@layerzerolabs/protocol-stellar-v2 0.2.20 → 0.2.22

package/contracts/oapps/oft-core/src/tests/test_msg_inspector.rs

@@ -0,0 +1,323 @@
+//! Tests for the OApp Message Inspector feature.
+
+use crate::tests::test_utils::{create_send_param, OFTTestSetup};
+use common_macros::contract_error;
+use endpoint_v2::MessagingFee;
+use oapp::interfaces::IOAppMsgInspector;
+use soroban_sdk::{
+    contract, contractimpl, panic_with_error,
+    testutils::{Address as _, MockAuth, MockAuthInvoke},
+    Address, Bytes, BytesN, Env, IntoVal,
+};
+
+// ==================== Mock Inspector Contracts ====================
+
+/// A mock inspector that always passes (does nothing)
+#[contract]
+pub struct PassingInspector;
+
+#[contractimpl]
+impl IOAppMsgInspector for PassingInspector {
+    fn inspect(_env: &Env, _oapp: &Address, _message: &Bytes, _options: &Bytes) {
+        // Do nothing - inspection passes
+    }
+}
+
+#[contract_error]
+pub enum InspectorError {
+    InspectionFailed = 1,
+}
+
+/// A mock inspector that always fails (panics)
+#[contract]
+pub struct FailingInspector;
+
+#[contractimpl]
+impl IOAppMsgInspector for FailingInspector {
+    fn inspect(env: &Env, _oapp: &Address, _message: &Bytes, _options: &Bytes) {
+        panic_with_error!(env, InspectorError::InspectionFailed);
+    }
+}
+
+// ==================== Storage Tests ====================
+
+#[test]
+fn test_msg_inspector_not_set_by_default() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // msg_inspector should be None by default
+    let inspector = setup.oft.msg_inspector();
+    assert_eq!(inspector, None);
+}
+
+#[test]
+fn test_set_msg_inspector() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy a passing inspector
+    let inspector_address = env.register(PassingInspector, ());
+
+    // Owner sets the inspector
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&Some(inspector_address.clone()));
+
+    // Verify inspector is set
+    let stored_inspector = setup.oft.msg_inspector();
+    assert_eq!(stored_inspector, Some(inspector_address));
+}
+
+#[test]
+fn test_remove_msg_inspector() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy and set a passing inspector first
+    let inspector_address = env.register(PassingInspector, ());
+
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&Some(inspector_address));
+
+    // Verify it's set
+    assert!(setup.oft.msg_inspector().is_some());
+
+    // Remove the inspector by setting to None
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&None::<Address>,).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&None);
+
+    // Verify inspector is removed
+    let stored_inspector = setup.oft.msg_inspector();
+    assert_eq!(stored_inspector, None);
+}
+
+// ==================== Access Control Tests ====================
+
+#[test]
+#[should_panic(expected = "HostError: Error(Auth, InvalidAction)")]
+fn test_set_msg_inspector_requires_owner() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy a passing inspector
+    let inspector_address = env.register(PassingInspector, ());
+
+    // Non-owner tries to set the inspector (no mock_auth for owner)
+    let non_owner = Address::generate(&env);
+    env.mock_auths(&[MockAuth {
+        address: &non_owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+
+    // This should panic because non_owner is not the owner
+    setup.oft.set_msg_inspector(&Some(inspector_address));
+}
+
+// ==================== Integration Tests with Send ====================
+
+#[test]
+fn test_send_without_inspector_succeeds() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    let sender = Address::generate(&env);
+
+    // Set peer
+    let peer = BytesN::from_array(&env, &[2u8; 32]);
+    let dst_eid = 100u32;
+    setup.set_peer(dst_eid, &peer);
+
+    let amount_ld = 12345670i128;
+    setup.fund_tokens(&sender, amount_ld);
+    setup.fund_native_fees(&sender, setup.native_fee);
+
+    let send_param = create_send_param(&env, dst_eid, amount_ld, amount_ld);
+    let fee = MessagingFee { native_fee: setup.native_fee, zro_fee: 0 };
+    let oft_receipt = setup.quote_oft(&send_param);
+
+    // Send without inspector set - should succeed
+    let (msg_receipt, oft_receipt) = setup.send(&sender, &send_param, &fee, &sender, &oft_receipt);
+
+    assert!(msg_receipt.nonce > 0);
+    assert_eq!(oft_receipt.amount_sent_ld, amount_ld);
+}
+
+#[test]
