@layerzerolabs/protocol-stellar-v2 0.2.34 → 0.2.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +281 -276
- package/.turbo/turbo-lint.log +209 -211
- package/.turbo/turbo-test.log +1705 -1701
- package/Cargo.lock +10 -10
- package/Cargo.toml +1 -1
- package/contracts/common-macros/src/auth.rs +5 -5
- package/contracts/common-macros/src/lib.rs +69 -0
- package/contracts/common-macros/src/rbac.rs +90 -0
- package/contracts/common-macros/src/storage.rs +7 -5
- package/contracts/common-macros/src/tests/lz_contract.rs +5 -7
- package/contracts/common-macros/src/tests/mod.rs +1 -0
- package/contracts/common-macros/src/tests/rbac.rs +420 -0
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__auth__snapshot_generated_multisig_code.snap +4 -4
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__auth__snapshot_generated_ownable_code.snap +5 -12
- package/contracts/common-macros/src/tests/snapshots/common_macros__tests__rbac__snapshot_preserve_function_signature.snap +17 -0
- package/contracts/common-macros/src/tests/storage/parse_name.rs +0 -1
- package/contracts/common-macros/src/tests/storage/snapshots/common_macros__tests__storage__generate_storage__snapshot_generated_storage_code.snap +3 -3
- package/contracts/endpoint-v2/src/endpoint_v2.rs +5 -4
- package/contracts/endpoint-v2/src/interfaces/messaging_channel.rs +7 -8
- package/contracts/endpoint-v2/src/messaging_channel.rs +78 -45
- package/contracts/endpoint-v2/src/storage.rs +8 -3
- package/contracts/endpoint-v2/src/tests/endpoint_setup.rs +2 -2
- package/contracts/endpoint-v2/src/tests/endpoint_v2/clear.rs +12 -15
- package/contracts/endpoint-v2/src/tests/endpoint_v2/verifiable.rs +46 -9
- package/contracts/endpoint-v2/src/tests/messaging_channel/burn.rs +7 -23
- package/contracts/endpoint-v2/src/tests/messaging_channel/clear_payload.rs +23 -20
- package/contracts/endpoint-v2/src/tests/messaging_channel/inbound.rs +94 -1
- package/contracts/endpoint-v2/src/tests/messaging_channel/inbound_nonce.rs +17 -15
- package/contracts/endpoint-v2/src/tests/messaging_channel/mod.rs +1 -1
- package/contracts/endpoint-v2/src/tests/messaging_channel/nilify.rs +48 -13
- package/contracts/endpoint-v2/src/tests/messaging_channel/pending_inbound_nonces.rs +111 -0
- package/contracts/endpoint-v2/src/tests/messaging_channel/skip.rs +15 -25
- package/contracts/layerzero-views/src/layerzero_view.rs +2 -2
- package/contracts/layerzero-views/src/tests/layerzero_view_tests.rs +3 -4
- package/contracts/layerzero-views/src/tests/setup.rs +0 -21
- package/contracts/macro-integration-tests/tests/runtime/lz_contract/wrapper_default.rs +1 -1
- package/contracts/macro-integration-tests/tests/runtime/lz_contract/wrapper_multisig.rs +1 -1
- package/contracts/macro-integration-tests/tests/runtime/lz_contract/wrapper_multisig_upgradeable.rs +1 -1
- package/contracts/macro-integration-tests/tests/runtime/multisig/self_auth.rs +1 -1
- package/contracts/macro-integration-tests/tests/runtime/ownable/initialization.rs +8 -5
- package/contracts/macro-integration-tests/tests/runtime/ownable/ownership_transfer.rs +2 -2
- package/contracts/macro-integration-tests/tests/runtime/rbac/guard_behavior.rs +91 -0
- package/contracts/macro-integration-tests/tests/runtime/rbac/mod.rs +30 -0
