RubyGems - stellar-sdk - Versions diffs - 0.24.0 → 0.28.0 - Mend

stellar-sdk 0.24.0 → 0.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f79d3c2af3b2cee00a5a7fd4f7ce698bf250c349afa72f9a310b5f101326d168
-  data.tar.gz: 85b75a06c450fb09c07383dbd0606f72d5b83e5f5ac73f51692302ab27237bd1
+  metadata.gz: 16f2babbd6e3fd516c62f8ff0fb2fe264e335dae7bb051721a3f4fefb5195f4d
+  data.tar.gz: dd0d6b370c14ca38ae09a7bcfcfaccfc1214af2115308c9f2574f84f133a85a4
 SHA512:
-  metadata.gz: ba9a3d5d81b4e5b55af6cb5c14f33001744feea77b706b1b7204189ac638d0c617dcab2e8364822a9a6d4bb0bb222218b4c73da35ae9e18ee649eccab0abd3dc
-  data.tar.gz: 761d9db6452124b38568ea390ba70ddd98ad307cc4304df1bd5abb12e303398661de13ac3fd8320352db657899aef86b3ace18393254782f28ae33a1d868a138
+  metadata.gz: 5b4ce731f7be3b66a5d1cd0f8a03ebb8ba5ffbcb7c55b0fdc9a45189edd95f2d288a3047d603e222e06f69e7079c418c27bc0b82c3bcd0f25f182573630cba67
+  data.tar.gz: c74630a8193bc6bfd3bd2ce730491c0de96f4b7b49b9b1523d02b191f9c2358cfe1c6ca7e286db28ded3680c6e8d110c003249928f86682cec6da3e4fc91b35d

data/CHANGELOG.md CHANGED Viewed

@@ -1,27 +1,56 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
-## [Unreleased]
+## [0.28.0](https://www.github.com/astroband/ruby-stellar-sdk/compare/v0.27.0...v0.28.0) (2021-07-17)
+### Changed
+* `Stellar::Account` class is now part of `stellar-base` gem
+* `Stellar::Account.lookup` is deprecated, use `Stellar::Federation.lookup` instead
+## [0.27.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.26.0...v0.27.0) (2021-05-08)
+- No changes
+## [0.26.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.25.0...v0.26.0) - 2021-02-05
+### Changed
+- `Stellar::SEP10` is updated to comply with SEP10 v3.0.0 and v3.1.0
+  - `read_challenge_tx`` now verifies `domain` in challenge auth operation, as per SEP10 v3.0.0
+  - it is now possible to provide `auth_domain` parameter to enforce auth server domain verification:
+    - `build_challenge_tx` will encode the extra auth domain operation into the challenge tx
+    - `read_challenge_tx` will verify that the challenge includes the correct auth domain operation
+## [0.25.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.24.0...v0.25.0) - 2020-10-30
+### Changed
+- `Stellar::SEP10` is updated to comply with SEP10 v2.1.0
+  - `build_challenge_tx` now accepts `domain` instead of `anchor_name`, using the
+    old param name will now result in deprecation warning
+  - `read_challenge_tx` correctly validates multi-op challenge transactions
+  - `verify_challenge_tx_threshold` now expects simple `{'GA...' => weight, ... }` hash for `signers`
+### Removed:
+- Deprecated `Stellar::SEP10.verify_challenge_tx` method is removed
-## [0.23.1](https://github.com/stellar/ruby-stellar-sdk/compare/v0.23.1...v0.23.0) - 2020-06-18
+## [0.24.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.23.1...v0.24.0) - 2020-10-20
+- Protocol 14 support
+## [0.23.1](https://github.com/astroband/ruby-stellar-sdk/compare/v0.23.0...v0.23.1) - 2020-06-18
 - Fix SEP10, considering muxed accounts
-## [0.23.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.23.0...v0.9.0)
+## [0.23.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.9.0-rc.1...v0.23.0)
 - No changes. We bumped this version to sync `stellar-sdk` and `stellar-base` versions
-## [0.9.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.9.0...v0.8.0)
+## [0.9.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.8.0...v0.9.0-rc.1)
 ### Added
 - Stellar Protocol 13 support
   - Fee-Bump transactions ([CAP-0015](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0015.md))
   - Multiplexed accounts ([CAP-0027](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0027.md))
   - Fine-Grained control on trustline authorization ([CAP-0018](https://github.com/stellar/stellar-protocol/blob/master/core/cap-0018.md))
-## [0.8.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.7.0...v0.8.0)
+## [0.8.0](https://github.com/astroband/ruby-stellar-sdk/compare/v0.7.0...v0.8.0)
 ### Added
-- SEP-10 Multisig Support [#69](https://github.com/stellar/ruby-stellar-sdk/pull/69)
+- SEP-10 Multisig Support [#69](https://github.com/astroband/ruby-stellar-sdk/pull/69)
 - `X-Client-Name` and `X-Client-Version` headers
 ## [0.7.0] - 2019-04-26

