCap: EnqueueCRE - tx enqueued to broadcast channel", "fromAddr", redactAddressForLog(fromAddress), "transactionID", transactionID)
             	default:
             		// if the channel is full, we drop the transaction.
             		// we do this instead of setting the tx in `a.transactions` post-broadcast to avoid a race

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Adding aptos service implementation#340

Adding aptos service implementation#340
yashnevatia wants to merge 28 commits intodevelopfrom
aptos-service

yashnevatia commented Feb 16, 2026 •

edited

Loading

Uh oh!

Check failure

Copilot Autofix

Uh oh!

Check failure

Copilot Autofix

Check failure

Copilot Autofix

Check failure

Copilot Autofix

yashnevatia Mar 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

yashnevatia commented Feb 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Check failure

Uh oh!

Copilot Autofix

Uh oh!

Check failure

Uh oh!

Copilot Autofix

Check failure

Uh oh!

Copilot Autofix

Check failure

Uh oh!

Copilot Autofix

yashnevatia Mar 10, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

yashnevatia commented Feb 16, 2026 •

edited

Loading