@layerzerolabs/protocol-stellar-v2 0.2.10 → 0.2.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +273 -219
- package/.turbo/turbo-lint.log +79 -107
- package/.turbo/turbo-test.log +1016 -840
- package/Cargo.lock +14 -6
- package/contracts/common-macros/src/contract_impl.rs +6 -3
- package/contracts/common-macros/src/error.rs +9 -17
- package/contracts/common-macros/src/lib.rs +4 -37
- package/contracts/common-macros/src/ownable.rs +9 -5
- package/contracts/common-macros/src/tests/contract_impl.rs +178 -86
- package/contracts/common-macros/src/tests/error.rs +168 -0
- package/contracts/common-macros/src/tests/mod.rs +2 -4
- package/contracts/common-macros/src/tests/ownable.rs +37 -60
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__contract_impl__snapshot_generated_contract_impl_code.snap +16 -6
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__error__snapshot_generated_contract_error_code.snap +20 -0
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__ownable__snapshot_generated_ownable_code.snap +3 -1
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__ownable__snapshot_only_owner_preserves_function_signature.snap +12 -2
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__ttl_configurable__snapshot_generated_ttl_configurable_code.snap +5 -1
- package/contracts/common-macros/src/tests/utils.rs +267 -0
- package/contracts/common-macros/src/ttl_configurable.rs +15 -12
- package/contracts/common-macros/src/utils.rs +35 -6
- package/contracts/endpoint-v2/src/endpoint_v2.rs +4 -4
- package/contracts/endpoint-v2/src/events.rs +40 -22
- package/contracts/endpoint-v2/src/interfaces/message_lib.rs +2 -2
- package/contracts/endpoint-v2/src/interfaces/message_lib_manager.rs +2 -2
- package/contracts/endpoint-v2/src/interfaces/messaging_channel.rs +2 -2
- package/contracts/endpoint-v2/src/interfaces/messaging_composer.rs +2 -2
- package/contracts/endpoint-v2/src/interfaces/send_lib.rs +2 -2
- package/contracts/endpoint-v2/src/message_lib_manager.rs +3 -3
- package/contracts/endpoint-v2/src/messaging_channel.rs +1 -1
- package/contracts/endpoint-v2/src/messaging_composer.rs +1 -1
- package/contracts/endpoint-v2/src/tests/message_lib_manager/set_default_receive_lib_timeout.rs +4 -8
- package/contracts/endpoint-v2/src/tests/message_lib_manager/set_default_receive_library.rs +3 -7
- package/contracts/message-libs/{block-message-lib → blocked-message-lib}/Cargo.toml +1 -1
- package/contracts/message-libs/treasury/src/events.rs +9 -6
- package/contracts/message-libs/uln-302/src/events.rs +19 -11
- package/contracts/message-libs/uln-302/src/interfaces/receive_uln.rs +2 -2
- package/contracts/message-libs/uln-302/src/interfaces/send_uln.rs +2 -2
- package/contracts/message-libs/uln-302/src/receive_uln.rs +2 -2
- package/contracts/message-libs/uln-302/src/send_uln.rs +3 -3
- package/contracts/message-libs/uln-302/src/tests/receive_uln302/set_default_receive_uln_configs.rs +5 -5
- package/contracts/message-libs/uln-302/src/tests/send_uln302/set_default_send_uln_configs.rs +5 -5
- package/contracts/message-libs/uln-302/src/tests/setup.rs +3 -3
- package/contracts/message-libs/uln-302/src/types.rs +24 -24
- package/contracts/message-libs/uln-302/src/uln302.rs +2 -2
- package/contracts/oapp-macros/src/oapp_core.rs +1 -1
- package/contracts/oapps/counter/integration_tests/utils.rs +1 -1
- package/contracts/oapps/oapp/src/oapp_core.rs +4 -3