data/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
-# Ruby Stellar
-[![Build Status](https://travis-ci.org/bloom-solutions/ruby-stellar-sdk.svg)](https://travis-ci.org/bloom-solutions/ruby-stellar-sdk)
-[![Code Climate](https://codeclimate.com/github/bloom-solutions/ruby-stellar-sdk/badges/gpa.svg)](https://codeclimate.com/github/bloom-solutions/ruby-stellar-sdk)
+# Stellar SDK for Ruby: Horizon Integration and Higher Level Abstractions
+[![stellar-sdk](https://badge.fury.io/rb/stellar-sdk.svg)](https://badge.fury.io/rb/stellar-sdk)
+[![Test](https://github.com/astroband/ruby-stellar-sdk/workflows/Test/badge.svg)](https://github.com/astroband/ruby-stellar-sdk/actions?query=branch%3Amaster)
+[![Maintainability](https://api.codeclimate.com/v1/badges/dadfcd9396aba493cb93/maintainability)](https://codeclimate.com/github/astroband/ruby-stellar-sdk/maintainability)
 This library helps you to integrate your application into the [Stellar network](http://stellar.org).
@@ -36,10 +36,10 @@ client.send_payment({
   from:   account,
   to:     recipient,
   amount: Stellar::Amount.new(100_000_000)
-})
+})
 ```
-Be sure to set the network when submitting to the public network (more information in [stellar-base](https://www.github.com/bloom-solutions/ruby-stellar-base)):
+Be sure to set the network when submitting to the public network (more information in [stellar-base](https://www.github.com/astroband/ruby-stellar-base)):
 ```ruby
 Stellar.default_network = Stellar::Networks::PUBLIC
@@ -57,7 +57,7 @@ Stellar.default_network = Stellar::Networks::PUBLIC
 ## Contributing
 1. Sign the [Contributor License Agreement](https://docs.google.com/forms/d/1g7EF6PERciwn7zfmfke5Sir2n10yddGGSXyZsq98tVY/viewform?usp=send_form)
-2. Fork it ( https://github.com/bloom-solutions/ruby-stellar-lib/fork )
+2. Fork it ( https://github.com/astroband/ruby-stellar-sdk/fork )
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)

data/lib/stellar-sdk.rb CHANGED Viewed

@@ -1,10 +1,13 @@
 require "stellar-base"
-require_relative "stellar/sdk/version"
 module Stellar
-  autoload :Account
+  module SDK
+    VERSION = ::Stellar::VERSION
+  end
   autoload :Amount
   autoload :Client
+  autoload :Federation
   autoload :SEP10
   module Horizon
@@ -16,3 +19,5 @@ module Stellar
   autoload :TransactionPage
 end
+require_relative "stellar/compat"

data/lib/stellar/compat.rb ADDED Viewed

@@ -0,0 +1,4 @@
+class << Stellar::Account
+  delegate :lookup, to: Stellar::Federation
+  deprecate deprecator: Stellar::Deprecation, lookup: "Use `Stellar::Federation.lookup` method"
+end

data/lib/stellar/federation.rb ADDED Viewed

@@ -0,0 +1,51 @@
+require "toml-rb"
+require "uri"
+require "faraday"
+require "json"
+module Stellar
+  class Federation
+    def self.lookup(federated_name)
+      _, domain = federated_name.split("*")
+      if domain.nil?
+        raise InvalidFederationAddress.new
+      end
+      domain_req = Faraday.new("https://#{domain}/.well-known/stellar.toml").get
+      unless domain_req.status == 200
+        raise InvalidStellarDomain, "Domain does not contain stellar.toml file"
+      end
+      fed_server_url = TomlRB.parse(domain_req.body)["FEDERATION_SERVER"]
+      if fed_server_url.nil?
+        raise InvalidStellarTOML, "Invalid Stellar TOML file"
+      end
+      unless fed_server_url&.match?(URI::DEFAULT_PARSER.make_regexp)
+        raise InvalidFederationURL, "Invalid Federation Server URL"
+      end
+      lookup_req = Faraday.new(fed_server_url).get { |req|
+        req.params[:q] = federated_name
+        req.params[:type] = "name"
+      }
+      unless lookup_req.status == 200
+        raise AccountNotFound, "Account not found"
+      end
+      JSON.parse(lookup_req.body)["account_id"]
+    end
+  end
+  class AccountNotFound < StandardError; end
+  class InvalidStellarTOML < StandardError; end
+  class InvalidFederationAddress < StandardError; end
+  class InvalidStellarDomain < StandardError; end
+  class InvalidFederationURL < StandardError; end
+end

