@keetanetwork/keetanet-client 0.16.2 → 0.18.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/client/builder.d.ts +23 -10
- package/client/index-browser.d.ts +1 -1
- package/client/index-browser.js +597 -182
- package/client/index.d.ts +1 -1
- package/client/index.js +588 -161
- package/docs/assets/hierarchy.js +1 -1
- package/docs/assets/navigation.js +1 -1
- package/docs/assets/search.js +1 -1
- package/docs/classes/KeetaNetSDK.Client.html +4 -4
- package/docs/classes/KeetaNetSDK.Referenced.BaseSet.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BaseVoteBuilder.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.Block.html +3 -3
- package/docs/classes/KeetaNetSDK.Referenced.BlockBuilder.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockHash.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperation.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationCREATE_IDENTIFIER.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationMANAGE_CERTIFICATE.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationMODIFY_PERMISSIONS.html +2 -2
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationRECEIVE.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationSEND.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationSET_INFO.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationSET_REP.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationTOKEN_ADMIN_MODIFY_BALANCE.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.BlockOperationTOKEN_ADMIN_SUPPLY.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.Certificate.html +1 -4
- package/docs/classes/KeetaNetSDK.Referenced.CertificateHash.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSAKeyPair.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256K1KeyPair.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256K1PrivateKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256K1PublicKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256K1Signature.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256R1KeyPair.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256R1PrivateKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256R1PublicKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ECDSASECP256R1Signature.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ED25519KeyPair.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ED25519PrivateKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ED25519PublicKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ED25519Signature.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ExternalKeyPair.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.ExternalSet.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.IdempotentKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.IdentifierKey.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.IdentifierKeyPair.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.KeetaNetError.html +2 -2
- package/docs/classes/KeetaNetSDK.Referenced.KeetaNetErrorBase.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.KeetaNetLedgerError.html +2 -2
- package/docs/classes/KeetaNetSDK.Referenced.KeetaNetLedgerIdempotentKeyError.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.KeetaNetLedgerVoteError.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.KeyInterface.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.KeyStorage.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.Ledger.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.LedgerAtomicInterface.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.PermissionSetHolder.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.PossiblyExpiredVote.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.PossiblyUnsignedBlock.html +3 -3
- package/docs/classes/KeetaNetSDK.Referenced.SignatureStorage.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.Stats.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.StatsPending.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.UnsignedBlock.html +3 -3
- package/docs/classes/KeetaNetSDK.Referenced.UserClientBuilder.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.Vote.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteBlockBundle.html +2 -2
- package/docs/classes/KeetaNetSDK.Referenced.VoteBlockHash.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteBuilder.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteHash.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteLikeBase.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteQuote.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteQuoteBuilder.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.VoteStaple.html +2 -2
- package/docs/classes/KeetaNetSDK.Referenced.VoteStapleHash.html +1 -1
- package/docs/classes/KeetaNetSDK.Referenced.src_lib_utils_buffer.BufferStorage.html +1 -1
- package/docs/classes/KeetaNetSDK.UserClient.html +6 -6
- package/docs/hierarchy.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ASN1ExplicitContextTag.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ASN1ImplicitContextTag.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ASN1Object.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.AccountACLRow.html +11 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.AccountComputedEffect.html +4 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.BaseACLRow.html +9 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.BaseAccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BaseExternalKeyPairFunctions.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BaseGenerationConfig.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BaseIdentifierAccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BaseIdentifierCreateArguments.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperation.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationCREATE_IDENTIFIER.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationMANAGE_CERTIFICATE.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationMODIFY_PERMISSIONS.html +2 -2
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationRECEIVE.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationSEND.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationSET_INFO.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationSET_REP.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationTOKEN_ADMIN_MODIFY_BALANCE.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockJSONOperationTOKEN_ADMIN_SUPPLY.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockV1Canonical.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.BlockV2Canonical.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.CertificateACLPrincipal.html +4 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.CertificateACLRow.html +11 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.CertificateComputedEffect.html +5 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.ComputedBlocksEffectFields.html +2 -2
- package/docs/interfaces/KeetaNetSDK.Referenced.Constructor.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.DisposableTimingHandle.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ECDSA_SECP256K1AccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ECDSA_SECP256R1AccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ED25519AccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ExternalKeyPairFunctionsNoEncryption.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ExternalKeyPairFunctionsSupportsEncryption.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.InitialConfigSupply.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.InstanceSet.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.KVGenericOptionsType.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.KVSetOptionsType.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.LedgerStorageAPI.html +3 -3
- package/docs/interfaces/KeetaNetSDK.Referenced.ListACLsByEntityFilters.html +4 -0
- package/docs/interfaces/KeetaNetSDK.Referenced.ModifyTokenBalanceEntry.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.MultiSigIdentifierCreateArguments.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.MultisigAccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.MultisigConfig.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.NetworkAccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.NumericValueEntry.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.P2PPeerBase.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.P2PPeerListener.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.P2PPeerRepBase.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.PendingOperations.html +2 -2
- package/docs/interfaces/KeetaNetSDK.Referenced.PendingOperationsJSON.html +2 -2
- package/docs/interfaces/KeetaNetSDK.Referenced.PrincipalACLWithInfoParsed.html +2 -7
- package/docs/interfaces/KeetaNetSDK.Referenced.PublicKeyStorage.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.PublishOptions.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.RequestTokenReceiveEntry.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.StorageAccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.TokenAccountInfo.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.TokenNumericEntry.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.UserClientConfig.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.UserClientOptions.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.VoteStapleJSON.html +2 -2
- package/docs/interfaces/KeetaNetSDK.Referenced.WithIsInstance.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.src_lib_utils_asn1.ASN1BitString.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.src_lib_utils_asn1.ASN1Date.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.src_lib_utils_asn1.ASN1OID.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.src_lib_utils_asn1.ASN1Set.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.src_lib_utils_asn1.ASN1String.html +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.src_lib_utils_asn1.ASN1Struct.html +1 -1
- package/docs/modules/KeetaNetSDK.Referenced.html +1 -1
- package/docs/types/KeetaNetSDK.Referenced.ACLEntryUnparsed.html +1 -5
- package/docs/types/KeetaNetSDK.Referenced.ACLPermissionRequirement.html +2 -0
- package/docs/types/KeetaNetSDK.Referenced.ACLPrincipalType.html +1 -0
- package/docs/types/KeetaNetSDK.Referenced.ACLRow.html +2 -0
- package/docs/types/KeetaNetSDK.Referenced.ACLUpdate.html +5 -0
- package/docs/types/KeetaNetSDK.Referenced.ComputedBlockEffect.html +2 -0