- package/contracts/oapps/oapp/src/oapp_options_type3.rs +4 -3
- package/contracts/oapps/oft/integration-tests/setup.rs +4 -3
- package/contracts/oapps/oft/integration-tests/utils.rs +1 -1
- package/contracts/oapps/oft/src/default_oft_impl.rs +146 -0
- package/contracts/oapps/oft/src/events.rs +5 -4
- package/contracts/oapps/oft/src/extensions/mod.rs +3 -0
- package/contracts/oapps/oft/src/extensions/oft_fee.rs +168 -0
- package/contracts/oapps/oft/src/extensions/pausable.rs +50 -0
- package/contracts/oapps/oft/src/extensions/rate_limiter.rs +200 -0
- package/contracts/oapps/oft/src/lib.rs +2 -3
- package/contracts/oapps/oft/src/oft.rs +16 -85
- package/contracts/oapps/oft/src/oft_types/mint_burn.rs +1 -1
- package/contracts/oapps/oft/src/tests/extensions/mod.rs +11 -0
- package/contracts/oapps/oft/src/tests/extensions/setup.rs +888 -0
- package/contracts/oapps/oft/src/tests/extensions/test_oft_fee.rs +749 -0
- package/contracts/oapps/oft/src/tests/extensions/test_pausable.rs +432 -0
- package/contracts/oapps/oft/src/tests/extensions/test_rate_limiter.rs +1078 -0
- package/contracts/oapps/oft/src/tests/mod.rs +2 -0
- package/contracts/oapps/oft/src/tests/test_utils.rs +24 -6
- package/contracts/oapps/{oft-mint-burn → oft-std}/Cargo.toml +1 -8
- package/contracts/oapps/oft-std/src/lib.rs +5 -0
- package/contracts/oapps/oft-std/src/oft.rs +59 -0
- package/contracts/utils/src/ownable.rs +8 -6
- package/contracts/utils/src/tests/ownable.rs +0 -63
- package/contracts/utils/src/tests/testing_utils.rs +7 -5
- package/contracts/utils/src/ttl.rs +21 -2
- package/contracts/workers/dvn/src/auth.rs +108 -30
- package/contracts/workers/dvn/src/dvn.rs +103 -33
- package/contracts/workers/dvn/src/errors.rs +10 -13
- package/contracts/workers/dvn/src/events.rs +7 -5
- package/contracts/workers/dvn/src/interfaces/dvn.rs +76 -3
- package/contracts/workers/dvn/src/interfaces/multisig.rs +41 -0
- package/contracts/workers/dvn/src/lib.rs +6 -8
- package/contracts/workers/dvn/src/multisig.rs +98 -72
- package/contracts/workers/dvn/src/storage.rs +9 -12
- package/contracts/workers/dvn/src/tests/auth.rs +56 -26
- package/contracts/workers/dvn/src/tests/dvn.rs +40 -41
- package/contracts/workers/dvn/src/tests/multisig/set_signer.rs +8 -8
- package/contracts/workers/dvn/src/tests/multisig/set_threshold.rs +9 -9
- package/contracts/workers/dvn/src/tests/multisig/verify_signatures.rs +6 -6
- package/contracts/workers/dvn/src/tests/setup.rs +5 -5
- package/contracts/workers/dvn-fee-lib/Cargo.toml +2 -1
- package/contracts/workers/dvn-fee-lib/src/dvn_fee_lib.rs +4 -3
- package/contracts/workers/dvn-fee-lib/src/tests/dvn_fee_lib.rs +8 -6
- package/contracts/workers/executor/src/auth.rs +93 -0
- package/contracts/workers/executor/src/events.rs +5 -4
- package/contracts/workers/executor/src/{lz_executor.rs → executor.rs} +30 -103
- package/contracts/workers/executor/src/interfaces/executor.rs +5 -2
- package/contracts/workers/executor/src/interfaces/mod.rs +1 -1
- package/contracts/workers/executor/src/lib.rs +6 -5
- package/contracts/workers/price-feed/Cargo.toml +21 -0
- package/contracts/workers/price-feed/src/errors.rs +9 -0
- package/contracts/workers/price-feed/src/events.rs +30 -0
- package/contracts/workers/price-feed/src/lib.rs +11 -0
- package/contracts/workers/price-feed/src/price_feed.rs +265 -0
- package/contracts/workers/price-feed/src/storage.rs +42 -0