data/lib/stellar/sep10.rb CHANGED Viewed

@@ -2,26 +2,34 @@ module Stellar
   class InvalidSep10ChallengeError < StandardError; end
   class SEP10
+    include Stellar::DSL
     # Helper method to create a valid {SEP0010}[https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md]
     # challenge transaction which you can use for Stellar Web Authentication.
     #
-    # @param server [Stellar::KeyPair] Keypair for server's signing account.
-    # @param client [Stellar::KeyPair] Keypair for the account whishing to authenticate with the server.
-    # @param anchor_name [String] Anchor's name to be used in the manage_data key.
-    # @param timeout [Integer] Challenge duration (default to 5 minutes).
-    #
-    # @return [String] A base64 encoded string of the raw TransactionEnvelope xdr struct for the transaction.
+    # @example
+    #   server = Stellar::KeyPair.random # SIGNING_KEY from your stellar.toml
+    #   user = Stellar::KeyPair.from_address('G...')
+    #   Stellar::SEP10.build_challenge_tx(server: server, client: user, domain: 'example.com', timeout: 300)
     #
-    # = Example
+    # @param server [Stellar::KeyPair] server's signing keypair (SIGNING_KEY in service's stellar.toml)
+    # @param client [Stellar::KeyPair] account trying to authenticate with the server
+    # @param domain [String] service's domain to be used in the manage_data key
+    # @param timeout [Integer] challenge duration (default to 5 minutes)
     #
-    #   Stellar::SEP10.build_challenge_tx(server: server, client: user, anchor_name: anchor, timeout: timeout)
+    # @return [String] A base64 encoded string of the raw TransactionEnvelope xdr struct for the transaction.
     #
     # @see {SEP0010: Stellar Web Authentication}[https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md]
-    def self.build_challenge_tx(server:, client:, anchor_name:, timeout: 300)
-      # The value must be 64 bytes long. It contains a 48 byte
-      # cryptographic-quality random string encoded using base64 (for a total of
-      # 64 bytes after encoding).
-      value = SecureRandom.base64(48)
+    def self.build_challenge_tx(server:, client:, domain: nil, timeout: 300, **options)
+      if domain.blank? && options.key?(:anchor_name)
+        ActiveSupport::Deprecation.new("next release", "stellar-sdk").warn <<~MSG
+          SEP-10 v2.0.0 requires usage of service home domain instead of anchor name in the challenge transaction.
+          Please update your implementation to use `Stellar::SEP10.build_challenge_tx(..., home_domain: 'example.com')`.
+          Using `anchor_name` parameter makes your service incompatible with SEP10-2.0 clients, support for this parameter
+          is deprecated and will be removed in the next major release of stellar-base.
+        MSG
+        domain = options[:anchor_name]
+      end
       now = Time.now.to_i
       time_bounds = Stellar::TimeBounds.new(
@@ -29,19 +37,34 @@ module Stellar
         max_time: now + timeout
       )
-      tx = Stellar::TransactionBuilder.new(
+      tb = Stellar::TransactionBuilder.new(
         source_account: server,
         sequence_number: 0,
         time_bounds: time_bounds
-      ).add_operation(
+      )
+      # The value must be 64 bytes long. It contains a 48 byte
+      # cryptographic-quality random string encoded using base64 (for a total of
+      # 64 bytes after encoding).
+      tb.add_operation(
         Stellar::Operation.manage_data(
-          name: "#{anchor_name} auth",
-          value: value,
+          name: "#{domain} auth",
+          value: SecureRandom.base64(48),
           source_account: client
         )
-      ).build
+      )
-      tx.to_envelope(server).to_xdr(:base64)
+      if options.key?(:auth_domain)
+        tb.add_operation(
+          Stellar::Operation.manage_data(
+            name: "web_auth_domain",
+            value: options[:auth_domain],
+            source_account: server
+          )
+        )
+      end
+      tb.build.to_envelope(server).to_xdr(:base64)
     end
     # Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.
@@ -49,76 +72,81 @@ module Stellar
     # It also verifies that transaction is signed by the server.
     #
     # It does not verify that the transaction has been signed by the client or
-    # that any signatures other than the servers on the transaction are valid. Use