- package/docs/types/KeetaNetSDK.Referenced.ComputedEffectOfBlocks.html +2 -2
- package/docs/types/KeetaNetSDK.Referenced.ComputedEffectOfBlocksByEntity.html +2 -0
- package/docs/types/KeetaNetSDK.Referenced.ModifyPermissionsPrincipal.html +1 -0
- package/docs/types/KeetaNetSDK.Referenced.ModifyPermissionsPrincipalInput.html +1 -0
- package/docs/variables/KeetaNetSDK.Referenced.BlockOperationASN1Schema.html +2 -2
- package/docs/variables/KeetaNetSDK.Referenced.FullLedgerBaseErrorCode.html +1 -1
- package/docs/variables/KeetaNetSDK.Referenced.aclPrincipalType.html +1 -0
- package/docs/variables/KeetaNetSDK.Referenced.allFullErrorCodes.html +1 -1
- package/lib/block/index.d.ts +14 -2
- package/lib/block/operations.d.ts +40 -4
- package/lib/error/block.d.ts +2 -2
- package/lib/error/index.d.ts +1 -1
- package/lib/error/ledger.d.ts +3 -3
- package/lib/ledger/common.d.ts +7 -5
- package/lib/ledger/db_dynamodb.d.ts +2 -2
- package/lib/ledger/db_postgres.d.ts +3 -3
- package/lib/ledger/db_spanner.d.ts +3 -3
- package/lib/ledger/db_spanner_helper.d.ts +23 -3
- package/lib/ledger/db_sqlite.d.ts +3 -3
- package/lib/ledger/effects.d.ts +17 -9
- package/lib/ledger/index.d.ts +14 -5
- package/lib/ledger/types.d.ts +38 -14
- package/lib/log/target_gcp.js +19 -17
- package/lib/utils/certificate.d.ts +0 -1
- package/lib/utils/external-keys/gcp-kms-wrapped.d.ts +85 -0
- package/lib/utils/external-keys/gcp-kms-wrapped.js +453 -0
- package/lib/utils/external-keys/gcp-kms.common.d.ts +17 -0
- package/lib/utils/external-keys/gcp-kms.d.ts +4 -9
- package/lib/utils/external-keys/gcp-kms.js +52 -39
- package/lib/utils/external-keys/passkey-prf.d.ts +42 -1
- package/lib/utils/external-keys/passkey-prf.js +107 -13
- package/lib/utils/helper_testing.d.ts +10 -0
- package/lib/vote.d.ts +7 -1
- package/npm-shrinkwrap.json +24 -24
- package/package.json +1 -1
- package/version.d.ts +1 -1
- package/docs/interfaces/KeetaNetSDK.Referenced.ACLEntry.html +0 -10
- package/docs/interfaces/KeetaNetSDK.Referenced.ACLRow.html +0 -10
- package/docs/interfaces/KeetaNetSDK.Referenced.ACLUpdate.html +0 -12
- package/docs/interfaces/KeetaNetSDK.Referenced.ComputedBlockEffect.html +0 -4
- package/docs/types/KeetaNetSDK.Referenced.ComputedEffectOfBlocksByAccount.html +0 -2
package/client/index.js
CHANGED
|
@@ -57418,14 +57418,28 @@ class UserClientBuilder {
|
|
|
57418
57418
|
}
|
|
57419
57419
|
if (operations.permissionsChanges !== undefined) {
|
|
57420
57420
|
pendingOperations.permissionsChanges = {};
|
|
57421
|
-
for (const
|
|
57422
|
-
pendingOperations.permissionsChanges[
|
|
57423
|
-
|
|
57421
|
+
for (const [certificateOrAccountKey, changes] of Object.entries(operations.permissionsChanges)) {
|
|
57422
|
+
pendingOperations.permissionsChanges[certificateOrAccountKey] = {
|
|
57423
|
+
principal: (() => {
|
|
57424
|
+
if (typeof changes.principal === 'string') {
|
|
57425
|
+
return (account_1.Account.toAccount(changes.principal));
|
|
57426
|
+
}
|
|
57427
|
+
else {
|
|
57428
|
+
return ({
|
|
57429
|
+
usingCertificate: true,
|
|
57430
|
+
certificate: new certificate_1.Certificate.Hash(changes.principal.certificate),
|
|
57431
|
+
certificateAccount: account_1.Account.toAccount(changes.principal.certificateAccount)
|
|
57432
|
+
});
|
|
57433
|
+
}
|
|
57434
|
+
})(),
|
|
57435
|
+
targets: {}
|
|
57436
|
+
};
|
|
57437
|
+
for (const targetPubKey in changes.targets) {
|
|
57424
57438
|
const updateArray = [];
|
|
57425
|
-
for (const { method, permissions } of
|
|
57439
|
+
for (const { method, permissions } of changes.targets[targetPubKey]) {
|
|
57426
57440
|
updateArray.push({ method, permissions: permissions_1.Permissions.FromAcceptedTypes(permissions) });
|
|
57427
57441
|
}
|
|
57428
|
-
pendingOperations.permissionsChanges[
|
|
57442
|
+
pendingOperations.permissionsChanges[certificateOrAccountKey].targets[targetPubKey] = updateArray;
|
|
57429
57443
|
}
|
|
57430
57444
|
}
|
|
57431
57445
|
}
|
|
@@ -57802,9 +57816,9 @@ class UserClientBuilder {
|
|
|
57802
57816
|
amount: amount
|
|
57803
57817
|
});
|
|
57804
57818
|
}
|
|
57805
|
-
for (const
|
|
57806
|
-
for (const targetPubKey in
|
|
57807
|
-
for (const change of
|
|
57819
|
+
for (const { targets, principal } of Object.values(pending.permissionsChanges ?? {})) {
|
|
57820
|
+
for (const targetPubKey in targets) {
|
|
57821
|
+
for (const change of targets[targetPubKey]) {
|
|
57808
57822
|
const { method, permissions } = change;
|
|
57809
57823
|
let target;
|
|
57810
57824
|
if (!account.comparePublicKey(targetPubKey)) {
|
|
@@ -57812,7 +57826,18 @@ class UserClientBuilder {
|
|
|
57812
57826
|
}
|
|
57813
57827
|
operations.push({
|
|
57814
57828
|
type: block_1.Block.OperationType.MODIFY_PERMISSIONS,
|
|
57815
|
-
principal:
|
|
57829
|
+
principal: (() => {
|
|
57830
|
+
if (account_1.Account.isInstance(principal)) {
|
|
57831
|
+
return (principal);
|
|
57832
|
+
}
|
|
57833
|
+
else {
|
|
57834
|
+
return ({
|
|
57835
|
+
usingCertificate: true,
|
|
57836
|
+
certificateHash: principal.certificate,
|
|
57837
|
+
certificateAccount: principal.certificateAccount
|
|
57838
|
+
});
|
|
57839
|
+
}
|
|
57840
|
+
})(),
|
|
57816
57841
|
target: target,
|
|
57817
57842
|
method: method,
|
|
57818
57843
|
permissions: permissions
|
|
@@ -57860,18 +57885,24 @@ class UserClientBuilder {
|
|
|
57860
57885
|
updatePermissions(principal, permissions, target, method, options = {}) {
|
|
57861
57886
|
__classPrivateFieldGet(this, _UserClientBuilder_instances, "m", _UserClientBuilder_useOptions).call(this, options);
|
|
57862
57887
|
method = method ?? block_1.Block.AdjustMethod.SET;
|
|
57863
|
-
|
|
57864
|
-
|
|
57888
|
+
let principalKey;
|
|
57889
|
+
if (typeof principal === 'string' || account_1.Account.isInstance(principal)) {
|
|
57890
|
+
principalKey = account_1.Account.toAccount(principal).publicKeyString.get();
|
|
57891
|
+
}
|
|
57892
|
+
else {
|
|
57893
|
+
principalKey = principal.certificate.toString();
|
|
57894
|
+
}
|
|
57865
57895
|
if (!__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges) {
|
|
57866
57896
|
__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges = {};
|
|
57867
57897
|
}
|
|
57868
|
-
if (!__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[
|
|
57869
|
-
__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[
|
|
57898
|
+
if (!__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[principalKey]) {
|
|
57899
|
+
__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[principalKey] = { principal, targets: {} };
|
|
57870
57900
|
}
|
|
57871
|
-
|
|
57872
|
-
|
|
57901
|
+
const targetPubKey = (target ?? __classPrivateFieldGet(this, _UserClientBuilder_pendingOptions, "f").account).publicKeyString.get();
|
|
57902
|
+
if (!__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[principalKey].targets[targetPubKey]) {
|
|
57903
|
+
__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[principalKey].targets[targetPubKey] = [];
|
|
57873
57904
|
}
|
|
57874
|
-
__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[
|
|
57905
|
+
__classPrivateFieldGet(this, _UserClientBuilder_pendingOperations, "f").permissionsChanges[principalKey].targets[targetPubKey].push({
|
|
57875
57906
|
method: method,
|
|
57876
57907
|
permissions: permissions_1.Permissions.FromAcceptedTypes(permissions)
|
|
57877
57908
|
});
|
|
@@ -58172,6 +58203,7 @@ const certificate_1 = __webpack_require__(5661);
|
|
|
58172
58203
|
const certificate_2 = __webpack_require__(5661);
|
|
58173
58204
|
const vote_1 = __webpack_require__(1130);
|
|
58174
58205
|
const ledger_1 = __webpack_require__(452);
|
|
58206
|
+
const never_1 = __webpack_require__(8692);
|
|
58175
58207
|
function isGetAccountStateAPIResponseFailure(object) {
|
|
58176
58208
|
if (typeof object !== 'object' || object === null) {
|
|
58177
58209
|
return (false);
|
|
@@ -59898,12 +59930,33 @@ async function _Client_apiRaw(rep, api, method, options = {}) {
|
|
|
59898
59930
|
});
|
|
59899
59931
|
}, _Client_parsePermissionEntries = function _Client_parsePermissionEntries(entries) {
|
|
59900
59932
|
return (entries.map(entry => {
|
|
59901
|
-
|
|
59902
|
-
principal: lib_1.default.Account.fromPublicKeyString(entry.principal),
|
|
59933
|
+
const shared = {
|
|
59903
59934
|
entity: lib_1.default.Account.fromPublicKeyString(entry.entity),
|
|
59904
59935
|
permissions: __classPrivateFieldGet(this, _Client_instances, "m", _Client_parseResponsePermissions).call(this, entry.permissions),
|
|
59905
59936
|
target: lib_1.default.Account.fromPublicKeyString(entry.target)
|
|
59906
|
-
}
|
|
59937
|
+
};
|
|
59938
|
+
if (entry.principalType === 'ACCOUNT') {
|
|
59939
|
+
return ({
|
|
59940
|
+
principalType: 'ACCOUNT',
|
|
59941
|
+
principal: lib_1.default.Account.fromPublicKeyString(entry.principal),
|
|
59942
|
+
...shared
|
|
59943
|
+
});
|
|
59944
|
+
}
|
|
59945
|
+
else if (entry.principalType === 'CERTIFICATE') {
|
|
59946
|
+
return ({
|
|
59947
|
+
principalType: 'CERTIFICATE',
|
|
59948
|
+
principal: {
|
|
59949
|
+
usingCertificate: true,
|
|
59950
|
+
certificate: new certificate_1.Certificate.Hash(entry.principal.certificate),
|
|
59951
|
+
certificateAccount: lib_1.default.Account.fromPublicKeyString(entry.principal.certificateAccount)
|
|
59952
|
+
},
|
|
59953
|
+
...shared
|
|
59954
|
+
});
|
|
59955
|
+
}
|
|
59956
|
+
else {
|
|
59957
|
+
(0, never_1.assertNever)(entry);
|
|
59958
|
+
}
|
|
59959
|
+
throw (new Error('Unknown ACL Entry Type'));
|
|
59907
59960
|
}));
|
|
59908
59961
|
}, _Client_mapCertificateWithBundleResult = function _Client_mapCertificateWithBundleResult(input) {
|
|
59909
59962
|
let intermediates = null;
|
|
@@ -60209,7 +60262,9 @@ class UserClient {
|
|
|
60209
60262
|
principals.push(operation.to);
|
|
60210
60263
|
break;
|
|
60211
60264
|
case operations_1.OperationType.MODIFY_PERMISSIONS:
|
|
60212
|
-
|
|
60265
|
+
if (account_1.default.isInstance(operation.principal)) {
|
|
60266
|
+
principals.push(operation.principal);
|
|
60267
|
+
}
|
|
60213
60268
|
break;
|
|
60214
60269
|
case operations_1.OperationType.CREATE_IDENTIFIER:
|
|
60215
60270
|
principals.push(operation.identifier);
|
|
@@ -60539,7 +60594,14 @@ class UserClient {
|
|
|
60539
60594
|
*/
|
|
60540
60595
|
async updatePermissions(principal, permissions, target, method, options = {}) {
|
|
60541
60596
|
const builder = this.initBuilder(options);
|
|
60542
|
-
|
|
60597
|
+
let principalValue;
|
|
60598
|
+
if (typeof principal === 'string' || account_1.default.isInstance(principal)) {
|
|
60599
|
+
principalValue = account_1.default.toAccount(principal);
|
|
60600
|
+
}
|
|
60601
