npm - @ocap/tx-protocols - Versions diffs - 1.24.9 → 1.25.1 - Mend

@ocap/tx-protocols 1.24.9 → 1.25.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/lib/protocols/token/create.js +1 -1
package/lib/protocols/token-factory/create.js +92 -11
package/lib/protocols/token-factory/pipes/verify-icon.js +27 -0
package/lib/protocols/token-factory/pipes/verify-ownership.js +58 -0
package/lib/protocols/token-factory/pipes/verify-url.js +17 -0
package/lib/protocols/token-factory/update.js +81 -7
package/package.json +18 -16

package/lib/protocols/token/create.js CHANGED Viewed

@@ -23,7 +23,7 @@ runner.use(pipes.VerifyMultiSig(0));
 const schema = Joi.object({
   address: Joi.DID().prefix().role('ROLE_TOKEN').required(),
   name: Joi.string().min(1).max(32).required(),
-  description: Joi.string().min(1).max(128).required(),
+  description: Joi.string().min(16).max(128).required(),
   symbol: Joi.string().min(2).max(6).uppercase().required(),
   unit: Joi.string().min(1).max(6).lowercase().required(),
   decimal: Joi.number().min(6).max(18).required(),

package/lib/protocols/token-factory/create.js CHANGED Viewed

@@ -3,20 +3,24 @@ const cloneDeep = require('lodash/cloneDeep');
 const { Joi } = require('@arcblock/validator');
 const { CustomError: Error } = require('@ocap/util/lib/error');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
-const { account, token, tokenFactory, delegation } = require('@ocap/state');
-const { toTokenFactoryAddress, toTokenAddress } = require('@arcblock/did-util');
-const { applyTokenChange } = require('../../util');
+const { account, token, tokenFactory, delegation, stake } = require('@ocap/state');
+const { toTokenFactoryAddress, toTokenAddress, toStakeAddress } = require('@arcblock/did-util');
+const { BN, fromTokenToUnit } = require('@ocap/util');
 // eslint-disable-next-line global-require, import/order
 const debug = require('debug')(`${require('../../../package.json').name}:create-token-factory`);
-const { decodeAnySafe, getDelegationRequirements } = require('../../util');
+const { applyTokenChange, decodeAnySafe, getDelegationRequirements } = require('../../util');
 const EnsureTxGas = require('../../pipes/ensure-gas');
 const EnsureTxCost = require('../../pipes/ensure-cost');
+const verifyIcon = require('./pipes/verify-icon');
+const verifyUrl = require('./pipes/verify-url');
+const verifyOwnership = require('./pipes/verify-ownership');
 const runner = new Runner();
+const isTest = process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test' || process.env.CI;
 runner.use(pipes.VerifyMultiSig(0));
 const schema = Joi.object({
@@ -26,12 +30,21 @@ const schema = Joi.object({
   reserveAddress: Joi.DID().prefix().role('ROLE_TOKEN').required(),
   token: Joi.object({
     name: Joi.string().min(1).max(32).required(),
-    description: Joi.string().min(1).max(128).required(),
+    description: Joi.string().min(16).max(128).required(),
     symbol: Joi.string().min(2).max(6).uppercase().required(),
     unit: Joi.string().min(1).max(6).lowercase().required(),
     decimal: Joi.number().min(6).max(18).required(),
-    icon: Joi.string().optional().allow(null).valid(''),
+    icon: Joi.string().optional().allow(null, ''),
     maxTotalSupply: Joi.alternatives().try(Joi.BN().greater(0), Joi.string().valid('')).optional().allow(null),
+    website: Joi.string()
+      .uri({
+        scheme: isTest ? ['http', 'https'] : ['https'],
+        allowRelative: false,
+      })
+      .max(256)
+      .optional()
+      .allow(null, ''),
+    metadata: Joi.any().required(),
   }).required(),
   data: Joi.any().optional().allow(null),
 }).options({ stripUnknown: true, noDefaults: false });
@@ -46,6 +59,16 @@ runner.use((context, next) => {
   // filter by curve type
   context.itx.curve = value.curve;
+  // decode and verify metadata
+  if (context.itx.token.metadata) {
+    const metadata = decodeAnySafe(context.itx.token.metadata);
+    const { error: metadataError, value: metadataValue } = token.metadataSchema.validate(metadata.value);
+    if (metadataError) {
+      return next(new Error('INVALID_TX', `Invalid metadata: ${metadataError.message}`));
+    }
+    context.itx.token.metadata = { ...metadata, value: metadataValue };
+  }
