@ocap/resolver 1.28.8 → 1.29.0

package/lib/token-flow.js

@@ -1,445 +0,0 @@
-const { BN, fromTokenToUnit, isSameDid } = require('@ocap/util');
-const { schemas, Joi } = require('@arcblock/validator');
-const { CustomError } = require('@ocap/util/lib/error');
-const uniq = require('lodash/uniq');
-const { FORGE_TOKEN_HOLDER } = require('@ocap/state/lib/states/tx');
-
-const ZERO = new BN(0);
-const paramsSchema = Joi.object({
-  accountAddress: schemas.tokenHolder.required(),
-  tokenAddress: Joi.DID().prefix().role('ROLE_TOKEN').required(),
-  resolver: Joi.object().required(),
-});
-
-/**
- * Parse transfer in/out list from transaction
- * @param {*} tx
- * @param {String} tokenAddress
- * @returns {{
- *  transferInList: { address: String, value: BN, action: String }[],
- *  transferOutList: { address: String, value: BN, action: String }[]
- * }}
- */
-const getTransferList = (tx, tokenAddress) => {
-  const transferInList = [];
-  const transferOutList = [];
-
-  // Parse receipt to get transfer in/out accounts
-  for (const receipt of tx.receipts || []) {
-    const changes = receipt.changes.filter((item) => item.target === tokenAddress && item.value !== '0');
-
-    for (const change of changes) {
-      const value = new BN(change.value);
-      const item = {
-        address: receipt.address,
-        value: value.abs(),
-        action: change.action,
-      };
-      if (value.lt(ZERO)) {
-        transferOutList.push(item);
-      } else {
-        transferInList.push(item);
-      }
-    }
-  }
-
-  return { transferInList, transferOutList };
-};
-
-/**
- * Parse transfer flow from transaction
- * @param {*} tx
- * @param {String} tokenAddress
- * @returns {{ from: String, to: String, value: BN, hash: String }[]}
- */
-const getTransferFlow = (tx, tokenAddress) => {
-  const { transferInList, transferOutList } = getTransferList(tx, tokenAddress);
-  const txTransfers = [];
-
-  // Match transfers between accounts
-  for (const outItem of transferOutList) {
-    if (outItem.archived) continue;
-
-    // Try to match accounts with exactly equal transfer in/out amounts
-    const matchedInItem = transferInList.find((x) => x.value.eq(outItem.value));
-    if (matchedInItem) {
-      txTransfers.push({
-        from: outItem.address,
-        to: matchedInItem.address,
-        value: outItem.value,
-        hash: tx.hash,
-      });
-      matchedInItem.archived = true;
-      outItem.archived = true;
-      continue;
-    }
-
-    for (const inItem of transferInList) {
-      if (inItem.archived) continue;
-      if (outItem.archived) continue;
-
-      if (outItem.value.gt(inItem.value)) {
-        txTransfers.push({
-          from: outItem.address,
-          to: inItem.address,
-          value: inItem.value,
-          hash: tx.hash,
-        });
-        inItem.archived = true;
-        outItem.value = outItem.value.sub(inItem.value);
-        continue;
-      }
-
-      if (outItem.value.lt(inItem.value)) {
-        txTransfers.push({
-          from: outItem.address,
-          to: inItem.address,
-          value: outItem.value,
-          hash: tx.hash,
-        });
-        outItem.archived = true;
-        inItem.value = inItem.value.sub(outItem.value);
-        continue;
-      }
-
-      if (outItem.value.eq(inItem.value)) {
-        txTransfers.push({
-          from: outItem.address,
-          to: inItem.address,
-          value: inItem.value,
-          hash: tx.hash,
-        });
-        inItem.archived = true;
-        outItem.archived = true;
-      }
-    }
-  }
-
-  return txTransfers;
-};
-
-const getVaultAccounts = (config) => {
-  return Object.values(config.vaults).flat().concat(FORGE_TOKEN_HOLDER);
-};
-
-const getInitialBalance = (address, config) => {
-  const account = config?.accounts?.find((x) => isSameDid(x.address, address));
-  return account ? fromTokenToUnit(account.balance) : ZERO;
-};
-
-const getBalance = async (address, tokenAddress, { resolver, txn }) => {
-  const state = await resolver.statedb.account.get(address, { txn, traceMigration: false });
-  if (!state) {
-    throw new CustomError('INVALID_REQUEST', `Invalid address ${address}`);
-  }
-  const balance = state.tokens[tokenAddress] || 0;
-  return balance;
-};
-
-const fixMigrateReceipts = async (tx, resolver) => {
-  const migrationChain = await resolver.getMigrationChain();
-  const txTime = new Date(tx.time);
-
-  tx.receipts?.forEach((receipt) => {
-    receipt.address = migrationChain.findAddressAtTime(receipt.address, txTime);
-  });
-};
-
-const verifyAccountRisk = async (
-  { accountAddress, tokenAddress, accountLimit = 400, txLimit = 10000, tolerance = '0.0000000001' },
-  resolver,
-  ctx = {}
