@ocap/tx-protocols 1.22.2 → 1.23.0

package/lib/protocols/token-factory/burn.js

@@ -1,23 +1,21 @@
 const { CustomError: Error } = require('@ocap/util/lib/error');
 const { Joi, schemas } = require('@arcblock/validator');
-const { BN, isSameDid, fromUnitToToken } = require('@ocap/util');
+const { BN, fromUnitToToken } = require('@ocap/util');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
 const { account, tokenFactory, token } = require('@ocap/state');
 
 const EnsureTxGas = require('../../pipes/ensure-gas');
 const EnsureTxCost = require('../../pipes/ensure-cost');
-const CalcReserveAmount = require('./pipes/calc-reserve');
-const { applyTokenChange } = require('../../util');
+const CalcReserve = require('./pipes/calc-reserve');
+const { applyTokenChange, applyTokenUpdates } = require('../../util');
 
 const runner = new Runner();
 
-runner.use(pipes.VerifyMultiSig(0));
-
 const schema = Joi.object({
   tokenFactory: Joi.DID().prefix().role('ROLE_TOKEN_FACTORY').required(),
   receiver: schemas.tokenHolder.required(),
-  amount: Joi.BN().greater(0).required(),
   minReserve: Joi.alternatives().try(Joi.BN().greater(0), Joi.equal('')).optional(),
+  inputsList: schemas.multiInput.min(1).required(),
   data: Joi.any().optional().allow(null),
 }).options({ stripUnknown: true, noDefaults: false });
 
@@ -30,6 +28,23 @@ runner.use(({ itx }, next) => {
   return next();
 });
 
+// verify inputs
+runner.use(
+  pipes.VerifyTxInput({
+    fieldKey: 'itx.inputs',
+    inputsKey: 'inputs',
+    sendersKey: 'senders',
+    tokensKey: 'tokens',
+    assetsKey: null,
+  })
+);
+
+// verify itx size: set hard limit here because more inputs leads to longer tx execute time
+runner.use(pipes.VerifyListSize({ listKey: ['inputs', 'senders', 'tokens', 'assets'] }));
+
+// verify multi sig
+runner.use(pipes.VerifyMultiSigV2({ signersKey: 'senders' }));
+
 // verify token factory
 runner.use(
   pipes.ExtractState({
@@ -40,14 +55,37 @@ runner.use(
   })
 );
 
+// verify inputs token
+runner.use((context, next) => {
+  const { tokenFactoryState, inputs } = context;
+
+  const isAccepted = inputs.every(
+    (input) =>
+      input.tokensList.length &&
+      input.tokensList.every((x) => x.address === tokenFactoryState.tokenAddress) &&
+      !input.assetsList.length
+  );
+
+  if (!isAccepted) {
+    return next(new Error('INVALID_TX', `Inputs only accept ${tokenFactoryState.tokenAddress}`));
+  }
+
+  return next();
+});
+
 // ensure sender
-runner.use(
-  pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })
-);
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'OK', table: 'account' }));
 runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: 'tx.from' }));
 
+runner.use(pipes.ExtractState({ from: 'senders', to: 'signerStates', status: 'INVALID_SIGNER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.VerifyAccountMigration({ signerKey: 'signerStates', stateKey: 'senderState', addressKey: 'tx.from' }));
+
 // ensure receiver
 runner.use(pipes.ExtractState({ from: 'itx.receiver', to: 'receiverState', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyAccountMigration({ stateKey: 'receiverState', addressKey: 'itx.receiver' }));
+
+// verify blocked
+runner.use(pipes.VerifyBlocked({ stateKeys: ['signerStates', 'receiverState'] }));
 
 // ensure owner
 runner.use(
@@ -59,9 +97,6 @@ runner.use(
   })
 );
 
-// verify blocked
-runner.use(pipes.VerifyBlocked({ stateKeys: ['senderState', 'receiverState'] }));
-
 // ensure token state
 runner.use(
   pipes.ExtractState({
@@ -72,13 +107,32 @@ runner.use(
   })
 );
 
-// calculate reserve amount
+// calculate burn amount
+runner.use((context, next) => {
+  const { inputs, tokenFactoryState } = context;
+  let amount = new BN('0');
+
+  for (const { tokensList } of inputs) {
+    const delta = tokensList.find((x) => x.address === tokenFactoryState.tokenAddress)?.value;
+    if (!delta) {
+      return next(new Error('INVALID_TX', 'Invalid inputs'));
+    }
+    amount = amount.add(new BN(delta));
+  }
+
+  context.burnAmount = amount.toString();
+
+  return next();
+});
+
+// calculate reserve amount / fee
 runner.use(
-  CalcReserveAmount({
+  CalcReserve({
     tokenFactoryKey: 'tokenFactoryState',
     tokenStateKey: 'tokenState',
     reserveKey: 'reserveAmount',
     feeKey: 'reserveFee',
+    amountKey: 'burnAmount',
     direction: 'burn',
   })
 );
@@ -88,7 +142,7 @@ runner.use((context, next) => {
   const { reserveAmount, reserveFee } = context;
   const { minReserve } = context.itx;
 