+fn test_send_with_passing_inspector() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy and set a passing inspector
+    let inspector_address = env.register(PassingInspector, ());
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&Some(inspector_address));
+
+    let sender = Address::generate(&env);
+
+    // Set peer
+    let peer = BytesN::from_array(&env, &[2u8; 32]);
+    let dst_eid = 100u32;
+    setup.set_peer(dst_eid, &peer);
+
+    let amount_ld = 12345670i128;
+    setup.fund_tokens(&sender, amount_ld);
+    setup.fund_native_fees(&sender, setup.native_fee);
+
+    let send_param = create_send_param(&env, dst_eid, amount_ld, amount_ld);
+    let fee = MessagingFee { native_fee: setup.native_fee, zro_fee: 0 };
+    let oft_receipt = setup.quote_oft(&send_param);
+
+    // Send with passing inspector - should succeed
+    let (msg_receipt, oft_receipt) = setup.send(&sender, &send_param, &fee, &sender, &oft_receipt);
+
+    assert!(msg_receipt.nonce > 0);
+    assert_eq!(oft_receipt.amount_sent_ld, amount_ld);
+}
+
+#[test]
+fn test_send_with_failing_inspector() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy and set a failing inspector
+    let inspector_address = env.register(FailingInspector, ());
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&Some(inspector_address));
+
+    let sender = Address::generate(&env);
+
+    // Set peer
+    let peer = BytesN::from_array(&env, &[2u8; 32]);
+    let dst_eid = 100u32;
+    setup.set_peer(dst_eid, &peer);
+
+    let amount_ld = 12345670i128;
+    setup.fund_tokens(&sender, amount_ld);
+    setup.fund_native_fees(&sender, setup.native_fee);
+
+    let send_param = create_send_param(&env, dst_eid, amount_ld, amount_ld);
+    let fee = MessagingFee { native_fee: setup.native_fee, zro_fee: 0 };
+    let oft_receipt = setup.quote_oft(&send_param);
+
+    // Send with failing inspector - should fail
+    let result = setup.try_send(&sender, &send_param, &fee, &sender, &oft_receipt);
+
+    // Verify the send failed due to inspector
+    assert!(result.is_err() || result.unwrap().is_err());
+}
+
+// ==================== Integration Tests with Quote ====================
+
+#[test]
+fn test_quote_send_with_passing_inspector() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy and set a passing inspector
+    let inspector_address = env.register(PassingInspector, ());
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&Some(inspector_address));
+
+    let sender = Address::generate(&env);
+
+    // Set peer
+    let peer = BytesN::from_array(&env, &[2u8; 32]);
+    let dst_eid = 100u32;
+    setup.set_peer(dst_eid, &peer);
+
+    let amount_ld = 12345670i128;
+    let send_param = create_send_param(&env, dst_eid, amount_ld, amount_ld);
+
+    // Quote with passing inspector - should succeed
+    let fee = setup.oft.quote_send(&sender, &send_param, &false);
+
+    assert!(fee.native_fee > 0);
+}
+
+#[test]
+fn test_quote_send_with_failing_inspector() {
+    let env = Env::default();
+    let setup = OFTTestSetup::new(&env);
+
+    // Deploy and set a failing inspector
+    let inspector_address = env.register(FailingInspector, ());
+    env.mock_auths(&[MockAuth {
+        address: &setup.owner,
+        invoke: &MockAuthInvoke {
+            contract: &setup.oft.address,
+            fn_name: "set_msg_inspector",
+            args: (&Some(inspector_address.clone()),).into_val(&env),
+            sub_invokes: &[],
+        },
+    }]);
+    setup.oft.set_msg_inspector(&Some(inspector_address));
+
+    let sender = Address::generate(&env);
+
+    // Set peer
+    let peer = BytesN::from_array(&env, &[2u8; 32]);
+    let dst_eid = 100u32;
+    setup.set_peer(dst_eid, &peer);
+
+    let amount_ld = 12345670i128;
+    let send_param = create_send_param(&env, dst_eid, amount_ld, amount_ld);
+
+    // Quote with failing inspector - should fail
+    let result = setup.oft.try_quote_send(&sender, &send_param, &false);
+
+    // Verify the quote failed due to inspector
+    assert!(result.is_err());
+}

package/contracts/oapps/oft-core/src/tests/test_send.rs

@@ -11,7 +11,7 @@ use soroban_sdk::{
     testutils::{Address as _, MockAuth, MockAuthInvoke},
     Address, Bytes, BytesN, Env, IntoVal,
 };
-use utils::testing_utils::assert_event;
+use utils::testing_utils::assert_contains_event;
 
 use super::test_utils::{create_send_param, OFTTestSetup};
 
