RubyGems - stellar-sdk - Versions diffs - 0.23.1 → 0.27.0 - Mend

stellar-sdk 0.23.1 → 0.27.0

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 83d2fa69cc1464de295aea3252915d41750d7aa1300c778a45ddba48f5584d3e
-  data.tar.gz: 350c012540421676d3b6367abca3f581ff83998150c454e5da8043eaa01eda37
+  metadata.gz: 4956394163d9ef780494428a310af5d3a80b2b63caba45be39e42e55b7557298
+  data.tar.gz: 482c2efc7b68b1348551a08f9e8ab4dc17e723ae86b9dad76fd1bc94e42f72d2
 SHA512:
-  metadata.gz: c6641384a007ddcfd741c53a389b9ae00c41a9c960f23a21197d2013118d3c62001a0f413775f7bb081917d5d68a3eec9424b5b8d484b935e6db0d75e1484ed2
-  data.tar.gz: 570cfe50af7ebe58a7741b918ede5f05ca733159c7608e9dfb8bf3cb66598f93c2728d0f0049555a8f43c357c8020f8391a9b12418ec5d180d165580a6f165bc
+  metadata.gz: 34dfeb9b87ce27716b0d97a17ef42ff91d8b1bb34bdfecdea9797ddc1f840eaa1c88957c42e39ef4ca41bdf17e0ec7b5a64b30f8a608ed3173f2e818f5c2013c
+  data.tar.gz: 48e93b269189a67e654ca59d83a0c697ed4388a418f668e67857a6026e1448e5766e006ccadfadb3993a1adc59ab629426336000acc651d32f41a0352ac9d8f3

data/CHANGELOG.md CHANGED Viewed

@@ -1,24 +1,50 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
-## [0.23.1](https://github.com/stellar/ruby-stellar-sdk/compare/v0.23.1...v0.23.0) - 2020-06-18
+## [0.27.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.26.0...v0.27.0) (2021-05-08)
+- No changes
+## [0.26.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.25.0...v0.26.0) - 2021-02-05
+### Changed
+- `Stellar::SEP10` is updated to comply with SEP10 v3.0.0 and v3.1.0
+  - `read_challenge_tx`` now verifies `domain` in challenge auth operation, as per SEP10 v3.0.0
+  - it is now possible to provide `auth_domain` parameter to enforce auth server domain verification:
+    - `build_challenge_tx` will encode the extra auth domain operation into the challenge tx
+    - `read_challenge_tx` will verify that the challenge includes the correct auth domain operation
+## [0.25.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.24.0...v0.25.0) - 2020-10-30
+### Changed
+- `Stellar::SEP10` is updated to comply with SEP10 v2.1.0
+  - `build_challenge_tx` now accepts `domain` instead of `anchor_name`, using the
+    old param name will now result in deprecation warning
+  - `read_challenge_tx` correctly validates multi-op challenge transactions
+  - `verify_challenge_tx_threshold` now expects simple `{'GA...' => weight, ... }` hash for `signers`
+### Removed:
+- Deprecated `Stellar::SEP10.verify_challenge_tx` method is removed
+## [0.24.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.23.1...v0.24.0) - 2020-10-20
+- Protocol 14 support
+## [0.23.1](https://github.com/astroband/ruby-stellar-sdk/compare/v0.23.0...v0.23.1) - 2020-06-18
 - Fix SEP10, considering muxed accounts
-## [0.23.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.23.0...v0.9.0)
+## [0.23.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.9.0-rc.1...v0.23.0)
 - No changes. We bumped this version to sync `stellar-sdk` and `stellar-base` versions
-## [0.9.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.9.0...v0.8.0)
+## [0.9.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.8.0...v0.9.0-rc.1)
 ### Added
 - Stellar Protocol 13 support
   - Fee-Bump transactions ([CAP-0015](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0015.md))
   - Multiplexed accounts ([CAP-0027](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0027.md))
   - Fine-Grained control on trustline authorization ([CAP-0018](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0018.md))
-## [0.8.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.7.0...v0.8.0)
+## [0.8.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.7.0...v0.8.0)
 ### Added
-- SEP-10 Multisig Support [#69](https://github.com/stellar/ruby-stellar-sdk/pull/69)
+- SEP-10 Multisig Support [#69](https://github.com/astroband/ruby-stellar-sdk/pull/69)
 - `X-Client-Name` and `X-Client-Version` headers
 ## [0.7.0] - 2019-04-26

