@ocap/resolver 1.18.161 → 1.18.163

package/lib/index.js

@@ -688,6 +688,8 @@ module.exports = class OCAPResolver {
     return tokenFlow.verifyAccountRisk(
       {
         ...args,
+        tokenAddress: toAddress(args.tokenAddress || this.config.token.address),
+        accountAddress: toAddress(args.accountAddress || ''),
         accountLimit: process.env.VERIFY_RISK_ACCOUNT_LIMIT,
         txLimit: process.env.VERIFY_RISK_TX_LIMIT,
         tolerance: process.env.VERIFY_RISK_TOLERANCE,
@@ -999,11 +1001,7 @@ module.exports = class OCAPResolver {
     }
 
     if (typeUrl === 'fg:t:account_migrate') {
-      const fromState = await this.getAccountState({
-        address: tx.tx.from,
-        traceMigration: false,
-        expandContext: false,
-      });
+      const fromState = await this.statedb.account.get(tx.tx.from, { traceMigration: false });
       if (fromState) {
         tx.receipts = getTxReceipts(tx, { config: this.config, fromState });
       }
@@ -1189,7 +1187,7 @@ module.exports = class OCAPResolver {
       this.listTransactions({
         paging,
         typeFilter: { types: ['account_migrate'] },
-        validityFilter: { validity: ['VALID'] },
+        validityFilter: { validity: 'VALID' },
       })
     );
     const migrationChain = new MigrationChainManager();

package/lib/token-flow.js

@@ -6,7 +6,6 @@ const { schemas, Joi } = require('@arcblock/validator');
 const { CustomError } = require('@ocap/util/lib/error');
 const uniq = require('lodash/uniq');
 const { FORGE_TOKEN_HOLDER } = require('@ocap/state/lib/states/tx');
-const debug = require('debug')(require('../package.json').name);
 
 const ZERO = new BN(0);
 const paramsSchema = Joi.object({
@@ -161,22 +160,31 @@ const verifyAccountRisk = async (
     throw new CustomError('INVALID_PARAMS', validation.error.message);
   }
 
+  const { logger } = resolver;
   const checkedAccounts = new Map();
   const checkedTx = new Map();
-  const accountQueue = [accountAddress];
   const tokenState = await resolver.tokenCache.get(tokenAddress);
   const toleranceUnit = fromTokenToUnit(tolerance, tokenState?.decimal);
   const vaultAccounts = getVaultAccounts(resolver.config);
 
-  let executeCount = 0;
+  const accountQueue = [[{ address: accountAddress, chain: [] }]];
 
-  const execute = async (txn) => {
-    if (executeCount > 1) {
-      throw new CustomError('INVALID_REQUEST', 'verifyAccountRisk should not retry');
-    }
-    while (accountQueue.length) {
+  const execute = async (depth, txn) => {
+    const queue = accountQueue[depth];
+
+    for (let i = 0; i < queue.length; i++) {
       // limit
       if (checkedAccounts.size >= accountLimit) {
+        logger.warn('Account risk check reached max account size limit', {
+          address: accountAddress,
+          tokenAddress,
+          accountCount: checkedAccounts.size,
+          txCount: checkedTx.size,
+          depth,
+          accountLimit,
+          txLimit,
+          tolerance,
+        });
         return {
           isRisky: false,
           reason: 'MAX_ACCOUNT_SIZE_LIMIT',
@@ -187,7 +195,8 @@ const verifyAccountRisk = async (
         };
       }
 
-      const address = accountQueue.pop();
+      const { address, chain } = queue[i];
+      chain.push(address);
 
       // Avoid circular query
       if (checkedAccounts.has(address)) continue;
@@ -199,18 +208,22 @@ const verifyAccountRisk = async (
         continue;
       }
 
