@inco/lightning 0.1.20

package/src/libs/incoLightning_0_1_25__986372984.sol

@@ -0,0 +1,389 @@
+// AUTOGENERATED FILE. DO NOT EDIT.
+// This file was generated by the IncoLightning library generator.
+// The original template is located at Lib.template.sol
+
+/// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import "../IncoLightning.sol";
+import { ebool, euint256, ETypes } from "../Types.sol";
+
+IncoLightning constant inco = IncoLightning(0xc3c81F7Bf86Af7ed3a5f5Bb1924A063a1c126cDd);
+address constant deployedBy = 0x8202D2D747784Cb7D48868E44C42C4bf162a70BC;
+uint256 constant defaultDecryptionDelayLimit = 2 hours;
+
+library e {
+    function sanitize(euint256 a) internal returns (euint256) {
+        if (euint256.unwrap(a) == bytes32(0)) {
+            return asEuint256(0);
+        }
+        return a;
+    }
+
+    function sanitize(ebool a) internal returns (ebool) {
+        if (ebool.unwrap(a) == bytes32(0)) {
+            return asEbool(false);
+        }
+        return a;
+    }
+
+    function s(euint256 a) internal returns (euint256) {
+        return sanitize(a);
+    }
+
+    function s(ebool a) internal returns (ebool) {
+        return sanitize(a);
+    }
+
+    function add(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eAdd(s(a), s(b));
+    }
+
+    function add(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eAdd(s(a), asEuint256(b));
+    }
+
+    function add(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eAdd(asEuint256(a), s(b));
+    }
+
+    function sub(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eSub(s(a), s(b));
+    }
+
+    function sub(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eSub(s(a), asEuint256(b));
+    }
+
+    function sub(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eSub(asEuint256(a), s(b));
+    }
+
+    function mul(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMul(s(a), s(b));
+    }
+
+    function mul(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMul(s(a), asEuint256(b));
+    }
+
+    function mul(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMul(asEuint256(a), s(b));
+    }
+
+    function div(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eDiv(s(a), s(b));
+    }
+
+    function div(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eDiv(s(a), asEuint256(b));
+    }
+
+    function div(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eDiv(asEuint256(a), s(b));
+    }
+
+    function rem(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRem(s(a), s(b));
+    }
+
+    function rem(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRem(s(a), asEuint256(b));
+    }
+
+    function rem(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRem(asEuint256(a), s(b));
+    }
+
+    function and(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function and(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function and(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function and(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function and(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function and(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function or(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function or(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function or(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function or(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function or(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function or(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function xor(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function xor(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function xor(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function xor(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function xor(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function xor(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function shl(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShl(s(a), s(b));
+    }
+
+    function shl(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eShl(s(a), asEuint256(b));
+    }
+
+    function shl(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShl(asEuint256(a), s(b));
+    }
+
+    function shr(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShr(s(a), s(b));
+    }
+
+    function shr(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eShr(s(a), asEuint256(b));
+    }
+
+    function shr(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShr(asEuint256(a), s(b));
+    }
+
+    function rotl(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotl(s(a), s(b));
+    }
+
+    function rotl(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRotl(s(a), asEuint256(b));
+    }
+
+    function rotl(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotl(asEuint256(a), s(b));
+    }
+
+    function rotr(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotr(s(a), s(b));
+    }
+
+    function rotr(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRotr(s(a), asEuint256(b));
+    }
+
+    function rotr(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotr(asEuint256(a), s(b));
+    }
+
+    function eq(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eEq(s(a), s(b));
+    }
+