data/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
-# Ruby Stellar
-[![Build Status](https://travis-ci.org/bloom-solutions/ruby-stellar-sdk.svg)](https://travis-ci.org/bloom-solutions/ruby-stellar-sdk)
-[![Code Climate](https://codeclimate.com/github/bloom-solutions/ruby-stellar-sdk/badges/gpa.svg)](https://codeclimate.com/github/bloom-solutions/ruby-stellar-sdk)
+# Stellar SDK for Ruby: Horizon Integration and Higher Level Abstractions
+[![stellar-sdk](https://badge.fury.io/rb/stellar-sdk.svg)](https://badge.fury.io/rb/stellar-sdk)
+[![Test](https://github.com/astroband/ruby-stellar-sdk/workflows/Test/badge.svg)](https://github.com/astroband/ruby-stellar-sdk/actions?query=branch%3Amaster)
+[![Maintainability](https://api.codeclimate.com/v1/badges/dadfcd9396aba493cb93/maintainability)](https://codeclimate.com/github/astroband/ruby-stellar-sdk/maintainability)
 This library helps you to integrate your application into the [Stellar network](http://stellar.org).
@@ -36,10 +36,10 @@ client.send_payment({
   from:   account,
   to:     recipient,
   amount: Stellar::Amount.new(100_000_000)
-})
+})
 ```
-Be sure to set the network when submitting to the public network (more information in [stellar-base](https://www.github.com/bloom-solutions/ruby-stellar-base)):
+Be sure to set the network when submitting to the public network (more information in [stellar-base](https://www.github.com/astroband/ruby-stellar-base)):
 ```ruby
 Stellar.default_network = Stellar::Networks::PUBLIC
@@ -57,7 +57,7 @@ Stellar.default_network = Stellar::Networks::PUBLIC
 ## Contributing
 1. Sign the [Contributor License Agreement](https://docs.google.com/forms/d/1g7EF6PERciwn7zfmfke5Sir2n10yddGGSXyZsq98tVY/viewform?usp=send_form)
-2. Fork it ( https://github.com/bloom-solutions/ruby-stellar-lib/fork )
+2. Fork it ( https://github.com/astroband/ruby-stellar-sdk/fork )
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)

data/lib/stellar-sdk.rb CHANGED Viewed

@@ -1,7 +1,10 @@
 require "stellar-base"
-require_relative "./stellar/version"
 module Stellar
+  module SDK
+    VERSION = ::Stellar::VERSION
+  end
   autoload :Account
   autoload :Amount
   autoload :Client

data/lib/stellar/account.rb CHANGED Viewed

@@ -66,6 +66,10 @@ module Stellar
     def initialize(keypair)
       @keypair = keypair
     end
+    def to_keypair
+      keypair
+    end
   end
   class AccountNotFound < StandardError