-  if (minReserve && new BN(reserveAmount).lt(new BN(minReserve).add(new BN(reserveFee)))) {
+  if (minReserve && new BN(reserveAmount).lt(new BN(minReserve).add(new BN(reserveFee || '0')))) {
     return next(
       new Error(
         'SLIPPAGE_EXCEEDED',
@@ -97,36 +151,48 @@ runner.use((context, next) => {
     );
   }
 
-  next();
+  return next();
 });
 
-// verify sender tokens
-runner.use((context, next) => {
-  const { tokenFactoryState, itx, reserveFee } = context;
-
-  context.tokenConditions = {
-    owner: context.senderState.address,
-    tokens: [{ address: tokenFactoryState.tokenAddress, value: itx.amount }],
-  };
+// verify balance
+runner.use(pipes.ExtractState({ from: 'tokens', to: 'tokenStates', status: 'INVALID_TOKEN', table: 'token' }));
+runner.use(pipes.VerifyTokenBalance({ ownerKey: 'signerStates', conditionKey: 'inputs' }));
 
-  if (reserveFee) {
-    context.tokenConditions.tokens.push({ address: tokenFactoryState.reserveAddress, value: reserveFee });
+// verify token factory balance
+runner.use((context, next) => {
+  const { tokenFactoryState } = context;
+  if (new BN(tokenFactoryState.currentSupply).lt(new BN(context.burnAmount))) {
+    return next(new Error('INSUFFICIENT_FUND', 'Token factory supply is not enough'));
   }
-
-  next();
+  if (new BN(tokenFactoryState.reserveBalance).lt(new BN(context.reserveAmount))) {
+    return next(new Error('INSUFFICIENT_FUND', 'Token factory reserve balance is not enough'));
+  }
+  return next();
 });
-runner.use(pipes.VerifyTokenBalance({ ownerKey: 'senderState', conditionKey: 'tokenConditions' }));
 
 // Ensure tx fee and gas
 runner.use(
   EnsureTxGas((context) => {
-    const result = { create: 0, update: 3, payment: 0 };
+    const result = { create: 0, update: 2, payment: 0 };
+
+    if (context.senderState) {
+      result.update += 1;
+    } else {
+      result.create += 1;
+    }
 
     if (context.receiverState) {
       result.update += 1;
+    } else {
+      result.create += 1;
     }
+
     if (context.reserveFee) {
-      result.update += 1;
+      result.update += 1; // owner
+    }
+
+    if (context.signerStates) {
+      result.update += context.signerStates.length;
     }
 
     return result;
@@ -153,62 +219,76 @@ runner.use(
       reserveAmount,
       reserveFee,
       itx,
+      inputs,
+      signerStates,
+      burnAmount,
     } = context;
-    const { amount, receiver } = itx;
+    const { receiver } = itx;
     const { reserveAddress, tokenAddress } = tokenFactoryState;
 
-    const { tokens: senderTokens = {} } = senderState;
-    const { tokens: receiverTokens = {} } = receiverState || {};
-    const { tokens: ownerTokens = {} } = ownerState;
-
-    senderTokens[tokenAddress] = new BN(senderTokens[tokenAddress]).sub(new BN(amount)).toString();
-    receiverTokens[reserveAddress] = new BN(receiverTokens[reserveAddress] || '0')
-      .add(new BN(reserveAmount))
-      .toString();
-
-    if (isSameDid(senderState.address, receiver)) {
-      senderTokens[reserveAddress] = receiverTokens[reserveAddress];
+    const accountUpdates = {};
+    const inputChanges = [];
+
+    // update signer burns
+    inputs.forEach(({ owner, tokensList }) => {
+      const tokenChange = tokensList.find((item) => item.address === tokenAddress);
+
+      accountUpdates[owner] = applyTokenUpdates(
+        [tokenChange],
+        signerStates.find((s) => s.address === owner),
+        'sub'
+      );
+
+      inputChanges.push({
+        address: owner,
+        token: tokenAddress,
+        delta: new BN(tokenChange.value).neg().toString(),
+      });
+    });
+
+    // update sender
+    if (senderChange) {
+      accountUpdates[senderChange.address] = applyTokenChange(accountUpdates[senderChange.address], senderChange);
     }
-    if (reserveFee) {
-      const fee = new BN(reserveFee);
-      senderTokens[reserveAddress] = new BN(senderTokens[reserveAddress]).sub(fee).toString();
-
-      if (isSameDid(receiver, ownerState.address)) {
-        receiverTokens[reserveAddress] = new BN(receiverTokens[reserveAddress] || '0').add(fee).toString();
-      } else {
-        ownerTokens[reserveAddress] = new BN(ownerTokens[reserveAddress] || '0').add(fee).toString();
-      }
+    // Ensure the sender exists in accountUpdates, because even if there is no balance change, we need to update his nonce
+    if (!accountUpdates[tx.from]) {
+      accountUpdates[tx.from] = {};
     }
 
-    const senderUpdates = senderChange
-      ? applyTokenChange({ tokens: senderTokens }, senderChange)
-      : { tokens: senderTokens };
+    // update owner
+    if (reserveFee && new BN(reserveFee).gt(0)) {
+      accountUpdates[ownerState.address] = applyTokenChange(accountUpdates[ownerState.address] || ownerState, {
+        address: ownerState.address,
+        token: reserveAddress,
+        delta: reserveFee,
+      });
+    }
 