- package/contracts/workers/price-feed/src/types.rs +59 -0
- package/contracts/workers/worker/src/events.rs +23 -13
- package/contracts/workers/worker/src/interfaces/dvn_fee_lib.rs +2 -1
- package/contracts/workers/worker/src/worker.rs +32 -21
- package/package.json +3 -3
- package/sdk/dist/generated/bml.js +24 -22
- package/sdk/dist/generated/counter.d.ts +102 -0
- package/sdk/dist/generated/counter.js +36 -24
- package/sdk/dist/generated/endpoint.js +24 -22
- package/sdk/dist/generated/sml.js +24 -22
- package/sdk/dist/generated/uln302.d.ts +1 -1
- package/sdk/dist/generated/uln302.js +34 -32
- package/sdk/package.json +1 -1
- package/sdk/test/index.test.ts +1 -1
- package/sdk/test/oft.test.ts +847 -0
- package/sdk/test/suites/scan.ts +20 -4
- package/tools/ts-bindings-gen/src/main.rs +2 -1
- package/contracts/common-macros/src/event.rs +0 -16
- package/contracts/oapps/oft/src/macro_tests/mod.rs +0 -2
- package/contracts/oapps/oft/src/macro_tests/test_all_default.rs +0 -41
- package/contracts/oapps/oft/src/macro_tests/test_override.rs +0 -83
- package/contracts/oapps/oft-mint-burn/src/lib.rs +0 -3
- package/contracts/oapps/oft-mint-burn/src/oft.rs +0 -28
- package/contracts/oapps/oft-mint-burn/src/tests/mod.rs +0 -1
- package/contracts/workers/dvn/src/types.rs +0 -26
- /package/contracts/message-libs/{block-message-lib → blocked-message-lib}/src/lib.rs +0 -0
|
@@ -1,62 +1,86 @@
|
|
|
1
|
+
//! Multisig functionality for the DVN contract.
|
|
2
|
+
//!
|
|
3
|
+
//! Provides secp256k1-based multisig signature verification using Ethereum-style
|
|
4
|
+
//! 20-byte addresses derived from recovered public keys.
|
|
5
|
+
|
|
6
|
+
use super::*;
|
|
7
|
+
|
|
1
8
|
use crate::{
|
|
9
|
+
errors::DvnError,
|
|
2
10
|
events::{SignerSet, ThresholdSet},
|
|
3
|
-
storage::
|
|
4
|
-
IMultisig,
|
|
11
|
+
storage::DvnStorage,
|
|
5
12
|
};
|
|
13
|
+
use soroban_sdk::assert_with_error;
|
|
14
|
+
|
|
15
|
+
// ============================================================================
|
|
16
|
+
// IMultisig Implementation
|
|
17
|
+
// ============================================================================
|
|
6
18
|
|
|
7
|
-
#[
|
|
8
|
-
impl IMultisig for
|
|
19
|
+
#[contract_impl]
|
|
20
|
+
impl IMultisig for LzDVN {
|
|
21
|
+
/// Adds or removes a signer. Requires contract self-authorization (quorum).
|
|
9
22
|
fn set_signer(env: &Env, signer: &BytesN<20>, active: bool) {
|
|
10
23
|
env.current_contract_address().require_auth();
|
|
11
|
-
|
|
12
24
|
if active {
|
|
13
|
-
add_signer(env, signer);
|
|
25
|
+
Self::add_signer(env, signer);
|
|
14
26
|
} else {
|
|
15
|
-
remove_signer(env, signer);
|
|
27
|
+
Self::remove_signer(env, signer);
|
|
16
28
|
}
|
|
17
29
|
}
|
|
18
30
|
|
|
31
|
+
/// Updates the signature threshold. Requires contract self-authorization (quorum).
|
|
19
32
|
fn set_threshold(env: &Env, threshold: u32) {
|
|
20
33
|
env.current_contract_address().require_auth();
|
|
21
34
|
|
|
22
|
-
|
|
35
|
+
assert_with_error!(env, threshold > 0, DvnError::ZeroThreshold);
|
|
36
|
+
assert_with_error!(env, Self::total_signers(env) >= threshold, DvnError::TotalSignersLessThanThreshold);
|
|
37
|
+
|
|
38
|
+
DvnStorage::set_threshold(env, &threshold);
|
|
39
|
+
|
|
40
|
+
ThresholdSet { threshold }.publish(env);
|
|
23
41
|
}
|
|
24
42
|
|
|
43
|
+
/// Returns the list of all registered signers.