|
+
else {
|
|
60602
|
+
principalValue = principal;
|
|
60603
|
+
}
|
|
60604
|
+
builder.updatePermissions(principalValue, permissions, account_1.default.toAccount(target), method, options);
|
|
60543
60605
|
return (await this.publishBuilder(builder));
|
|
60544
60606
|
}
|
|
60545
60607
|
/**
|
|
@@ -61167,7 +61229,7 @@ exports.baseValidationConfig = {
|
|
|
61167
61229
|
},
|
|
61168
61230
|
blockOperations: {
|
|
61169
61231
|
external: {
|
|
61170
|
-
maxLength:
|
|
61232
|
+
maxLength: 1024,
|
|
61171
61233
|
regex: /^[-_A-Za-z0-9+/= ]+$/,
|
|
61172
61234
|
canBeEmpty: true
|
|
61173
61235
|
},
|
|
@@ -64448,7 +64510,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
|
|
|
64448
64510
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
64449
64511
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
64450
64512
|
};
|
|
64451
|
-
var _BlockOperationSEND_instances, _BlockOperationSEND_to, _BlockOperationSEND_amount, _BlockOperationSEND_token, _BlockOperationSEND_computeToken, _BlockOperationRECEIVE_instances, _BlockOperationRECEIVE_amount, _BlockOperationRECEIVE_token, _BlockOperationRECEIVE_from, _BlockOperationRECEIVE_forward, _BlockOperationRECEIVE_exact, _BlockOperationRECEIVE_computeExact, _BlockOperationRECEIVE_computeForward, _BlockOperationRECEIVE_computeToken, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_instances, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_token, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_method, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_amount, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_computeToken, _BlockOperationSET_REP_to, _BlockOperationCREATE_IDENTIFIER_instances, _BlockOperationCREATE_IDENTIFIER_identifier, _BlockOperationCREATE_IDENTIFIER_createArguments, _BlockOperationCREATE_IDENTIFIER_computeIdentifier, _BlockOperationCREATE_IDENTIFIER_computeCreateArguments, _BlockOperationSET_INFO_instances, _BlockOperationSET_INFO_name, _BlockOperationSET_INFO_description, _BlockOperationSET_INFO_metadata, _BlockOperationSET_INFO_defaultPermission, _BlockOperationSET_INFO_validateNameDesc, _BlockOperationMODIFY_PERMISSIONS_instances, _BlockOperationMODIFY_PERMISSIONS_principal, _BlockOperationMODIFY_PERMISSIONS_target, _BlockOperationMODIFY_PERMISSIONS_method, _BlockOperationMODIFY_PERMISSIONS_permissions, _BlockOperationMODIFY_PERMISSIONS_computePermissions, _BlockOperationTOKEN_ADMIN_SUPPLY_instances, _BlockOperationTOKEN_ADMIN_SUPPLY_amount, _BlockOperationTOKEN_ADMIN_SUPPLY_method, _BlockOperationTOKEN_ADMIN_SUPPLY_computeSupplyMethod, _BlockOperationMANAGE_CERTIFICATE_instances, _BlockOperationMANAGE_CERTIFICATE_certificateOrHash, _BlockOperationMANAGE_CERTIFICATE_intermediateCertificates, _BlockOperationMANAGE_CERTIFICATE_method, _BlockOperationMANAGE_CERTIFICATE_asCertificate, _BlockOperationMANAGE_CERTIFICATE_asIntermediateCertificates, _BlockOperationMANAGE_CERTIFICATE_computeCertificateMethod;
|
|
64513
|
+
var _BlockOperationSEND_instances, _BlockOperationSEND_to, _BlockOperationSEND_amount, _BlockOperationSEND_token, _BlockOperationSEND_computeToken, _BlockOperationRECEIVE_instances, _BlockOperationRECEIVE_amount, _BlockOperationRECEIVE_token, _BlockOperationRECEIVE_from, _BlockOperationRECEIVE_forward, _BlockOperationRECEIVE_exact, _BlockOperationRECEIVE_computeExact, _BlockOperationRECEIVE_computeForward, _BlockOperationRECEIVE_computeToken, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_instances, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_token, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_method, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_amount, _BlockOperationTOKEN_ADMIN_MODIFY_BALANCE_computeToken, _BlockOperationSET_REP_to, _BlockOperationCREATE_IDENTIFIER_instances, _BlockOperationCREATE_IDENTIFIER_identifier, _BlockOperationCREATE_IDENTIFIER_createArguments, _BlockOperationCREATE_IDENTIFIER_computeIdentifier, _BlockOperationCREATE_IDENTIFIER_computeCreateArguments, _BlockOperationSET_INFO_instances, _BlockOperationSET_INFO_name, _BlockOperationSET_INFO_description, _BlockOperationSET_INFO_metadata, _BlockOperationSET_INFO_defaultPermission, _BlockOperationSET_INFO_validateNameDesc, _BlockOperationMODIFY_PERMISSIONS_instances, _BlockOperationMODIFY_PERMISSIONS_principal, _BlockOperationMODIFY_PERMISSIONS_target, _BlockOperationMODIFY_PERMISSIONS_method, _BlockOperationMODIFY_PERMISSIONS_permissions, _BlockOperationMODIFY_PERMISSIONS_computePrincipal, _BlockOperationMODIFY_PERMISSIONS_computePermissions, _BlockOperationTOKEN_ADMIN_SUPPLY_instances, _BlockOperationTOKEN_ADMIN_SUPPLY_amount, _BlockOperationTOKEN_ADMIN_SUPPLY_method, _BlockOperationTOKEN_ADMIN_SUPPLY_computeSupplyMethod, _BlockOperationMANAGE_CERTIFICATE_instances, _BlockOperationMANAGE_CERTIFICATE_certificateOrHash, _BlockOperationMANAGE_CERTIFICATE_intermediateCertificates, _BlockOperationMANAGE_CERTIFICATE_method, _BlockOperationMANAGE_CERTIFICATE_asCertificate, _BlockOperationMANAGE_CERTIFICATE_asIntermediateCertificates, _BlockOperationMANAGE_CERTIFICATE_computeCertificateMethod;
|
|
64452
64514
|
Object.defineProperty(exports, "__esModule", ({ value: true }));
|
|
64453
64515
|
exports.Operation = exports.BlockOperationASN1Schema = exports.OperationType = void 0;
|
|
64454
64516
|
exports.createBlockOperation = createBlockOperation;
|
|
@@ -64506,6 +64568,9 @@ function operationTypeToNumber(str) {
|
|
|
64506
64568
|
}
|
|
64507
64569
|
return (type);
|
|
64508
64570
|
}
|
|
64571
|
+
const ModifyPermissionsPrincipalContextSpecificTagValues = {
|
|
64572
|
+
CERTIFICATE: 1
|
|
64573
|
+
};
|
|
64509
64574
|
function makeEncodeDecodePermission(emptyValue) {
|
|
64510
64575
|
return {
|
|
64511
64576
|
encode: (data) => {
|
|
@@ -64560,7 +64625,67 @@ const BlockOperationASN1SchemaBase = {
|
|
|
64560
64625
|
}
|
|
64561
64626
|
],
|
|
64562
64627
|
'MODIFY_PERMISSIONS': [
|
|
64563
|
-
{
|
|
64628
|
+
{
|
|
64629
|
+
name: 'principal',
|
|
64630
|
+
schema: {
|
|
64631
|
+
choice: [
|
|
64632
|
+
asn1_1.ValidateASN1.IsOctetString,
|
|
64633
|
+
{
|
|
64634
|
+
type: 'context',
|
|
64635
|
+
kind: 'explicit',
|
|
64636
|
+
value: ModifyPermissionsPrincipalContextSpecificTagValues.CERTIFICATE,
|
|
64637
|
+
contains: [
|
|
64638
|
+
/* Certificate Hash */
|
|
64639
|
+
asn1_1.ValidateASN1.IsOctetString,
|
|
64640
|
+
/* Certificate Issued To Account */
|
|
64641
|
+
asn1_1.ValidateASN1.IsOctetString
|
|
64642
|
+
]
|
|
64643
|
+
}
|
|
64644
|
+
]
|
|
64645
|
+
},
|
|
64646
|
+
encode(data) {
|
|
64647
|
+
if (account_1.default.isInstance(data)) {
|
|
64648
|
+
return (data.publicKeyAndType);
|
|
64649
|
+
}
|
|
64650
|
+
else if (data.usingCertificate) {
|
|
64651
|
+
return ({
|
|
64652
|
+
type: 'context',
|
|
64653
|
+
kind: 'explicit',
|
|
64654
|
+
value: ModifyPermissionsPrincipalContextSpecificTagValues.CERTIFICATE,
|
|
64655
|
+
contains: [
|
|
64656
|
+
data.certificateHash.getBuffer(),
|
|
64657
|
+
data.certificateAccount.publicKeyAndType
|
|
64658
|
+
]
|
|
64659
|
+
});
|
|
64660
|
+
}
|
|
64661
|
+
else {
|
|
64662
|
+
throw (new Error('Invalid principal type for MODIFY_PERMISSIONS operation'));
|
|
64663
|
+
}
|
|
64664
|
+
},
|
|
64665
|
+
decode(data) {
|
|
64666
|
+
if ((0, helper_1.isBuffer)(data)) {
|
|
64667
|
+
return (account_1.default.fromPublicKeyAndType(data));
|
|
64668
|
+
}
|
|
64669
|
+
else if (asn1_1.ASN1CheckUtilities.isASN1ContextTag(data, 'explicit')) {
|
|
64670
|
+
if (data.value === ModifyPermissionsPrincipalContextSpecificTagValues.CERTIFICATE) {
|
|
64671
|
+
if (!Array.isArray(data.contains) || data.contains.length !== 2) {
|
|
64672
|
+
throw (new Error('Invalid principal data for MODIFY_PERMISSIONS operation'));
|
|
64673
|
+
}
|
|
64674
|
+
const certificateHashData = data.contains[0];
|
|
64675
|
+
const certificateAccountData = data.contains[1];
|
|
64676
|
+
if (!(0, helper_1.isBuffer)(certificateHashData) || !(0, helper_1.isBuffer)(certificateAccountData)) {
|
|
64677
|
+
throw (new Error('Invalid certificate hash data for MODIFY_PERMISSIONS operation'));
|
|
64678
|
+
}
|
|
64679
|
+
return ({
|
|
64680
|
+
usingCertificate: true,
|
|
64681
|
+
certificateHash: new certificate_1.CertificateHash((0, helper_1.bufferToArrayBuffer)(certificateHashData)),
|
|
64682
|
+
certificateAccount: account_1.default.fromPublicKeyAndType(certificateAccountData)
|
|
64683
|
+
});
|
|
64684
|
+
}
|
|
64685
|
+
}
|
|
64686
|
+
throw (new Error('Invalid principal data for MODIFY_PERMISSIONS operation'));
|
|
64687
|
+
}
|
|
64688
|
+
},
|
|
64564
64689
|
{ name: 'method', schema: asn1_1.ValidateASN1.IsInteger },
|
|
64565
64690
|
{
|
|
64566
64691
|
name: 'permissions',
|
|
@@ -65258,7 +65383,7 @@ class BlockOperationMODIFY_PERMISSIONS extends BlockOperation {
|
|
|
65258
65383
|
if (input.type !== OperationType.MODIFY_PERMISSIONS) {
|
|
65259
65384
|
throw (new block_1.default('BLOCK_INVALID_TYPE', 'Invalid construction of BlockJSONOperationMODIFY_PERMISSIONS'));
|
|
65260
65385
|
}
|
|
65261
|
-
__classPrivateFieldSet(this, _BlockOperationMODIFY_PERMISSIONS_principal, this.
|
|
65386
|
+
__classPrivateFieldSet(this, _BlockOperationMODIFY_PERMISSIONS_principal, __classPrivateFieldGet(this, _BlockOperationMODIFY_PERMISSIONS_instances, "m", _BlockOperationMODIFY_PERMISSIONS_computePrincipal).call(this, input.principal), "f");
|
|
65262
65387
|
__classPrivateFieldSet(this, _BlockOperationMODIFY_PERMISSIONS_target, account_1.default.toAccount(input.target), "f");
|
|
65263
65388
|
__classPrivateFieldSet(this, _BlockOperationMODIFY_PERMISSIONS_method, (0, _1.toAdjustMethod)(input.method), "f");
|
|
65264
65389
|
__classPrivateFieldSet(this, _BlockOperationMODIFY_PERMISSIONS_permissions, __classPrivateFieldGet(this, _BlockOperationMODIFY_PERMISSIONS_instances, "m", _BlockOperationMODIFY_PERMISSIONS_computePermissions).call(this, input.permissions), "f");
|
|
@@ -65303,8 +65428,16 @@ class BlockOperationMODIFY_PERMISSIONS extends BlockOperation {
|
|
|
65303
65428
|
}
|
|
65304
65429
|
const { base } = this.permissions;
|
|
65305
65430
|
const baseFlagsString = `[${base.flags.join(',')}]`;
|
|
65306
|
-
if (
|
|
65307
|
-
|
|
65431
|
+
if (account_1.default.isInstance(this.principal)) {
|
|
65432
|
+
if (!base.checkAccountMatchesGroup('principal', this.principal)) {
|
|
65433
|
+
throw (new block_1.default('BLOCK_PERMISSIONS_INVALID_PRINCIPAL', `Incorrect principal for flags ${baseFlagsString}`));
|
|
65434
|
+
}
|
|
65435
|
+
}
|
|
65436
|
+
else {
|
|
65437
|
+
// If the principal is not an account, we only allow default permissions to be issued by a certificate principal