-      const balance = await getBalance(address, tokenAddress, { resolver, txn });
-
+      let balance = 0;
       let transactions = [];
+
       try {
-        transactions = await resolver._getAllResults(
-          'transactions',
-          (paging) => resolver.listTransactions({ paging, accountFilter: { accounts: [address] } }, ctx),
-          txLimit
-        );
+        [balance, transactions] = await Promise.all([
+          getBalance(address, tokenAddress, { resolver, txn }),
+          resolver._getAllResults(
+            'transactions',
+            (paging) => resolver.listTransactions({ paging, accountFilter: { accounts: [address] } }, ctx),
+            txLimit
+          ),
+        ]);
       } catch (e) {
         // skip if tx limit exceeded
-        if (e.code === 'EXCEED_LIMIT') {
+        if (e?.code === 'EXCEED_LIMIT') {
+          logger.warn('Skip checking account cause tx count exceeding limit', { address, txLimit });
           checkedAccounts.set(address, true);
           continue;
         }
@@ -230,90 +243,113 @@ const verifyAccountRisk = async (
         const { transferInList, transferOutList } = checkedTx.get(tx.hash);
 
         // Calculate the total amount of transfer for this address
-        transferIn = transferIn.add(
-          transferInList
-            .filter((item) => isSameDid(item.address, address))
-            .map((item) => item.value)
-            .reduce((prev, cur) => prev.add(cur), ZERO)
-        );
+        const transferInAmount = transferInList
+          .filter((item) => isSameDid(item.address, address))
+          .map((item) => item.value)
+          .reduce((prev, cur) => prev.add(cur), ZERO);
 
-        transferOut = transferOut.add(
-          transferOutList
-            .filter((item) => isSameDid(item.address, address))
-            .map((item) => item.value)
-            .reduce((prev, cur) => prev.add(cur), ZERO)
-        );
+        const transferOutAmount = transferOutList
+          .filter((item) => isSameDid(item.address, address))
+          .map((item) => item.value)
+          .reduce((prev, cur) => prev.add(cur), ZERO);
+
+        transferIn = transferIn.add(transferInAmount);
+        transferOut = transferOut.add(transferOutAmount);
 
         // push transferIn accounts to queue for next time check
-        if (transferInList.some((item) => isSameDid(item.address, address))) {
+        if (transferInAmount.gt(ZERO)) {
+          if (!accountQueue[depth + 1]) {
+            accountQueue[depth + 1] = [];
+          }
           const accountsToQueue = transferOutList
             .filter((item) => {
-              if (accountQueue.includes(item.address)) return false;
+              if (checkedAccounts.has(item.address)) return false;
+              // Skip not token holders
+              if (schemas.tokenHolder.validate(item.address).error) return false;
               // Skip vault accounts
               if (vaultAccounts.includes(item.address)) return false;
               // skip gas、fee
               if (['gas', 'fee'].includes(item.action)) return false;
-              // Skip not token holders
-              if (schemas.tokenHolder.validate(item.address).error) return false;
 
               return true;
             })
             .map((item) => item.address);
 
-          accountQueue.push(...uniq(accountsToQueue));
+          accountQueue[depth + 1].push(...uniq(accountsToQueue).map((x) => ({ address: x, chain: chain.concat() })));
         }
       }
 
       checkedAccounts.set(address, true);
 
       // Check if the balance not matches the transfer records
-      if (
-        transferIn
-          .sub(transferOut.add(new BN(balance)))
-          .add(fromTokenToUnit(trustedConfig?.tolerance || 0))
-          .abs()
-          .gt(toleranceUnit)
-      ) {
-        debug('Account balance does not match transfer records', {
-          address,
+      const diff = transferIn
+        .sub(transferOut)
+        .sub(new BN(balance))
+        .add(fromTokenToUnit(trustedConfig?.tolerance || 0));
+
+      if (diff.abs().gt(toleranceUnit)) {
+        const data = {
+          address: chain.join('->'),
+          balance,
           transferIn: transferIn.toString(),
           transferOut: transferOut.toString(),
-          balance,
+          accountCount: checkedAccounts.size,
+          txCount: checkedTx.size,
+        };
+        logger.warn('Account balance does not match transfer records', {
+          ...data,
           sourceAccount: accountAddress,
+          tokenAddress,
+          diff: diff.toString(),
+          depth,
+          accountLimit,
+          txLimit,
+          tolerance,
         });
         return {
           isRisky: true,
           reason: 'INVALID_BALANCE',
-          data: {
-            address,
-            balance,
-            transferIn: transferIn.toString(),
-            transferOut: transferOut.toString(),
-            accountCount: checkedAccounts.size,
-            txCount: checkedTx.size,
-          },
+          data,
         };
       }
     }
   };
 