|
|
25
44
|
fn get_signers(env: &Env) -> Vec<BytesN<20>> {
|
|
26
|
-
|
|
45
|
+
DvnStorage::signers(env)
|
|
27
46
|
}
|
|
28
47
|
|
|
48
|
+
/// Returns the total number of registered signers.
|
|
29
49
|
fn total_signers(env: &Env) -> u32 {
|
|
30
|
-
|
|
50
|
+
DvnStorage::signers(env).len()
|
|
31
51
|
}
|
|
32
52
|
|
|
53
|
+
/// Checks if an address is a registered signer.
|
|
33
54
|
fn is_signer(env: &Env, signer: &BytesN<20>) -> bool {
|
|
34
|
-
|
|
55
|
+
DvnStorage::signers(env).iter().any(|s| &s == signer)
|
|
35
56
|
}
|
|
36
57
|
|
|
58
|
+
/// Returns the current signature threshold.
|
|
37
59
|
fn threshold(env: &Env) -> u32 {
|
|
38
|
-
|
|
60
|
+
DvnStorage::threshold(env)
|
|
39
61
|
}
|
|
40
62
|
|
|
63
|
+
/// Verifies signatures against the current threshold.
|
|
41
64
|
fn verify_signatures(env: &Env, hash: &BytesN<32>, signatures: &Vec<BytesN<65>>) {
|
|
42
65
|
Self::verify_n_signatures(env, hash, signatures, Self::threshold(env));
|
|
43
66
|
}
|
|
44
67
|
|
|
68
|
+
/// Verifies that at least `threshold` valid signatures exist for the given hash.
|
|
69
|
+
///
|
|
70
|
+
/// Signatures must be:
|
|
71
|
+
/// - From registered signers
|
|
72
|
+
/// - Sorted by signer address (ascending, no duplicates)
|
|
45
73
|
fn verify_n_signatures(env: &Env, hash: &BytesN<32>, signatures: &Vec<BytesN<65>>, threshold: u32) {
|
|
46
|
-
assert_with_error!(env, threshold > 0,
|
|
47
|
-
assert_with_error!(env, signatures.len() >= threshold,
|
|
74
|
+
assert_with_error!(env, threshold > 0, DvnError::ZeroThreshold);
|
|
75
|
+
assert_with_error!(env, signatures.len() >= threshold, DvnError::SignatureError);
|
|
48
76
|
|
|
49
77
|
let mut last_signer: Option<BytesN<20>> = None;
|
|
50
78
|
signatures.iter().for_each(|signature| {
|
|
51
|
-
let signer = recover_signer(env, hash, &signature);
|
|
79
|
+
let signer = Self::recover_signer(env, hash, &signature);
|
|
52
80
|
|
|
53
|
-
// Signers must be strictly increasing
|
|
54
|
-
assert_with_error!(
|
|
55
|
-
|
|
56
|
-
last_signer.as_ref().is_none_or(|last| &signer > last),
|
|
57
|
-
MultisigError::UnsortedSigners
|
|
58
|
-
);
|
|
59
|
-
assert_with_error!(env, Self::is_signer(env, &signer), MultisigError::SignerNotFound);
|
|
81
|
+
// Signers must be strictly increasing (ensures no duplicates)
|
|
82
|
+
assert_with_error!(env, last_signer.as_ref().is_none_or(|last| &signer > last), DvnError::UnsortedSigners);
|
|
83
|
+
assert_with_error!(env, Self::is_signer(env, &signer), DvnError::SignerNotFound);
|
|
60
84
|
|
|
61
85
|
last_signer = Some(signer);
|
|
62
86
|
});
|
|
@@ -64,64 +88,66 @@ impl IMultisig for Dvn {
|
|
|
64
88
|
}
|
|
65
89
|
|
|
66
90
|
// ============================================================================
|
|
67
|
-
// Internal
|
|
91
|
+
// Internal Functions
|
|
68
92
|
// ============================================================================
|
|
69
93
|
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
MultisigStorage::set_signers(env, &signers);
|
|
78
|
-
|
|
79
|
-
SignerSet { signer: signer.clone(), active: true }.publish(env);
|
|
80
|
-
}
|
|
94
|
+
impl LzDVN {
|
|
95
|
+
/// Initializes the multisig with a set of signers and threshold.