-    # one of the following functions to completely verify the transaction:
-    #    - Stellar::SEP10.verify_challenge_tx_threshold
-    #    - Stellar::SEP10.verify_challenge_tx_signers
+    # that any signatures other than the servers on the transaction are valid.
+    # Use either {.verify_challenge_tx_threshold} or {.verify_challenge_tx_signers} to completely verify
+    # the signed challenge
+    #
+    # @example
+    #   sep10 = Stellar::SEP10
+    #   server = Stellar::KeyPair.random # this should be the SIGNING_KEY from your stellar.toml
+    #   challenge = sep10.build_challenge_tx(server: server, client: user, domain: domain, timeout: timeout)
+    #   envelope, client_address = sep10.read_challenge_tx(server: server, challenge_xdr: challenge)
     #
     # @param challenge_xdr [String] SEP0010 transaction challenge in base64.
     # @param server [Stellar::KeyPair] keypair for server where the challenge was generated.
     #
-    # @return [Stellar::TransactionEnvelope, String]
-    #
-    # = Example
-    #
-    #   sep10 = Stellar::SEP10
-    #   challenge = sep10.build_challenge_tx(server: server, client: user, anchor_name: anchor, timeout: timeout)
-    #   envelope, client_address = sep10.read_challenge_tx(challenge: challenge, server: server)
-    #
-    def self.read_challenge_tx(challenge_xdr:, server:)
+    # @return [Array(Stellar::TransactionEnvelope, String)]
+    def self.read_challenge_tx(server:, challenge_xdr:, **options)
       envelope = Stellar::TransactionEnvelope.from_xdr(challenge_xdr, "base64")
       transaction = envelope.tx
       if transaction.seq_num != 0
-        raise InvalidSep10ChallengeError.new(
-          "The transaction sequence number should be zero"
-        )
+        raise InvalidSep10ChallengeError, "The transaction sequence number should be zero"
       end
       if transaction.source_account != server.muxed_account
-        raise InvalidSep10ChallengeError.new(
-          "The transaction source account is not equal to the server's account"
-        )
+        raise InvalidSep10ChallengeError, "The transaction source account is not equal to the server's account"
       end
-      if transaction.operations.size != 1
-        raise InvalidSep10ChallengeError.new(
-          "The transaction should contain only one operation"
-        )
+      if transaction.operations.size < 1
+        raise InvalidSep10ChallengeError, "The transaction should contain at least one operation"
       end
-      operation = transaction.operations.first
-      client_account_id = operation.source_account
+      auth_op, *rest_ops = transaction.operations
+      client_account_id = auth_op.source_account
-      if client_account_id.nil?
-        raise InvalidSep10ChallengeError.new(
-          "The transaction's operation should contain a source account"
-        )
+      auth_op_body = auth_op.body.value
+      if client_account_id.blank?
+        raise InvalidSep10ChallengeError, "The transaction's operation should contain a source account"
       end
-      if operation.body.arm != :manage_data_op
-        raise InvalidSep10ChallengeError.new(
-          "The transaction's operation should be manageData"
-        )
+      if auth_op.body.arm != :manage_data_op
+        raise InvalidSep10ChallengeError, "The transaction's first operation should be manageData"
       end
-      if operation.body.value.data_value.unpack1("m").size != 48
-        raise InvalidSep10ChallengeError.new(
-          "The transaction's operation value should be a 64 bytes base64 random string"
-        )
+      if options.key?(:domain) && auth_op_body.data_name != "#{options[:domain]} auth"
+        raise InvalidSep10ChallengeError, "The transaction's operation data name is invalid"
+      end
+      if auth_op_body.data_value.unpack1("m").size != 48
+        raise InvalidSep10ChallengeError, "The transaction's operation value should be a 64 bytes base64 random string"
+      end
+      rest_ops.each do |op|
+        body = op.body
+        if body.arm != :manage_data_op
+          raise InvalidSep10ChallengeError, "The transaction has operations that are not of type 'manageData'"
+        elsif op.source_account != server.muxed_account
+          raise InvalidSep10ChallengeError, "The transaction has operations that are unrecognized"