@@ -349,7 +349,7 @@ fn test_send_emits_oft_sent_event() {
     let (msg_receipt, oft_receipt) = setup.send(&sender, &send_param, &fee, &sender, &quoted_receipt);
 
     // Assert OFTSent event was emitted with correct values
-    assert_event(
+    assert_contains_event(
         &env,
         &setup.oft.address,
         OFTSent {

package/contracts/oapps/oft-core/src/tests/test_utils.rs

@@ -16,8 +16,6 @@ use soroban_sdk::{
     token::{StellarAssetClient, TokenClient},
     Address, Bytes, BytesN, Env, IntoVal, String, Symbol,
 };
-use stellar_macros::default_impl;
-use stellar_tokens::fungible::{Base, FungibleToken};
 
 // ==================== Constants ====================
 
@@ -106,7 +104,7 @@ pub fn create_origin(src_eid: u32, sender: &BytesN<32>, nonce: u64) -> Origin {
 mod test_mint_burn_oft {
     use crate::{
         self as oft_core,
-        oft_core::{lz_receive, OFTCore, OFTInternal},
+        oft_core::{OFTCore, OFTInternal},
         types::OFTReceipt,
     };
     use endpoint_v2::Origin;
@@ -150,7 +148,7 @@ mod test_mint_burn_oft {
             executor: &Address,
             value: i128,
         ) {
-            lz_receive::<Self>(env, executor, origin, guid, message, extra_data, value)
+            <Self as OFTInternal>::__receive(env, origin, guid, message, extra_data, executor, value)
         }
     }
 
@@ -174,7 +172,7 @@ pub use test_mint_burn_oft::TestMintBurnOFT;
 mod test_lock_unlock_oft {
     use crate::{
         self as oft_core,
-        oft_core::{lz_receive, OFTCore, OFTInternal},
+        oft_core::{OFTCore, OFTInternal},
         types::OFTReceipt,
     };
     use endpoint_v2::Origin;
@@ -211,7 +209,7 @@ mod test_lock_unlock_oft {
             executor: &Address,
             value: i128,
         ) {
-            lz_receive::<Self>(env, executor, origin, guid, message, extra_data, value)
+            <Self as OFTInternal>::__receive(env, origin, guid, message, extra_data, executor, value)
         }
     }
 
@@ -251,6 +249,7 @@ impl DummyRecipient {
     pub fn __constructor(_env: &Env) {}
 }
 
+/// Simple token contract for testing (replaces OpenZeppelin dependency)
 #[contract]
 pub struct DummyToken;
 
@@ -260,9 +259,19 @@ impl DummyToken {
         env.storage().instance().get(&symbol_short!("admin")).unwrap()
     }
 
+    fn get_balance(env: &Env, addr: &Address) -> i128 {
+        env.storage().persistent().get(&addr).unwrap_or(0)
+    }
+
+    fn set_balance(env: &Env, addr: &Address, amount: i128) {
+        env.storage().persistent().set(&addr, &amount);
+    }
+
     pub fn __constructor(env: &Env, owner: Address, decimals: u32) {
-        Base::set_metadata(env, decimals, String::from_str(env, "DummyToken"), String::from_str(env, "DUMMY"));
         env.storage().instance().set(&symbol_short!("admin"), &owner);
+        env.storage().instance().set(&symbol_short!("decimal"), &decimals);
+        env.storage().instance().set(&symbol_short!("name"), &String::from_str(env, "DummyToken"));
+        env.storage().instance().set(&symbol_short!("symbol"), &String::from_str(env, "DUMMY"));
     }
 
     // keep the same behavior as SAC that requires admin's authorization
@@ -273,21 +282,57 @@ impl DummyToken {
 
     pub fn mint(env: &Env, to: &Address, amount: i128) {
         Self::admin(env).require_auth();
-        Base::mint(env, &to, amount);
+        if amount < 0 {
+            panic!("negative amount");
+        }
+        let balance = Self::get_balance(env, to);
+        Self::set_balance(env, to, balance + amount);
         log!(&env, "minted {} to {}", amount, to);
     }
 