-  const result = await resolver.runAsLambda(
-    (txn) => {
-      executeCount++;
-      return execute(txn);
-    },
-    { retryLimit: 0 }
-  );
-
-  return (
-    result || {
-      isRisky: false,
-      data: {
-        accountCount: checkedAccounts.size,
-        txCount: checkedTx.size,
+  for (let depth = 0; depth < accountQueue.length; depth++) {
+    let isExecuted = false;
+    const result = await resolver.runAsLambda(
+      (txn) => {
+        if (isExecuted) {
+          throw new CustomError('INVALID_REQUEST', 'verifyAccountRisk should not retry');
+        }
+        isExecuted = true;
+        return execute(depth, txn);
       },
+      { retryLimit: 0 }
+    );
+    if (result) {
+      return result;
     }
-  );
+  }
+
+  logger.info('Account risk check completed', {
+    address: accountAddress,
+    tokenAddress,
+    accountCount: checkedAccounts.size,
+    txCount: checkedTx.size,
+    depth: accountQueue.length,
+    accountLimit,
+    txLimit,
+    tolerance,
+  });
+
+  return {
+    isRisky: false,
+    data: {
+      accountCount: checkedAccounts.size,
+      txCount: checkedTx.size,
+    },
+  };
 };
 
 const listTokenFlows = async (
@@ -349,8 +385,6 @@ const listTokenFlows = async (
       if (checkedAccounts.has(address)) continue;
       // Skip not token holders
       if (schemas.tokenHolder.validate(address).error) continue;
-      // Skip vault accounts
-      if (vaultAccounts.includes(address)) continue;
 
       const transactions = await resolver._getAllResults('transactions', (page) =>
         resolver.listTransactions(

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.18.161",
+  "version": "1.18.163",
   "description": "GraphQL resolver built upon ocap statedb and GQL layer",
   "main": "lib/index.js",
   "files": [
@@ -22,18 +22,18 @@
     "jest": "^29.7.0"
   },
   "dependencies": {
-    "@arcblock/did": "1.18.161",
-    "@arcblock/did-util": "1.18.161",
-    "@arcblock/validator": "1.18.161",
-    "@ocap/config": "1.18.161",
-    "@ocap/indexdb": "1.18.161",
-    "@ocap/mcrypto": "1.18.161",
-    "@ocap/message": "1.18.161",
-    "@ocap/state": "1.18.161",
-    "@ocap/tx-protocols": "1.18.161",
-    "@ocap/util": "1.18.161",
+    "@arcblock/did": "1.18.163",
+    "@arcblock/did-util": "1.18.163",
+    "@arcblock/validator": "1.18.163",
+    "@ocap/config": "1.18.163",
+    "@ocap/indexdb": "1.18.163",
+    "@ocap/mcrypto": "1.18.163",
+    "@ocap/message": "1.18.163",
+    "@ocap/state": "1.18.163",
+    "@ocap/tx-protocols": "1.18.163",
+    "@ocap/util": "1.18.163",
     "debug": "^4.3.6",
     "lodash": "^4.17.21"
   },
-  "gitHead": "5d8436fdf5218fcbf2218b77ae370d50617ba3d0"
+  "gitHead": "c4bb7fae24dbac7a56ffbb84d19f64b90ea770b7"
 }