- package/contracts/macro-integration-tests/tests/runtime/ttl_configurable/configuration.rs +2 -2
- package/contracts/macro-integration-tests/tests/runtime/upgradeable/migrate_guard_and_state.rs +4 -4
- package/contracts/macro-integration-tests/tests/ui/lz_contract/pass/basic.rs +1 -1
- package/contracts/macro-integration-tests/tests/ui/ownable/pass/basic.rs +1 -1
- package/contracts/macro-integration-tests/tests/ui/rbac/fail/missing_env.rs +18 -0
- package/contracts/macro-integration-tests/tests/ui/rbac/fail/missing_env.stderr +16 -0
- package/contracts/macro-integration-tests/tests/ui/rbac/fail/param_not_address.rs +18 -0
- package/contracts/macro-integration-tests/tests/ui/rbac/fail/param_not_address.stderr +24 -0
- package/contracts/macro-integration-tests/tests/ui/rbac/fail/param_not_found.rs +18 -0
- package/contracts/macro-integration-tests/tests/ui/rbac/fail/param_not_found.stderr +24 -0
- package/contracts/macro-integration-tests/tests/ui/rbac/pass/basic.rs +71 -0
- package/contracts/macro-integration-tests/tests/ui_rbac.rs +12 -0
- package/contracts/message-libs/blocked-message-lib/src/lib.rs +4 -4
- package/contracts/message-libs/uln-302/src/send_uln.rs +5 -5
- package/contracts/oapps/counter/src/counter.rs +6 -0
- package/contracts/oapps/oapp/src/oapp_sender.rs +3 -2
- package/contracts/oapps/oft/src/extensions/oft_fee.rs +5 -0
- package/contracts/oapps/oft/src/interfaces/mintable.rs +2 -2
- package/contracts/oapps/oft/src/oft.rs +5 -4
- package/contracts/oapps/oft/src/tests/extensions/oft_fee.rs +2 -2
- package/contracts/oapps/oft/src/tests/extensions/pausable.rs +2 -2
- package/contracts/oapps/oft/src/tests/extensions/rate_limiter.rs +2 -2
- package/contracts/oapps/sac-manager/Cargo.toml +0 -1
- package/contracts/oapps/sac-manager/src/interfaces/mod.rs +3 -0
- package/contracts/oapps/sac-manager/src/interfaces/sac_admin_wrapper.rs +49 -0
- package/contracts/oapps/sac-manager/src/lib.rs +3 -3
- package/contracts/oapps/sac-manager/src/sac_manager.rs +45 -73
- package/contracts/oapps/sac-manager/src/storage.rs +2 -9
- package/contracts/oapps/sac-manager/src/tests/sac_manager/clawback.rs +8 -10
- package/contracts/oapps/sac-manager/src/tests/sac_manager/mint.rs +13 -18
- package/contracts/oapps/sac-manager/src/tests/sac_manager/mod.rs +0 -1
- package/contracts/oapps/sac-manager/src/tests/sac_manager/set_admin.rs +22 -12
- package/contracts/oapps/sac-manager/src/tests/sac_manager/set_authorized.rs +19 -9
- package/contracts/oapps/sac-manager/src/tests/sac_manager/test_helper.rs +27 -10
- package/contracts/oapps/sac-manager/src/tests/sac_manager/view_functions.rs +0 -15
- package/contracts/oapps/sac-manager/src/tests/test_helper.rs +19 -28
- package/contracts/upgrader/src/lib.rs +5 -2
- package/contracts/utils/src/auth.rs +6 -2
- package/contracts/utils/src/errors.rs +18 -0
- package/contracts/utils/src/lib.rs +1 -0
- package/contracts/utils/src/multisig.rs +5 -1
- package/contracts/utils/src/ownable.rs +1 -1
- package/contracts/utils/src/rbac.rs +428 -0
- package/contracts/utils/src/tests/auth.rs +2 -2
- package/contracts/utils/src/tests/mod.rs +1 -0
- package/contracts/utils/src/tests/multisig.rs +2 -2
- package/contracts/utils/src/tests/ownable.rs +4 -5