data/lib/stellar/client.rb CHANGED Viewed

@@ -78,12 +78,11 @@ module Stellar
       destination = options[:destination]
       sequence = options[:sequence] || (account_info(account).sequence.to_i + 1)
-      transaction = Stellar::TransactionBuilder.new(
+      transaction = Stellar::TransactionBuilder.account_merge(
         source_account: destination.keypair,
-        sequence_number: sequence
-      ).add_operation(
-        Stellar::Operation.account_merge(destination: destination.keypair)
-      ).set_timeout(0).build
+        sequence_number: sequence,
+        destination: destination.keypair
+      )
       envelope = transaction.to_envelope(account.keypair)
       submit_transaction(tx_envelope: envelope)
@@ -105,17 +104,13 @@ module Stellar
       # instead of using a hard-coded default value.
       fee = options[:fee] || DEFAULT_FEE
-      payment = Stellar::TransactionBuilder.new(
+      payment = Stellar::TransactionBuilder.create_account(
         source_account: funder.keypair,
         sequence_number: sequence,
-        base_fee: fee
-      ).add_operation(
-        Stellar::Operation.create_account({
-          destination: options[:account].keypair,
-          starting_balance: options[:starting_balance]
-        })
-      ).set_timeout(0).build
+        base_fee: fee,
+        destination: options[:account].keypair,
+        starting_balance: options[:starting_balance]
+      )
       envelope = payment.to_envelope(funder.keypair)
       submit_transaction(tx_envelope: envelope)
     end
@@ -180,14 +175,18 @@ module Stellar
     )
       sequence ||= (account_info(source).sequence.to_i + 1)
-      args = {
+      op_args = {
         account: source.keypair,
         sequence: sequence,
         line: asset
       }
-      args[:limit] = limit unless limit.nil?
+      op_args[:limit] = limit unless limit.nil?
-      tx = Stellar::Transaction.change_trust(args)
+      tx = Stellar::TransactionBuilder.change_trust(
+        source_account: source.keypair,
+        sequence_number: sequence,
+        **op_args
+      )
       envelope = tx.to_envelope(source.keypair)
       submit_transaction(tx_envelope: envelope)