+        else
+          op_params = body.value
+          if op_params.data_name == "web_auth_domain" && options.key?(:auth_domain) && op_params.data_value != options[:auth_domain]
+            raise InvalidSep10ChallengeError, "The transaction has 'manageData' operation with 'web_auth_domain' key and invalid value"
+          end
+        end
       end
       unless verify_tx_signed_by(tx_envelope: envelope, keypair: server)
-        raise InvalidSep10ChallengeError.new(
-          "The transaction is not signed by the server"
-        )
+        raise InvalidSep10ChallengeError, "The transaction is not signed by the server"
       end
       time_bounds = transaction.time_bounds
       now = Time.now.to_i
-      if time_bounds.nil? || !now.between?(time_bounds.min_time, time_bounds.max_time)
-        raise InvalidSep10ChallengeError.new("The transaction has expired")
+      if time_bounds.blank? || !now.between?(time_bounds.min_time, time_bounds.max_time)
+        raise InvalidSep10ChallengeError, "The transaction has expired"
       end
       # Mirror the return type of the other SDK's and return a string
@@ -127,6 +155,36 @@ module Stellar
       [envelope, client_kp.address]
     end
+    # Verifies that for a SEP 10 challenge transaction all signatures on the transaction
+    # are accounted for and that the signatures meet a threshold on an account. A
+    # transaction is verified if it is signed by the server account, and all other
+    # signatures match a signer that has been provided as an argument, and those
+    # signatures meet a threshold on the account.
+    #
+    # @param server [Stellar::KeyPair] keypair for server's account.
+    # @param challenge_xdr [String] SEP0010 challenge transaction in base64.
+    # @param signers [{String => Integer}] The signers of client account.
+    # @param threshold [Integer] The medThreshold on the client account.
+    #
+    # @raise InvalidSep10ChallengeError if the transaction has unrecognized signatures (only server's
+    #   signing key and keypairs found in the `signing` argument are recognized) or total weight of
+    #   the signers does not meet the `threshold`
+    #
+    # @return [<String>] subset of input signers who have signed `challenge_xdr`
+    def self.verify_challenge_tx_threshold(server:, challenge_xdr:, signers:, threshold:)
+      signers_found = verify_challenge_tx_signers(
+        server: server, challenge_xdr: challenge_xdr, signers: signers.keys
+      )
+      total_weight = signers.values_at(*signers_found).sum
+      if total_weight < threshold
+        raise InvalidSep10ChallengeError, "signers with weight #{total_weight} do not meet threshold #{threshold}."
+      end
+      signers_found
+    end
     # Verifies that for a SEP 10 challenge transaction all signatures on the transaction are accounted for.
     #
     # A transaction is verified if it is signed by the server account, and all other signatures match a signer
@@ -135,211 +193,82 @@ module Stellar
     #
     # If verification succeeds a list of signers that were found is returned, excluding the server account ID.
     #
+    # @param server [Stellar::Keypair]  server's signing key
     # @param challenge_xdr [String] SEP0010 transaction challenge transaction in base64.
-    # @param server [Stellar::Keypair] keypair for server's account.
-    # @param signers [SetOf[String]] The signers of client account.
+    # @param signers [<String>] The signers of client account.
     #
-    # @return [SetOf[String]]
+    # @raise InvalidSep10ChallengeError one or more signatures in the transaction are not identifiable
+    #   as the server account or one of the signers provided in the arguments
     #
-    # Raises a InvalidSep10ChallengeError if:
-    #     - The transaction is invalid according to Stellar::SEP10.read_challenge_tx.
-    #     - One or more signatures in the transaction are not identifiable as the server account or one of the
-    #       signers provided in the arguments.
-    def self.verify_challenge_tx_signers(
-      challenge_xdr:,
-      server:,
-      signers:
-    )
-      if signers.empty?
-        raise InvalidSep10ChallengeError.new("No signers provided.")
-      end
-      te, _ = read_challenge_tx(
-        challenge_xdr: challenge_xdr, server: server
-      )