+    function eq(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eEq(s(a), asEuint256(b));
+    }
+
+    function eq(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eEq(asEuint256(a), s(b));
+    }
+
+    function ne(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eNe(s(a), s(b));
+    }
+
+    function ne(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eNe(s(a), asEuint256(b));
+    }
+
+    function ne(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eNe(asEuint256(a), s(b));
+    }
+
+    function ge(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGe(s(a), s(b));
+    }
+
+    function ge(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eGe(s(a), asEuint256(b));
+    }
+
+    function ge(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGe(asEuint256(a), s(b));
+    }
+
+    function gt(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGt(s(a), s(b));
+    }
+
+    function gt(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eGt(s(a), asEuint256(b));
+    }
+
+    function gt(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGt(asEuint256(a), s(b));
+    }
+
+    function le(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLe(s(a), s(b));
+    }
+
+    function le(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eLe(s(a), asEuint256(b));
+    }
+
+    function le(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLe(asEuint256(a), s(b));
+    }
+
+    function lt(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLt(s(a), s(b));
+    }
+
+    function lt(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eLt(s(a), asEuint256(b));
+    }
+
+    function lt(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLt(asEuint256(a), s(b));
+    }
+
+    function min(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMin(s(a), s(b));
+    }
+
+    function min(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMin(s(a), asEuint256(b));
+    }
+
+    function min(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMin(asEuint256(a), s(b));
+    }
+
+    function max(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMax(s(a), s(b));
+    }
+
+    function max(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMax(s(a), asEuint256(b));
+    }
+
+    function max(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMax(asEuint256(a), s(b));
+    }
+
+    function not(ebool a) internal returns (ebool) {
+        return inco.eNot(s(a));
+    }
+
+    function rand() internal returns (euint256) {
+        return euint256.wrap(inco.eRand(ETypes.Uint256));
+    }
+
+    function randBounded(uint256 upperBound) internal returns (euint256) {
+        return euint256.wrap(inco.eRandBounded(euint256.unwrap(asEuint256(upperBound)), ETypes.Uint256));
+    }
+
+    function randBounded(euint256 upperBound) internal returns (euint256) {
+        return euint256.wrap(inco.eRandBounded(euint256.unwrap(s(upperBound)), ETypes.Uint256));
+    }
+
+    function asEuint256(uint256 a) internal returns (euint256) {
+        return inco.asEuint256(a);
+    }
+
+    function asEbool(bool a) internal returns (ebool) {
+        return inco.asEbool(a);
+    }
+
+    function asEbool(euint256 a) internal returns (ebool) {
+        return ebool.wrap(inco.eCast(euint256.unwrap(a), ETypes.Bool));
+    }
+
+    function asEuint256(ebool a) internal returns (euint256) {
+        return euint256.wrap(inco.eCast(ebool.unwrap(a), ETypes.Uint256));
+    }
+
+    function newEuint256(bytes memory ciphertext, address user) internal returns (euint256) {
+        return inco.newEuint256(ciphertext, user);
+    }
+
+    function newEbool(bytes memory ciphertext, address user) internal returns (ebool) {
+        return inco.newEbool(ciphertext, user);
+    }
+
+    function allow(euint256 a, address to) internal {
+        inco.allow(euint256.unwrap(a), to);
+    }
+
+    function allow(ebool a, address to) internal {
+        inco.allow(ebool.unwrap(a), to);
+    }
+
+    function allowThis(euint256 a) internal {
+        allow(a, address(this));
+    }
+
+    function allowThis(ebool a) internal {
+        allow(a, address(this));
+    }
+
+    function isAllowed(address user, euint256 a) internal view returns (bool) {
+        return inco.isAllowed(euint256.unwrap(a), user);
+    }
+
+    function select(ebool control, euint256 ifTrue, euint256 ifFalse) internal returns (euint256) {
+        return euint256.wrap(inco.eIfThenElse(s(control), euint256.unwrap(s(ifTrue)), euint256.unwrap(s(ifFalse))));
+    }
+
+    function select(ebool control, ebool ifTrue, ebool ifFalse) internal returns (ebool) {
+        return ebool.wrap(inco.eIfThenElse(s(control), ebool.unwrap(s(ifTrue)), ebool.unwrap(s(ifFalse))));
+    }
+
+    function requestDecryption(euint256 a, bytes4 callbackSelector, bytes memory callbackData) internal returns (uint256 requestId) {
+        requestId = inco.requestDecryption(callbackSelector, block.timestamp + defaultDecryptionDelayLimit, euint256.unwrap(s(a)), callbackData);
+    }
+
+    function requestDecryption(ebool a, bytes4 callbackSelector, bytes memory callbackData) internal returns (uint256 requestId) {
+        requestId = inco.requestDecryption(callbackSelector, block.timestamp + defaultDecryptionDelayLimit, ebool.unwrap(s(a)), callbackData);
+    }
+}