data/lib/stellar/sep10.rb CHANGED Viewed

@@ -2,26 +2,34 @@ module Stellar
   class InvalidSep10ChallengeError < StandardError; end
   class SEP10
+    include Stellar::DSL
     # Helper method to create a valid {SEP0010}[https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md]
     # challenge transaction which you can use for Stellar Web Authentication.
     #
-    # @param server [Stellar::KeyPair] Keypair for server's signing account.
-    # @param client [Stellar::KeyPair] Keypair for the account whishing to authenticate with the server.
-    # @param anchor_name [String] Anchor's name to be used in the manage_data key.
-    # @param timeout [Integer] Challenge duration (default to 5 minutes).
-    #
-    # @return [String] A base64 encoded string of the raw TransactionEnvelope xdr struct for the transaction.
+    # @example
+    #   server = Stellar::KeyPair.random # SIGNING_KEY from your stellar.toml
+    #   user = Stellar::KeyPair.from_address('G...')
+    #   Stellar::SEP10.build_challenge_tx(server: server, client: user, domain: 'example.com', timeout: 300)
     #
-    # = Example
+    # @param server [Stellar::KeyPair] server's signing keypair (SIGNING_KEY in service's stellar.toml)
+    # @param client [Stellar::KeyPair] account trying to authenticate with the server
+    # @param domain [String] service's domain to be used in the manage_data key
+    # @param timeout [Integer] challenge duration (default to 5 minutes)
     #
-    #   Stellar::SEP10.build_challenge_tx(server: server, client: user, anchor_name: anchor, timeout: timeout)
+    # @return [String] A base64 encoded string of the raw TransactionEnvelope xdr struct for the transaction.
     #
     # @see {SEP0010: Stellar Web Authentication}[https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md]
-    def self.build_challenge_tx(server:, client:, anchor_name:, timeout: 300)
-      # The value must be 64 bytes long. It contains a 48 byte
-      # cryptographic-quality random string encoded using base64 (for a total of
-      # 64 bytes after encoding).
-      value = SecureRandom.base64(48)
+    def self.build_challenge_tx(server:, client:, domain: nil, timeout: 300, **options)
+      if domain.blank? && options.key?(:anchor_name)
+        ActiveSupport::Deprecation.new("next release", "stellar-sdk").warn <<~MSG
+          SEP-10 v2.0.0 requires usage of service home domain instead of anchor name in the challenge transaction.
+          Please update your implementation to use `Stellar::SEP10.build_challenge_tx(..., home_domain: 'example.com')`.
+          Using `anchor_name` parameter makes your service incompatible with SEP10-2.0 clients, support for this parameter
+          is deprecated and will be removed in the next major release of stellar-base.
+        MSG
+        domain = options[:anchor_name]
+      end
       now = Time.now.to_i
       time_bounds = Stellar::TimeBounds.new(
@@ -29,19 +37,34 @@ module Stellar
         max_time: now + timeout
       )
-      tx = Stellar::TransactionBuilder.new(
+      tb = Stellar::TransactionBuilder.new(
         source_account: server,
         sequence_number: 0,
         time_bounds: time_bounds
-      ).add_operation(
+      )
+      # The value must be 64 bytes long. It contains a 48 byte
+      # cryptographic-quality random string encoded using base64 (for a total of
+      # 64 bytes after encoding).
+      tb.add_operation(
         Stellar::Operation.manage_data(
-          name: "#{anchor_name} auth",
-          value: value,
+          name: "#{domain} auth",
+          value: SecureRandom.base64(48),
           source_account: client
         )
-      ).build
+      )
-      tx.to_envelope(server).to_xdr(:base64)
+      if options.key?(:auth_domain)
+        tb.add_operation(
+          Stellar::Operation.manage_data(
+            name: "web_auth_domain",
+            value: options[:auth_domain],
+            source_account: server
+          )
+        )
+      end
+      tb.build.to_envelope(server).to_xdr(:base64)
     end
     # Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.
@@ -49,76 +72,81 @@ module Stellar
     # It also verifies that transaction is signed by the server.
     #
     # It does not verify that the transaction has been signed by the client or
-    # that any signatures other than the servers on the transaction are valid. Use
-    # one of the following functions to completely verify the transaction:
-    #    - Stellar::SEP10.verify_challenge_tx_threshold
-    #    - Stellar::SEP10.verify_challenge_tx_signers
+    # that any signatures other than the servers on the transaction are valid.
+    # Use either {.verify_challenge_tx_threshold} or {.verify_challenge_tx_signers} to completely verify
+    # the signed challenge
+    #
+    # @example
+    #   sep10 = Stellar::SEP10
+    #   server = Stellar::KeyPair.random # this should be the SIGNING_KEY from your stellar.toml
+    #   challenge = sep10.build_challenge_tx(server: server, client: user, domain: domain, timeout: timeout)
+    #   envelope, client_address = sep10.read_challenge_tx(server: server, challenge_xdr: challenge)
     #
     # @param challenge_xdr [String] SEP0010 transaction challenge in base64.
     # @param server [Stellar::KeyPair] keypair for server where the challenge was generated.
     #
-    # @return [Stellar::TransactionEnvelope, String]
-    #
-    # = Example
-    #
-    #   sep10 = Stellar::SEP10