-    const [newSenderState, newReceiverState, newOwnerState, newTokenFactoryState, newTokenState] = await Promise.all([
-      // Update sender state
-      statedb.account.update(
-        senderState.address,
-        account.update(senderState, { nonce: tx.nonce, pk: tx.pk, ...senderUpdates }, context),
-        context
-      ),
+    // update receiver
+    accountUpdates[receiver] = applyTokenChange(
+      accountUpdates[receiver] || receiverState || { address: receiver, tokens: {} },
+      {
+        address: receiver,
+        token: reserveAddress,
+        delta: new BN(reserveAmount).sub(new BN(reserveFee || '0')).toString(), // reserveAmount - reserveFee
+      }
+    );
 
-      // Update receiver state
-      !isSameDid(senderState.address, receiver)
-        ? statedb.account.updateOrCreate(
-            receiverState,
-            account.updateOrCreate(receiverState, { address: receiver, tokens: receiverTokens }, context),
+    const [newAccountStates, newTokenFactoryState, newTokenState] = await Promise.all([
+      // update accounts
+      Promise.all(
+        Object.entries(accountUpdates).map(([address, updates]) => {
+          // We can use updateOrCreate here because the owner and signer have already been validated to exist earlier,
+          // the sender and receiver are allowed to be created in the transaction.
+          const state = [senderState, receiverState, ownerState, ...signerStates].find((x) => x?.address === address);
+          const senderUpdated = address === tx.from ? { nonce: tx.nonce, pk: tx.pk } : {};
+          return statedb.account.updateOrCreate(
+            state,
+            account.updateOrCreate(state, Object.assign({ address }, senderUpdated, updates), context),
             context
-          )
-        : null,
-
-      // Update owner state
-      !isSameDid(senderState.address, ownerState.address) && !isSameDid(receiver, ownerState.address)
-        ? statedb.account.update(
-            ownerState.address,
-            account.update(ownerState, { tokens: ownerTokens }, context),
-            context
-          )
-        : null,
+          );
+        })
+      ),
 
       // Update token factory state
       statedb.tokenFactory.update(
@@ -216,7 +296,7 @@ runner.use(
         tokenFactory.update(
           tokenFactoryState,
           {
-            currentSupply: new BN(tokenFactoryState.currentSupply).sub(new BN(amount)).toString(),
+            currentSupply: new BN(tokenFactoryState.currentSupply).sub(new BN(burnAmount)).toString(),
             reserveBalance: new BN(tokenFactoryState.reserveBalance).sub(new BN(reserveAmount)).toString(),
           },
           context
@@ -229,7 +309,7 @@ runner.use(
         token.update(
           tokenState,
           {
-            totalSupply: new BN(tokenState.totalSupply).sub(new BN(amount)).toString(),
+            totalSupply: new BN(tokenState.totalSupply).sub(new BN(burnAmount)).toString(),
           },
           context
         ),
@@ -237,12 +317,17 @@ runner.use(
       ),
     ]);
 
-    context.senderState = newSenderState;
-    context.receiverState = newReceiverState;
-    context.ownerState = newOwnerState;
+    context.senderState = newAccountStates.find((x) => x.address === tx.from);
+    context.receiverState = newAccountStates.find((x) => x.address === receiver);
+    // owner maybe not updated
+    context.ownerState = newAccountStates.find((x) => x.address === ownerState.address) || ownerState;
+    context.signerStates = newAccountStates.filter((x) => signerStates.find((s) => s.address === x.address));
     context.tokenFactoryState = newTokenFactoryState;
     context.tokenState = newTokenState;
 
+    // save this for receipt generation
+    context.inputChanges = inputChanges;
+
     await updateVaults();
 
     next();

package/lib/protocols/token-factory/create.js

@@ -3,14 +3,14 @@ const cloneDeep = require('lodash/cloneDeep');
 const { Joi } = require('@arcblock/validator');
 const { CustomError: Error } = require('@ocap/util/lib/error');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
-const { account, token, tokenFactory } = require('@ocap/state');
+const { account, token, tokenFactory, delegation } = require('@ocap/state');
 const { toTokenFactoryAddress, toTokenAddress } = require('@arcblock/did-util');
 const { applyTokenChange } = require('../../util');
 
 // eslint-disable-next-line global-require, import/order
 const debug = require('debug')(`${require('../../../package.json').name}:create-token-factory`);
 
-const { decodeAnySafe } = require('../../util');
+const { decodeAnySafe, getDelegationRequirements } = require('../../util');
 
 const EnsureTxGas = require('../../pipes/ensure-gas');
 const EnsureTxCost = require('../../pipes/ensure-cost');
@@ -48,9 +48,9 @@ runner.use((context, next) => {
   return next();
 });
 