|
|
96
|
+
/// Called during contract construction.
|
|
97
|
+
pub fn init_multisig(env: &Env, signers: &Vec<BytesN<20>>, threshold: u32) {
|
|
98
|
+
signers.iter().for_each(|signer| Self::add_signer(env, &signer));
|
|
99
|
+
Self::set_threshold(env, threshold);
|
|
100
|
+
}
|
|
81
101
|
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
signers
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
}
|
|
102
|
+
/// Adds a new signer to the multisig.
|
|
103
|
+
///
|
|
104
|
+
/// # Errors
|
|
105
|
+
/// - `InvalidSigner` if the signer is the zero address
|
|
106
|
+
/// - `SignerAlreadyExists` if the signer is already registered
|
|
107
|
+
fn add_signer(env: &Env, signer: &BytesN<20>) {
|
|
108
|
+
let zero_signer = BytesN::from_array(env, &[0u8; 20]);
|
|
109
|
+
assert_with_error!(env, signer != &zero_signer, DvnError::InvalidSigner);
|
|
110
|
+
|
|
111
|
+
let mut signers = Self::get_signers(env);
|
|
112
|
+
assert_with_error!(env, !signers.iter().any(|s| &s == signer), DvnError::SignerAlreadyExists);
|
|
113
|
+
signers.push_back(signer.clone());
|
|
114
|
+
DvnStorage::set_signers(env, &signers);
|
|
115
|
+
|
|
116
|
+
SignerSet { signer: signer.clone(), active: true }.publish(env);
|
|
117
|
+
}
|
|
98
118
|
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
119
|
+
/// Removes a signer from the multisig.
|
|
120
|
+
///
|
|
121
|
+
/// # Errors
|
|
122
|
+
/// - `SignerNotFound` if the signer is not registered
|
|
123
|
+
/// - `TotalSignersLessThanThreshold` if removal would violate threshold constraint
|
|
124
|
+
fn remove_signer(env: &Env, signer: &BytesN<20>) {
|
|
125
|
+
let mut signers = Self::get_signers(env);
|
|
126
|
+
let index = signers.first_index_of(signer);
|
|
127
|
+
assert_with_error!(env, index.is_some(), DvnError::SignerNotFound);
|
|
106
128
|
|
|
107
|
-
|
|
129
|
+
signers.remove(index.unwrap());
|
|
108
130
|
|
|
109
|
-
|
|
110
|
-
|
|
131
|
+
// Ensure removal doesn't violate threshold constraint
|
|
132
|
+
assert_with_error!(env, signers.len() >= Self::threshold(env), DvnError::TotalSignersLessThanThreshold);
|
|
133
|
+
DvnStorage::set_signers(env, &signers);
|
|
111
134
|
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
set_threshold(env, threshold);
|
|
116
|
-
}
|
|
135
|
+
SignerSet { signer: signer.clone(), active: false }.publish(env);
|
|
136
|
+
}
|
|
117
137
|
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
138
|
+
/// Recovers the Ethereum-style signer address from a secp256k1 signature.
|
|
139
|
+
///
|
|
140
|
+
/// The signature format is 65 bytes: r (32) + s (32) + v (1).
|
|
141
|
+
/// Returns the last 20 bytes of keccak256(uncompressed_pubkey[1..65]).