|
|
65438
|
+
if (!base.isValidForDefault) {
|
|
65439
|
+
throw (new block_1.default('BLOCK_PERMISSIONS_INVALID_DEFAULT', 'Invalid permissions, cannot use certificate principal with non-default permissions'));
|
|
65440
|
+
}
|
|
65308
65441
|
}
|
|
65309
65442
|
if (this.target && !base.checkAccountMatchesGroup('target', this.target)) {
|
|
65310
65443
|
throw (new block_1.default('BLOCK_PERMISSIONS_INVALID_TARGET', `Incorrect target for flags ${baseFlagsString}`));
|
|
@@ -65327,7 +65460,13 @@ class BlockOperationMODIFY_PERMISSIONS extends BlockOperation {
|
|
|
65327
65460
|
continue;
|
|
65328
65461
|
}
|
|
65329
65462
|
const { principal, target, method } = operation;
|
|
65330
|
-
|
|
65463
|
+
let principalKey;
|
|
65464
|
+
if (account_1.default.isInstance(principal)) {
|
|
65465
|
+
principalKey = principal.publicKeyString.get();
|
|
65466
|
+
}
|
|
65467
|
+
else {
|
|
65468
|
+
principalKey = `cert:${principal.certificateHash.get()}:${principal.certificateAccount.publicKeyString.get()}`;
|
|
65469
|
+
}
|
|
65331
65470
|
const targetKey = (target ?? block.account).publicKeyString.get();
|
|
65332
65471
|
if (!foundPrevious[principalKey]) {
|
|
65333
65472
|
foundPrevious[principalKey] = {};
|
|
@@ -65352,7 +65491,29 @@ class BlockOperationMODIFY_PERMISSIONS extends BlockOperation {
|
|
|
65352
65491
|
}));
|
|
65353
65492
|
}
|
|
65354
65493
|
}
|
|
65355
|
-
_BlockOperationMODIFY_PERMISSIONS_principal = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_target = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_method = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_permissions = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_instances = new WeakSet(),
|
|
65494
|
+
_BlockOperationMODIFY_PERMISSIONS_principal = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_target = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_method = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_permissions = new WeakMap(), _BlockOperationMODIFY_PERMISSIONS_instances = new WeakSet(), _BlockOperationMODIFY_PERMISSIONS_computePrincipal = function _BlockOperationMODIFY_PERMISSIONS_computePrincipal(principal) {
|
|
65495
|
+
if (typeof principal === 'string' || account_1.default.isInstance(principal)) {
|
|
65496
|
+
return (this.computeTo(principal));
|
|
65497
|
+
}
|
|
65498
|
+
else if (principal.usingCertificate) {
|
|
65499
|
+
const certificateAccount = account_1.default.toAccount(principal.certificateAccount);
|
|
65500
|
+
let certificateHash;
|
|
65501
|
+
if (certificate_1.CertificateHash.isInstance(principal.certificateHash)) {
|
|
65502
|
+
certificateHash = principal.certificateHash;
|
|
65503
|
+
}
|
|
65504
|
+
else {
|
|
65505
|
+
certificateHash = new certificate_1.CertificateHash(principal.certificateHash);
|
|
65506
|
+
}
|
|
65507
|
+
return ({
|
|
65508
|
+
usingCertificate: true,
|
|
65509
|
+
certificateHash,
|
|
65510
|
+
certificateAccount
|
|
65511
|
+
});
|
|
65512
|
+
}
|
|
65513
|
+
else {
|
|
65514
|
+
throw (new block_1.default('BLOCK_INVALID_PRINCIPAL', 'Invalid principal for MODIFY_PERMISSIONS'));
|
|
65515
|
+
}
|
|
65516
|
+
}, _BlockOperationMODIFY_PERMISSIONS_computePermissions = function _BlockOperationMODIFY_PERMISSIONS_computePermissions(permissions) {
|
|
65356
65517
|
if (!permissions) {
|
|
65357
65518
|
return (null);
|
|
65358
65519
|
}
|
|
@@ -65855,6 +66016,7 @@ exports.BlockErrorCodes = [
|
|
|
65855
66016
|
'INVALID_SIGNER',
|
|
65856
66017
|
'INVALID_TYPE',
|
|
65857
66018
|
'INVALID_VERSION',
|
|
66019
|
+
'INVALID_PRINCIPAL',
|
|
65858
66020
|
'NO_ADMIN_ON_TARGET',
|
|
65859
66021
|
'NO_DELEGATE_ADMIN',
|
|
65860
66022
|
'NO_DUPLICATE_CERTIFICATE_OPERATION',
|
|
@@ -66169,6 +66331,7 @@ exports.LedgerBaseErrorCodes = [
|
|
|
66169
66331
|
'INVALID_OWNER_COUNT',
|
|
66170
66332
|
'INVALID_BALANCE',
|
|
66171
66333
|
'INVALID_SET_REP',
|
|
66334
|
+
'INVALID_ACL_ROW_TYPE',
|
|
66172
66335
|
'OPERATION_NOT_SUPPORTED',
|
|
66173
66336
|
'NOT_EMPTY',
|
|
66174
66337
|
'PREVIOUS_ALREADY_USED',
|
|
@@ -66185,6 +66348,7 @@ exports.LedgerBaseErrorCodes = [
|
|
|
66185
66348
|
'DUPLICATE_VOTE_ISSUER_FOUND',
|
|
66186
66349
|
'OTHER',
|
|
66187
66350
|
'MISSING_BLOCKS',
|
|
66351
|
+
'CERTIFICATE_NOT_FOUND',
|
|
66188
66352
|
// Fee Errors
|
|
66189
66353
|
'FEE_AMOUNT_MISMATCH',
|
|
66190
66354
|
'FEE_TOKEN_MISMATCH',
|
|
@@ -66800,11 +66964,23 @@ const ledger_1 = __webpack_require__(452);
|
|
|
66800
66964
|
const helper_1 = __webpack_require__(3208);
|
|
66801
66965
|
const config_1 = __webpack_require__(1491);
|
|
66802
66966
|
const block_2 = __importDefault(__webpack_require__(7412));
|
|
66967
|
+
function areACLPrincipalEqual(a, b) {
|
|
66968
|
+
if (account_1.default.isInstance(a) || account_1.default.isInstance(b)) {
|
|
66969
|
+
if (!account_1.default.isInstance(a) || !account_1.default.isInstance(b)) {
|
|
66970
|
+
return (false);
|
|
66971
|
+
}
|
|
66972
|
+
return (a.comparePublicKey(b));
|
|
66973
|
+
}
|
|
66974
|
+
else {
|
|
66975
|
+
return (a.certificate.compareHexString(b.certificate) && a.certificateAccount.comparePublicKey(b.certificateAccount));
|
|
66976
|
+
}
|
|
66977
|
+
}
|
|
66803
66978
|
function findPermissionMatch(lookingFor, entries) {
|
|
66804
66979
|
const { principal, entity, target } = lookingFor;
|
|
66805
66980
|
let foundRow;
|
|
66806
66981
|
for (const entry of entries) {
|
|
66807
|
-
|
|
66982
|
+
// If principals do not match, we can skip
|
|
66983
|
+
if (!areACLPrincipalEqual(principal, entry.principal)) {
|
|
66808
66984
|
continue;
|
|
66809
66985
|
}
|
|
66810
66986
|
// We only care about permissions that have the same entity
|
|
@@ -66922,70 +67098,103 @@ async function computeLedgerEffect(options, effects, storageProvider, network, t
|
|
|
66922
67098
|
const resolved = await getAccountInfoPromises[accountPubKey];
|
|
66923
67099
|
return (resolved);
|
|
66924
67100
|
};
|
|
67101
|
+
const getCertificatePromises = {};
|
|
67102
|
+
const getCertificate = async (certificateHash, account) => {
|
|
67103
|
+
const promiseKey = `${certificateHash.toString()}-${account.publicKeyString.get()}`;
|
|
67104
|
+
if (getCertificatePromises[promiseKey] === undefined) {
|
|
67105
|
+
getCertificatePromises[promiseKey] = storageProvider.getAccountCertificateByHash(transaction, account, certificateHash);
|
|
67106
|
+
}
|
|
67107
|
+
return (await getCertificatePromises[promiseKey]);
|
|
67108
|
+
};
|
|
66925
67109
|
const getPermissionPromises = {};
|
|
66926
|
-
const getPermissions = async (
|
|
66927
|
-
|
|
67110
|
+
const getPermissions = async (principal, entityList) => {
|
|
67111
|
+
let promiseKey;
|
|
67112
|
+
if (account_1.default.isInstance(principal)) {
|
|
67113
|
+
promiseKey = `account-${principal.publicKeyString.get()}`;
|
|
67114
|
+
}
|
|
67115
|
+
else {
|
|
67116
|
+
promiseKey = `certificate-${principal.certificate.toString()}-${principal.certificateAccount.publicKeyString.get()}`;
|
|
67117
|
+
}
|
|
66928
67118
|
if (!entityList) {
|
|
66929
|
-
return (await getPermissionPromises[
|
|
67119
|
+
return (await getPermissionPromises[promiseKey]);
|
|
66930
67120
|
}
|
|
66931
|
-
if (getPermissionPromises[
|
|
67121
|
+
if (getPermissionPromises[promiseKey] !== undefined) {
|
|
66932
67122
|
throw (new Error('getPermissions() can only be called once per account'));
|
|
66933
67123
|
}
|
|
66934
|
-
getPermissionPromises[
|
|
66935
|
-
return (await getPermissionPromises[
|
|
67124
|
+
getPermissionPromises[promiseKey] = storageProvider.listACLsByPrincipal(transaction, principal, entityList);
|
|
67125
|
+
return (await getPermissionPromises[promiseKey]);
|
|
66936
67126
|
};
|
|
66937
67127
|
const prefetchPromises = [];
|
|
66938
|
-
for (const
|
|
66939
|
-
|
|
66940
|
-
|
|
66941
|
-
|
|
66942
|
-
|
|
66943
|
-
|
|
66944
|
-
if (computePermissions && fields.permissions) {
|
|
66945
|
-
const toReadEntity = new account_1.default.Set();
|
|
66946
|
-
for (const permUpdate of fields.permissions ?? []) {
|
|
66947
|
-
if (permUpdate.method === block_1.Block.AdjustMethod.SET || permUpdate.permissions === null) {
|
|
66948
|
-
toReadEntity.delete(permUpdate.entity);
|
|
66949
|
-
continue;
|
|
66950
|
-
}
|
|
66951
|
-
toReadEntity.add(permUpdate.entity);
|
|
67128
|
+
for (const effect of Object.values(effects)) {
|
|
67129
|
+
const fields = effect.fields;
|
|
67130
|
+
const toReadEntity = new account_1.default.Set();
|
|
67131
|
+
for (const permUpdate of fields.permissions ?? []) {
|
|
67132
|
+
if ((permUpdate.method === block_1.Block.AdjustMethod.ADD || permUpdate.method === block_1.Block.AdjustMethod.SET) && permUpdate.principalType === 'CERTIFICATE') {
|
|
67133
|
+
prefetchPromises.push(getCertificate(permUpdate.principal.certificate, permUpdate.principal.certificateAccount));
|
|
66952
67134
|
}
|
|
66953
|
-
|
|
67135
|
+
if (permUpdate.method === block_1.Block.AdjustMethod.SET || permUpdate.permissions === null) {
|
|
67136
|
+
toReadEntity.delete(permUpdate.entity);
|
|
67137
|
+
continue;
|
|
67138
|
+
}
|
|
67139
|
+
toReadEntity.add(permUpdate.entity);
|
|
66954
67140
|
}
|
|
66955
|
-
|
|
66956
|
-
|
|
66957
|
-
|
|
66958
|
-
if (isDelegating && computeWeights && getFinalNumericValues && canDelegate(account.keyType)) {
|
|
66959
|
-
requestedRep = true;
|
|
66960
|
-
prefetchPromises.push(getRep(account, getFinalNumericValues));
|
|
66961
|
-
prefetchPromises.push(getWeight(delegationField.delegateTo));
|
|
67141
|
+
let principal;
|
|
67142
|
+
if (effect.type === 'ACCOUNT') {
|
|
67143
|
+
principal = effect.account;
|
|
66962
67144
|
}
|
|
66963
|
-
|
|
66964
|
-
|
|
66965
|
-
|
|
66966
|
-
|
|
66967
|
-
|
|
66968
|
-
|
|
66969
|
-
|
|
66970
|
-
|
|
66971
|
-
|
|
66972
|
-
|
|
66973
|
-
|
|
66974
|
-
|
|
66975
|
-
|
|
66976
|
-
|
|
66977
|
-
|
|
66978
|
-
|
|
66979
|
-
|
|
66980
|
-
|
|
66981
|
-
|
|
66982
|
-
|
|
66983
|
-
|
|
66984
|
-
|
|
66985
|
-
|
|
66986
|
-
|
|
66987
|
-
|
|
66988
|
-
|
|
67145
|
+
else {
|
|
67146
|
+
principal = {
|
|
67147
|
+
usingCertificate: true,
|
|
67148
|
+
certificate: effect.certificateHash,
|
|
67149
|
+
certificateAccount: effect.certificateAccount
|
|
67150
|
+
};
|
|
67151
|
+
}
|
|
67152
|
+
// Only prefetch the permissions if we are computing the permissions
|
|
67153
|
+
if (computePermissions) {
|
|
67154
|
+
prefetchPromises.push(getPermissions(principal, toReadEntity.toArray()));
|
|
67155
|
+
}
|
|
67156
|
+
if (effect.type !== 'CERTIFICATE') {
|
|
67157
|
+
const { account } = effect;
|
|
67158
|
+
// Always fetch the supply from accountInfo if it's changing so we can validate the effect