     // keep the same behavior as SAC that requires from's authorization
     pub fn burn(env: &Env, from: &Address, amount: i128) {
-        Base::burn(env, &from, amount);
+        from.require_auth();
+        if amount < 0 {
+            panic!("negative amount");
+        }
+        let balance = Self::get_balance(env, from);
+        if balance < amount {
+            panic!("insufficient balance");
+        }
+        Self::set_balance(env, from, balance - amount);
         log!(&env, "burned {} from {}", amount, from);
     }
-}
 
-#[default_impl]
-#[contractimpl]
-impl FungibleToken for DummyToken {
-    type ContractType = Base;
+    pub fn balance(env: &Env, id: Address) -> i128 {
+        Self::get_balance(env, &id)
+    }
+
+    pub fn transfer(env: &Env, from: Address, to: Address, amount: i128) {
+        from.require_auth();
+        if amount < 0 {
+            panic!("negative amount");
+        }
+        let from_balance = Self::get_balance(env, &from);
+        if from_balance < amount {
+            panic!("insufficient balance");
+        }
+        Self::set_balance(env, &from, from_balance - amount);
+        let to_balance = Self::get_balance(env, &to);
+        Self::set_balance(env, &to, to_balance + amount);
+    }
+
+    pub fn decimals(env: &Env) -> u32 {
+        env.storage().instance().get(&symbol_short!("decimal")).unwrap_or(7)
+    }
+
+    pub fn name(env: &Env) -> String {
+        env.storage().instance().get(&symbol_short!("name")).unwrap()
+    }
+
+    pub fn symbol(env: &Env) -> String {
+        env.storage().instance().get(&symbol_short!("symbol")).unwrap()
+    }
 }
 
 // ==================== Mock Endpoint ====================

package/contracts/utils/Cargo.toml

@@ -18,4 +18,3 @@ common-macros = { workspace = true }
 
 [dev-dependencies]
 soroban-sdk = { workspace = true, features = ["testutils"] }
-stellar-strkey = "0.0.14"

package/contracts/utils/src/errors.rs

@@ -1,7 +1,7 @@
 use common_macros::contract_error;
 
 // Utils library error codes: 1000-1099
-// See ERROR_SPEC.md for allocation rules
+// See docs/error-spec.md for allocation rules
 
 /// BufferReaderError: 1000-1009
 #[contract_error]

package/contracts/utils/src/multisig.rs

@@ -58,7 +58,7 @@ pub trait Multisig: Auth {
     // ===========================================================================
 
     /// Adds or removes a signer from the multisig. Requires owner authorization.
-    fn set_signer(env: &Env, signer: &BytesN<20>, active: bool) {
+    fn set_signer(env: &soroban_sdk::Env, signer: &soroban_sdk::BytesN<20>, active: bool) {
         auth::require_auth::<Self>(env);
         match active {
             true => add_signer(env, signer),
@@ -67,7 +67,7 @@ pub trait Multisig: Auth {
     }
 
     /// Sets the signature threshold (quorum). Requires owner authorization.
-    fn set_threshold(env: &Env, threshold: u32) {
+    fn set_threshold(env: &soroban_sdk::Env, threshold: u32) {
         auth::require_auth::<Self>(env);
         set_threshold(env, threshold);
     }
@@ -77,22 +77,22 @@ pub trait Multisig: Auth {
     // ===========================================================================
 
     /// Returns all registered signers.
-    fn get_signers(env: &Env) -> Vec<BytesN<20>> {
+    fn get_signers(env: &soroban_sdk::Env) -> soroban_sdk::Vec<soroban_sdk::BytesN<20>> {
         MultisigStorage::signers(env)
     }
 
     /// Returns the total number of registered signers.
-    fn total_signers(env: &Env) -> u32 {
+    fn total_signers(env: &soroban_sdk::Env) -> u32 {
         MultisigStorage::signers(env).len()
     }
 
     /// Checks if an address is a registered signer.
-    fn is_signer(env: &Env, signer: &BytesN<20>) -> bool {
+    fn is_signer(env: &soroban_sdk::Env, signer: &soroban_sdk::BytesN<20>) -> bool {
         MultisigStorage::signers(env).iter().any(|s| &s == signer)
     }
 