-    #   challenge = sep10.build_challenge_tx(server: server, client: user, anchor_name: anchor, timeout: timeout)
-    #   envelope, client_address = sep10.read_challenge_tx(challenge: challenge, server: server)
-    #
-    def self.read_challenge_tx(challenge_xdr:, server:)
+    # @return [Array(Stellar::TransactionEnvelope, String)]
+    def self.read_challenge_tx(server:, challenge_xdr:, **options)
       envelope = Stellar::TransactionEnvelope.from_xdr(challenge_xdr, "base64")
       transaction = envelope.tx
       if transaction.seq_num != 0
-        raise InvalidSep10ChallengeError.new(
-          "The transaction sequence number should be zero"
-        )
+        raise InvalidSep10ChallengeError, "The transaction sequence number should be zero"
       end
       if transaction.source_account != server.muxed_account
-        raise InvalidSep10ChallengeError.new(
-          "The transaction source account is not equal to the server's account"
-        )
+        raise InvalidSep10ChallengeError, "The transaction source account is not equal to the server's account"
       end
-      if transaction.operations.size != 1
-        raise InvalidSep10ChallengeError.new(
-          "The transaction should contain only one operation"
-        )
+      if transaction.operations.size < 1
+        raise InvalidSep10ChallengeError, "The transaction should contain at least one operation"
       end
-      operation = transaction.operations.first
-      client_account_id = operation.source_account
+      auth_op, *rest_ops = transaction.operations
+      client_account_id = auth_op.source_account
-      if client_account_id.nil?
-        raise InvalidSep10ChallengeError.new(
-          "The transaction's operation should contain a source account"
-        )
+      auth_op_body = auth_op.body.value
+      if client_account_id.blank?
+        raise InvalidSep10ChallengeError, "The transaction's operation should contain a source account"
       end
-      if operation.body.arm != :manage_data_op
-        raise InvalidSep10ChallengeError.new(
-          "The transaction's operation should be manageData"
-        )
+      if auth_op.body.arm != :manage_data_op
+        raise InvalidSep10ChallengeError, "The transaction's first operation should be manageData"
       end
-      if operation.body.value.data_value.unpack1("m").size != 48
-        raise InvalidSep10ChallengeError.new(
-          "The transaction's operation value should be a 64 bytes base64 random string"
-        )
+      if options.key?(:domain) && auth_op_body.data_name != "#{options[:domain]} auth"
+        raise InvalidSep10ChallengeError, "The transaction's operation data name is invalid"
+      end
+      if auth_op_body.data_value.unpack1("m").size != 48
+        raise InvalidSep10ChallengeError, "The transaction's operation value should be a 64 bytes base64 random string"
+      end
+      rest_ops.each do |op|
+        body = op.body
+        if body.arm != :manage_data_op
+          raise InvalidSep10ChallengeError, "The transaction has operations that are not of type 'manageData'"
+        elsif op.source_account != server.muxed_account
+          raise InvalidSep10ChallengeError, "The transaction has operations that are unrecognized"
+        else
+          op_params = body.value
+          if op_params.data_name == "web_auth_domain" && options.key?(:auth_domain) && op_params.data_value != options[:auth_domain]
+            raise InvalidSep10ChallengeError, "The transaction has 'manageData' operation with 'web_auth_domain' key and invalid value"
+          end
+        end
       end
       unless verify_tx_signed_by(tx_envelope: envelope, keypair: server)
-        raise InvalidSep10ChallengeError.new(
-          "The transaction is not signed by the server"
-        )
+        raise InvalidSep10ChallengeError, "The transaction is not signed by the server"
       end
       time_bounds = transaction.time_bounds
       now = Time.now.to_i
-      if time_bounds.nil? || !now.between?(time_bounds.min_time, time_bounds.max_time)
-        raise InvalidSep10ChallengeError.new("The transaction has expired")
+      if time_bounds.blank? || !now.between?(time_bounds.min_time, time_bounds.max_time)
+        raise InvalidSep10ChallengeError, "The transaction has expired"
       end
       # Mirror the return type of the other SDK's and return a string
@@ -127,6 +155,36 @@ module Stellar
       [envelope, client_kp.address]
     end
+    # Verifies that for a SEP 10 challenge transaction all signatures on the transaction
+    # are accounted for and that the signatures meet a threshold on an account. A
+    # transaction is verified if it is signed by the server account, and all other
+    # signatures match a signer that has been provided as an argument, and those
+    # signatures meet a threshold on the account.
+    #
+    # @param server [Stellar::KeyPair] keypair for server's account.
+    # @param challenge_xdr [String] SEP0010 challenge transaction in base64.
+    # @param signers [{String => Integer}] The signers of client account.
+    # @param threshold [Integer] The medThreshold on the client account.
+    #
+    # @raise InvalidSep10ChallengeError if the transaction has unrecognized signatures (only server's
+    #   signing key and keypairs found in the `signing` argument are recognized) or total weight of
+    #   the signers does not meet the `threshold`