|
|
67159
|
+
if ((fields.supply ?? []).length > 0 && (checkRangeConstraints || getFinalNumericValues)) {
|
|
67160
|
+
prefetchPromises.push(getAccountInfo(account));
|
|
67161
|
+
}
|
|
67162
|
+
const accountPubKey = account.publicKeyString.get();
|
|
67163
|
+
const delegationField = effects[accountPubKey]?.fields.delegation;
|
|
67164
|
+
const isDelegating = delegationField !== undefined;
|
|
67165
|
+
let requestedRep = false;
|
|
67166
|
+
if (isDelegating && computeWeights && getFinalNumericValues && canDelegate(account.keyType)) {
|
|
67167
|
+
requestedRep = true;
|
|
67168
|
+
prefetchPromises.push(getRep(account, getFinalNumericValues));
|
|
67169
|
+
prefetchPromises.push(getWeight(delegationField.delegateTo));
|
|
67170
|
+
}
|
|
67171
|
+
const rollingChanges = {};
|
|
67172
|
+
for (const tokenPubKey in fields.balance ?? {}) {
|
|
67173
|
+
for (const balanceUpdate of (fields.balance ?? {})[tokenPubKey]) {
|
|
67174
|
+
if (balanceUpdate.isReceive) {
|
|
67175
|
+
continue;
|
|
67176
|
+
}
|
|
67177
|
+
const { set, value } = balanceUpdate;
|
|
67178
|
+
const token = account_1.default.fromPublicKeyString(tokenPubKey).assertKeyType(account_1.AccountKeyAlgorithm.TOKEN);
|
|
67179
|
+
if (rollingChanges[tokenPubKey] === undefined) {
|
|
67180
|
+
rollingChanges[tokenPubKey] = 0n;
|
|
67181
|
+
}
|
|
67182
|
+
if (set) {
|
|
67183
|
+
prefetchPromises.push(getPreviousBalance(token, token));
|
|
67184
|
+
rollingChanges[tokenPubKey] = value;
|
|
67185
|
+
}
|
|
67186
|
+
else {
|
|
67187
|
+
rollingChanges[tokenPubKey] += value;
|
|
67188
|
+
}
|
|
67189
|
+
const isBaseToken = baseToken.comparePublicKey(tokenPubKey);
|
|
67190
|
+
const possibleNegative = rollingChanges[tokenPubKey] < 0n && checkRangeConstraints;
|
|
67191
|
+
if ((possibleNegative && checkRangeConstraints) || set || getFinalNumericValues || (isDelegating && computeWeights)) {
|
|
67192
|
+
prefetchPromises.push(getPreviousBalance(account, token));
|
|
67193
|
+
}
|
|
67194
|
+
if (computeWeights && isBaseToken && canDelegate(account.keyType) && !requestedRep) {
|
|
67195
|
+
requestedRep = true;
|
|
67196
|
+
prefetchPromises.push(getRep(account, getFinalNumericValues));
|
|
67197
|
+
}
|
|
66989
67198
|
}
|
|
66990
67199
|
}
|
|
66991
67200
|
}
|
|
@@ -67080,28 +67289,54 @@ async function computeLedgerEffect(options, effects, storageProvider, network, t
|
|
|
67080
67289
|
newEntry.change += change;
|
|
67081
67290
|
supplies[tokenPubKey] = newEntry;
|
|
67082
67291
|
};
|
|
67083
|
-
for (const
|
|
67084
|
-
const
|
|
67292
|
+
for (const effect of Object.values(effects)) {
|
|
67293
|
+
const fields = effect.fields;
|
|
67085
67294
|
for (const supplyChange of fields.supply ?? []) {
|
|
67086
|
-
if (!account.isToken()) {
|
|
67295
|
+
if (effect.type !== 'ACCOUNT' || !effect.account.isToken()) {
|
|
67087
67296
|
throw (new Error('Cannot modify supply of non-token account'));
|
|
67088
67297
|
}
|
|
67089
|
-
await modifySupply(account, supplyChange.value);
|
|
67298
|
+
await modifySupply(effect.account, supplyChange.value);
|
|
67090
67299
|
}
|
|
67091
|
-
|
|
67092
|
-
|
|
67093
|
-
|
|
67094
|
-
|
|
67095
|
-
|
|
67096
|
-
|
|
67097
|
-
|
|
67300
|
+
for (const permUpdate of fields.permissions ?? []) {
|
|
67301
|
+
let principal;
|
|
67302
|
+
if (effect.type === 'ACCOUNT') {
|
|
67303
|
+
principal = effect.account;
|
|
67304
|
+
if (!account_1.default.isInstance(permUpdate.principal)) {
|
|
67305
|
+
throw (new Error('permUpdate.principal should be an account for ACCOUNT type effects'));
|
|
67306
|
+
}
|
|
67307
|
+
if (!permUpdate.principal.comparePublicKey(effect.account)) {
|
|
67308
|
+
throw (new Error('permUpdate.principal should not differ current account'));
|
|
67309
|
+
}
|
|
67310
|
+
}
|
|
67311
|
+
else {
|
|
67312
|
+
if (account_1.default.isInstance(permUpdate.principal)) {
|
|
67313
|
+
throw (new Error('permUpdate.principal should be a certificate for CERTIFICATE type effects'));
|
|
67314
|
+
}
|
|
67315
|
+
if (!permUpdate.principal.certificate.compareHexString(effect.certificateHash)) {
|
|
67316
|
+
throw (new Error('permUpdate.principal should not differ current certificate'));
|
|
67317
|
+
}
|
|
67318
|
+
principal = {
|
|
67319
|
+
usingCertificate: true,
|
|
67320
|
+
certificate: effect.certificateHash,
|
|
67321
|
+
certificateAccount: effect.certificateAccount
|
|
67322
|
+
};
|
|
67323
|
+
if (permUpdate.method === block_1.Block.AdjustMethod.ADD || permUpdate.method === block_1.Block.AdjustMethod.SET) {
|
|
67324
|
+
const certificate = await getCertificate(permUpdate.principal.certificate, permUpdate.principal.certificateAccount);
|
|
67325
|
+
if (!certificate) {
|
|
67326
|
+
throw (new ledger_1.KeetaNetLedgerError('LEDGER_CERTIFICATE_NOT_FOUND', `Certificate with hash ${permUpdate.principal.certificate.toString()} for account ${permUpdate.principal.certificateAccount.publicKeyString.get()} not found`));
|
|
67327
|
+
}
|
|
67328
|
+
}
|
|
67329
|
+
}
|
|
67330
|
+
// If not computing permissions, we only need to validate certificate existence
|
|
67331
|
+
if (!computePermissions) {
|
|
67332
|
+
continue;
|
|
67098
67333
|
}
|
|
67099
67334
|
if (permUpdate.method === block_1.Block.AdjustMethod.SET || permUpdate.permissions === null) {
|
|
67100
67335
|
permissions.push(permUpdate);
|
|
67101
67336
|
continue;
|
|
67102
67337
|
}
|
|
67103
67338
|
let newPermissions;
|
|
67104
|
-
const previousEntry = findPermissionMatch(permUpdate, await getPermissions(
|
|
67339
|
+
const previousEntry = findPermissionMatch(permUpdate, await getPermissions(principal));
|
|
67105
67340
|
const previousPermissions = previousEntry?.permissions ?? new permissions_1.Permissions();
|
|
67106
67341
|
switch (permUpdate.method) {
|
|
67107
67342
|
case block_1.Block.AdjustMethod.ADD:
|
|
@@ -67117,24 +67352,31 @@ async function computeLedgerEffect(options, effects, storageProvider, network, t
|
|
|
67117
67352
|
permissions: newPermissions
|
|
67118
67353
|
});
|
|
67119
67354
|
}
|
|
67120
|
-
|
|
67121
|
-
|
|
67122
|
-
if (
|
|
67123
|
-
|
|
67124
|
-
|
|
67125
|
-
|
|
67126
|
-
|
|
67127
|
-
await
|
|
67355
|
+
let isDelegating;
|
|
67356
|
+
let delegationField;
|
|
67357
|
+
if (effect.type === 'ACCOUNT') {
|
|
67358
|
+
delegationField = effects[effect.account.publicKeyString.get()]?.fields.delegation;
|
|
67359
|
+
isDelegating = delegationField !== undefined;
|
|
67360
|
+
if (isDelegating && delegationField && canDelegate(effect.account.keyType) && computeWeights) {
|
|
67361
|
+
const currentDelegation = await getRep(effect.account, getFinalNumericValues);
|
|
67362
|
+
const previousBalance = await getPreviousBalance(effect.account, baseToken);
|
|
67363
|
+
await modifyWeight(delegationField.delegateTo, previousBalance);
|
|
67364
|
+
if (currentDelegation) {
|
|
67365
|
+
await modifyWeight(currentDelegation, -1n * previousBalance);
|
|
67366
|
+
}
|
|
67128
67367
|
}
|
|
67129
67368
|
}
|
|
67130
67369
|
const receivable = {};
|
|
67131
67370
|
for (const tokenPubKey in fields.balance ?? {}) {
|
|
67132
67371
|
const tokenAcct = account_1.default.fromPublicKeyString(tokenPubKey).assertKeyType(account_1.AccountKeyAlgorithm.TOKEN);
|
|
67133
67372
|
for (const balanceUpdate of (fields.balance ?? {})[tokenPubKey]) {
|
|
67373
|
+
if (effect.type !== 'ACCOUNT') {
|
|
67374
|
+
throw (new Error('Only accounts can have balance changes'));
|
|
67375
|
+
}
|
|
67134
67376
|
const { isReceive, value, otherAccount } = balanceUpdate;
|
|
67135
67377
|
if (isReceive) {
|
|
67136
67378
|
const receiveFromPubKey = otherAccount.publicKeyString.get();
|
|
67137
|
-
const previousEntry = getBalanceEntry(account, tokenAcct);
|
|
67379
|
+
const previousEntry = getBalanceEntry(effect.account, tokenAcct);
|
|
67138
67380
|
if (previousEntry.receiveValidated === false) {
|
|
67139
67381
|
continue;
|
|
67140
67382
|
}
|
|
@@ -67152,16 +67394,16 @@ async function computeLedgerEffect(options, effects, storageProvider, network, t
|
|
|
67152
67394
|
else {
|
|
67153
67395
|
receiveValid = value <= receivableAmount;
|
|
67154
67396
|
}
|
|
67155
|
-
balances[
|
|
67397
|
+
balances[effect.account.publicKeyString.get()][tokenPubKey].receiveValidated = receiveValid;
|
|
67156
67398
|
continue;
|
|
67157
67399
|
}
|
|
67158
67400
|
let balanceChange;
|
|
67159
67401
|
if (balanceUpdate.set) {
|
|
67160
|
-
balanceChange = await modifyBalance(account, tokenAcct, value, true);
|
|
67402
|
+
balanceChange = await modifyBalance(effect.account, tokenAcct, value, true);
|
|
67161
67403
|
await modifyBalance(tokenAcct, tokenAcct, -1n * balanceChange, false);
|
|
67162
67404
|
}
|
|
67163
67405
|
else {
|
|
67164
|
-
balanceChange = await modifyBalance(account, tokenAcct, value, false);
|
|
67406
|
+
balanceChange = await modifyBalance(effect.account, tokenAcct, value, false);
|
|
67165
67407
|
}
|
|
67166
67408
|
if (balanceUpdate.receivable) {
|
|
67167
67409
|
const otherAccountPubKey = otherAccount.publicKeyString.get();
|
|
@@ -67173,12 +67415,15 @@ async function computeLedgerEffect(options, effects, storageProvider, network, t
|
|
|
67173
67415
|
receivable[otherAccountPubKey][tokenPubKey] += balanceChange;
|
|
67174
67416
|
}
|
|
67175
67417
|
const isBaseToken = baseToken.comparePublicKey(tokenAcct);
|
|
67176
|
-
if (isBaseToken && canDelegate(account.keyType) && computeWeights) {
|
|
67418
|
+
if (isBaseToken && canDelegate(effect.account.keyType) && computeWeights) {
|
|
67177
67419
|
if (isDelegating) {
|
|
67420
|
+
if (!delegationField) {
|
|
67421
|
+
throw (new Error('delegationField should be defined if isDelegating is true'));
|
|
67422
|
+
}
|
|
67178
67423
|
await modifyWeight(delegationField.delegateTo, balanceChange);
|
|
67179
67424
|
}
|
|
67180
67425
|
else {
|
|
67181
|
-
const currentRep = await getRep(account);
|
|
67426
|
+
const currentRep = await getRep(effect.account);
|
|
67182
67427
|
if (currentRep) {
|
|
67183
67428
|
await modifyWeight(currentRep, balanceChange);
|
|
67184
67429
|
}
|
|
@@ -67610,33 +67855,47 @@ function addOrCombineRequirements(existing, addition, alwaysCombine) {
|
|
|
67610
67855
|
resp.push(addition);
|
|
67611
67856
|
return (resp);
|
|
67612
67857
|
}
|
|
67613
|
-
function
|
|
67614
|
-
|
|
67615
|
-
|
|
67616
|
-
|
|
67858
|
+
function touchStateFields(state, toTouch) {
|
|
67859
|
+
let entityKey;
|
|
67860
|
+
let defaultValue;
|
|
67861
|
+
if (account_1.default.isInstance(toTouch)) {
|
|
67862
|
+
entityKey = toTouch.publicKeyString.get();
|
|
67863
|
+
defaultValue = {
|