-// Ensure factory and token address is valid
 runner.use(
   pipes.VerifyInfo([
+    // verify token address is valid
     {
       error: 'INVALID_TOKEN',
       message: 'Token address is not valid',
@@ -58,6 +58,7 @@ runner.use(
         return toTokenAddress({ ...context.itx.token, address: '' }) === context.itx.token.address;
       },
     },
+    // verify token factory address is valid
     {
       error: 'INVALID_TOKEN_FACTORY',
       message: 'Token factory address is not valid',
@@ -69,12 +70,7 @@ runner.use(
         return toTokenFactoryAddress(itx) === context.itx.address;
       },
     },
-  ])
-);
-
-// Ensure reserve address is config.token.address
-runner.use(
-  pipes.VerifyInfo([
+    // verify reserve address is config.token.address
     {
       error: 'INVALID_RESERVE_ADDRESS',
       message: 'Reserve address is not valid',
@@ -83,6 +79,18 @@ runner.use(
   ])
 );
 
+// Ensure symbol is not internal
+runner.use((context, next) => {
+  const { internalSymbols } = context.config;
+  const { symbol } = context.itx.token;
+
+  if (internalSymbols.includes(symbol.toUpperCase())) {
+    return next(new Error('INVALID_SYMBOL', `Token symbol can not be ${symbol}`));
+  }
+
+  return next();
+});
+
 // Ensure token factory not exist
 runner.use(pipes.ExtractState({ from: 'itx.address', to: 'tokenFactoryState', table: 'tokenFactory', status: 'OK' }));
 runner.use(
@@ -113,14 +121,22 @@ runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: '
 
 runner.use(pipes.VerifyBlocked({ stateKeys: ['senderState'] }));
 
+// Ensure delegation
+runner.use(pipes.ExtractState({ from: 'tx.delegator', to: 'delegatorState', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyAccountMigration({ stateKey: 'delegatorState', addressKey: 'tx.delegator' }));
+runner.use(
+  pipes.VerifyDelegation({
+    type: 'signature',
+    signerKey: 'senderState',
+    delegatorKey: 'delegatorState',
+    getRequirements: getDelegationRequirements,
+  })
+);
+
 // Ensure uniqueness of token symbol
 runner.use(
   async function EnsureTokenSymbol(context, next) {
-    const { symbol } = context.config.token;
     const itxToken = context.itx.token;
-    if (symbol.toLowerCase() === itxToken.symbol.toLowerCase()) {
-      return next(new Error('DUPLICATE_SYMBOL', `Token symbol can not be ${symbol}`));
-    }
 
     const exist = await context.statedb.token.existBySymbol(itxToken.symbol, context);
     if (exist) {
@@ -134,8 +150,14 @@ runner.use(
 
 // Ensure tx fee and gas
 runner.use(
-  EnsureTxGas(() => {
-    return { create: 1, update: 2, payment: 0 };
+  EnsureTxGas((context) => {
+    const result = { create: 2, update: 1, payment: 0 };
+
+    if (context.isDelegationChanged) {
+      result.update += 1;
+    }
+
+    return result;
   })
 );
 runner.use(EnsureTxCost({ attachSenderChanges: true }));
@@ -146,9 +168,9 @@ runner.use(pipes.TakeStateSnapshot());
 // Update sender state, token factory state
 runner.use(
   async (context, next) => {
-    const { tx, itx, statedb, senderState, senderChange, updateVaults } = context;
+    const { tx, itx, statedb, senderState, delegatorState, delegationState, senderChange, updateVaults } = context;
     const data = decodeAnySafe(itx.data);
-    const owner = senderState.address;
+    const owner = delegatorState ? delegatorState.address : senderState.address;
 
     const itxToken = itx.token;
 
@@ -158,7 +180,7 @@ runner.use(
       ? applyTokenChange({ tokens: senderTokens }, senderChange)
       : { tokens: senderTokens };
 
-    const [newSenderState, newTokenState, newTokenFactoryState] = await Promise.all([
+    const [newSenderState, newTokenState, newTokenFactoryState, newDelegationState] = await Promise.all([
       statedb.account.update(
         senderState.address,
         account.update(senderState, { nonce: tx.nonce, pk: tx.pk, ...senderUpdates }, context),
@@ -185,6 +207,11 @@ runner.use(
         tokenFactory.create({ ...cloneDeep(itx), owner, tokenAddress: itxToken.address, data }, context),
         context
       ),
+
+      // Update delegation state
+      context.isDelegationChanged
+        ? statedb.delegation.update(delegationState.address, delegation.update(delegationState, {}, context), context)
+        : delegationState,
     ]);
 
     await updateVaults();
@@ -192,6 +219,7 @@ runner.use(
     context.senderState = newSenderState;
     context.tokenState = newTokenState;
     context.tokenFactoryState = newTokenFactoryState;
+    context.delegationState = newDelegationState;
 
     debug('create token factory', newTokenFactoryState);
 

package/lib/protocols/token-factory/mint.js

@@ -1,24 +1,22 @@
 const { CustomError: Error } = require('@ocap/util/lib/error');
 const { Joi, schemas } = require('@arcblock/validator');
-const { BN, isSameDid, fromUnitToToken } = require('@ocap/util');
+const { BN, fromUnitToToken } = require('@ocap/util');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
 const { account, tokenFactory, token } = require('@ocap/state');
 
 const EnsureTxGas = require('../../pipes/ensure-gas');
 const EnsureTxCost = require('../../pipes/ensure-cost');
 const CalcReserve = require('./pipes/calc-reserve');
-const { applyTokenChange } = require('../../util');
+const { applyTokenChange, applyTokenUpdates } = require('../../util');
 
 const runner = new Runner();
 