   return next();
 });
@@ -80,6 +103,10 @@ runner.use(
   ])
 );
+runner.use(verifyIcon());
+runner.use(verifyUrl({ urlKeys: ['itx.token.website', 'itx.token.metadata.value.communityUrl'] }));
+runner.use(verifyOwnership({ tokenKey: 'itx.token' }));
 // Ensure symbol is not internal
 runner.use((context, next) => {
   const { reservedSymbols } = context.config;
@@ -122,6 +149,36 @@ runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: '
 runner.use(pipes.VerifyBlocked({ stateKeys: ['senderState'] }));
+// verify staking: get address, extract state, verify amount
+runner.use((context, next) => {
+  const { tx, itx } = context;
+  context.stakeAddress = toStakeAddress(tx.from, tx.from, itx.token.symbol);
+  return next();
+});
+runner.use(
+  pipes.ExtractState({ from: 'stakeAddress', to: 'stakeState', status: 'INVALID_STAKE_STATE', table: 'stake' })
+);
+runner.use((context, next) => {
+  const { stakeState, config } = context;
+  if (stakeState.revocable === false) {
+    return next(new Error('INVALID_STAKE_STATE', `Staking for token creating already locked: ${stakeState.address}`));
+  }
+  const actualStake = new BN(stakeState.tokens[config.token.address] || 0);
+  const requiredStake = fromTokenToUnit(config.transaction.txStake.createToken, config.token.decimal);
+  if (actualStake.lt(requiredStake)) {
+    return next(
+      new Error(
+        'INVALID_STAKE_STATE',
+        `Insufficient stake amount: required ${config.transaction.txStake.createToken} ${config.token.symbol}`
+      )
+    );
+  }
+  return next();
+});
 // Ensure delegation
 runner.use(pipes.ExtractState({ from: 'tx.delegator', to: 'delegatorState', status: 'OK', table: 'account' }));
 runner.use(pipes.VerifyAccountMigration({ stateKey: 'delegatorState', addressKey: 'tx.delegator' }));
@@ -152,7 +209,7 @@ runner.use(
 // Ensure tx fee and gas
 runner.use(
   EnsureTxGas((context) => {
-    const result = { create: 2, update: 1, payment: 0 };
+    const result = { create: 2, update: 2, payment: 0 };
     if (context.isDelegationChanged) {
       result.update += 1;
@@ -166,10 +223,22 @@ runner.use(EnsureTxCost({ attachSenderChanges: true }));
 // Save context snapshot before updating states
 runner.use(pipes.TakeStateSnapshot());
-// Update sender state, token factory state
+// Update sender state, token factory state, and lock stake
 runner.use(
   async (context, next) => {
-    const { tx, itx, statedb, senderState, delegatorState, delegationState, senderChange, updateVaults } = context;
+    const {
+      tx,
+      itx,
+      statedb,
+      senderState,
+      delegatorState,
+      delegationState,
+      senderChange,
+      stakeState,
+      stakeAddress,
+      updateVaults,
+      config,
+    } = context;
     const data = decodeAnySafe(itx.data);
     const owner = delegatorState ? delegatorState.address : senderState.address;
@@ -181,7 +250,7 @@ runner.use(
       ? applyTokenChange({ tokens: senderTokens }, senderChange)
       : { tokens: senderTokens };
-    const [newSenderState, newTokenState, newTokenFactoryState, newDelegationState] = await Promise.all([
+    const [newSenderState, newTokenState, newTokenFactoryState, newDelegationState, newStakeState] = await Promise.all([
       statedb.account.update(
         senderState.address,
         account.update(senderState, { nonce: tx.nonce, pk: tx.pk, ...senderUpdates }, context),
@@ -213,6 +282,17 @@ runner.use(
       context.isDelegationChanged
         ? statedb.delegation.update(delegationState.address, delegation.update(delegationState, {}, context), context)
         : delegationState,
+      // Lock the stake after successful token creation
+      statedb.stake.update(
+        stakeAddress,
+        stake.update(
+          stakeState,
+          { revocable: false, revokeWaitingPeriod: config.transaction.txStake.createTokenLockPeriod },
+          context
+        ),
+        context
+      ),
     ]);
     await updateVaults();
@@ -221,6 +301,7 @@ runner.use(
     context.tokenState = newTokenState;
     context.tokenFactoryState = newTokenFactoryState;
     context.delegationState = newDelegationState;
+    context.stakeState = newStakeState;
     debug('create token factory', newTokenFactoryState);