package/src/lightning-parts/AccessControl/BaseAccessControlList.sol

@@ -0,0 +1,105 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {SenderNotAllowedForHandle} from "../../Types.sol";
+
+contract AccessControlListStorage {
+    struct ACLStorage {
+        mapping(bytes32 handle => mapping(address account => bool isAllowed)) persistedAllowedPairs;
+    }
+
+    bytes32 private constant ACLStorageLocation = keccak256("inco.storage.ACL");
+
+    function getACLStorage() internal pure returns (ACLStorage storage $) {
+        bytes32 loc = ACLStorageLocation;
+        assembly {
+            $.slot := loc
+        }
+    }
+}
+
+// todo should add allowance events ?
+contract BaseAccessControlList is AccessControlListStorage {
+    /// @dev persistent
+    function allow(bytes32 handle, address account) public {
+        require(
+            isAllowed(handle, msg.sender),
+            SenderNotAllowedForHandle(handle, msg.sender)
+        );
+        allowInternal(handle, account);
+    }
+
+    /// @dev persistent
+    function allowInternal(bytes32 handle, address account) internal {
+        ACLStorage storage $ = getACLStorage();
+        $.persistedAllowedPairs[handle][account] = true;
+        // todo emit event ?
+    }
+
+    // todo current transient allowance is unsafe, make storage account bound + how to clean between UserOps
+    function allowTransient(bytes32 handle, address account) public {
+        require(
+            isAllowed(handle, msg.sender),
+            SenderNotAllowedForHandle(handle, msg.sender)
+        );
+        allowTransientInternal(handle, account);
+    }
+
+    /// @dev no ownership check is performed
+    function allowTransientInternal(bytes32 handle, address account) internal {
+        bytes32 key = keccak256(abi.encodePacked(handle, account));
+        assembly {
+            tstore(key, 1)
+            let length := tload(0)
+            let lengthPlusOne := add(length, 1)
+            tstore(lengthPlusOne, key)
+            tstore(0, lengthPlusOne)
+        }
+    }
+
+    function allowedTransient(
+        bytes32 handle,
+        address account
+    ) public view returns (bool) {
+        bool isAllowedTransient;
+        bytes32 key = keccak256(abi.encodePacked(handle, account));
+        assembly {
+            isAllowedTransient := tload(key)
+        }
+        return isAllowedTransient;
+    }
+
+    function cleanTransientStorage() external {
+        assembly {
+            let length := tload(0)
+            tstore(0, 0)
+            let lengthPlusOne := add(length, 1)
+            for {
+                let i := 1
+            } lt(i, lengthPlusOne) {
+                i := add(i, 1)
+            } {
+                let handle := tload(i)
+                tstore(i, 0)
+                tstore(handle, 0)
+            }
+        }
+    }
+
+    function persistAllowed(
+        bytes32 handle,
+        address account
+    ) public view returns (bool) {
+        ACLStorage storage $ = getACLStorage();
+        return $.persistedAllowedPairs[handle][account];
+    }
+
+    function isAllowed(
+        bytes32 handle,
+        address account
+    ) public view returns (bool) {
+        return
+            allowedTransient(handle, account) ||
+            persistAllowed(handle, account);
+    }
+}

package/src/lightning-parts/AccessControl/test/TestBaseAccessControl.t.sol

@@ -0,0 +1,12 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {TestUtils} from "@inco/shared/src/TestUtils.sol";
+import {BaseAccessControlList} from "../BaseAccessControlList.sol";
+
+contract TestBaseAccessControl is BaseAccessControlList, TestUtils {
+    function testHandleZeroIsDisallowed() public view {
+        bytes32 handle = bytes32(0);
+        assert(!isAllowed(handle, alice));
+    }
+}