- package/contracts/utils/src/tests/rbac.rs +559 -0
- package/contracts/utils/src/tests/ttl_configurable.rs +5 -6
- package/contracts/utils/src/tests/upgradeable.rs +4 -5
- package/contracts/workers/worker/src/worker.rs +1 -1
- package/docs/layerzero-v2-on-stellar.md +46 -2
- package/package.json +3 -3
- package/sdk/.turbo/turbo-test.log +370 -372
- package/sdk/dist/generated/bml.d.ts +53 -3
- package/sdk/dist/generated/bml.js +27 -3
- package/sdk/dist/generated/counter.d.ts +84 -5
- package/sdk/dist/generated/counter.js +31 -4
- package/sdk/dist/generated/dvn.d.ts +55 -5
- package/sdk/dist/generated/dvn.js +28 -4
- package/sdk/dist/generated/dvn_fee_lib.d.ts +55 -5
- package/sdk/dist/generated/dvn_fee_lib.js +28 -4
- package/sdk/dist/generated/endpoint.d.ts +64 -15
- package/sdk/dist/generated/endpoint.js +32 -8
- package/sdk/dist/generated/executor.d.ts +55 -5
- package/sdk/dist/generated/executor.js +28 -4
- package/sdk/dist/generated/executor_fee_lib.d.ts +55 -5
- package/sdk/dist/generated/executor_fee_lib.js +28 -4
- package/sdk/dist/generated/executor_helper.d.ts +53 -3
- package/sdk/dist/generated/executor_helper.js +27 -3
- package/sdk/dist/generated/layerzero_view.d.ts +55 -5
- package/sdk/dist/generated/layerzero_view.js +28 -4
- package/sdk/dist/generated/oft.d.ts +84 -5
- package/sdk/dist/generated/oft.js +31 -4
- package/sdk/dist/generated/price_feed.d.ts +55 -5
- package/sdk/dist/generated/price_feed.js +28 -4
- package/sdk/dist/generated/sac_manager.d.ts +213 -666
- package/sdk/dist/generated/sac_manager.js +57 -238
- package/sdk/dist/generated/sml.d.ts +55 -5
- package/sdk/dist/generated/sml.js +28 -4
- package/sdk/dist/generated/treasury.d.ts +55 -5
- package/sdk/dist/generated/treasury.js +28 -4
- package/sdk/dist/generated/uln302.d.ts +55 -5
- package/sdk/dist/generated/uln302.js +28 -4
- package/sdk/dist/generated/upgrader.d.ts +53 -3
- package/sdk/dist/generated/upgrader.js +27 -3
- package/sdk/package.json +1 -1
- package/sdk/test/oft-sml.test.ts +10 -9
- package/sdk/test/{sac-manager-redistribution.test.ts → sac-manager.test.ts} +49 -25
- package/contracts/endpoint-v2/src/tests/messaging_channel/lazy_inbound_nonce.rs +0 -39
- package/contracts/oapps/sac-manager/src/errors.rs +0 -14
- package/contracts/oapps/sac-manager/src/tests/sac_manager/set_minter.rs +0 -69
|
@@ -221,12 +221,16 @@ sequenceDiagram
|
|
|
221
221
|
|
|
222
222
|
## Stellar-specific considerations
|
|
223
223
|
|
|
224
|
-
|
|
224
|
+
Several differences between Soroban and EVM require protocol-level adaptations:
|
|
225
225
|
|
|
226
226
|
1. Stellar's variable-length address model differs from LayerZero's fixed
|
|
227
227
|
bytes32 address abstraction
|
|
228
228
|
2. Soroban's Time-To-Live (TTL)-based storage model requires active state
|
|
229
229
|
maintenance, unlike EVM's persistent storage
|
|
230
|
+
3. Soroban's 200-read-per-transaction storage limit makes the lazy inbound
|
|
231
|
+
nonce model susceptible to denial-of-service for certain OApps
|
|
232
|
+
4. Soroban prohibits reentrancy, requiring alternative patterns for cross-contract
|
|
233
|
+
call flows
|
|
230
234
|
|
|
231
235
|
### Constraint 1: bytes32 address format mismatch
|
|
232
236
|
|
|
@@ -296,7 +300,47 @@ constraints may evolve.