package/lib/protocols/token-factory/pipes/verify-icon.js ADDED Viewed

@@ -0,0 +1,27 @@
+const get = require('lodash/get');
+const set = require('lodash/set');
+const { CustomError: Error } = require('@ocap/util/lib/error');
+const { isSvgFile, sanitizeSvg } = require('@blocklet/xss');
+module.exports =
+  ({ iconKey = 'itx.token.icon', size = 16 * 1024 } = {}) =>
+  (context, next) => {
+    const icon = get(context, iconKey);
+    if (!icon) return next();
+    if (!isSvgFile(icon)) {
+      return next(new Error('INVALID_ICON', 'Token Icon is not a valid SVG file'));
+    }
+    const buffer = Buffer.from(icon, 'utf8');
+    if (buffer.length > size) {
+      return next(new Error('INVALID_ICON', `Token Icon must be less than ${Math.floor(size / 1024)}k`));
+    }
+    const sanitizedIcon = sanitizeSvg(icon);
+    set(context, iconKey, sanitizedIcon);
+    return next();
+  };

package/lib/protocols/token-factory/pipes/verify-ownership.js ADDED Viewed

@@ -0,0 +1,58 @@
+const get = require('lodash/get');
+const { CustomError: Error } = require('@ocap/util/lib/error');
+const { verify: verifyVC } = require('@arcblock/vc');
+module.exports =
+  ({ tokenKey = 'itx.token' } = {}) =>
+  async (context, next) => {
+    const { symbol, address, website } = get(context, tokenKey) || {};
+    if (!website) return next();
+    const {
+      tx: { from, delegator },
+      config: { chainId },
+    } = context;
+    const sender = delegator || from;
+    const verificationUrl = `${website}/.well-known/ocap/tokens.json`;
+    try {
+      const response = await fetch(verificationUrl);
+      const data = await response.json();
+      const valids = await Promise.all(
+        data
+          .filter(Boolean)
+          .filter((item) => {
+            if (item.type !== 'TokenIssueCredential') return false;
+            if (item.issuer.id !== sender) return false;
+            const { id, issued } = item.credentialSubject || {};
+            return (
+              id === sender &&
+              issued.address === address &&
+              issued.symbol === symbol &&
+              issued.chainId === chainId &&
+              issued.website === website
+            );
+          })
+          .map((item) => {
+            return verifyVC({
+              vc: item,
+              ownerDid: sender,
+              trustedIssuers: sender,
+            });
+          })
+      );
+      if (valids.some((valid) => valid)) {
+        return next();
+      }
+      context.logger?.warn('Website verification failed', { address, symbol, website, data });
+      return next(new Error('INVALID_WEBSITE', `Website ${website} verification failed`));
+    } catch (error) {
+      return next(new Error('INVALID_WEBSITE', `Website ${website} verification failed: ${error.message}`));
+    }
+  };

package/lib/protocols/token-factory/pipes/verify-url.js ADDED Viewed

@@ -0,0 +1,17 @@
+const get = require('lodash/get');
+const { CustomError: Error } = require('@ocap/util/lib/error');
+const { verifyUrl } = require('@ocap/util/lib/url');
+module.exports =
+  ({ urlKeys = ['itx.token.website', 'itx.token.metadata.value.communityUrl'] } = {}) =>
+  (context, next) => {
+    for (const key of urlKeys) {
+      const url = get(context, key);
+      if (url && !verifyUrl(url)) {
+        const name = key.split('.').pop();
+        return next(new Error('INVALID_TX', `${name} is not valid`));
+      }
+    }
+    return next();
+  };