-runner.use(pipes.VerifyMultiSig(0));
-
 const schema = Joi.object({
   tokenFactory: Joi.DID().prefix().role('ROLE_TOKEN_FACTORY').required(),
   receiver: schemas.tokenHolder.required(),
   amount: Joi.BN().greater(0).required(),
-  maxReserve: Joi.alternatives().try(Joi.BN().greater(0), Joi.equal('')).optional(),
   data: Joi.any().optional().allow(null),
+  inputsList: schemas.multiInput.min(1).required(),
 }).options({ stripUnknown: true, noDefaults: false });
 
 // verify itx
@@ -30,6 +28,23 @@ runner.use(({ itx }, next) => {
   return next();
 });
 
+// verify inputs
+runner.use(
+  pipes.VerifyTxInput({
+    fieldKey: 'itx.inputs',
+    inputsKey: 'inputs',
+    sendersKey: 'senders',
+    tokensKey: 'tokens',
+    assetsKey: null,
+  })
+);
+
+// verify itx size: set hard limit here because more inputs leads to longer tx execute time
+runner.use(pipes.VerifyListSize({ listKey: ['inputs', 'senders', 'tokens', 'assets'] }));
+
+// verify multi sig
+runner.use(pipes.VerifyMultiSigV2({ signersKey: 'senders' }));
+
 // verify token factory
 runner.use(
   pipes.ExtractState({
@@ -40,14 +55,35 @@ runner.use(
   })
 );
 
+// verify inputs token
+runner.use((context, next) => {
+  const { tokenFactoryState, inputs } = context;
+
+  const isAccepted = inputs.every(
+    (input) =>
+      input.tokensList.length &&
+      input.tokensList.every((x) => x.address === tokenFactoryState.reserveAddress) &&
+      !input.assetsList.length
+  );
+
+  if (!isAccepted) {
+    return next(new Error('INVALID_TX', `Inputs only accept ${tokenFactoryState.reserveAddress}`));
+  }
+
+  return next();
+});
+
 // ensure sender
-runner.use(
-  pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })
-);
-runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: 'tx.from' }));
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'OK', table: 'account' }));
+runner.use(pipes.ExtractState({ from: 'senders', to: 'signerStates', status: 'INVALID_SIGNER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.VerifyAccountMigration({ signerKey: 'signerStates', stateKey: 'senderState', addressKey: 'tx.from' }));
 
 // ensure receiver
 runner.use(pipes.ExtractState({ from: 'itx.receiver', to: 'receiverState', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyAccountMigration({ stateKey: 'receiverState', addressKey: 'itx.receiver' }));
+
+// verify blocked
+runner.use(pipes.VerifyBlocked({ stateKeys: ['signerStates', 'receiverState'] }));
 
 // ensure owner
 runner.use(
@@ -59,9 +95,6 @@ runner.use(
   })
 );
 
-// verify blocked
-runner.use(pipes.VerifyBlocked({ stateKeys: ['senderState', 'receiverState'] }));
-
 // ensure token state
 runner.use(
   pipes.ExtractState({
@@ -74,20 +107,32 @@ runner.use(
 
 // calculate reserve amount
 runner.use(
-  CalcReserve({ tokenFactoryKey: 'tokenFactoryState', tokenStateKey: 'tokenState', reserveKey: 'reserveAmount' })
+  CalcReserve({
+    tokenFactoryKey: 'tokenFactoryState',
+    tokenStateKey: 'tokenState',
+    reserveKey: 'reserveAmount',
+    amountKey: 'itx.amount',
+  })
 );
 
 // verify slippage
 runner.use((context, next) => {
-  const { reserveAmount, reserveFee } = context;
-  const { maxReserve } = context.itx;
+  const { reserveAmount, reserveFee, inputs, tokenFactoryState } = context;
+
+  const maxReserve = inputs.reduce((total, input) => {
+    const reserveToken = input.tokensList.find((x) => x.address === tokenFactoryState.reserveAddress);
+    if (reserveToken) {
+      return total.add(new BN(reserveToken.value));
+    }
+    return total;
+  }, new BN(0));
 
   const actual = new BN(reserveAmount).add(new BN(reserveFee || '0'));
-  if (maxReserve && actual.gt(new BN(maxReserve))) {
+  if (actual.gt(maxReserve)) {
     return next(
       new Error(
         'SLIPPAGE_EXCEEDED',
-        `Mint token failed due to price movement. Expected maximum: ${fromUnitToToken(maxReserve)}, actual: ${fromUnitToToken(actual)}. Try increasing your maxReserve.`
+        `Mint token failed due to price movement. Expected maximum: ${fromUnitToToken(maxReserve)}, actual: ${fromUnitToToken(actual)}. Try increasing your inputs.`
       )
     );
   }
@@ -95,32 +140,33 @@ runner.use((context, next) => {
   next();
 });
 
