@ocap/tx-protocols 1.14.5 → 1.14.9

package/README.md

@@ -72,6 +72,7 @@ But this will make some transaction protocol logic harder to understand.
 The are some inconsistencies in server and client implementation code.
 
 On the server side, `delegator` must be interpreted as `delegatee`, but in `@ocap/client`, `delegator` is interpreted as `delegator`.
+For delegated create-x transactions, the service-fee is charged against `tx.from`.
 
 ### How to add a new tx protocol
 

package/lib/protocols/asset/acquire-v2.js

@@ -24,6 +24,19 @@ const runner = new Runner();
 runner.use(pipes.VerifyMultiSig(0));
 runner.use(verifyAcquireParams('acquire-v2'));
 
+// ensure asset not exist
+runner.use(pipes.ExtractState({ from: 'itx.address', to: 'duplicateAsset', status: 'OK', table: 'asset' }));
+runner.use(
+  pipes.VerifyInfo([
+    {
+      error: 'FORBIDDEN',
+      message: 'Asset with same address already exists',
+      fn: ({ duplicateAsset }) => !duplicateAsset,
+      persist: true,
+    },
+  ])
+);
+
 runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
 runner.use(pipes.VerifyAccountMigration({ senderKey: 'senderState' }));
 

package/lib/protocols/asset/acquire-v3.js

@@ -27,6 +27,19 @@ const runner = new Runner();
 
 // 1. extract & verify itx input
 runner.use(verifyAcquireParams('acquire-v3'));
+
+// ensure asset not exist
+runner.use(pipes.ExtractState({ from: 'itx.address', to: 'duplicateAsset', status: 'OK', table: 'asset' }));
+runner.use(
+  pipes.VerifyInfo([
+    {
+      error: 'FORBIDDEN',
+      message: 'Asset with same address already exists',
+      fn: ({ duplicateAsset }) => !duplicateAsset,
+      persist: true,
+    },
+  ])
+);
 runner.use(
   pipes.VerifyTxInput({
     fieldKey: 'itx.inputs',

package/lib/protocols/asset/create.js

@@ -10,7 +10,7 @@ const { toAssetAddress } = require('@arcblock/did-util');
 const debug = require('debug')(`${require('../../../package.json').name}:create-asset`);
 
 const { decodeAnySafe } = require('../../util');
-const ensureTxFee = require('../rollup/pipes/ensure-tx-fee');
+const ensureServiceFee = require('../rollup/pipes/ensure-service-fee');
 
 const runner = new Runner();
 
@@ -81,7 +81,7 @@ runner.use(
 // Ensure parent exist
 runner.use(pipes.ExtractState({ from: 'itx.parent', to: 'parentAsset', status: 'INVALID_ASSET', table: 'asset' }));
 
-runner.use(ensureTxFee);
+runner.use(ensureServiceFee);
 
 // Update asset state
 runner.use(

package/lib/protocols/asset/mint.js

@@ -16,6 +16,19 @@ const runner = new Runner();
 runner.use(pipes.VerifyMultiSig(0));
 runner.use(verifyAcquireParams('mint'));
 
+// ensure asset not exist
+runner.use(pipes.ExtractState({ from: 'itx.address', to: 'duplicateAsset', status: 'OK', table: 'asset' }));
+runner.use(
+  pipes.VerifyInfo([
+    {
+      error: 'FORBIDDEN',
+      message: 'Asset with same address already exists',
+      fn: ({ duplicateAsset }) => !duplicateAsset,
+      persist: true,
+    },
+  ])
+);
+
 // Ensure sender exist
 runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
 runner.use(pipes.VerifyAccountMigration({ senderKey: 'senderState' }));

package/lib/protocols/asset/pipes/verify-itx-variables.js

@@ -10,8 +10,14 @@ module.exports = (context, next) => {
     acc[x.name] = x.value;
     return acc;
   }, {});
-  if (variables.some((x) => x.required && !factoryInputs[x.name])) {
-    return next(new Error('INVALID_FACTORY_INPUT', 'Invalid itx.variables: missing required variable'));
+  const missingVariables = variables.filter((x) => x.required && !factoryInputs[x.name]);
+  if (missingVariables.length) {
+    return next(
+      new Error(
+        'INVALID_FACTORY_INPUT',
+        `Invalid itx.variables: missing required input variable: ${missingVariables.map((x) => x.name).join(', ')}`
+      )
+    );
   }
 