|
|
142
|
+
fn recover_signer(env: &Env, digest: &BytesN<32>, signature: &BytesN<65>) -> BytesN<20> {
|
|
143
|
+
let sig_bytes: Bytes = signature.into();
|
|
144
|
+
let v = sig_bytes.get(64).unwrap();
|
|
145
|
+
let recovery_id = if (27..=30).contains(&v) { v - 27 } else { v };
|
|
146
|
+
let sig_rs: BytesN<64> = sig_bytes.slice(0..64).try_into().unwrap();
|
|
123
147
|
|
|
124
|
-
|
|
148
|
+
let public_key = env.crypto_hazmat().secp256k1_recover(digest, &sig_rs, recovery_id as u32);
|
|
125
149
|
|
|
126
|
-
|
|
150
|
+
// Derive Ethereum address: keccak256(pubkey[1..65])[12..32]
|
|
151
|
+
Bytes::from(env.crypto().keccak256(&Bytes::from(public_key).slice(1..65))).slice(12..32).try_into().unwrap()
|
|
152
|
+
}
|
|
127
153
|
}
|
|
@@ -2,33 +2,30 @@ use crate::DstConfig;
|
|
|
2
2
|
use common_macros::storage;
|
|
3
3
|
use soroban_sdk::{BytesN, Vec};
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
// Multisig Storage
|
|
7
|
-
// ============================================================================
|
|
8
|
-
|
|
5
|
+
/// DVN contract storage keys.
|
|
9
6
|
#[storage]
|
|
10
|
-
pub enum
|
|
7
|
+
pub enum DvnStorage {
|
|
8
|
+
// ======================== Multisig ========================
|
|
9
|
+
/// List of authorized signer addresses (20-byte Ethereum addresses).
|
|
11
10
|
#[persistent(Vec<BytesN<20>>)]
|
|
12
11
|
#[default(Vec::new(env))]
|
|
13
12
|
Signers,
|
|
14
13
|
|
|
14
|
+
/// Minimum number of signatures required for multisig operations.
|
|
15
15
|
#[instance(u32)]
|
|
16
16
|
#[default(0)]
|
|
17
17
|
Threshold,
|
|
18
|
-
}
|
|
19
18
|
|
|
20
|
-
//
|
|
21
|
-
|
|
22
|
-
// ============================================================================
|
|
23
|
-
|
|
24
|
-
#[storage]
|
|
25
|
-
pub enum DvnStorage {
|
|
19
|
+
// ======================== DVN ============================
|
|
20
|
+
/// Verifier ID - unique identifier for this DVN instance.
|
|
26
21
|
#[instance(u32)]
|
|
27
22
|
Vid,
|
|
28
23
|
|
|
24
|
+
/// Destination chain configuration, keyed by endpoint ID.
|
|
29
25
|
#[persistent(DstConfig)]
|
|
30
26
|
DstConfig { dst_eid: u32 },
|
|
31
27
|
|
|
28
|
+
/// Tracks used hashes for replay protection.
|
|
32
29
|
#[persistent(bool)]
|
|
33
30
|
#[default(false)]
|
|
34
31
|
UsedHash { hash: BytesN<32> },
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
use crate::tests::setup::{TestSetup, VID};
|
|
2
|
-
use crate::{
|
|
2
|
+
use crate::{
|
|
3
|
+
dvn::auth::{Sender, TransactionAuthData},
|
|
4
|
+
errors::DvnError,
|
|
5
|
+
};
|
|
3
6
|
use ed25519_dalek::{Signer, SigningKey};
|
|
4
7
|
use rand::thread_rng;
|
|
5
8
|
use soroban_sdk::{auth::Context, vec, Bytes, BytesN, Env, IntoVal, Vec};
|
|
@@ -49,13 +52,18 @@ fn test_check_auth_success() {
|
|
|
49
52
|
let auth_contexts: Vec<Context> = Vec::new(&env);
|
|
50
53
|
|
|
51
54
|
let payload = BytesN::from_array(&env, &[0u8; 32]);
|
|
52
|
-
let
|
|
53
|
-
let
|
|
55
|
+
let public_key = admin_kp.public_key(&env);
|
|
56
|
+
let signature = admin_kp.sign(&env, &payload.to_array());
|
|
54
57
|
|
|