-// verify sender balance
-runner.use((context, next) => {
-  const { tokenFactoryState } = context;
-  context.tokenConditions = {
-    owner: context.senderState.address,
-    tokens: [
-      {
-        address: tokenFactoryState.reserveAddress,
-        value: new BN(context.reserveAmount).add(new BN(context.reserveFee || '0')).toString(),
-      },
-    ],
-  };
-  next();
-});
-runner.use(pipes.VerifyTokenBalance({ ownerKey: 'senderState', conditionKey: 'tokenConditions' }));
+// verify balance
+runner.use(pipes.ExtractState({ from: 'tokens', to: 'tokenStates', status: 'INVALID_TOKEN', table: 'token' }));
+runner.use(pipes.VerifyTokenBalance({ ownerKey: 'signerStates', conditionKey: 'inputs' }));
 
 // Ensure tx fee and gas
 runner.use(
   EnsureTxGas((context) => {
-    const result = { create: 0, update: 3, payment: 0 };
+    const result = { create: 0, update: 2, payment: 0 };
+
+    if (context.senderState) {
+      result.update += 1;
+    } else {
+      result.create += 1;
+    }
 
     if (context.receiverState) {
       result.update += 1;
+    } else {
+      result.create += 1;
     }
+
     if (context.reserveFee) {
-      result.update += 1;
+      result.update += 1; // owner
+    }
+
+    if (context.signerStates) {
+      result.update += context.signerStates.length;
     }
 
     return result;
@@ -143,65 +189,91 @@ runner.use(
       senderChange,
       updateVaults,
       tokenFactoryState,
+      signerStates,
       tokenState,
       reserveAmount,
       reserveFee,
       itx,
+      inputs,
     } = context;
     const { amount, receiver } = itx;
     const { reserveAddress, tokenAddress } = tokenFactoryState;
 
-    const { tokens: senderTokens = {} } = senderState;
-    const { tokens: receiverTokens = {} } = receiverState || {};
-    const { tokens: ownerTokens = {} } = ownerState;
+    const totalReserveCost = new BN(reserveAmount).add(new BN(reserveFee || '0'));
+    let currentReserveCost = new BN('0');
 
-    senderTokens[reserveAddress] = new BN(senderTokens[reserveAddress]).sub(new BN(reserveAmount)).toString();
-    receiverTokens[tokenAddress] = new BN(receiverTokens[tokenAddress] || '0').add(new BN(amount)).toString();
+    const accountUpdates = {};
+    const inputChanges = [];
 
-    // merge receiver tokens to sender tokens
-    if (isSameDid(senderState.address, receiver)) {
-      senderTokens[tokenAddress] = receiverTokens[tokenAddress];
-    }
-    if (reserveFee) {
-      const fee = new BN(reserveFee);
-      senderTokens[reserveAddress] = new BN(senderTokens[reserveAddress]).sub(fee).toString();
-
-      if (isSameDid(receiver, ownerState.address)) {
-        receiverTokens[reserveAddress] = new BN(receiverTokens[reserveAddress] || '0').add(fee).toString();
-      } else {
-        ownerTokens[reserveAddress] = new BN(ownerTokens[reserveAddress] || '0').add(fee).toString();
+    // update signer costs
+    inputs.forEach(({ owner, tokensList }) => {
+      const reserveTokenChange = tokensList.find((item) => item.address === reserveAddress);
+      let reserveValue = new BN(reserveTokenChange.value);
+
+      // The inputs represent the estimated maximum cost from the frontend.
+      // If the actual cost is less than the maximum cost, we need to adjust the deduction correctly.
+      if (currentReserveCost.add(reserveValue).gt(totalReserveCost)) {
+        reserveTokenChange.value = totalReserveCost.sub(currentReserveCost).toString();
+        reserveValue = new BN(reserveTokenChange.value);
       }
+      currentReserveCost = currentReserveCost.add(reserveValue);
+
+      accountUpdates[owner] = applyTokenUpdates(
+        [reserveTokenChange],
+        signerStates.find((s) => s.address === owner),
+        'sub'
+      );
+
+      inputChanges.push({
+        address: owner,
+        token: reserveAddress,
+        delta: reserveValue.neg().toString(),
+      });
+    });
+
+    // update sender
+    if (senderChange) {
+      accountUpdates[senderChange.address] = applyTokenChange(accountUpdates[senderChange.address], senderChange);
+    }
+    // Ensure the sender exists in accountUpdates, because even if there is no balance change, we need to update his nonce
+    if (!accountUpdates[tx.from]) {
+      accountUpdates[tx.from] = {};
     }
 
-    const senderUpdates = senderChange
-      ? applyTokenChange({ tokens: senderTokens }, senderChange)
-      : { tokens: senderTokens };
+    // update owner
+    if (reserveFee && new BN(reserveFee).gt(0)) {
+      accountUpdates[ownerState.address] = applyTokenChange(accountUpdates[ownerState.address] || ownerState, {
+        address: ownerState.address,
+        token: reserveAddress,
+        delta: reserveFee,
+      });
+    }
 