   context.factoryInputs = factoryInputs;

package/lib/protocols/asset/update.js

@@ -1,3 +1,4 @@
+const deepDiff = require('deep-diff');
 const Error = require('@ocap/util/lib/error');
 const Joi = require('@ocap/validator');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
@@ -18,19 +19,23 @@ const schema = Joi.object({
   moniker: Joi.string().min(2).max(255).required(),
   data: Joi.any().optional(),
 }).options({ stripUnknown: true, noDefaults: false });
-runner.use(({ itx }, next) => {
+runner.use((context, next) => {
+  const { itx } = context;
   const { error } = schema.validate(itx);
   if (error) {
     return next(new Error('INVALID_TX', `Invalid itx: ${error.message}`));
   }
+
+  context.newData = decodeAnySafe(itx.data);
   return next();
 });
 
-// Ensure asset exist owned by sender and can be modified
-runner.use(pipes.ExtractState({ from: 'itx.address', to: 'assetState', status: 'INVALID_ASSET' }));
+// Ensure asset exist
+runner.use(pipes.ExtractState({ from: 'itx.address', to: 'assetState', status: 'INVALID_ASSET', table: 'asset' }));
+runner.use(pipes.ExtractState({ from: 'assetState.issuer', to: 'issuerState', status: 'OK', table: 'account' }));
 
 // Ensure sender exist
-runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE' }));
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
 runner.use(pipes.VerifyAccountMigration({ senderKey: 'senderState' }));
 
 // Ensure asset owned by sender and can be modified
@@ -46,10 +51,30 @@ runner.use(
   ])
 );
 
+// Ensure we are in append-only mode update proposed by issuer
+runner.use(async (context, next) => {
+  const { itx, newData, senderState, assetState, issuerState } = context;
+  if (issuerState && senderState.address === issuerState.address) {
+    if (itx.moniker !== assetState.moniker) {
+      return next(new Error('FORBIDDEN', 'Asset moniker can only be updated by owner'));
+    }
+    if (newData.type !== assetState.data.type) {
+      return next(new Error('FORBIDDEN', 'Asset data type can only be updated by owner'));
+    }
+    const dataDiff = deepDiff(assetState.data.value, newData.value);
+    const appendOnly = dataDiff.every((x) => x.kind === 'N' || (x.kind === 'A' && x.item.kind === 'N'));
+    if (appendOnly === false) {
+      return next(new Error('APPEND_ONLY', 'Asset data value can only be updated in append only mode'));
+    }
+  }
+
+  return next();
+});
+
 // Update asset state
 runner.use(
   async (context, next) => {
-    const { tx, itx, statedb, senderState, assetState } = context;
+    const { tx, itx, newData, statedb, senderState, assetState } = context;
 
     const [newSenderState, newAssetState] = await Promise.all([
       // update owner state
@@ -62,7 +87,7 @@ runner.use(
       // update asset state
       statedb.asset.update(
         itx.address,
-        asset.update(assetState, { moniker: itx.moniker, data: decodeAnySafe(itx.data) }, context),
+        asset.update(assetState, { moniker: itx.moniker, data: newData }, context),
         context
       ),
     ]);

package/lib/protocols/factory/create.js

@@ -14,7 +14,7 @@ const { toFactoryAddress } = require('@arcblock/did-util');
 const debug = require('debug')(`${require('../../../package.json').name}:create-factory`);
 
 const { decodeAnySafe } = require('../../util');
-const ensureTxFee = require('../rollup/pipes/ensure-tx-fee');
+const ensureServiceFee = require('../rollup/pipes/ensure-service-fee');
 
 const runner = new Runner();
 
@@ -106,7 +106,7 @@ runner.use((context, next) => {
   return next(new Error('INVALID_FACTORY_INPUT', 'Not all input.assets exist on chain'));
 });
 
-runner.use(ensureTxFee);
+runner.use(ensureServiceFee);
 
 // Create factory state
 runner.use(

package/lib/protocols/rollup/create.js

@@ -12,7 +12,7 @@ const { toRollupAddress } = require('@arcblock/did-util');
 const debug = require('debug')(`${require('../../../package.json').name}:create-rollup`);
 
 const { decodeAnySafe } = require('../../util');
-const ensureTxFee = require('./pipes/ensure-tx-fee');
+const ensureServiceFee = require('./pipes/ensure-service-fee');
 
 const runner = new Runner();
 