|
67864
|
+
type: 'ACCOUNT',
|
|
67865
|
+
fields: {},
|
|
67866
|
+
account: toTouch
|
|
67867
|
+
};
|
|
67868
|
+
}
|
|
67869
|
+
else if (toTouch.usingCertificate) {
|
|
67870
|
+
entityKey = `${toTouch.certificate.toString()}:${toTouch.certificateAccount.publicKeyString.get()}`;
|
|
67871
|
+
defaultValue = {
|
|
67872
|
+
type: 'CERTIFICATE',
|
|
67617
67873
|
fields: {},
|
|
67618
|
-
|
|
67874
|
+
certificateHash: toTouch.certificate,
|
|
67875
|
+
certificateAccount: toTouch.certificateAccount
|
|
67619
67876
|
};
|
|
67620
67877
|
}
|
|
67621
|
-
|
|
67622
|
-
|
|
67878
|
+
else {
|
|
67879
|
+
throw (new Error('Invalid principal type in touchStateFields'));
|
|
67623
67880
|
}
|
|
67624
|
-
|
|
67625
|
-
|
|
67881
|
+
let value = state.accounts[entityKey];
|
|
67882
|
+
if (value === undefined) {
|
|
67883
|
+
state.accounts[entityKey] = defaultValue;
|
|
67884
|
+
value = state.accounts[entityKey];
|
|
67626
67885
|
}
|
|
67627
|
-
|
|
67628
|
-
state.accounts[principalPubKey].fields.permissions = addOrCombineRequirements(existing, addition);
|
|
67886
|
+
return ({ value, entityKey });
|
|
67629
67887
|
}
|
|
67630
|
-
function
|
|
67631
|
-
const
|
|
67632
|
-
|
|
67633
|
-
|
|
67634
|
-
state.accounts[principalPubKey] = {
|
|
67635
|
-
account: requirement.principal,
|
|
67636
|
-
fields: {}
|
|
67637
|
-
};
|
|
67888
|
+
function addPermission(state, addition) {
|
|
67889
|
+
const { value } = touchStateFields(state, addition.principal);
|
|
67890
|
+
if (value.fields.permissions === undefined) {
|
|
67891
|
+
value.fields.permissions = [];
|
|
67638
67892
|
}
|
|
67639
|
-
const
|
|
67893
|
+
const existing = value.fields.permissions || [];
|
|
67894
|
+
value.fields.permissions = addOrCombineRequirements(existing, addition);
|
|
67895
|
+
}
|
|
67896
|
+
function addPermissionRequirement(state, requirement) {
|
|
67897
|
+
const { value: principalFields } = touchStateFields(state, requirement.principal);
|
|
67898
|
+
const alreadyAdded = principalFields.fields.permissions ?? [];
|
|
67640
67899
|
const foundAddedMatch = alreadyAdded.find(function ({ permissions }) {
|
|
67641
67900
|
if (requirement.permissions === null) {
|
|
67642
67901
|
return (true);
|
|
@@ -67646,6 +67905,7 @@ function addPermissionRequirement(state, requirement) {
|
|
|
67646
67905
|
if (foundAddedMatch !== undefined) {
|
|
67647
67906
|
return;
|
|
67648
67907
|
}
|
|
67908
|
+
const entityPubKey = requirement.entity.publicKeyString.get();
|
|
67649
67909
|
if (state.accounts[entityPubKey] !== undefined) {
|
|
67650
67910
|
const entityInfo = state.accounts[entityPubKey].fields.info;
|
|
67651
67911
|
if (entityInfo !== undefined && 'defaultPermission' in entityInfo) {
|
|
@@ -67657,13 +67917,14 @@ function addPermissionRequirement(state, requirement) {
|
|
|
67657
67917
|
}
|
|
67658
67918
|
}
|
|
67659
67919
|
}
|
|
67660
|
-
const existing =
|
|
67661
|
-
|
|
67920
|
+
const existing = principalFields.fields.permissionRequirements ?? [];
|
|
67921
|
+
principalFields.fields.permissionRequirements = addOrCombineRequirements(existing, requirement, true);
|
|
67662
67922
|
}
|
|
67663
67923
|
function updateMinSignerSetLength(state, multisigAccount, count) {
|
|
67664
67924
|
const multisigPublicKey = multisigAccount.publicKeyString.get();
|
|
67665
67925
|
if (state.accounts[multisigPublicKey] === undefined) {
|
|
67666
67926
|
state.accounts[multisigPublicKey] = {
|
|
67927
|
+
type: 'ACCOUNT',
|
|
67667
67928
|
account: multisigAccount,
|
|
67668
67929
|
fields: {}
|
|
67669
67930
|
};
|
|
@@ -67679,6 +67940,7 @@ function modifyBalanceInState(balanceState) {
|
|
|
67679
67940
|
const tokenPubKey = token.publicKeyString.get();
|
|
67680
67941
|
if (state.accounts[accountPubKey] === undefined) {
|
|
67681
67942
|
state.accounts[accountPubKey] = {
|
|
67943
|
+
type: 'ACCOUNT',
|
|
67682
67944
|
account: account_1.default.fromPublicKeyString(accountPubKey),
|
|
67683
67945
|
fields: {}
|
|
67684
67946
|
};
|
|
@@ -67745,6 +68007,7 @@ function updateAccountInfoInState(state, account, info) {
|
|
|
67745
68007
|
}
|
|
67746
68008
|
if (!state.accounts[accountPubKey]) {
|
|
67747
68009
|
state.accounts[accountPubKey] = {
|
|
68010
|
+
type: 'ACCOUNT',
|
|
67748
68011
|
account: account,
|
|
67749
68012
|
fields: {}
|
|
67750
68013
|
};
|
|
@@ -67892,6 +68155,7 @@ function computeEffectOfOperationCREATE_IDENTIFIER(state, block, operation, cont
|
|
|
67892
68155
|
for (const multisigSigner of operation.createArguments.signers) {
|
|
67893
68156
|
state.possibleNewAccounts.add(multisigSigner);
|
|
67894
68157
|
addPermission(state, {
|
|
68158
|
+
principalType: 'ACCOUNT',
|
|
67895
68159
|
principal: multisigSigner,
|
|
67896
68160
|
entity: operation.identifier,
|
|
67897
68161
|
method: block_1.Block.AdjustMethod.SET,
|
|
@@ -67901,6 +68165,7 @@ function computeEffectOfOperationCREATE_IDENTIFIER(state, block, operation, cont
|
|
|
67901
68165
|
}
|
|
67902
68166
|
else {
|
|
67903
68167
|
addPermission(state, {
|
|
68168
|
+
principalType: 'ACCOUNT',
|
|
67904
68169
|
principal: block.account,
|
|
67905
68170
|
entity: operation.identifier,
|
|
67906
68171
|
method: block_1.Block.AdjustMethod.SET,
|
|
@@ -67917,17 +68182,45 @@ function computeEffectOfOperationSET_INFO(state, block, operation) {
|
|
|
67917
68182
|
});
|
|
67918
68183
|
}
|
|
67919
68184
|
function computeEffectOfOperationMODIFY_PERMISSIONS(state, block, operation) {
|
|
67920
|
-
|
|
68185
|
+
if (account_1.default.isInstance(operation.principal)) {
|
|
68186
|
+
state.possibleNewAccounts.add(operation.principal);
|
|
68187
|
+
}
|
|
68188
|
+
else if (operation.principal.usingCertificate) {
|
|
68189
|
+
state.possibleNewAccounts.add(operation.principal.certificateAccount);
|
|
68190
|
+
}
|
|
68191
|
+
else {
|
|
68192
|
+
throw (new Error('Invalid principal in MODIFY_PERMISSIONS operation'));
|
|
68193
|
+
}
|
|
67921
68194
|
if (operation.target) {
|
|
67922
68195
|
state.possibleNewAccounts.add(operation.target);
|
|
67923
68196
|
}
|
|
67924
|
-
|
|
67925
|
-
principal: operation.principal,
|
|
68197
|
+
const shared = {
|
|
67926
68198
|
entity: block.account,
|
|
67927
68199
|
permissions: operation.permissions,
|
|
67928
68200
|
method: operation.method,
|
|
67929
68201
|
target: operation.target
|
|
67930
|
-
}
|
|
68202
|
+
};
|
|
68203
|
+
if (account_1.default.isInstance(operation.principal)) {
|
|
68204
|
+
addPermission(state, {
|
|
68205
|
+
principalType: 'ACCOUNT',
|
|
68206
|
+
principal: operation.principal,
|
|
68207
|
+
...shared
|
|
68208
|
+
});
|
|
68209
|
+
}
|
|
68210
|
+
else if (operation.principal.usingCertificate) {
|
|
68211
|
+
addPermission(state, {
|
|
68212
|
+
principalType: 'CERTIFICATE',
|
|
68213
|
+
principal: {
|
|
68214
|
+
usingCertificate: true,
|
|
68215
|
+
certificate: operation.principal.certificateHash,
|
|
68216
|
+
certificateAccount: operation.principal.certificateAccount
|
|
68217
|
+
},
|
|
68218
|
+
...shared
|
|
68219
|
+
});
|
|
68220
|
+
}
|
|
68221
|
+
else {
|
|
68222
|
+
throw (new Error('Invalid principal in MODIFY_PERMISSIONS operation'));
|
|
68223
|
+
}
|
|
67931
68224
|
}
|
|
67932
68225
|
function computeEffectOfOperationTOKEN_ADMIN_SUPPLY(state, block, operation) {
|
|
67933
68226
|
const tokenPubKey = block.account.publicKeyString.get();
|
|
@@ -68007,15 +68300,23 @@ function computeEffectOfOperationMANAGE_CERTIFICATE(state, block, operation, con
|
|
|
68007
68300
|
const operationHandlers = {
|
|
68008
68301
|
[block_1.Block.OperationType.SEND]: {
|
|
68009
68302
|
effectGenerator: computeEffectOfOperationSEND,
|
|
68010
|
-
accountPermissionACL: (block, operation
|
|
68011
|
-
|
|
68012
|
-
|
|
68013
|
-
|
|
68303
|
+
accountPermissionACL: (block, operation) => {
|
|
68304
|
+
// Require both the sender and the recipient to have ['ACCESS'] on the token
|
|
68305
|
+
const baseEffect = [
|
|
68306
|
+
{
|
|
68307
|
+
principal: block.account,
|
|
68308
|
+
entity: operation.token
|
|
68309
|
+
},
|
|
68310
|
+
{
|
|
68311
|
+
principal: operation.to,
|
|
68312
|
+
entity: operation.token
|
|
68313
|
+
}
|
|
68314
|
+
];
|
|
68014
68315
|
if (operation.to.keyType !== account_1.AccountKeyAlgorithm.STORAGE) {
|
|
68015
68316
|
return (baseEffect);
|
|
68016
68317
|
}
|
|
68017
68318
|
return ([
|
|
68018
|
-
baseEffect,
|
|
68319
|
+
...baseEffect,
|
|
68019
68320
|
// Require that the token identifier was granted access by storage account for it to be able to hold
|
|
68020
68321
|
{
|
|
68021
68322
|
entity: operation.to,
|
|
@@ -68109,9 +68410,17 @@ const operationHandlers = {
|
|
|
68109
68410
|
delegateMethodNeeded = 'PERMISSION_DELEGATE_ADD';
|
|
68110
68411
|
break;
|
|
68111
68412
|
}
|
|
68413
|
+
let target;
|
|
68414
|
+
if (account_1.default.isInstance(operation.principal)) {
|
|
68415
|
+
target = operation.principal;
|
|
68416
|
+
}
|
|
68417
|
+
else {
|
|
68418
|
+
// Currently, we do not have a way to specify a target for certificate principals, so we will not include a target in this case
|
|
68419
|
+
target = undefined;
|
|
68420
|
+
}
|
|
68112
68421
|
necessary.push({
|
|
68113
68422
|
permissions: new permissions_1.Permissions([delegateMethodNeeded]),
|
|
68114
|
-
target:
|
|
68423
|
+
target: target
|
|
68115
68424
|
});
|
|
68116
68425
|
return (necessary);
|
|
68117
68426
|
}
|
|
@@ -68250,6 +68559,7 @@ function computeEffectOfBlocks(blocks, ledger) {
|
|
|
68250
68559
|
}
|
|
68251
68560
|
if (accumulatedEffects.accounts[blockAccountPubKey] === undefined) {
|
|
68252
68561
|
accumulatedEffects.accounts[blockAccountPubKey] = {
|
|
68562
|
+
type: 'ACCOUNT',
|
|
68253
68563
|
account: block.account,
|
|
68254
68564
|
fields: {}
|
|
68255
68565
|
};
|
|
@@ -68306,6 +68616,9 @@ function computeEffectOfBlocks(blocks, ledger) {
|
|
|
68306
68616
|
}
|
|
68307
68617
|
}
|
|
68308
68618
|
for (const effect of Object.values(accumulatedEffects.accounts)) {
|
|
68619
|
+
if (effect.type !== 'ACCOUNT') {
|
|
68620
|
+
continue;
|
|
68621
|
+
}
|
|
68309
68622
|
accumulatedEffects.touched.add(effect.account);
|
|
68310
68623
|
if (effect.fields.balance) {
|
|
68311
68624
|
let hasDebit = false;
|
|
@@ -68414,7 +68727,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
|
|
|
68414
68727
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
68415
68728
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
68416
68729
|
};
|
|
68417
|
-