     /// Returns the current signature threshold (quorum).
-    fn threshold(env: &Env) -> u32 {
+    fn threshold(env: &soroban_sdk::Env) -> u32 {
         MultisigStorage::threshold(env)
     }
 
@@ -101,12 +101,21 @@ pub trait Multisig: Auth {
     // ===========================================================================
 
     /// Verifies signatures against the configured threshold.
-    fn verify_signatures(env: &Env, digest: &BytesN<32>, signatures: &Vec<BytesN<65>>) {
+    fn verify_signatures(
+        env: &soroban_sdk::Env,
+        digest: &soroban_sdk::BytesN<32>,
+        signatures: &soroban_sdk::Vec<soroban_sdk::BytesN<65>>,
+    ) {
         Self::verify_n_signatures(env, digest, signatures, MultisigStorage::threshold(env));
     }
 
     /// Verifies signatures against a custom threshold.
-    fn verify_n_signatures(env: &Env, digest: &BytesN<32>, signatures: &Vec<BytesN<65>>, threshold: u32) {
+    fn verify_n_signatures(
+        env: &soroban_sdk::Env,
+        digest: &soroban_sdk::BytesN<32>,
+        signatures: &soroban_sdk::Vec<soroban_sdk::BytesN<65>>,
+        threshold: u32,
+    ) {
         assert_with_error!(env, threshold > 0, MultisigError::ZeroThreshold);
         assert_with_error!(env, signatures.len() >= threshold, MultisigError::SignatureError);
 

package/contracts/utils/src/ownable.rs

@@ -64,12 +64,12 @@ pub trait Ownable: Sized + Auth {
     // ===========================================================================
 
     /// Returns the current owner address, or None if no owner is set.
-    fn owner(env: &Env) -> Option<Address> {
+    fn owner(env: &soroban_sdk::Env) -> Option<soroban_sdk::Address> {
         OwnableStorage::owner(env)
     }
 
     /// Returns the pending owner address for 2-step transfer, or None if no transfer is pending.
-    fn pending_owner(env: &Env) -> Option<Address> {
+    fn pending_owner(env: &soroban_sdk::Env) -> Option<soroban_sdk::Address> {
         OwnableStorage::pending_owner(env)
     }
 
@@ -85,7 +85,7 @@ pub trait Ownable: Sized + Auth {
     /// # Panics
     /// - `OwnerNotSet` if no owner is currently set
     /// - `TransferInProgress` if a 2-step transfer is in progress
-    fn transfer_ownership(env: &Env, new_owner: &Address) {
+    fn transfer_ownership(env: &soroban_sdk::Env, new_owner: &soroban_sdk::Address) {
         let old_owner = enforce_owner_auth::<Self>(env);
         assert_no_pending_transfer::<Self>(env);
 
@@ -112,7 +112,7 @@ pub trait Ownable: Sized + Auth {
     /// - `NoPendingTransfer` when cancelling and no pending transfer exists
     /// - `InvalidTtl` if ttl exceeds max TTL
     /// - `InvalidPendingOwner` when cancelling with wrong new_owner address
-    fn propose_ownership_transfer(env: &Env, new_owner: &Address, ttl: u32) {
+    fn propose_ownership_transfer(env: &soroban_sdk::Env, new_owner: &soroban_sdk::Address, ttl: u32) {
         let old_owner = enforce_owner_auth::<Self>(env);
 
         // Cancel case: ttl == 0
@@ -142,7 +142,7 @@ pub trait Ownable: Sized + Auth {
     ///
     /// # Panics
     /// - `NoPendingTransfer` if there is no pending transfer (or it expired)
-    fn accept_ownership(env: &Env) {
+    fn accept_ownership(env: &soroban_sdk::Env) {
         let new_owner = Self::pending_owner(env).unwrap_or_panic(env, OwnableError::NoPendingTransfer);
 
         // Require authorization from the pending owner
@@ -169,7 +169,7 @@ pub trait Ownable: Sized + Auth {
     /// # Panics
     /// - `OwnerNotSet` if no owner is currently set
     /// - `TransferInProgress` if a 2-step transfer is in progress (cancel it first)
-    fn renounce_ownership(env: &Env) {
+    fn renounce_ownership(env: &soroban_sdk::Env) {
         let old_owner = enforce_owner_auth::<Self>(env);
         assert_no_pending_transfer::<Self>(env);