@@ -108,7 +108,7 @@ runner.use(
   ])
 );
 
-runner.use(ensureTxFee);
+runner.use(ensureServiceFee);
 
 // 5. create rollup state
 runner.use(
@@ -125,6 +125,7 @@ runner.use(
       vaultUpdates,
     } = context;
 
+    const issuer = delegatorState ? delegatorState.address : senderState.address;
     const [newSenderState, rollupState, newVaultState] = await Promise.all([
       statedb.account.update(
         senderState.address,
@@ -137,7 +138,7 @@ runner.use(
         rollup.create(
           {
             ...formattedItx,
-            issuer: delegatorState ? delegatorState.address : senderState.address,
+            issuer,
             validators: formattedItx.seedValidators,
             data: rollupData,
           },

package/lib/protocols/rollup/pipes/{ensure-tx-fee.js → ensure-service-fee.js}

@@ -3,7 +3,6 @@ const { fromTokenToUnit, BN } = require('@ocap/util');
 
 const { applyTokenUpdates } = require('../../../util');
 
-// FIXME: There maybe bug for tx that decrease senderState token balance
 module.exports = async (context, next) => {
   const { config, statedb, txType, senderState } = context;
   const txFee = config.transaction.txFee[txType];

package/lib/protocols/token/create.js

@@ -10,7 +10,7 @@ const { fromTokenToUnit } = require('@ocap/util');
 // eslint-disable-next-line global-require
 const debug = require('debug')(`${require('../../../package.json').name}:create-token`);
 const { decodeAnySafe } = require('../../util');
-const ensureTxFee = require('../rollup/pipes/ensure-tx-fee');
+const ensureServiceFee = require('../rollup/pipes/ensure-service-fee');
 
 const MAX_TOTAL_SUPPLY = fromTokenToUnit(10000 * 100000000, 18); // 32
 
@@ -92,7 +92,7 @@ runner.use(async (context, next) => {
   return next();
 });
 
-runner.use(ensureTxFee);
+runner.use(ensureServiceFee);
 
 // Update sender state, token state
 runner.use(
@@ -105,6 +105,7 @@ runner.use(
     senderUpdates.tokens = senderUpdates.tokens || {};
 
     // We are definitely creating a different token, so it is safe to set tokens to initial supply
+    // For delegated create-token, the delegator is the actual token-holder
     if (delegatorState) {
       delegatorUpdates.tokens = delegatorState.tokens || {};
       delegatorUpdates.tokens[itx.address] = itx.initialSupply;

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.14.5",
+  "version": "1.14.9",
   "description": "Predefined tx pipeline sets to execute certain type of transactions",
   "main": "lib/index.js",
   "files": [
@@ -21,18 +21,19 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@arcblock/did": "1.14.5",
-    "@arcblock/did-util": "1.14.5",
-    "@ocap/asset": "1.14.5",
-    "@ocap/mcrypto": "1.14.5",
-    "@ocap/merkle-tree": "1.14.5",
-    "@ocap/message": "1.14.5",
-    "@ocap/state": "1.14.5",
-    "@ocap/tx-pipeline": "1.14.5",
-    "@ocap/util": "1.14.5",
-    "@ocap/validator": "1.14.5",
-    "@ocap/wallet": "1.14.5",
+    "@arcblock/did": "1.14.9",
+    "@arcblock/did-util": "1.14.9",
+    "@ocap/asset": "1.14.9",
+    "@ocap/mcrypto": "1.14.9",
+    "@ocap/merkle-tree": "1.14.9",
+    "@ocap/message": "1.14.9",
+    "@ocap/state": "1.14.9",
+    "@ocap/tx-pipeline": "1.14.9",
+    "@ocap/util": "1.14.9",
+    "@ocap/validator": "1.14.9",
+    "@ocap/wallet": "1.14.9",
     "debug": "^4.3.2",
+    "deep-diff": "^1.0.2",
     "empty-value": "^1.0.1",
     "lodash": "^4.17.21",
     "url-join": "^4.0.1"
@@ -45,5 +46,5 @@
     "jest": "^27.3.1",
     "start-server-and-test": "^1.14.0"
   },
-  "gitHead": "9a685c7182412efc208a5193c17b92ec299dccb2"
+  "gitHead": "19fd75486457b972da40d7d1d043f389738aa1da"
 }