+    # @return [<String>] subset of input signers who have signed `challenge_xdr`
+    def self.verify_challenge_tx_signers(server:, challenge_xdr:, signers:)
+      raise InvalidSep10ChallengeError, "no signers provided" if signers.empty?
-      # deduplicate signers and ignore non-G addresses
-      client_signers = Set.new
-      signers.each do |signer|
-        # ignore server kp if passed
-        if signer == server.address
-          next
-        end
-        begin
-          Stellar::Util::StrKey.check_decode(:account_id, signer)
-        rescue
-          next
-        else
-          client_signers.add(signer)
-        end
-      end
+      te, _ = read_challenge_tx(server: server, challenge_xdr: challenge_xdr)
-      if client_signers.empty?
-        raise InvalidSep10ChallengeError.new("At least one signer with a G... address must be provied")
-      end
+      # ignore non-G signers and server's own address
+      client_signers = signers.select { |s| s =~ /G[A-Z0-9]{55}/ && s != server.address }.to_set
+      raise InvalidSep10ChallengeError, "at least one regular signer must be provided" if client_signers.empty?
       # verify all signatures in one pass
-      all_signers = client_signers + Set[server.address]
-      signers_found = verify_tx_signatures(
-        tx_envelope: te, signers: all_signers
-      )
+      client_signers.add(server.address)
+      signers_found = verify_tx_signatures(tx_envelope: te, signers: client_signers)
       # ensure server signed transaction and remove it
       unless signers_found.delete?(server.address)
-        raise InvalidSep10ChallengeError.new("Transaction not signed by server: #{server.address}")
+        raise InvalidSep10ChallengeError, "Transaction not signed by server: #{server.address}"
       end
       # Confirm we matched signatures to the client signers.
       if signers_found.empty?
-        raise InvalidSep10ChallengeError.new("Transaction not signed by any client signer.")
+        raise InvalidSep10ChallengeError, "Transaction not signed by any client signer."
       end
       # Confirm all signatures were consumed by a signer.
-      if signers_found.length != te.signatures.length - 1
-        raise InvalidSep10ChallengeError.new("Transaction has unrecognized signatures.")
+      if signers_found.size != te.signatures.length - 1
+        raise InvalidSep10ChallengeError, "Transaction has unrecognized signatures."
       end
       signers_found
     end
-    # Verifies that for a SEP 10 challenge transaction all signatures on the transaction
-    # are accounted for and that the signatures meet a threshold on an account. A
-    # transaction is verified if it is signed by the server account, and all other
-    # signatures match a signer that has been provided as an argument, and those
-    # signatures meet a threshold on the account.
-    #
-    # @param challenge_xdr [String] SEP0010 transaction challenge transaction in base64.
-    # @param server [Stellar::KeyPair] keypair for server's account.
-    # @param threshold [Integer] The medThreshold on the client account.
-    # @param signers [SetOf[::Hash]]The signers of client account.
-    #
-    # @return [SetOf[::Hash]]
-    #
-    # Raises a InvalidSep10ChallengeError if:
-    #   - The transaction is invalid according to Stellar::SEP10.read_challenge_transaction.
-    #   - One or more signatures in the transaction are not identifiable as the server
-    #     account or one of the signers provided in the arguments.
-    #   - The signatures are all valid but do not meet the threshold.
-    def self.verify_challenge_tx_threshold(
-      challenge_xdr:,
-      server:,
-      threshold:,
-      signers:
-    )
-      signer_str_set = signers.map { |s| s["key"] }.to_set
-      signer_strs_found = verify_challenge_tx_signers(
-        challenge_xdr: challenge_xdr,
-        server: server,
-        signers: signer_str_set
-      )
-      weight = 0
-      signers_found = Set.new
-      signers.each do |s|
-        unless signer_strs_found.include?(s["key"])
-          next
-        end
-        signer_strs_found.delete(s["key"])
-        signers_found.add(s)
-        weight += s["weight"]
-      end
-      if weight < threshold
-        raise InvalidSep10ChallengeError.new(
-          "signers with weight #{weight} do not meet threshold #{threshold}."