-    const [newSenderState, newReceiverState, newOwnerState, newTokenFactoryState, newTokenState] = await Promise.all([
-      // Update sender state
-      statedb.account.update(
-        senderState.address,
-        account.update(senderState, { nonce: tx.nonce, pk: tx.pk, ...senderUpdates }, context),
-        context
-      ),
+    // update receiver
+    accountUpdates[receiver] = applyTokenChange(
+      accountUpdates[receiver] || receiverState || { address: receiver, tokens: {} },
+      {
+        address: receiver,
+        token: tokenAddress,
+        delta: amount,
+      }
+    );
 
-      // Update receiver state
-      !isSameDid(senderState.address, receiver)
-        ? statedb.account.updateOrCreate(
-            receiverState,
-            account.updateOrCreate(receiverState, { address: receiver, tokens: receiverTokens }, context),
-            context
-          )
-        : null,
-
-      // Update owner state
-      !isSameDid(senderState.address, ownerState.address) && !isSameDid(receiver, ownerState.address)
-        ? statedb.account.update(
-            ownerState.address,
-            account.update(ownerState, { tokens: ownerTokens }, context),
+    const [newAccountStates, newTokenFactoryState, newTokenState] = await Promise.all([
+      // update accounts
+      Promise.all(
+        Object.entries(accountUpdates).map(([address, updates]) => {
+          // We can use updateOrCreate here because the owner and signer have already been validated to exist earlier,
+          // the sender and receiver are allowed to be created in the transaction.
+          const state = [senderState, receiverState, ownerState, ...signerStates].find((x) => x?.address === address);
+          const senderUpdated = address === tx.from ? { nonce: tx.nonce, pk: tx.pk } : {};
+          return statedb.account.updateOrCreate(
+            state,
+            account.updateOrCreate(state, Object.assign({ address }, senderUpdated, updates), context),
             context
-          )
-        : null,
+          );
+        })
+      ),
 
       // Update token factory state
       statedb.tokenFactory.update(
@@ -230,12 +302,17 @@ runner.use(
       ),
     ]);
 
-    context.senderState = newSenderState;
-    context.receiverState = newReceiverState;
-    context.ownerState = newOwnerState;
+    context.senderState = newAccountStates.find((x) => x.address === tx.from);
+    context.receiverState = newAccountStates.find((x) => x.address === receiver);
+    // owner maybe not updated
+    context.ownerState = newAccountStates.find((x) => x.address === ownerState.address) || ownerState;
+    context.signerStates = newAccountStates.filter((x) => signerStates.find((s) => s.address === x.address));
     context.tokenFactoryState = newTokenFactoryState;
     context.tokenState = newTokenState;
 
+    // save this for receipt generation
+    context.inputChanges = inputChanges;
+
     await updateVaults();
 
     next();

package/lib/protocols/token-factory/pipes/calc-reserve.js

@@ -7,15 +7,15 @@ module.exports =
   ({
     tokenFactoryKey = 'tokenFactoryState',
     tokenStateKey = 'tokenState',
-    senderStateKey = 'senderState',
     reserveKey = 'reserveAmount',
     feeKey = 'reserveFee',
+    amountKey = 'itx.amount',
     direction = 'mint',
   } = {}) =>
   (context, next) => {
     const tokenFactoryState = get(context, tokenFactoryKey);
     const tokenState = get(context, tokenStateKey);
-    const senderState = get(context, senderStateKey);
+    const amount = get(context, amountKey);
 
     if (!tokenFactoryState) {
       return next(new Error('INVALID_TOKEN_FACTORY', 'Token factory state not found'));
@@ -26,15 +26,12 @@ module.exports =
 
     const { curve, currentSupply, feeRate } = tokenFactoryState;
     const { decimal } = tokenState;
-    const { amount } = context.itx;
 
     const reserveAmount = calcCost({ amount, decimal, currentSupply, direction, curve });
     set(context, reserveKey, reserveAmount.toString());
 
-    if (senderState.address !== tokenFactoryState.owner) {
-      const reserveFee = calcFee({ reserveAmount, feeRate });
-      set(context, feeKey, reserveFee.toString());
-    }
+    const reserveFee = calcFee({ reserveAmount, feeRate });
+    set(context, feeKey, reserveFee.toString());
 
-    next();
+    return next();
   };

package/lib/protocols/token-factory/update.js

@@ -1,8 +1,8 @@
 const { Joi } = require('@arcblock/validator');
 const { CustomError: Error } = require('@ocap/util/lib/error');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
-const { account, tokenFactory } = require('@ocap/state');
-const { applyTokenChange } = require('../../util');
+const { account, tokenFactory, delegation } = require('@ocap/state');
+const { applyTokenChange, getDelegationRequirements } = require('../../util');
 
 // eslint-disable-next-line global-require, import/order
 const debug = require('debug')(`${require('../../../package.json').name}:update-token-factory`);
@@ -40,25 +40,44 @@ runner.use(
   })
 );
 