package/lib/protocols/token-factory/update.js CHANGED Viewed

@@ -1,22 +1,41 @@
 const { Joi } = require('@arcblock/validator');
 const { CustomError: Error } = require('@ocap/util/lib/error');
 const { Runner, pipes } = require('@ocap/tx-pipeline');
-const { account, tokenFactory, delegation } = require('@ocap/state');
-const { applyTokenChange, getDelegationRequirements } = require('../../util');
+const { account, tokenFactory, delegation, token } = require('@ocap/state');
+const { applyTokenChange, getDelegationRequirements, decodeAnySafe } = require('../../util');
 // eslint-disable-next-line global-require, import/order
 const debug = require('debug')(`${require('../../../package.json').name}:update-token-factory`);
 const EnsureTxGas = require('../../pipes/ensure-gas');
 const EnsureTxCost = require('../../pipes/ensure-cost');
+const verifyIcon = require('./pipes/verify-icon');
+const verifyUrl = require('./pipes/verify-url');
+const verifyOwnership = require('./pipes/verify-ownership');
 const runner = new Runner();
+const isTest = process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test' || process.env.CI;
 runner.use(pipes.VerifyMultiSig(0));
 const schema = Joi.object({
   address: Joi.DID().prefix().role('ROLE_TOKEN_FACTORY').required(),
-  feeRate: Joi.number().min(0).max(2000).required(),
+  feeRate: Joi.number().min(0).max(2000).optional().allow(null),
+  token: Joi.object({
+    icon: Joi.string().optional().allow(null, ''),
+    website: Joi.string()
+      .uri({
+        scheme: isTest ? ['http', 'https'] : ['https'],
+        allowRelative: false,
+      })
+      .max(256)
+      .optional()
+      .allow(null, ''),
+    metadata: Joi.any().optional().allow(null),
+  })
+    .optional()
+    .allow(null),
   data: Joi.any().optional().allow(null),
 }).options({ stripUnknown: true, noDefaults: false });
@@ -27,9 +46,22 @@ runner.use((context, next) => {
     return next(new Error('INVALID_TX', `Invalid itx: ${error.message}`));
   }
+  // decode and verify metadata
+  if (context.itx.token?.metadata) {
+    const metadata = decodeAnySafe(context.itx.token.metadata);
+    const { error: metadataError, value: metadataValue } = token.metadataSchema.validate(metadata.value);
+    if (metadataError) {
+      return next(new Error('INVALID_TX', `Invalid metadata: ${metadataError.message}`));
+    }
+    context.itx.token.metadata = { ...metadata, value: metadataValue };
+  }
   return next();
 });
+runner.use(verifyIcon({ iconKey: 'itx.token.icon' }));
+runner.use(verifyUrl({ urlKeys: ['itx.token.website', 'itx.token.metadata.value.communityUrl'] }));
 // ensure token factory exists
 runner.use(
   pipes.ExtractState({
@@ -40,6 +72,24 @@ runner.use(
   })
 );
+// ensure token exists
+runner.use(
+  pipes.ExtractState({
+    from: 'tokenFactoryState.tokenAddress',
+    to: 'tokenState',
+    table: 'token',
+    status: 'INVALID_TOKEN',
+  })
+);
+// verify website
+runner.use((context, next) => {
+  const { tokenState, itx } = context;
+  context.itxToken = { symbol: tokenState.symbol, address: tokenState.address, website: itx.token?.website };
+  return next();
+});
+runner.use(verifyOwnership({ tokenKey: 'itxToken' }));
 // Ensure sender
 runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
 runner.use(pipes.VerifyAccountMigration({ stateKey: 'senderState', addressKey: 'tx.from' }));
@@ -88,7 +138,17 @@ runner.use(pipes.TakeStateSnapshot());
 // Update sender state, token factory state
 runner.use(
   async (context, next) => {
-    const { tx, itx, statedb, senderState, tokenFactoryState, senderChange, updateVaults, delegationState } = context;
+    const {
+      tx,
+      itx,
+      statedb,
+      senderState,
+      tokenFactoryState,
+      tokenState,
+      senderChange,
+      updateVaults,
+      delegationState,
+    } = context;
     const { tokens: senderTokens = {} } = senderState;
@@ -96,7 +156,16 @@ runner.use(
       ? applyTokenChange({ tokens: senderTokens }, senderChange)
       : { tokens: senderTokens };
-    const [newSenderState, newTokenFactoryState, newDelegationState] = await Promise.all([
+    const factoryUpdates = itx.feeRate ? { feeRate: itx.feeRate } : {};
+    const tokenUpdates = itx.token
+      ? {
+          icon: itx.token?.icon || tokenState.icon,
+          website: itx.token?.website || tokenState.website,
+          metadata: itx.token?.metadata || tokenState.metadata,
+        }
+      : null;
+    const [newSenderState, newTokenFactoryState, newTokenState, newDelegationState] = await Promise.all([
       statedb.account.update(
         senderState.address,
         account.update(senderState, { nonce: tx.nonce, pk: tx.pk, ...senderUpdates }, context),
@@ -105,10 +174,14 @@ runner.use(
       statedb.tokenFactory.update(
         tokenFactoryState.address,
-        tokenFactory.update(tokenFactoryState, { feeRate: itx.feeRate }, context),
+        tokenFactory.update(tokenFactoryState, factoryUpdates, context),
         context
       ),
+      tokenUpdates
+        ? statedb.token.update(tokenState.address, token.update(tokenState, tokenUpdates, context), context)
+        : tokenState,
       // Update delegation state
       context.isDelegationChanged
         ? statedb.delegation.update(delegationState.address, delegation.update(delegationState, {}, context), context)
@@ -119,9 +192,10 @@ runner.use(
     context.senderState = newSenderState;
     context.tokenFactoryState = newTokenFactoryState;
+    context.tokenState = newTokenState;
     context.delegationState = newDelegationState;
-    debug('update token factory', newTokenFactoryState);
+    debug('update token factory', newTokenFactoryState, newTokenState);
     next();
   },