|
|
|
296
300
|
- Hard upper cap on extension targets (e.g., 1 year) to prevent excessive fees
|
|
297
301
|
- TTL parameters can be permanently frozen once the ecosystem stabilizes
|
|
298
302
|
|
|
299
|
-
### Constraint 3:
|
|
303
|
+
### Constraint 3: Storage read limits
|
|
304
|
+
|
|
305
|
+
Soroban enforces a hard limit of 200 persistent/temporary storage reads per
|
|
306
|
+
transaction. Under the lazy inbound nonce model used in EVM, the `inbound_nonce`
|
|
307
|
+
is not stored directly — it is computed on the fly by iterating forward from the
|
|
308
|
+
last checkpoint (`lazy_inbound_nonce`) and probing storage for each consecutive
|
|
309
|
+
payload hash. The same iterative check occurs during `clear`, which must verify
|
|
310
|
+
that all nonces between the checkpoint and the target nonce have been verified.
|
|
311
|
+
|
|
312
|
+
For certain OApps, failed `lz_receive` executions can create nonce gaps that
|
|
313
|
+
grow over time. Under the lazy model, clearing subsequent messages requires
|
|
314
|
+
iterating across these gaps, and the accumulated storage reads can exceed the
|
|
315
|
+
200-read limit, making the messaging path susceptible to denial-of-service.
|
|
316
|
+
|
|
317
|
+
**Solution: Eager inbound nonce with pending nonce list (Solana model)**
|
|
318
|
+
|
|
319
|
+
Stellar adopts the same inbound nonce model used by LayerZero V2 on Solana.
|
|
320
|
+
Instead of lazily computing the inbound nonce via storage probing, the
|
|
321
|
+
`inbound_nonce` is stored directly and updated eagerly during verification:
|
|
322
|
+
|
|
323
|
+
1. **`PendingInboundNonces`**: A sorted list of out-of-order verified nonces is
|
|
324
|
+
maintained in a single storage entry per path. When a message is verified
|
|
325
|
+
(or skipped/nilified), its nonce is inserted into this list.
|
|
326
|
+
|
|
327
|
+
2. **Drain on insert**: After each insertion, consecutive nonces at the front of
|
|
328
|
+
the list are drained to advance the `inbound_nonce`. For example, if
|
|
329
|
+
`inbound_nonce = 3` and the pending list becomes `[4, 5, 7]`, nonces 4 and 5
|
|
330
|
+
are drained, advancing `inbound_nonce` to 5.
|
|
331
|
+
|
|
332
|
+
3. **O(1) clear**: The `clear_payload` operation becomes a simple comparison
|
|
333
|
+
(`nonce <= inbound_nonce`) with no iteration or storage probing.
|
|
334
|
+
|
|
335
|
+
4. **Bounded list size**: The pending list is capped at 256 entries
|
|
336
|
+
(`PENDING_INBOUND_NONCE_MAX_LEN`). Nonces beyond `inbound_nonce + 256`
|
|
337
|
+
cannot be verified, preventing unbounded memory growth and limiting the
|
|
338
|
+
maximum storage reads per verify operation.
|
|
339
|
+
|
|
340
|
+
This eliminates the iterative storage reads that could cause DoS under the lazy
|
|
341
|
+
model, keeping all operations within Soroban's transaction resource limits.
|
|
342
|
+
|
|
343
|
+
### Constraint 4: Reentrancy prohibition
|
|
300
344
|
|
|
301
345
|
Soroban prohibits reentrancy—a contract cannot call itself, directly or
|
|
302
346
|
indirectly, within the same transaction. This fundamental difference from EVM
|
package/package.json
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@layerzerolabs/protocol-stellar-v2",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.36",
|
|
4
4
|
"private": false,
|
|
5
5
|
"devDependencies": {
|
|
6
6
|
"@types/node": "^22.18.6",
|
|
7
7
|
"tsx": "^4.19.3",
|
|
8
8
|
"typescript": "^5.8.2",
|
|
9
|
-
"@layerzerolabs/common-node-utils": "0.2.
|
|
10
|
-
"@layerzerolabs/vm-tooling-stellar": "0.2.
|
|
9
|
+
"@layerzerolabs/common-node-utils": "0.2.36",
|
|
10
|
+
"@layerzerolabs/vm-tooling-stellar": "0.2.36"
|
|
11
11
|
},
|
|
12
12
|
"publishConfig": {
|
|
13
13
|
"access": "restricted",
|