var _LedgerAtomicInterface_instances, _LedgerAtomicInterface_network, _LedgerAtomicInterface_subnet, _LedgerAtomicInterface_kind, _LedgerAtomicInterface_privateKey, _LedgerAtomicInterface_computeFeeFromBlocks, _LedgerAtomicInterface_storage, _LedgerAtomicInterface_ledger, _LedgerAtomicInterface_cache, _LedgerAtomicInterface_operations, _LedgerAtomicInterface_transaction, _LedgerAtomicInterface_assertTransaction, _LedgerAtomicInterface_validateVotingWeight, _LedgerAtomicInterface_listAccountInfo, _LedgerAtomicInterface_checkSingleAccountPermissions, _LedgerAtomicInterface_checkPermissionRequirements, _LedgerAtomicInterface_validateBlockOperations, _LedgerAtomicInterface_validateLedgerOutcome, _LedgerAtomicInterface_validateBlocksForVote, _LedgerAtomicInterface_voteOrQuoteWithFees, _Ledger_storage, _Ledger_config;
|
|
68730
|
+
var _LedgerAtomicInterface_instances, _LedgerAtomicInterface_network, _LedgerAtomicInterface_subnet, _LedgerAtomicInterface_kind, _LedgerAtomicInterface_privateKey, _LedgerAtomicInterface_computeFeeFromBlocks, _LedgerAtomicInterface_storage, _LedgerAtomicInterface_ledger, _LedgerAtomicInterface_cache, _LedgerAtomicInterface_operations, _LedgerAtomicInterface_transaction, _LedgerAtomicInterface_assertTransaction, _LedgerAtomicInterface_validateVotingWeight, _LedgerAtomicInterface_listAccountInfo, _LedgerAtomicInterface_fetchSatisfiedCertificateACLs, _LedgerAtomicInterface_checkSingleAccountPermissions, _LedgerAtomicInterface_checkPermissionRequirements, _LedgerAtomicInterface_validateBlockOperations, _LedgerAtomicInterface_validateLedgerOutcome, _LedgerAtomicInterface_validateBlocksForVote, _LedgerAtomicInterface_voteOrQuoteWithFees, _Ledger_storage, _Ledger_config;
|
|
68418
68731
|
Object.defineProperty(exports, "__esModule", ({ value: true }));
|
|
68419
68732
|
exports.Ledger = exports.LedgerStorageTransactionBase = exports.IdempotentKey = exports.LedgerKind = void 0;
|
|
68420
68733
|
const vote_1 = __webpack_require__(1130);
|
|
@@ -68430,6 +68743,7 @@ const types_1 = __webpack_require__(5773);
|
|
|
68430
68743
|
const conversion_1 = __webpack_require__(2360);
|
|
68431
68744
|
const cache_1 = __importDefault(__webpack_require__(5834));
|
|
68432
68745
|
const timing_1 = __webpack_require__(2895);
|
|
68746
|
+
const certificate_1 = __webpack_require__(5661);
|
|
68433
68747
|
const operations_1 = __webpack_require__(2778);
|
|
68434
68748
|
const stats_1 = __webpack_require__(2127);
|
|
68435
68749
|
const buffer_1 = __webpack_require__(3310);
|
|
@@ -68974,9 +69288,9 @@ class LedgerAtomicInterface {
|
|
|
68974
69288
|
const permissions = await __classPrivateFieldGet(this, _LedgerAtomicInterface_storage, "f").listACLsByPrincipal(transaction, principal, entityList);
|
|
68975
69289
|
return (permissions);
|
|
68976
69290
|
}
|
|
68977
|
-
async listACLsByEntity(entity) {
|
|
69291
|
+
async listACLsByEntity(entity, options) {
|
|
68978
69292
|
const transaction = __classPrivateFieldGet(this, _LedgerAtomicInterface_instances, "m", _LedgerAtomicInterface_assertTransaction).call(this);
|
|
68979
|
-
const permissions = await __classPrivateFieldGet(this, _LedgerAtomicInterface_storage, "f").listACLsByEntity(transaction, entity);
|
|
69293
|
+
const permissions = await __classPrivateFieldGet(this, _LedgerAtomicInterface_storage, "f").listACLsByEntity(transaction, entity, options);
|
|
68980
69294
|
return (permissions);
|
|
68981
69295
|
}
|
|
68982
69296
|
async votingPower(rep) {
|
|
@@ -69289,6 +69603,63 @@ _LedgerAtomicInterface_network = new WeakMap(), _LedgerAtomicInterface_subnet =
|
|
|
69289
69603
|
});
|
|
69290
69604
|
await Promise.all(permissionPromises);
|
|
69291
69605
|
return (accountInfo);
|
|
69606
|
+
}, _LedgerAtomicInterface_fetchSatisfiedCertificateACLs = async function _LedgerAtomicInterface_fetchSatisfiedCertificateACLs(account, requirement) {
|
|
69607
|
+
const entityCertificateACLs = await this.listACLsByEntity(requirement.entity, { principalType: 'CERTIFICATE' });
|
|
69608
|
+
if (entityCertificateACLs.length === 0) {
|
|
69609
|
+
return (null);
|
|
69610
|
+
}
|
|
69611
|
+
const entityACLsWithValuesResponse = await Promise.all(entityCertificateACLs.map(async (acl) => {
|
|
69612
|
+
if (acl.principalType !== 'CERTIFICATE') {
|
|
69613
|
+
throw (new Error('Expected certificate ACL row'));
|
|
69614
|
+
}
|
|
69615
|
+
const certificate = await this.getAccountCertificateByHash(acl.principal.certificateAccount, acl.principal.certificate);
|
|
69616
|
+
if (certificate === null) {
|
|
69617
|
+
return (null);
|
|
69618
|
+
}
|
|
69619
|
+
return ({ acl, certificate });
|
|
69620
|
+
}));
|
|
69621
|
+
// XXX:TODO does this need to be paginated
|
|
69622
|
+
const userCertificates = await this.getAccountCertificates(account);
|
|
69623
|
+
const matchedCertificateACLs = [];
|
|
69624
|
+
for (const aclWithCertificate of entityACLsWithValuesResponse) {
|
|
69625
|
+
if (!aclWithCertificate) {
|
|
69626
|
+
continue;
|
|
69627
|
+
}
|
|
69628
|
+
const { certificate: aclCertificate, acl } = aclWithCertificate;
|
|
69629
|
+
const issuerCertificate = new certificate_1.Certificate(aclCertificate.certificate, {
|
|
69630
|
+
isTrustedRoot: true
|
|
69631
|
+
});
|
|
69632
|
+
if (!issuerCertificate.checkValid()) {
|
|
69633
|
+
continue;
|
|
69634
|
+
}
|
|
69635
|
+
for (const userCertificate of userCertificates) {
|
|
69636
|
+
if (!userCertificate.certificate.checkValid()) {
|
|
69637
|
+
continue;
|
|
69638
|
+
}
|
|
69639
|
+
const foundChain = userCertificate.certificate.verifyChain({
|
|
69640
|
+
root: new Set([issuerCertificate]),
|
|
69641
|
+
intermediate: new Set([
|
|
69642
|
+
...aclCertificate.intermediates?.getCertificates() ?? [],
|
|
69643
|
+
...userCertificate.intermediates?.getCertificates() ?? []
|
|
69644
|
+
])
|
|
69645
|
+
});
|
|
69646
|
+
if (foundChain === null) {
|
|
69647
|
+
continue;
|
|
69648
|
+
}
|
|
69649
|
+
let foundRootInChain = false;
|
|
69650
|
+
for (const certInChain of foundChain) {
|
|
69651
|
+
if (certInChain.hash().compareHexString(issuerCertificate.hash())) {
|
|
69652
|
+
foundRootInChain = true;
|
|
69653
|
+
break;
|
|
69654
|
+
}
|
|
69655
|
+
}
|
|
69656
|
+
if (!foundRootInChain) {
|
|
69657
|
+
throw (new Error('Internal error: issuer certificate not found in verified chain'));
|
|
69658
|
+
}
|
|
69659
|
+
matchedCertificateACLs.push(acl);
|
|
69660
|
+
}
|
|
69661
|
+
}
|
|
69662
|
+
return (matchedCertificateACLs);
|
|
69292
69663
|
}, _LedgerAtomicInterface_checkSingleAccountPermissions = async function _LedgerAtomicInterface_checkSingleAccountPermissions(account, requirements, accountInfos) {
|
|
69293
69664
|
__classPrivateFieldGet(this, _LedgerAtomicInterface_instances, "m", _LedgerAtomicInterface_assertTransaction).call(this);
|
|
69294
69665
|
// Remove duplicates in entity
|
|
@@ -69296,6 +69667,9 @@ _LedgerAtomicInterface_network = new WeakMap(), _LedgerAtomicInterface_subnet =
|
|
|
69296
69667
|
const entityAccounts = new account_1.default.Set(unfilteredEntity).toArray();
|
|
69297
69668
|
const gotPermissions = await this.listACLsByPrincipal(account, entityAccounts);
|
|
69298
69669
|
for (const requirement of requirements) {
|
|
69670
|
+
if (!requirement.permissions) {
|
|
69671
|
+
throw (new Error('Unexpected null permissions in requirement'));
|
|
69672
|
+
}
|
|
69299
69673
|
const reqEntityKey = requirement.entity.publicKeyString.get();
|
|
69300
69674
|
const foundACLRow = (0, common_1.findPermissionMatch)(requirement, gotPermissions);
|
|
69301
69675
|
const foundAccountInfo = accountInfos[reqEntityKey];
|
|
@@ -69309,10 +69683,19 @@ _LedgerAtomicInterface_network = new WeakMap(), _LedgerAtomicInterface_subnet =
|
|
|
69309
69683
|
else {
|
|
69310
69684
|
foundPermission = new permissions_1.Permissions();
|
|
69311
69685
|
}
|
|
69312
|
-
|
|
69313
|
-
|
|
69686
|
+
let hasPermissions = foundPermission.has(requirement.permissions);
|
|
69687
|
+
if (!hasPermissions && account.isAccount()) {
|
|
69688
|
+
const found = await __classPrivateFieldGet(this, _LedgerAtomicInterface_instances, "m", _LedgerAtomicInterface_fetchSatisfiedCertificateACLs).call(this, account, requirement);
|
|
69689
|
+
if (found) {
|
|
69690
|
+
for (const row of found) {
|
|
69691
|
+
const certificateRowHasPermissions = row.permissions.has(requirement.permissions);
|
|
69692
|
+
if (certificateRowHasPermissions) {
|
|
69693
|
+
hasPermissions = true;
|
|
69694
|
+
break;
|
|
69695
|
+
}
|
|
69696
|
+
}
|
|
69697
|
+
}
|
|
69314
69698
|
}
|
|
69315
|
-
const hasPermissions = foundPermission.has(requirement.permissions);
|
|
69316
69699
|
if (!hasPermissions) {
|
|
69317
69700
|
const accountPubKey = account.publicKeyString.get();
|
|
69318
69701
|
const baseFlagsStr = requirement.permissions.base.flags.join(', ');
|
|
@@ -69328,15 +69711,19 @@ _LedgerAtomicInterface_network = new WeakMap(), _LedgerAtomicInterface_subnet =
|
|
|
69328
69711
|
const needToGetAccountInfoFor = new account_1.default.Set();
|
|
69329
69712
|
const allAccountsChanges = Object.values(effects);
|
|
69330
69713
|
const foundMultisigSignerLengths = [];
|
|
69331
|
-
for (const
|
|
69332
|
-
|
|
69714
|
+
for (const accountChanges of allAccountsChanges) {
|
|
69715
|
+
const { fields } = accountChanges;
|
|
69716
|
+
if (accountChanges.type === 'ACCOUNT' && accountChanges.account.isMultisig()) {
|
|
69333
69717
|
if (fields.minSignerSetLength !== undefined) {
|
|
69334
|
-
needToGetAccountInfoFor.add(account);
|
|
69335
|
-
foundMultisigSignerLengths.push([account, fields.minSignerSetLength]);
|
|
69718
|
+
needToGetAccountInfoFor.add(accountChanges.account);
|
|
69719
|
+
foundMultisigSignerLengths.push([accountChanges.account, fields.minSignerSetLength]);
|
|
69336
69720
|
}
|
|
69337
69721
|
}
|
|
69338
69722
|
for (const singleRequirement of fields.permissionRequirements ?? []) {
|
|
69339
69723
|
const principal = singleRequirement.principal;
|
|
69724
|
+
if (!account_1.default.isInstance(principal)) {
|
|
69725
|
+
throw (new Error('Principal in permission requirement is not an account'));
|
|
69726
|
+
}
|
|
69340
69727
|
const principalPubKey = principal.publicKeyString.get();
|
|
69341
69728
|
if (!requirementsByPrincipal[principalPubKey]) {
|
|
69342
69729
|
requirementsByPrincipal[principalPubKey] = [];
|
|
@@ -69462,6 +69849,9 @@ async function _LedgerAtomicInterface_validateLedgerOutcome(blocks) {
|
|
|
69462
69849
|
}
|
|
69463
69850
|
}
|
|
69464
69851
|
for (const accountChanges of allAccountsChanges) {
|
|
69852
|
+
if (accountChanges.type === 'CERTIFICATE') {
|
|
69853
|
+
continue;
|
|
69854
|
+
}
|
|
69465
69855
|
const { account, fields = {} } = accountChanges;
|
|
69466
69856
|
/**
|
|
69467
69857
|
* Newly created identifiers automatically grant the creator ownership.