55
58
|
let hash = hash_auth_data(&env, VID, expiration, &auth_contexts);
|
|
56
59
|
let sig = setup.key_pairs[0].sign_bytes(&env, &hash);
|
|
57
60
|
|
|
58
|
-
let tx_auth = TransactionAuthData {
|
|
61
|
+
let tx_auth = TransactionAuthData {
|
|
62
|
+
vid: VID,
|
|
63
|
+
expiration,
|
|
64
|
+
signatures: vec![&env, sig],
|
|
65
|
+
sender: Sender::Admin(public_key, signature),
|
|
66
|
+
};
|
|
59
67
|
|
|
60
68
|
let res = env.try_invoke_contract_check_auth::<DvnError>(
|
|
61
69
|
&setup.contract_id,
|
|
@@ -78,13 +86,18 @@ fn test_check_auth_not_admin() {
|
|
|
78
86
|
let auth_contexts: Vec<Context> = Vec::new(&env);
|
|
79
87
|
|
|
80
88
|
let payload = BytesN::from_array(&env, &[0u8; 32]);
|
|
81
|
-
let
|
|
82
|
-
let
|
|
89
|
+
let public_key = non_admin_kp.public_key(&env);
|
|
90
|
+
let signature = non_admin_kp.sign(&env, &payload.to_array());
|
|
83
91
|
|
|
84
92
|
let hash = hash_auth_data(&env, VID, expiration, &auth_contexts);
|
|
85
93
|
let sig = setup.key_pairs[0].sign_bytes(&env, &hash);
|
|
86
94
|
|
|
87
|
-
let tx_auth = TransactionAuthData {
|
|
95
|
+
let tx_auth = TransactionAuthData {
|
|
96
|
+
vid: VID,
|
|
97
|
+
expiration,
|
|
98
|
+
signatures: vec![&env, sig],
|
|
99
|
+
sender: Sender::Admin(public_key, signature),
|
|
100
|
+
};
|
|
88
101
|
|
|
89
102
|
let res = env.try_invoke_contract_check_auth::<DvnError>(
|
|
90
103
|
&setup.contract_id,
|
|
@@ -108,24 +121,28 @@ fn test_check_auth_wrong_signer_fails() {
|
|
|
108
121
|
let auth_contexts: Vec<Context> = Vec::new(&env);
|
|
109
122
|
|
|
110
123
|
let payload = BytesN::from_array(&env, &[0u8; 32]);
|
|
111
|
-
let
|
|
112
|
-
let
|
|
124
|
+
let public_key = admin_kp.public_key(&env);
|
|
125
|
+
let signature = admin_kp.sign(&env, &payload.to_array());
|
|
113
126
|
|
|
114
127
|
let hash = hash_auth_data(&env, VID, expiration, &auth_contexts);
|
|
115
128
|
let wrong_sig = crate::tests::key_pair::KeyPair::generate().sign_bytes(&env, &hash);
|
|
116
129
|
|
|
117
|
-
let tx_auth =
|
|
118
|
-
|
|
130
|
+
let tx_auth = TransactionAuthData {
|
|
131
|
+
vid: VID,
|
|
132
|
+
expiration,
|
|
133
|
+
signatures: vec![&env, wrong_sig],
|
|
134
|
+
sender: Sender::Admin(public_key, signature),
|
|
135
|
+
};
|
|
119
136
|
|
|
120
|
-
// verify_signatures panics with
|
|
121
|
-
let res = env.try_invoke_contract_check_auth::<
|
|
137
|
+
// verify_signatures panics with DvnError::SignerNotFound when signer is not found
|
|
138
|
+
let res = env.try_invoke_contract_check_auth::<DvnError>(
|
|
122
139
|
&setup.contract_id,
|
|
123
140
|
&payload,
|
|
124
141
|
tx_auth.into_val(&env),
|
|
125
142
|
&auth_contexts,
|
|
126
143
|
);
|
|
127
144
|
|
|
128
|
-
assert_eq!(res, Err(Ok(
|
|
145
|
+
assert_eq!(res, Err(Ok(DvnError::SignerNotFound)));
|
|
129
146
|
}
|
|
130
147
|
|
|
131
148
|
#[test]
|
|
@@ -141,14 +158,18 @@ fn test_check_auth_invalid_vid_fails() {
|
|
|
141
158
|
let auth_contexts: Vec<Context> = Vec::new(&env);
|
|
142
159
|
|
|
143
160
|
let payload = BytesN::from_array(&env, &[0u8; 32]);
|
|
144
|
-
let
|
|
145
|
-
let