+    #
+    # @return [<String>] subset of input signers who have signed `challenge_xdr`
+    def self.verify_challenge_tx_threshold(server:, challenge_xdr:, signers:, threshold:)
+      signers_found = verify_challenge_tx_signers(
+        server: server, challenge_xdr: challenge_xdr, signers: signers.keys
+      )
+      total_weight = signers.values_at(*signers_found).sum
+      if total_weight < threshold
+        raise InvalidSep10ChallengeError, "signers with weight #{total_weight} do not meet threshold #{threshold}."
+      end
+      signers_found
+    end
     # Verifies that for a SEP 10 challenge transaction all signatures on the transaction are accounted for.
     #
     # A transaction is verified if it is signed by the server account, and all other signatures match a signer
@@ -135,211 +193,82 @@ module Stellar
     #
     # If verification succeeds a list of signers that were found is returned, excluding the server account ID.
     #
+    # @param server [Stellar::Keypair]  server's signing key
     # @param challenge_xdr [String] SEP0010 transaction challenge transaction in base64.
-    # @param server [Stellar::Keypair] keypair for server's account.
-    # @param signers [SetOf[String]] The signers of client account.
+    # @param signers [<String>] The signers of client account.
     #
-    # @return [SetOf[String]]
+    # @raise InvalidSep10ChallengeError one or more signatures in the transaction are not identifiable
+    #   as the server account or one of the signers provided in the arguments
     #
-    # Raises a InvalidSep10ChallengeError if:
-    #     - The transaction is invalid according to Stellar::SEP10.read_challenge_tx.
-    #     - One or more signatures in the transaction are not identifiable as the server account or one of the
-    #       signers provided in the arguments.
-    def self.verify_challenge_tx_signers(
-      challenge_xdr:,
-      server:,
-      signers:
-    )
-      if signers.empty?
-        raise InvalidSep10ChallengeError.new("No signers provided.")
-      end
-      te, _ = read_challenge_tx(
-        challenge_xdr: challenge_xdr, server: server
-      )
+    # @return [<String>] subset of input signers who have signed `challenge_xdr`
+    def self.verify_challenge_tx_signers(server:, challenge_xdr:, signers:)
+      raise InvalidSep10ChallengeError, "no signers provided" if signers.empty?
-      # deduplicate signers and ignore non-G addresses
-      client_signers = Set.new
-      signers.each do |signer|
-        # ignore server kp if passed
-        if signer == server.address
-          next
-        end
-        begin
-          Stellar::Util::StrKey.check_decode(:account_id, signer)
-        rescue
-          next
-        else
-          client_signers.add(signer)
-        end
-      end
+      te, _ = read_challenge_tx(server: server, challenge_xdr: challenge_xdr)
-      if client_signers.empty?
-        raise InvalidSep10ChallengeError.new("At least one signer with a G... address must be provied")
-      end
+      # ignore non-G signers and server's own address
+      client_signers = signers.select { |s| s =~ /G[A-Z0-9]{55}/ && s != server.address }.to_set
+      raise InvalidSep10ChallengeError, "at least one regular signer must be provided" if client_signers.empty?
       # verify all signatures in one pass
-      all_signers = client_signers + Set[server.address]
-      signers_found = verify_tx_signatures(
-        tx_envelope: te, signers: all_signers
-      )
+      client_signers.add(server.address)
+      signers_found = verify_tx_signatures(tx_envelope: te, signers: client_signers)
       # ensure server signed transaction and remove it
       unless signers_found.delete?(server.address)
-        raise InvalidSep10ChallengeError.new("Transaction not signed by server: #{server.address}")
+        raise InvalidSep10ChallengeError, "Transaction not signed by server: #{server.address}"
       end
       # Confirm we matched signatures to the client signers.
       if signers_found.empty?
-        raise InvalidSep10ChallengeError.new("Transaction not signed by any client signer.")
+        raise InvalidSep10ChallengeError, "Transaction not signed by any client signer."
       end
       # Confirm all signatures were consumed by a signer.
-      if signers_found.length != te.signatures.length - 1
-        raise InvalidSep10ChallengeError.new("Transaction has unrecognized signatures.")
+      if signers_found.size != te.signatures.length - 1
+        raise InvalidSep10ChallengeError, "Transaction has unrecognized signatures."
       end
       signers_found
     end
-    # Verifies that for a SEP 10 challenge transaction all signatures on the transaction
-    # are accounted for and that the signatures meet a threshold on an account. A
-    # transaction is verified if it is signed by the server account, and all other
-    # signatures match a signer that has been provided as an argument, and those
-    # signatures meet a threshold on the account.
-    #
-    # @param challenge_xdr [String] SEP0010 transaction challenge transaction in base64.
-    # @param server [Stellar::KeyPair] keypair for server's account.
-    # @param threshold [Integer] The medThreshold on the client account.
-    # @param signers [SetOf[::Hash]]The signers of client account.
-    #
-    # @return [SetOf[::Hash]]
-    #
-    # Raises a InvalidSep10ChallengeError if:
-    #   - The transaction is invalid according to Stellar::SEP10.read_challenge_transaction.
-    #   - One or more signatures in the transaction are not identifiable as the server
-    #     account or one of the signers provided in the arguments.
-    #   - The signatures are all valid but do not meet the threshold.
-    def self.verify_challenge_tx_threshold(
-      challenge_xdr:,
-      server:,
-      threshold:,
-      signers:
-    )
-      signer_str_set = signers.map { |s| s["key"] }.to_set
-      signer_strs_found = verify_challenge_tx_signers(
-        challenge_xdr: challenge_xdr,
-        server: server,
-        signers: signer_str_set
-      )
-      weight = 0
-      signers_found = Set.new
-      signers.each do |s|
-        unless signer_strs_found.include?(s["key"])
-          next
-        end
-        signer_strs_found.delete(s["key"])
-        signers_found.add(s)
-        weight += s["weight"]
-      end
-      if weight < threshold
-        raise InvalidSep10ChallengeError.new(
-          "signers with weight #{weight} do not meet threshold #{threshold}."
-        )
-      end
-      signers_found
-    end
-    # DEPRECATED: Use verify_challenge_tx_signers instead.
-    # This function does not support multiple client signatures.
-    #
-    # Verifies if a transaction is a valid per SEP-10 challenge transaction, if the validation
-    # fails, an exception will be thrown.
-    #
-    # This function performs the following checks:
-    #   1. verify that transaction sequenceNumber is equal to zero;
-    #   2. verify that transaction source account is equal to the server's signing key;
-    #   3. verify that transaction has time bounds set, and that current time is between the minimum and maximum bounds;
-    #   4. verify that transaction contains a single Manage Data operation and it's source account is not null;
-    #   5. verify that transaction envelope has a correct signature by server's signing key;
-    #   6. verify that transaction envelope has a correct signature by the operation's source account;
-    #
-    # @param challenge_xdr [String] SEP0010 transaction challenge transaction in base64.
-    # @param server [Stellar::KeyPair] keypair for server's account.
-    #
-    # Raises a InvalidSep10ChallengeError if the validation fails
-    def self.verify_challenge_tx(
-      challenge_xdr: String, server: Stellar::KeyPair
-    )
-      transaction_envelope, client_address = read_challenge_tx(
-        challenge_xdr: challenge_xdr, server: server
-      )
-      client_keypair = Stellar::KeyPair.from_address(client_address)
-      unless verify_tx_signed_by(tx_envelope: transaction_envelope, keypair: client_keypair)
-        raise InvalidSep10ChallengeError.new(
-          "Transaction not signed by client: %s" % [client_keypair.address]
-        )
-      end
-    end
     # Verifies every signer passed matches a signature on the transaction exactly once,
     # returning a list of unique signers that were found to have signed the transaction.
     #
     # @param tx_envelope [Stellar::TransactionEnvelope] SEP0010 transaction challenge transaction envelope.
-    # @param signers [SetOf[String]] The signers of client account.
+    # @param signers [<String>] The signers of client account.
     #
-    # @return [SetOf[String]]
-    def self.verify_tx_signatures(
-      tx_envelope:,
-      signers:
-    )
+    # @return [Set<Stellar::KeyPair>]
+    def self.verify_tx_signatures(tx_envelope:, signers:)
       signatures = tx_envelope.signatures
       if signatures.empty?
-        raise InvalidSep10ChallengeError.new("Transaction has no signatures.")
+        raise InvalidSep10ChallengeError, "Transaction has no signatures."
       end
       tx_hash = tx_envelope.tx.hash
-      signatures_used = Set.new
-      signers_found = Set.new
-      signers.each do |signer|
-        kp = Stellar::KeyPair.from_address(signer)
-        tx_envelope.signatures.each_with_index do |sig, i|
-          if signatures_used.include?(i)
-            next
-          end
-          if sig.hint != kp.signature_hint
-            next
-          end
-          if kp.verify(sig.signature, tx_hash)
-            signatures_used.add(i)
-            signers_found.add(signer)
-          end
-        end
-      end
+      to_keypair = Stellar::DSL.method(:KeyPair)
+      keys_by_hint = signers.map(&to_keypair).index_by(&:signature_hint)
-      signers_found
+      tx_envelope.signatures.each.with_object(Set.new) do |sig, result|
+        key = keys_by_hint.delete(sig.hint)
+        result.add(key.address) if key&.verify(sig.signature, tx_hash)
+      end
     end
     # Verifies if a Stellar::TransactionEnvelope was signed by the given Stellar::KeyPair
     #
+    # @example
+    #   Stellar::SEP10.verify_tx_signed_by(tx_envelope: envelope, keypair: keypair)
+    #
     # @param tx_envelope [Stellar::TransactionEnvelope]
     # @param keypair [Stellar::KeyPair]
     #
     # @return [Boolean]
-    #
-    # = Example
-    #
-    #   Stellar::SEP10.verify_tx_signed_by(tx_envelope: envelope, keypair: keypair)
-    #
     def self.verify_tx_signed_by(tx_envelope:, keypair:)
       tx_hash = tx_envelope.tx.hash
       tx_envelope.signatures.any? do |sig|
-        if sig.hint != keypair.signature_hint
-          next
-        end
+        next if sig.hint != keypair.signature_hint
         keypair.verify(sig.signature, tx_hash)
       end
     end