|
|
@@ -69475,6 +69865,10 @@ async function _LedgerAtomicInterface_validateLedgerOutcome(blocks) {
|
|
|
69475
69865
|
*/
|
|
69476
69866
|
const addedPermissions = fields.permissions ?? [];
|
|
69477
69867
|
for (const newPerm of addedPermissions) {
|
|
69868
|
+
// We only care about permissions that include ownership, and non-accounts (ex: certificate principals) cannot be owners
|
|
69869
|
+
if (newPerm.principalType === 'CERTIFICATE') {
|
|
69870
|
+
continue;
|
|
69871
|
+
}
|
|
69478
69872
|
let method = 'ADD';
|
|
69479
69873
|
if (newPerm.permissions === null || !newPerm.permissions.has(['OWNER'])) {
|
|
69480
69874
|
method = 'REMOVE';
|
|
@@ -69993,7 +70387,7 @@ exports["default"] = Ledger;
|
|
|
69993
70387
|
/***/ }),
|
|
69994
70388
|
|
|
69995
70389
|
/***/ 5773:
|
|
69996
|
-
/***/ ((__unused_webpack_module, exports) => {
|
|
70390
|
+
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
|
|
69997
70391
|
|
|
69998
70392
|
"use strict";
|
|
69999
70393
|
|
|
@@ -70001,6 +70395,10 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
|
|
|
70001
70395
|
exports.isIdentifierAccountInfo = isIdentifierAccountInfo;
|
|
70002
70396
|
exports.isKeyPairAccountInfo = isKeyPairAccountInfo;
|
|
70003
70397
|
exports.isAccountInfoOfType = isAccountInfoOfType;
|
|
70398
|
+
exports.isACLPrincipalType = isACLPrincipalType;
|
|
70399
|
+
exports.assertACLPrincipalType = assertACLPrincipalType;
|
|
70400
|
+
exports.asACLPrincipalType = asACLPrincipalType;
|
|
70401
|
+
const ledger_1 = __webpack_require__(452);
|
|
70004
70402
|
function isIdentifierAccountInfo(info) {
|
|
70005
70403
|
return (info.account.isIdentifier());
|
|
70006
70404
|
}
|
|
@@ -70010,6 +70408,20 @@ function isKeyPairAccountInfo(info) {
|
|
|
70010
70408
|
function isAccountInfoOfType(info, type) {
|
|
70011
70409
|
return (info.account.isKeyType(type));
|
|
70012
70410
|
}
|
|
70411
|
+
const aclPrincipalType = ['ACCOUNT', 'CERTIFICATE'];
|
|
70412
|
+
function isACLPrincipalType(type) {
|
|
70413
|
+
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions
|
|
70414
|
+
return (aclPrincipalType.includes(type));
|
|
70415
|
+
}
|
|
70416
|
+
function assertACLPrincipalType(type) {
|
|
70417
|
+
if (!isACLPrincipalType(type)) {
|
|
70418
|
+
throw (new ledger_1.KeetaNetLedgerError('LEDGER_INVALID_ACL_ROW_TYPE', `Invalid ACL Row Type: ${type}`));
|
|
70419
|
+
}
|
|
70420
|
+
}
|
|
70421
|
+
function asACLPrincipalType(type) {
|
|
70422
|
+
assertACLPrincipalType(type);
|
|
70423
|
+
return (type);
|
|
70424
|
+
}
|
|
70013
70425
|
|
|
70014
70426
|
|
|
70015
70427
|
/***/ }),
|
|
@@ -76244,7 +76656,7 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
|
|
|
76244
76656
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
76245
76657
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
76246
76658
|
};
|
|
76247
|
-
var _CertificateBuilder_params, _CertificateBuilder_caPathLen, _CertificateBundle_raw, _CertificateBundle_contents, _Certificate_instances, _Certificate_raw, _Certificate_hash, _Certificate_extensionsRaw, _Certificate_extensionsProcessed, _Certificate_finalizeConstructionCalled, _Certificate_isSelfSigned, _Certificate_processExtensionsInternal, _Certificate_processBaseExtensions, _Certificate_parseKeyUsage, _Certificate_processBaseExtension, _Certificate_assertAllCriticalExtensionsProcessed, _Certificate_checkValid, _Certificate_checkIssued;
|
|
76659
|
+
var _CertificateBuilder_params, _CertificateBuilder_caPathLen, _CertificateBundle_raw, _CertificateBundle_contents, _Certificate_instances, _Certificate_raw, _Certificate_hash, _Certificate_extensionsRaw, _Certificate_extensionsProcessed, _Certificate_finalizeConstructionCalled, _Certificate_isSelfSigned, _Certificate_processExtensionsInternal, _Certificate_processBaseExtensions, _Certificate_parseKeyUsage, _Certificate_processBaseExtension, _Certificate_assertAllCriticalExtensionsProcessed, _Certificate_checkValid, _Certificate_checkIssued, _Certificate_computeHash;
|
|
76248
76660
|
Object.defineProperty(exports, "__esModule", ({ value: true }));
|
|
76249
76661
|
exports.Certificate = exports.CertificateBundle = exports.CertificateHash = exports.CertificateBuilder = void 0;
|
|
76250
76662
|
const ASN1 = __importStar(__webpack_require__(6045));
|
|
@@ -77224,7 +77636,18 @@ class Certificate {
|
|
|
77224
77636
|
}
|
|
77225
77637
|
}
|
|
77226
77638
|
}
|
|
77227
|
-
verifyChain(store,
|
|
77639
|
+
verifyChain(store, seenHashes = new CertificateHash.Set()) {
|
|
77640
|
+
/**
|
|
77641
|
+
* Loop detection: reject any certificate already on the current
|
|
77642
|
+
* verification path, per RFC 4158 Section 2.4.1 (no certificate may
|
|
77643
|
+
* repeat in a path) and Section 5.2 (detection guidance).
|
|
77644
|
+
*
|
|
77645
|
+
* @see {@link https://datatracker.ietf.org/doc/html/rfc4158#section-5.2 RFC 4158 Section 5.2}
|
|
77646
|
+
* @see {@link https://datatracker.ietf.org/doc/html/rfc4158#section-2.4.1 RFC 4158 Section 2.4.1}
|
|
77647
|
+
*/
|
|
77648
|
+
if (seenHashes.has(__classPrivateFieldGet(this, _Certificate_instances, "m", _Certificate_computeHash).call(this))) {
|
|
77649
|
+
return (null);
|
|
77650
|
+
}
|
|
77228
77651
|
/*
|
|
77229
77652
|
* Check to see if the certificate is signed by any of the Root CAs
|
|
77230
77653
|
*/
|
|
@@ -77255,6 +77678,8 @@ class Certificate {
|
|
|
77255
77678
|
* Check to see if the certificate is signed by any of the specified intermediates
|
|
77256
77679
|
*/
|
|
77257
77680
|
if (store.intermediate !== undefined) {
|
|
77681
|
+
const nextSeen = new CertificateHash.Set(seenHashes);
|
|
77682
|
+
nextSeen.add(__classPrivateFieldGet(this, _Certificate_instances, "m", _Certificate_computeHash).call(this));
|
|
77258
77683
|
store.intermediate.forEach((intermediateCertificate) => {
|
|
77259
77684
|
if (retval !== null) {
|
|
77260
77685
|
return;
|
|
@@ -77262,7 +77687,7 @@ class Certificate {
|
|
|
77262
77687
|
const checkIssued = __classPrivateFieldGet(this, _Certificate_instances, "m", _Certificate_checkIssued).call(this, intermediateCertificate);
|
|
77263
77688
|
if (checkIssued.issued) {
|
|
77264
77689
|
if (intermediateCertificate.checkValid(this.moment)) {
|
|
77265
|
-
const moreChain = intermediateCertificate.verifyChain(store,
|
|
77690
|
+
const moreChain = intermediateCertificate.verifyChain(store, nextSeen);
|
|
77266
77691
|
if (moreChain !== null) {
|
|
77267
77692
|
const checkRetval = [...moreChain, intermediateCertificate];
|
|
77268
77693
|
const validChain = Certificate.verifyChainDepth([...checkRetval, this]);
|
|
@@ -77418,10 +77843,7 @@ class Certificate {
|
|
|
77418
77843
|
*/
|
|
77419
77844
|
hash() {
|
|
77420
77845
|
this.assertConstructed();
|
|
77421
|
-
|
|
77422
|
-
__classPrivateFieldSet(this, _Certificate_hash, CertificateHash.fromData(Buffer.from(__classPrivateFieldGet(this, _Certificate_raw, "f"))), "f");
|
|
77423
|
-
}
|
|
77424
|
-
return (__classPrivateFieldGet(this, _Certificate_hash, "f"));
|
|
77846
|
+
return (__classPrivateFieldGet(this, _Certificate_instances, "m", _Certificate_computeHash).call(this));
|
|
77425
77847
|
}
|
|
77426
77848
|
/**
|
|
77427
77849
|
* Get a JSON representation of the certificate
|
|
@@ -77659,6 +78081,11 @@ _Certificate_raw = new WeakMap(), _Certificate_hash = new WeakMap(), _Certificat
|
|
|
77659
78081
|
return ({ issued: false, reason: 'Signature verification failed' });
|
|
77660
78082
|
}
|
|
77661
78083
|
return ({ issued: true });
|
|
78084
|
+
}, _Certificate_computeHash = function _Certificate_computeHash() {
|
|
78085
|
+
if (!__classPrivateFieldGet(this, _Certificate_hash, "f")) {
|
|
78086
|
+
__classPrivateFieldSet(this, _Certificate_hash, CertificateHash.fromData(Buffer.from(__classPrivateFieldGet(this, _Certificate_raw, "f"))), "f");
|
|
78087
|
+
}
|
|
78088
|
+
return (__classPrivateFieldGet(this, _Certificate_hash, "f"));
|
|
77662
78089
|
};
|
|
77663
78090
|
/**
|
|
77664
78091
|
* The Certificate Builder
|
|
@@ -80856,7 +81283,7 @@ exports.Testing = { findRDN, blockHashesFromVote, feeFromVote, hashDataSchema, f
|
|
|
80856
81283
|
|
|
80857
81284
|
Object.defineProperty(exports, "__esModule", ({ value: true }));
|
|
80858
81285
|
exports.version = void 0;
|
|
80859
|
-
exports.version = '0.
|
|
81286
|
+
exports.version = '0.18.1+gae2caf00c1e19c6d232ff1a37b9fd8e7ea8a1ddc';
|
|
80860
81287
|
exports["default"] = exports.version;
|
|
80861
81288
|
|
|
80862
81289
|
|