-        )
-      end
-      signers_found
-    end
-    # DEPRECATED: Use verify_challenge_tx_signers instead.
-    # This function does not support multiple client signatures.
-    #
-    # Verifies if a transaction is a valid per SEP-10 challenge transaction, if the validation
-    # fails, an exception will be thrown.
-    #
-    # This function performs the following checks:
-    #   1. verify that transaction sequenceNumber is equal to zero;
-    #   2. verify that transaction source account is equal to the server's signing key;
-    #   3. verify that transaction has time bounds set, and that current time is between the minimum and maximum bounds;
-    #   4. verify that transaction contains a single Manage Data operation and it's source account is not null;
-    #   5. verify that transaction envelope has a correct signature by server's signing key;
-    #   6. verify that transaction envelope has a correct signature by the operation's source account;
-    #
-    # @param challenge_xdr [String] SEP0010 transaction challenge transaction in base64.
-    # @param server [Stellar::KeyPair] keypair for server's account.
-    #
-    # Raises a InvalidSep10ChallengeError if the validation fails
-    def self.verify_challenge_tx(
-      challenge_xdr: String, server: Stellar::KeyPair
-    )
-      transaction_envelope, client_address = read_challenge_tx(
-        challenge_xdr: challenge_xdr, server: server
-      )
-      client_keypair = Stellar::KeyPair.from_address(client_address)
-      unless verify_tx_signed_by(tx_envelope: transaction_envelope, keypair: client_keypair)
-        raise InvalidSep10ChallengeError.new(
-          "Transaction not signed by client: %s" % [client_keypair.address]
-        )
-      end
-    end
     # Verifies every signer passed matches a signature on the transaction exactly once,
     # returning a list of unique signers that were found to have signed the transaction.
     #
     # @param tx_envelope [Stellar::TransactionEnvelope] SEP0010 transaction challenge transaction envelope.
-    # @param signers [SetOf[String]] The signers of client account.
+    # @param signers [<String>] The signers of client account.
     #
-    # @return [SetOf[String]]
-    def self.verify_tx_signatures(
-      tx_envelope:,
-      signers:
-    )
+    # @return [Set<Stellar::KeyPair>]
+    def self.verify_tx_signatures(tx_envelope:, signers:)
       signatures = tx_envelope.signatures
       if signatures.empty?
-        raise InvalidSep10ChallengeError.new("Transaction has no signatures.")
+        raise InvalidSep10ChallengeError, "Transaction has no signatures."
       end
       tx_hash = tx_envelope.tx.hash
-      signatures_used = Set.new
-      signers_found = Set.new
-      signers.each do |signer|
-        kp = Stellar::KeyPair.from_address(signer)
-        tx_envelope.signatures.each_with_index do |sig, i|
-          if signatures_used.include?(i)
-            next
-          end
-          if sig.hint != kp.signature_hint
-            next
-          end
-          if kp.verify(sig.signature, tx_hash)
-            signatures_used.add(i)
-            signers_found.add(signer)
-          end
-        end
-      end
+      to_keypair = Stellar::DSL.method(:KeyPair)
+      keys_by_hint = signers.map(&to_keypair).index_by(&:signature_hint)
-      signers_found
+      tx_envelope.signatures.each.with_object(Set.new) do |sig, result|
+        key = keys_by_hint.delete(sig.hint)
+        result.add(key.address) if key&.verify(sig.signature, tx_hash)
+      end
     end
     # Verifies if a Stellar::TransactionEnvelope was signed by the given Stellar::KeyPair
     #
+    # @example
+    #   Stellar::SEP10.verify_tx_signed_by(tx_envelope: envelope, keypair: keypair)
+    #
     # @param tx_envelope [Stellar::TransactionEnvelope]
     # @param keypair [Stellar::KeyPair]
     #
     # @return [Boolean]
-    #
-    # = Example
-    #
-    #   Stellar::SEP10.verify_tx_signed_by(tx_envelope: envelope, keypair: keypair)
-    #
     def self.verify_tx_signed_by(tx_envelope:, keypair:)
       tx_hash = tx_envelope.tx.hash
       tx_envelope.signatures.any? do |sig|
-        if sig.hint != keypair.signature_hint
-          next
-        end
+        next if sig.hint != keypair.signature_hint
         keypair.verify(sig.signature, tx_hash)
       end
     end