package/src/lightning-parts/DecryptionHandler.sol

@@ -0,0 +1,164 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
+import {SenderNotAllowedForHandle} from "../Types.sol";
+import {SignatureVerifier} from "./primitives/SignatureVerifier.sol";
+import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
+import {EventCounter} from "./primitives/EventCounter.sol";
+
+struct Request {
+    uint256 maxTimestamp;
+    address callbackContract;
+    bytes4 callbackSelector;
+    // todo #450 should contain the handle
+    bool fulfilled;
+    bytes data;
+}
+
+struct DecryptionResult {
+    bytes32 abiEncodedResult;
+    uint256 requestId;
+}
+
+event DecryptionRequested(
+    uint256 indexed requestId,
+    bytes32 indexed handle,
+    uint256 maxTimestamp,
+    uint256 eventId
+);
+
+contract DecryptionHandlerStorage {
+    struct DecryptionStorage {
+        uint256 requestIdCounter;
+        mapping(uint256 => Request) request;
+    }
+
+    bytes32 private constant DecryptionStorageLocation =
+        keccak256("inco.storage.DecryptionHandler");
+
+    function getDecryptionStorage()
+        internal
+        pure
+        returns (DecryptionStorage storage $)
+    {
+        bytes32 loc = DecryptionStorageLocation;
+        assembly {
+            $.slot := loc
+        }
+    }
+}
+
+abstract contract DecryptionHandlerEip712Checker is EIP712, SignatureVerifier {
+    bytes32 constant DecryptionResultStructHash =
+        keccak256(
+            "DecryptionResult(bytes32 abiEncodedResult,uint256 requestId)"
+        );
+
+    function decryptionResultDigest(
+        DecryptionResult memory result
+    ) public view returns (bytes32) {
+        return
+            _hashTypedDataV4(
+                keccak256(
+                    abi.encode(
+                        DecryptionResultStructHash,
+                        result.abiEncodedResult,
+                        result.requestId
+                    )
+                )
+            );
+    }
+
+    function isValidResult(
+        DecryptionResult memory result,
+        bytes memory signature
+    ) internal view returns (bool) {
+        return isValidSignature(decryptionResultDigest(result), signature);
+    }
+}
+
+abstract contract DecryptionHandler is
+    BaseAccessControlList,
+    EventCounter,
+    DecryptionHandlerStorage,
+    DecryptionHandlerEip712Checker
+{
+    // The Covalidator callback machinery relies on these exact error signatures which are hardcoded in eth_callback.go
+    error RequestAlreadyFulfilled();
+    error RequestExpired();
+    error InvalidResultSignature();
+
+    event RequestFulfilled(
+        uint256 indexed requestId,
+        bool success,
+        uint256 eventId
+    );
+
+    /// @dev callback function MUST be of form `function name(bytes32 requestId, bytes32 result, bytes memory data)`
+    function requestDecryption(
+        // todo support multiple handles per request
+        bytes4 callbackSelector,
+        uint256 maxTimestamp,
+        bytes32 handle,
+        bytes memory data
+    ) external returns (uint256 requestId) {
+        require(
+            isAllowed(handle, msg.sender),
+            SenderNotAllowedForHandle(handle, msg.sender)
+        );
+
+        DecryptionStorage storage $ = getDecryptionStorage();
+        requestId = $.requestIdCounter++;
+        $.request[requestId] = Request({
+            maxTimestamp: maxTimestamp,
+            callbackContract: msg.sender,
+            callbackSelector: callbackSelector,
+            fulfilled: false,
+            data: data
+        });
+
+        emit DecryptionRequested(
+            requestId,
+            handle,
+            maxTimestamp,
+            getNewEventId()
+        );
+    }
+
+    function fulfillRequest(
+        DecryptionResult memory result,
+        bytes memory /* signature */
+    ) external {
+        DecryptionStorage storage $ = getDecryptionStorage();
+        Request storage request = $.request[result.requestId];
+
+        require(!request.fulfilled, RequestAlreadyFulfilled());
+        require(request.maxTimestamp >= block.timestamp, RequestExpired());
+        // require(isValidResult(result, signature), InvalidResultSignature());
+        require(
+            msg.sender == opSignerPubkeyAddress(),
+            InvalidResultSignature()
+        ); // todo beta implem so backend does not need to implement EIP712 signing yet
+        request.fulfilled = true;
+
+        bytes memory callbackCalldata = abi.encodeWithSelector(
+            request.callbackSelector,
+            result.requestId,
+            result.abiEncodedResult,
+            request.data
+        );
+        (bool success, ) = request.callbackContract.call(callbackCalldata);
+        emit RequestFulfilled(result.requestId, success, getNewEventId());
+    }
+
+    function getRequest(
+        uint256 requestId
+    ) external view returns (Request memory) {
+        return getDecryptionStorage().request[requestId];
+    }
+
+    function getRequestIdCounter() external view returns (uint256) {
+        return getDecryptionStorage().requestIdCounter;
+    }
+}