npm - @inco/lightning - Versions diffs - 0.4.0 → 0.5.1 - Mend

@inco/lightning 0.4.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/src/lightning-parts/AccessControl/test/TestAdvancedAccessControl.t.sol ADDED Viewed

@@ -0,0 +1,234 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+import {IncoTest} from "../../../test/IncoTest.sol";
+import {SessionVerifier, Session} from "../../../periphery/SessionVerifier.sol";
+import {AllowanceVoucher, AllowanceProof} from "../AdvancedAccessControl.sol";
+import {euint256} from "../../../Types.sol";
+import {e, inco} from "../../../Lib.sol";
+import {AdvancedAccessControl} from "../AdvancedAccessControl.sol";
+import {ALLOWANCE_GRANTED_MAGIC_VALUE} from "../../../Types.sol";
+import {IIncoVerifier} from "../../../interfaces/IIncoVerifier.sol";
+contract SomeContractWithConfidentialData {
+    using e for bytes;
+    using e for euint256;
+    euint256 public secret;
+    function saveAPersonalSecret(bytes memory ciphertext) public {
+        secret = ciphertext.newEuint256(msg.sender);
+        secret.allow(msg.sender);
+    }
+}
+contract SomeVerifier {
+    struct SharerArg {
+        bytes32 handleShared;
+        address allowedAccount;
+    }
+    struct RequesterArg {
+        bytes2 mustBeBeef;
+    }
+    function someCheck(
+        bytes32 handle,
+        address account,
+        bytes memory sharerArgData,
+        bytes memory requesterArgData
+    ) public pure returns (bytes32) {
+        SharerArg memory sharerArg = abi.decode(sharerArgData, (SharerArg));
+        RequesterArg memory requesterArg = abi.decode(
+            requesterArgData,
+            (RequesterArg)
+        );
+        if (
+            requesterArg.mustBeBeef == bytes2(0xbeef) &&
+            sharerArg.handleShared == handle &&
+            sharerArg.allowedAccount == account
+        ) {
+            return ALLOWANCE_GRANTED_MAGIC_VALUE;
+        }
+        return bytes32(0);
+    }
+}
+contract DoesNotVerifyAnything {
+    function someCheck(
+        bytes32 /* handle */,
+        address /* account */,
+        bytes memory /* sharerArgData */,
+        bytes memory /* requesterArgData */
+    ) public pure returns (bytes32) {
+        return ALLOWANCE_GRANTED_MAGIC_VALUE;
+    }
+}
+contract TestAdvancedAccessControl is IncoTest {
+    SomeContractWithConfidentialData someContract;
+    bytes32 secretHandle;
+    IIncoVerifier incoVerifier;
+    function setUp() public override {
+        super.setUp();
+        someContract = new SomeContractWithConfidentialData();
+        bytes memory secretCt = fakePrepareEuint256Ciphertext(42);
+        vm.prank(alice);
+        someContract.saveAPersonalSecret(secretCt);
+        secretHandle = euint256.unwrap(someContract.secret());
+        incoVerifier = inco.incoVerifier();
+    }
+    function testAdvancedSharingWithSession() public {
+        SessionVerifier sessionVerifier = new SessionVerifier("");
+        assertFalse(
+            inco.isAllowed(secretHandle, bob),
+            "bob should't be allowed on secret yet"
+        );
+        assertTrue(
+            inco.isAllowed(secretHandle, alice),
+            "alice should be allowed on secret"
+        );
+        AllowanceVoucher memory aliceSessionVoucherForBob = AllowanceVoucher({
+            sessionNonce: bytes32(0),
+            verifyingContract: address(sessionVerifier),
+            callFunction: SessionVerifier.canUseSession.selector,
+            sharerArgData: abi.encode(
+                Session({decrypter: bob, expiresAt: block.timestamp + 1 days})
+            )
+        });
+        AllowanceProof memory bobsProof = getBobsProof(
+            aliceSessionVoucherForBob
+        );
+        assertTrue(
+            incoVerifier.isAllowedWithProof(secretHandle, bob, bobsProof),
+            "bob should be allowed on secret with proof"
+        );
+        vm.prank(bob);
+        inco.claimHandle(secretHandle, bobsProof);
+        assertTrue(
+            inco.persistAllowed(secretHandle, bob),
+            "bob should have claimed persistent allowance on secret"
+        );
+    }
+    function testVoucherSessionIdCheck() public {
+        DoesNotVerifyAnything verifier = new DoesNotVerifyAnything();
+        AllowanceVoucher memory voucher = AllowanceVoucher({
+            sessionNonce: bytes32(0),
+            verifyingContract: address(verifier),