-) => {
-  // validate request params
-  const validation = paramsSchema.validate({ accountAddress, tokenAddress, resolver });
-  if (validation.error) {
-    throw new CustomError('INVALID_PARAMS', validation.error.message);
-  }
-
-  const { logger } = resolver;
-  const checkedAccounts = new Map();
-  const checkedTx = new Map();
-  const tokenState = await resolver.tokenCache.get(tokenAddress);
-  const toleranceUnit = fromTokenToUnit(tolerance, tokenState?.decimal);
-  const vaultAccounts = getVaultAccounts(resolver.config);
-
-  const accountQueue = [[{ address: accountAddress, chain: [] }]];
-
-  const execute = async (depth, txn) => {
-    const queue = accountQueue[depth];
-
-    for (let i = 0; i < queue.length; i++) {
-      // limit
-      if (checkedAccounts.size >= accountLimit) {
-        logger.warn('Account risk check reached max account size limit', {
-          address: accountAddress,
-          tokenAddress,
-          accountCount: checkedAccounts.size,
-          txCount: checkedTx.size,
-          depth,
-          accountLimit,
-          txLimit,
-          tolerance,
-        });
-        return {
-          isRisky: false,
-          reason: 'MAX_ACCOUNT_SIZE_LIMIT',
-          data: {
-            accountCount: checkedAccounts.size,
-            txCount: checkedTx.size,
-          },
-        };
-      }
-
-      const { address, chain } = queue[i];
-      chain.push(address);
-
-      // Avoid circular query
-      if (checkedAccounts.has(address)) continue;
-
-      const trustedConfig = await resolver.filter?.getTrustedAccountConfig(address);
-      // Skip trusted accounts that do not have tolerance configured
-      if (trustedConfig && !trustedConfig.tolerance) {
-        checkedAccounts.set(address, true);
-        continue;
-      }
-
-      let balance = 0;
-      let transactions = [];
-
-      try {
-        [balance, transactions] = await Promise.all([
-          getBalance(address, tokenAddress, { resolver, txn }),
-          resolver._getAllResults(
-            'transactions',
-            (paging) => resolver.listTransactions({ paging, accountFilter: { accounts: [address] } }, ctx),
-            txLimit
-          ),
-        ]);
-      } catch (e) {
-        // skip if tx limit exceeded
-        if (e?.code === 'EXCEED_LIMIT') {
-          logger.warn('Skip checking account cause tx count exceeding limit', { address, txLimit });
-          checkedAccounts.set(address, true);
-          continue;
-        }
-        throw e;
-      }
-
-      let transferIn = getInitialBalance(address, resolver.config);
-      let transferOut = ZERO;
-
-      // Parse txs to get transfer amounts
-      for (const tx of transactions) {
-        // cache tx
-        if (!checkedTx.has(tx.hash)) {
-          await fixMigrateReceipts(tx, resolver);
-          checkedTx.set(tx.hash, getTransferList(tx, tokenAddress));
-        }
-        const { transferInList, transferOutList } = checkedTx.get(tx.hash);
-
-        // Calculate the total amount of transfer for this address
-        const transferInAmount = transferInList
-          .filter((item) => isSameDid(item.address, address))
-          .map((item) => item.value)
-          .reduce((prev, cur) => prev.add(cur), ZERO);
-
-        const transferOutAmount = transferOutList
-          .filter((item) => isSameDid(item.address, address))
-          .map((item) => item.value)
-          .reduce((prev, cur) => prev.add(cur), ZERO);
-
-        transferIn = transferIn.add(transferInAmount);
-        transferOut = transferOut.add(transferOutAmount);
-
-        // push transferIn accounts to queue for next time check
-        if (transferInAmount.gt(ZERO)) {
-          if (!accountQueue[depth + 1]) {
-            accountQueue[depth + 1] = [];
-          }
-          const accountsToQueue = transferOutList
-            .filter((item) => {
-              if (checkedAccounts.has(item.address)) return false;
-              // Skip not token holders
-              if (schemas.tokenHolder.validate(item.address).error) return false;
-              // Skip vault accounts
-              if (vaultAccounts.includes(item.address)) return false;
-              // skip gas、fee
-              if (['gas', 'fee'].includes(item.action)) return false;
-
-              return true;
-            })
-            .map((item) => item.address);
-
-          accountQueue[depth + 1].push(...uniq(accountsToQueue).map((x) => ({ address: x, chain: chain.concat() })));
-        }
-      }
-
-      checkedAccounts.set(address, true);
-
-      // Check if the balance not matches the transfer records
-      const diff = transferIn
-        .sub(transferOut)
-        .sub(new BN(balance))