|
|
161
|
+
let public_key = admin_kp.public_key(&env);
|
|
162
|
+
let signature = admin_kp.sign(&env, &payload.to_array());
|
|
146
163
|
|
|
147
164
|
let hash = hash_auth_data(&env, wrong_vid, expiration, &auth_contexts);
|
|
148
165
|
let sig = setup.key_pairs[0].sign_bytes(&env, &hash);
|
|
149
166
|
|
|
150
|
-
let tx_auth =
|
|
151
|
-
|
|
167
|
+
let tx_auth = TransactionAuthData {
|
|
168
|
+
vid: wrong_vid,
|
|
169
|
+
expiration,
|
|
170
|
+
signatures: vec![&env, sig],
|
|
171
|
+
sender: Sender::Admin(public_key, signature),
|
|
172
|
+
};
|
|
152
173
|
|
|
153
174
|
let res = env.try_invoke_contract_check_auth::<DvnError>(
|
|
154
175
|
&setup.contract_id,
|
|
@@ -172,13 +193,18 @@ fn test_check_auth_expired_fails() {
|
|
|
172
193
|
let auth_contexts: Vec<Context> = Vec::new(&env);
|
|
173
194
|
|
|
174
195
|
let payload = BytesN::from_array(&env, &[0u8; 32]);
|
|
175
|
-
let
|
|
176
|
-
let
|
|
196
|
+
let public_key = admin_kp.public_key(&env);
|
|
197
|
+
let signature = admin_kp.sign(&env, &payload.to_array());
|
|
177
198
|
|
|
178
199
|
let hash = hash_auth_data(&env, VID, expiration, &auth_contexts);
|
|
179
200
|
let sig = setup.key_pairs[0].sign_bytes(&env, &hash);
|
|
180
201
|
|
|
181
|
-
let tx_auth = TransactionAuthData {
|
|
202
|
+
let tx_auth = TransactionAuthData {
|
|
203
|
+
vid: VID,
|
|
204
|
+
expiration,
|
|
205
|
+
signatures: vec![&env, sig],
|
|
206
|
+
sender: Sender::Admin(public_key, signature),
|
|
207
|
+
};
|
|
182
208
|
|
|
183
209
|
let res = env.try_invoke_contract_check_auth::<DvnError>(
|
|
184
210
|
&setup.contract_id,
|
|
@@ -202,8 +228,8 @@ fn test_check_auth_hash_already_used_fails() {
|
|
|
202
228
|
let auth_contexts: Vec<Context> = Vec::new(&env);
|
|
203
229
|
|
|
204
230
|
let payload = BytesN::from_array(&env, &[0u8; 32]);
|
|
205
|
-
let
|
|
206
|
-
let
|
|
231
|
+
let public_key = admin_kp.public_key(&env);
|
|
232
|
+
let signature = admin_kp.sign(&env, &payload.to_array());
|
|
207
233
|
|
|
208
234
|
let hash = hash_auth_data(&env, VID, expiration, &auth_contexts);
|
|
209
235
|
let sig = setup.key_pairs[0].sign_bytes(&env, &hash);
|
|
@@ -212,8 +238,7 @@ fn test_check_auth_hash_already_used_fails() {
|
|
|
212
238
|
vid: VID,
|
|
213
239
|
expiration,
|
|
214
240
|
signatures: vec![&env, sig.clone()],
|
|
215
|
-
|
|
216
|
-
admin_signature: admin_signature.clone(),
|
|
241
|
+
sender: Sender::Admin(public_key.clone(), signature.clone()),
|
|
217
242
|
};
|
|
218
243
|
|
|
219
244
|
let res = env.try_invoke_contract_check_auth::<DvnError>(
|
|
@@ -224,7 +249,12 @@ fn test_check_auth_hash_already_used_fails() {
|
|
|
224
249
|
);
|
|
225
250
|
assert!(res.is_ok());
|
|
226
251
|
|
|
227
|
-
let tx_auth2 = TransactionAuthData {
|
|
252
|
+
let tx_auth2 = TransactionAuthData {
|
|
253
|
+
vid: VID,
|
|
254
|
+
expiration,
|
|
255
|
+
signatures: vec![&env, sig],
|
|
256
|
+
sender: Sender::Admin(public_key, signature),
|
|
257
|
+
};
|
|
228
258
|
|
|
229
259
|
let res2 = env.try_invoke_contract_check_auth::<DvnError>(
|
|
230
260
|
&setup.contract_id,
|