metadata CHANGED Viewed

@@ -1,14 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: stellar-sdk
 version: !ruby/object:Gem::Version
-  version: 0.23.1
+  version: 0.27.0
 platform: ruby
 authors:
 - Scott Fleckenstein
+- Sergey Nebolsin
+- Timur Ramazanov
 autorequire:
-bindir: bin
+bindir: exe
 cert_chain: []
-date: 2020-06-18 00:00:00.000000000 Z
+date: 2021-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: stellar-base
@@ -16,82 +18,144 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.23.1
+        version: 0.27.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.23.1
+        version: 0.27.0
 - !ruby/object:Gem::Dependency
-  name: hyperclient
+  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: 5.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.0.0
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: excon
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.71'
+        version: 0.71.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.71.0
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.71'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: hyperclient
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: 0.7.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: 0.7.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: toml-rb
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.1.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.1.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
 description:
 email:
-- scott@stellar.org
 executables: []
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
+- LICENSE
+- CHANGELOG.md
 files:
 - CHANGELOG.md
 - LICENSE
@@ -103,11 +167,16 @@ files:
 - lib/stellar/horizon/problem.rb
 - lib/stellar/sep10.rb
 - lib/stellar/transaction_page.rb
-- lib/stellar/version.rb
-homepage: http://github.com/stellar/ruby-stellar-sdk
+homepage: https://github.com/astroband/ruby-stellar-sdk
 licenses:
 - Apache-2.0
-metadata: {}
+metadata:
+  bug_tracker_uri: https://github.com/astroband/ruby-stellar-sdk/issues
+  changelog_uri: https://github.com/astroband/ruby-stellar-sdk/blob/v0.27.0/sdk/CHANGELOG.md
+  documentation_uri: https://rubydoc.info/gems/stellar-sdk/0.27.0/
+  github_repo: ssh://github.com/astroband/ruby-stellar-sdk
+  homepage_uri: https://github.com/astroband/ruby-stellar-sdk/tree/main/sdk
+  source_code_uri: https://github.com/astroband/ruby-stellar-sdk/tree/v0.27.0/sdk
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -116,14 +185,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.16
 signing_key:
 specification_version: 4
 summary: Stellar client library

data/lib/stellar/version.rb DELETED Viewed

@@ -1,3 +0,0 @@
-module Stellar
-  VERSION = "0.23.1"
-end