-        .add(fromTokenToUnit(trustedConfig?.tolerance || 0));
-
-      if (diff.abs().gt(toleranceUnit)) {
-        const data = {
-          address: chain.join('->'),
-          balance,
-          transferIn: transferIn.toString(),
-          transferOut: transferOut.toString(),
-          accountCount: checkedAccounts.size,
-          txCount: checkedTx.size,
-        };
-        logger.warn('Account balance does not match transfer records', {
-          ...data,
-          sourceAccount: accountAddress,
-          tokenAddress,
-          diff: diff.toString(),
-          depth,
-          accountLimit,
-          txLimit,
-          tolerance,
-        });
-        return {
-          isRisky: true,
-          reason: 'INVALID_BALANCE',
-          data,
-        };
-      }
-    }
-  };
-
-  for (let depth = 0; depth < accountQueue.length; depth++) {
-    let isExecuted = false;
-    const result = await resolver.runAsLambda(
-      (txn) => {
-        if (isExecuted) {
-          throw new CustomError('INVALID_REQUEST', 'verifyAccountRisk should not retry');
-        }
-        isExecuted = true;
-        return execute(depth, txn);
-      },
-      { retryLimit: 0 }
-    );
-    if (result) {
-      return result;
-    }
-  }
-
-  logger.info('Account risk check completed', {
-    address: accountAddress,
-    tokenAddress,
-    accountCount: checkedAccounts.size,
-    txCount: checkedTx.size,
-    depth: accountQueue.length,
-    accountLimit,
-    txLimit,
-    tolerance,
-  });
-
-  return {
-    isRisky: false,
-    data: {
-      accountCount: checkedAccounts.size,
-      txCount: checkedTx.size,
-    },
-  };
-};
-
-const listTokenFlows = async (
-  { accountAddress, tokenAddress, paging = {}, depth = 2, direction = 'OUT' },
-  resolver,
-  ctx = {}
-) => {
-  // validate request params
-  const { error } = paramsSchema.validate({ accountAddress, tokenAddress, resolver });
-  if (error) {
-    throw new CustomError('INVALID_PARAMS', error.message);
-  }
-
-  const tokenState = await resolver.tokenCache.get(tokenAddress);
-  const minAmount = fromTokenToUnit(1, tokenState?.decimal || 18);
-  const maxAccountSize = Math.min(200, paging.size || 200);
-  const maxDepth = Math.min(5, depth);
-  const vaultAccounts = getVaultAccounts(resolver.config);
-
-  const tokenFlows = [];
-  const checkedAccounts = new Map();
-  const checkedTx = new Map();
-
-  let curDepth = 1;
-
-  const depthQueue = {
-    [curDepth]: [accountAddress],
-  };
-
-  while (depthQueue[curDepth]?.length && curDepth <= maxDepth && checkedAccounts.size < maxAccountSize) {
-    for (const address of depthQueue[curDepth]) {
-      // Avoid circular query
-      if (checkedAccounts.has(address)) continue;
-      // Skip not token holders
-      if (schemas.tokenHolder.validate(address).error) continue;
-
-      const transactions = await resolver._getAllResults('transactions', (page) =>
-        resolver.listTransactions(
-          { paging: page, accountFilter: { accounts: [address] }, tokenFilter: { tokens: [tokenAddress] } },
-          ctx
-        )
-      );
-      let accountsToQueue = [];
-
-      for (const tx of transactions) {
-        // cache tx
-        if (!checkedTx.has(tx.hash)) {
-          await fixMigrateReceipts(tx, resolver);
-          checkedTx.set(tx.hash, await getTransferFlow(tx, tokenAddress));
-        }
-        const txTransfers = checkedTx.get(tx.hash).filter((item) => {
-          if (direction === 'OUT' && item.from !== address) return false;
-          if (direction === 'IN' && item.to !== address) return false;
-          // Skip too small amount
-          if (item.value.lt(minAmount)) return false;
-          return true;
-        });
-
-        // push to result
-        tokenFlows.push(...txTransfers.map((item) => ({ ...item, value: item.value.toString() })));
-
-        // push to end of queue
-        accountsToQueue = accountsToQueue.concat(
-          txTransfers
-            .map((item) => (direction === 'IN' ? item.from : item.to))
-            // Skip vault accounts
-            .filter((item) => !vaultAccounts.includes(item))
-        );
-      }
-
-      // cache account
-      checkedAccounts.set(address, true);
-      // limit
-      if (checkedAccounts.size >= maxAccountSize) {
-        break;
-      }
-
-      // push to queue for next depth
-      if (!depthQueue[curDepth + 1]) {
-        depthQueue[curDepth + 1] = [];
-      }
-      depthQueue[curDepth + 1].push(...uniq(accountsToQueue));
-    }
-
-    curDepth++;
-  }
-
-  return tokenFlows;
-};
-
-module.exports = {
-  getTransferList,
-  getTransferFlow,
-  verifyAccountRisk,
-  listTokenFlows,
-  fixMigrateReceipts,
-};