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.24.9",
+  "version": "1.25.1",
   "description": "Predefined tx pipeline sets to execute certain type of transactions",
   "main": "lib/index.js",
   "files": [
@@ -13,24 +13,26 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
+    "@blocklet/xss": "^0.2.7",
     "debug": "^4.3.6",
     "deep-diff": "^1.0.2",
     "empty-value": "^1.0.1",
     "lodash": "^4.17.21",
     "url-join": "^4.0.1",
-    "@arcblock/did": "1.24.9",
-    "@arcblock/did-util": "1.24.9",
-    "@arcblock/jwt": "1.24.9",
-    "@arcblock/validator": "1.24.9",
-    "@ocap/asset": "1.24.9",
-    "@ocap/client": "1.24.9",
-    "@ocap/mcrypto": "1.24.9",
-    "@ocap/merkle-tree": "1.24.9",
-    "@ocap/message": "1.24.9",
-    "@ocap/state": "1.24.9",
-    "@ocap/util": "1.24.9",
-    "@ocap/wallet": "1.24.9",
-    "@ocap/tx-pipeline": "1.24.9"
+    "@arcblock/did": "1.25.1",
+    "@arcblock/did-util": "1.25.1",
+    "@arcblock/jwt": "1.25.1",
+    "@arcblock/validator": "1.25.1",
+    "@arcblock/vc": "1.25.1",
+    "@ocap/client": "1.25.1",
+    "@ocap/mcrypto": "1.25.1",
+    "@ocap/merkle-tree": "1.25.1",
+    "@ocap/state": "1.25.1",
+    "@ocap/message": "1.25.1",
+    "@ocap/util": "1.25.1",
+    "@ocap/tx-pipeline": "1.25.1",
+    "@ocap/wallet": "1.25.1",
+    "@ocap/asset": "1.25.1"
   },
   "resolutions": {
     "bn.js": "5.2.2",
@@ -39,8 +41,8 @@
   "devDependencies": {
     "jest": "^29.7.0",
     "start-server-and-test": "^1.14.0",
-    "@ocap/e2e-test": "1.24.9",
-    "@ocap/statedb-memory": "1.24.9"
+    "@ocap/e2e-test": "1.25.1",
+    "@ocap/statedb-memory": "1.25.1"
   },
   "scripts": {
     "lint": "eslint tests lib",