+// Ensure sender
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: 'tx.from' }));
+runner.use(pipes.VerifyBlocked({ stateKeys: ['senderState'] }));
+
+// Ensure delegation
+runner.use(pipes.ExtractState({ from: 'tx.delegator', to: 'delegatorState', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyAccountMigration({ stateKey: 'delegatorState', addressKey: 'tx.delegator' }));
+runner.use(
+  pipes.VerifyDelegation({
+    type: 'signature',
+    signerKey: 'senderState',
+    delegatorKey: 'delegatorState',
+    getRequirements: getDelegationRequirements,
+  })
+);
+
 // verify owner
 runner.use((context, next) => {
-  const { tx, tokenFactoryState } = context;
-  if (tx.from !== tokenFactoryState.owner) {
+  const { tokenFactoryState, delegatorState, senderState } = context;
+  const owner = delegatorState ? delegatorState.address : senderState.address;
+  if (owner !== tokenFactoryState.owner) {
     return next(new Error('FORBIDDEN', 'Token factory can only be updated by owner'));
   }
 
   return next();
 });
 
-// Ensure sender
-runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
-runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: 'tx.from' }));
-runner.use(pipes.VerifyBlocked({ stateKeys: ['senderState'] }));
-
 // Ensure tx fee and gas
 runner.use(
-  EnsureTxGas(() => {
-    return { create: 0, update: 2, payment: 0 };
+  EnsureTxGas((context) => {
+    const result = { create: 0, update: 2, payment: 0 };
+
+    if (context.isDelegationChanged) {
+      result.update += 1;
+    }
+
+    return result;
   })
 );
 runner.use(EnsureTxCost({ attachSenderChanges: true }));
@@ -69,7 +88,7 @@ runner.use(pipes.TakeStateSnapshot());
 // Update sender state, token factory state
 runner.use(
   async (context, next) => {
-    const { tx, itx, statedb, senderState, tokenFactoryState, senderChange, updateVaults } = context;
+    const { tx, itx, statedb, senderState, tokenFactoryState, senderChange, updateVaults, delegationState } = context;
 
     const { tokens: senderTokens = {} } = senderState;
 
@@ -77,7 +96,7 @@ runner.use(
       ? applyTokenChange({ tokens: senderTokens }, senderChange)
       : { tokens: senderTokens };
 
-    const [newSenderState, newTokenFactoryState] = await Promise.all([
+    const [newSenderState, newTokenFactoryState, newDelegationState] = await Promise.all([
       statedb.account.update(
         senderState.address,
         account.update(senderState, { nonce: tx.nonce, pk: tx.pk, ...senderUpdates }, context),
@@ -89,12 +108,18 @@ runner.use(
         tokenFactory.update(tokenFactoryState, { feeRate: itx.feeRate }, context),
         context
       ),
+
+      // Update delegation state
+      context.isDelegationChanged
+        ? statedb.delegation.update(delegationState.address, delegation.update(delegationState, {}, context), context)
+        : delegationState,
     ]);
 
     await updateVaults();
 
     context.senderState = newSenderState;
     context.tokenFactoryState = newTokenFactoryState;
+    context.delegationState = newDelegationState;
 
     debug('update token factory', newTokenFactoryState);
 

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.22.2",
+  "version": "1.23.0",
   "description": "Predefined tx pipeline sets to execute certain type of transactions",
   "main": "lib/index.js",
   "files": [
@@ -18,19 +18,19 @@
     "empty-value": "^1.0.1",
     "lodash": "^4.17.21",
     "url-join": "^4.0.1",
-    "@arcblock/did": "1.22.2",
-    "@arcblock/did-util": "1.22.2",
-    "@arcblock/jwt": "1.22.2",
-    "@arcblock/validator": "1.22.2",
-    "@ocap/asset": "1.22.2",
-    "@ocap/client": "1.22.2",
-    "@ocap/mcrypto": "1.22.2",
-    "@ocap/merkle-tree": "1.22.2",
-    "@ocap/message": "1.22.2",
-    "@ocap/state": "1.22.2",
-    "@ocap/tx-pipeline": "1.22.2",
-    "@ocap/util": "1.22.2",
-    "@ocap/wallet": "1.22.2"
+    "@arcblock/did": "1.23.0",
+    "@arcblock/did-util": "1.23.0",
+    "@arcblock/jwt": "1.23.0",
+    "@arcblock/validator": "1.23.0",
+    "@ocap/asset": "1.23.0",
+    "@ocap/client": "1.23.0",
+    "@ocap/mcrypto": "1.23.0",
+    "@ocap/merkle-tree": "1.23.0",
+    "@ocap/message": "1.23.0",
+    "@ocap/state": "1.23.0",
+    "@ocap/tx-pipeline": "1.23.0",
+    "@ocap/util": "1.23.0",
+    "@ocap/wallet": "1.23.0"
   },
   "resolutions": {
     "bn.js": "5.2.1",
@@ -39,8 +39,8 @@
   "devDependencies": {
     "jest": "^29.7.0",
     "start-server-and-test": "^1.14.0",
-    "@ocap/e2e-test": "1.22.2",
-    "@ocap/statedb-memory": "1.22.2"
+    "@ocap/e2e-test": "1.23.0",
+    "@ocap/statedb-memory": "1.23.0"
   },
   "scripts": {
     "lint": "eslint tests lib",