+            callFunction: verifier.someCheck.selector,
+            sharerArgData: ""
+        });
+        AllowanceProof memory bobsFirstProof = getBobsProof(voucher);
+        assertTrue(
+            incoVerifier.isAllowedWithProof(secretHandle, bob, bobsFirstProof),
+            "the initial vouchers session nonce should be 0"
+        );
+        bytes32 madeUpNonce = bytes32(bytes4(0xdeadbeef));
+        voucher = AllowanceVoucher({
+            sessionNonce: madeUpNonce,
+            verifyingContract: address(verifier),
+            callFunction: verifier.someCheck.selector,
+            sharerArgData: ""
+        });
+        AllowanceProof memory invalidBobProof = getBobsProof(voucher);
+        // the session nonce should be checked by inco
+        vm.expectRevert(
+            abi.encodeWithSelector(
+                AdvancedAccessControl.InvalidVoucherSessionNonce.selector,
+                madeUpNonce,
+                bytes32(0)
+            )
+        );
+        incoVerifier.isAllowedWithProof(secretHandle, bob, invalidBobProof);
+        vm.prank(alice);
+        incoVerifier.updateActiveVouchersSessionNonce();
+        bytes32 alicesNewNonce = incoVerifier.getActiveVouchersSessionNonce(
+            alice
+        );
+        // previously valid voucher should now be invalid
+        vm.expectRevert(
+            abi.encodeWithSelector(
+                AdvancedAccessControl.InvalidVoucherSessionNonce.selector,
+                bytes32(0),
+                alicesNewNonce
+            )
+        );
+        incoVerifier.isAllowedWithProof(secretHandle, bob, bobsFirstProof);
+        voucher = AllowanceVoucher({
+            sessionNonce: alicesNewNonce,
+            verifyingContract: address(verifier),
+            callFunction: verifier.someCheck.selector,
+            sharerArgData: ""
+        });
+        AllowanceProof memory bobsSecondProof = getBobsProof(voucher);
+        assertTrue(
+            incoVerifier.isAllowedWithProof(secretHandle, bob, bobsSecondProof),
+            "the voucher should signed with the new nonce should be valid"
+        );
+    }
+    function testSessionVerifierAreCorrectlyCalledAsCheckers() public {
+        SomeVerifier verifier = new SomeVerifier();
+        AllowanceVoucher memory voucher = AllowanceVoucher({
+            sessionNonce: bytes32(0),
+            verifyingContract: address(verifier),
+            callFunction: verifier.someCheck.selector,
+            sharerArgData: abi.encode(
+                SomeVerifier.SharerArg({
+                    handleShared: secretHandle,
+                    allowedAccount: bob
+                })
+            )
+        });
+        AllowanceProof memory bobsProof = AllowanceProof({
+            sharer: alice,
+            voucher: voucher,
+            voucherSignature: getAliceSig(voucher),
+            requesterArgData: abi.encode(
+                SomeVerifier.RequesterArg({mustBeBeef: bytes2(0xbeef)})
+            )
+        });
+        assertTrue(
+            incoVerifier.isAllowedWithProof(secretHandle, bob, bobsProof),
+            "bob should be allowed on secret with proof"
+        );
+        bobsProof = AllowanceProof({
+            sharer: alice,
+            voucher: voucher,
+            voucherSignature: getAliceSig(voucher),
+            requesterArgData: abi.encode(
+                SomeVerifier.RequesterArg({mustBeBeef: bytes2(0xbebe)})
+            )
+        });
+        assertFalse(
+            incoVerifier.isAllowedWithProof(secretHandle, bob, bobsProof),
+            "all parameters should be checked"
+        );
+    }
+    function getBobsProof(
+        AllowanceVoucher memory alicesVoucher
+    ) private view returns (AllowanceProof memory) {
+        bytes memory voucherSignature = getAliceSig(alicesVoucher);
+        return
+            AllowanceProof({
+                sharer: alice,
+                voucher: alicesVoucher,
+                voucherSignature: voucherSignature,
+                requesterArgData: ""
+            });
+    }
+    function getAliceSig(
+        AllowanceVoucher memory voucher
+    ) private view returns (bytes memory) {
+        return
+            getSignatureForDigest(
+                incoVerifier.allowanceVoucherDigest(voucher),
+                alicePrivKey
+            );
+    }
+}