metadata CHANGED Viewed

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: stellar-sdk
 version: !ruby/object:Gem::Version
-  version: 0.24.0
+  version: 0.28.0
 platform: ruby
 authors:
 - Scott Fleckenstein
 - Sergey Nebolsin
 - Timur Ramazanov
-autorequire:
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-10-20 00:00:00.000000000 Z
+date: 2021-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: stellar-base
@@ -18,14 +18,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.24.0
+        version: 0.28.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.24.0
+        version: 0.28.0
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -75,7 +75,7 @@ dependencies:
         version: 0.7.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -85,7 +85,7 @@ dependencies:
         version: 0.7.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: toml-rb
   requirement: !ruby/object:Gem::Requirement
@@ -112,14 +112,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -148,8 +148,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.9'
-description:
-email:
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files:
@@ -161,21 +161,24 @@ files:
 - LICENSE
 - README.md
 - lib/stellar-sdk.rb
-- lib/stellar/account.rb
 - lib/stellar/amount.rb
 - lib/stellar/client.rb
+- lib/stellar/compat.rb
+- lib/stellar/federation.rb
 - lib/stellar/horizon/problem.rb
-- lib/stellar/sdk/version.rb
 - lib/stellar/sep10.rb
 - lib/stellar/transaction_page.rb
-homepage: https://github.com/stellar/ruby-stellar-sdk/tree/master/sdk
+homepage: https://github.com/astroband/ruby-stellar-sdk
 licenses:
 - Apache-2.0
 metadata:
-  documentation_uri: https://rubydoc.info/gems/stellar-sdk/0.24.0/
-  changelog_uri: https://github.com/astroband/ruby-stellar-sdk/blob/v0.24.0/sdk/CHANGELOG.md
-  source_code_uri: https://github.com/astroband/ruby-stellar-sdk/tree/v0.24.0/sdk
-post_install_message:
+  bug_tracker_uri: https://github.com/astroband/ruby-stellar-sdk/issues
+  changelog_uri: https://github.com/astroband/ruby-stellar-sdk/blob/v0.28.0/sdk/CHANGELOG.md
+  documentation_uri: https://rubydoc.info/gems/stellar-sdk/0.28.0/
+  github_repo: ssh://github.com/astroband/ruby-stellar-sdk
+  homepage_uri: https://github.com/astroband/ruby-stellar-sdk/tree/main/sdk
+  source_code_uri: https://github.com/astroband/ruby-stellar-sdk/tree/v0.28.0/sdk
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -190,8 +193,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.0.rc.2
-signing_key:
+rubygems_version: 3.2.22
+signing_key:
 specification_version: 4
 summary: Stellar client library
 test_files: []

data/lib/stellar/account.rb DELETED Viewed

@@ -1,89 +0,0 @@
-require "toml-rb"
-require "uri"
-require "faraday"
-require "json"
-module Stellar
-  class Account
-    delegate :address, to: :keypair
-    def self.random
-      keypair = Stellar::KeyPair.random
-      new(keypair)
-    end
-    def self.from_seed(seed)
-      keypair = Stellar::KeyPair.from_seed(seed)
-      new(keypair)
-    end
-    def self.from_address(address)
-      keypair = Stellar::KeyPair.from_address(address)
-      new(keypair)
-    end
-    def self.lookup(federated_name)
-      _, domain = federated_name.split("*")
-      if domain.nil?
-        raise InvalidFederationAddress.new
-      end
-      domain_req = Faraday.new("https://#{domain}/.well-known/stellar.toml").get
-      unless domain_req.status == 200
-        raise InvalidStellarDomain.new("Domain does not contain stellar.toml file")
-      end
-      fed_server_url = TomlRB.parse(domain_req.body)["FEDERATION_SERVER"]
-      if fed_server_url.nil?
-        raise InvalidStellarTOML.new("Invalid Stellar TOML file")
-      end
-      unless fed_server_url&.match?(URI::DEFAULT_PARSER.make_regexp)
-        raise InvalidFederationURL.new("Invalid Federation Server URL")
-      end
-      lookup_req = Faraday.new(fed_server_url).get { |req|
-        req.params[:q] = federated_name
-        req.params[:type] = "name"
-      }
-      unless lookup_req.status == 200
-        raise AccountNotFound.new("Account not found")
-      end
-      JSON.parse(lookup_req.body)["account_id"]
-    end
-    def self.master
-      keypair = Stellar::KeyPair.from_raw_seed("allmylifemyhearthasbeensearching")
-      new(keypair)
-    end
-    attr_reader :keypair
-    # @param [Stellar::KeyPair] keypair
-    def initialize(keypair)
-      @keypair = keypair
-    end
-    def to_keypair
-      keypair
-    end
-  end
-  class AccountNotFound < StandardError
-  end
-  class InvalidStellarTOML < StandardError
-  end
-  class InvalidFederationAddress < StandardError
-  end
-  class InvalidStellarDomain < StandardError
-  end
-  class InvalidFederationURL < StandardError
-  end
-end

data/lib/stellar/sdk/version.rb DELETED Viewed

@@ -1,5 +0,0 @@
-module Stellar
-  module SDK
-    VERSION = "0.24.0"
-  end
-end