package/src/lightning-parts/AccessControl/test/TestBaseAccessControl.t.sol CHANGED Viewed

@@ -2,11 +2,12 @@
 pragma solidity ^0.8;
 import {BaseAccessControlList} from "../BaseAccessControlList.sol";
-import {inco, e, euint256} from "@inco/lightning/src/Lib.sol";
-import {IncoTest} from "@inco/lightning/src/test/IncoTest.sol";
+import {VerifierAddressGetter} from "../../primitives/VerifierAddressGetter.sol";
+import {euint256, inco} from "../../../Lib.sol";
+import {IncoTest} from "../../../test/IncoTest.sol";
 contract TestBaseAccessControl is BaseAccessControlList, IncoTest {
-    using e for euint256;
+    constructor() VerifierAddressGetter(address(0)) {}
     function testHandleZeroIsDisallowed() public view {
         bytes32 handle = bytes32(0);

package/src/lightning-parts/DecryptionAttester.sol ADDED Viewed

@@ -0,0 +1,45 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+import {DecryptionAttestation} from "./DecryptionAttester.types.sol";
+import {EIP712Upgradeable} from "@openzeppelin/contracts-upgradeable/utils/cryptography/EIP712Upgradeable.sol";
+import {SignatureVerifier} from "./primitives/SignatureVerifier.sol";
+import {IDecryptionAttester} from "./interfaces/IDecryptionAttester.sol";
+// todo pre charging transient decrypted values leads to a superior DevX
+// todo #1032 add DecryptionAttester to IncoVerifier, will include signature verifier as well and fix #874
+abstract contract DecryptionAttester is
+    IDecryptionAttester,
+    SignatureVerifier,
+    EIP712Upgradeable
+{
+    bytes32 constant DecryptionAttestationStructHash =
+        keccak256("DecryptionAttestation(bytes32 handle,bytes32 value)");
+    function decryptionAttestationDigest(
+        DecryptionAttestation memory decryption
+    ) public view returns (bytes32) {
+        return
+            _hashTypedDataV4(
+                keccak256(
+                    abi.encode(
+                        DecryptionAttestationStructHash,
+                        decryption.handle,
+                        decryption.value
+                    )
+                )
+            );
+    }
+    function isValidDecryptionAttestation(
+        DecryptionAttestation memory decryption,
+        bytes memory signature
+    ) public view returns (bool) {
+        return
+            isValidSignature(
+                decryptionAttestationDigest(decryption),
+                signature
+            );
+    }
+}

package/src/lightning-parts/DecryptionAttester.types.sol ADDED Viewed

@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+struct DecryptionAttestation {
+    bytes32 handle;
+    bytes32 value; // encoded bool or uint256 // todo switch this to bytes
+}

package/src/lightning-parts/EncryptedInput.sol CHANGED Viewed

@@ -4,17 +4,16 @@ pragma solidity ^0.8;
 import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
 import {EventCounter} from "./primitives/EventCounter.sol";
 import {HandleGeneration} from "./primitives/HandleGeneration.sol";
-import {euint256, ebool, eaddress, EOps, ETypes, EVM_HOST_CHAIN_PREFIX, HANDLE_VERSION, HANDLE_INDEX} from "../Types.sol";
-import {IEncryptedInputGen} from "./EncryptedInput.gen.sol";
+import {euint256, ebool, eaddress, ETypes} from "../Types.sol";
+import {IEncryptedInput} from "./interfaces/IEncryptedInput.sol";
 import {HandleAlreadyExists} from "../Errors.sol";
 abstract contract EncryptedInput is
-    IEncryptedInputGen,
+    IEncryptedInput,
     BaseAccessControlList,
     EventCounter,
     HandleGeneration
 {
     event NewInput(
         bytes32 indexed result,
         address indexed contractAddress,
@@ -42,7 +41,10 @@ abstract contract EncryptedInput is
         bytes memory ciphertext,
         address user
     ) external returns (eaddress newValue) {
-        return eaddress.wrap(newInput(ciphertext, user, ETypes.AddressOrUint160OrBytes20));
+        return
+            eaddress.wrap(
+                newInput(ciphertext, user, ETypes.AddressOrUint160OrBytes20)
+            );
     }
     function newInput(
@@ -58,14 +60,7 @@ abstract contract EncryptedInput is
         allowInternal(newHandle, user);
         allowTransientInternal(newHandle, msg.sender);
         uint256 id = getNextEventId();
-        emit NewInput(
-            newHandle,
-            msg.sender,
-            user,
-            inputType,
-            ciphertext,
-            id
-        );
+        emit NewInput(newHandle, msg.sender, user, inputType, ciphertext, id);
         setDigest(abi.encodePacked(newHandle, id));
     }
 }

package/src/lightning-parts/EncryptedOperations.sol CHANGED Viewed

@@ -5,10 +5,10 @@ import {euint256, ebool, EOps, SenderNotAllowedForHandle, ETypes, isTypeSupporte
 import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
 import {EventCounter} from "./primitives/EventCounter.sol";
 import {HandleGeneration} from "./primitives/HandleGeneration.sol";
-import {IEncryptedOperationsGen} from "./EncryptedOperations.gen.sol";
+import {IEncryptedOperations} from "./interfaces/IEncryptedOperations.sol";
 abstract contract EncryptedOperations is
-    IEncryptedOperationsGen,
+    IEncryptedOperations,
     BaseAccessControlList,
     EventCounter,
     HandleGeneration