@ocap/tx-protocols 1.6.3 → 1.6.10

package/lib/protocols/trade/exchange-v2.js

@@ -0,0 +1,179 @@
+const isEmpty = require('empty-value');
+const getListField = require('@ocap/util/lib/get-list-field');
+const createSortedList = require('@ocap/util/lib/create-sorted-list');
+const { decodeBigInt } = require('@ocap/message');
+const { BN } = require('@ocap/util');
+const { Runner, pipes } = require('@ocap/tx-pipeline');
+const { account } = require('@ocap/state');
+
+// eslint-disable-next-line global-require
+const debug = require('debug')(`${require('../../../package.json').name}:exchange-v2`);
+
+const runner = new Runner();
+
+runner.use(pipes.VerifyMultiSig(1));
+runner.use(pipes.ExtractReceiver({ from: ['tx.signaturesList', 'tx.signatures', 'itx.to'] }));
+
+runner.use(
+  pipes.VerifyInfo([
+    {
+      error: 'INSUFFICIENT_DATA',
+      message: 'itx.sender, itx.receiver and itx.to can not be empty',
+      fn: ({ itx }) => itx.sender && itx.receiver && itx.to,
+    },
+    {
+      error: 'INVALID_TX',
+      message: 'Can not exchange without any token or assets',
+      fn: (context) => {
+        const zero = new BN(0);
+        const { itx, config } = context;
+
+        context.senderAssets = getListField(itx, 'sender.assets');
+        context.receiverAssets = getListField(itx, 'receiver.assets');
+
+        context.senderTokens = getListField(itx, 'sender.tokens');
+        context.receiverTokens = getListField(itx, 'receiver.tokens');
+
+        const senderAmount = itx.sender.value ? decodeBigInt(itx.sender.value) : 0;
+        if (new BN(senderAmount).gt(zero)) {
+          context.senderTokens.push({ address: config.token.address, value: senderAmount });
+          itx.sender.value = '0';
+        }
+
+        const receiverAmount = itx.receiver.value ? decodeBigInt(itx.receiver.value) : 0;
+        if (new BN(receiverAmount).gt(zero)) {
+          context.receiverTokens.push({ address: config.token.address, value: receiverAmount });
+          itx.receiver.value = '0';
+        }
+
+        context.tokenAddress = createSortedList(
+          context.senderTokens.concat(context.receiverTokens).map((x) => x.address)
+        );
+
+        if (isEmpty(context.senderAssets) && isEmpty(context.senderTokens)) {
+          return false;
+        }
+        if (isEmpty(context.receiverAssets) && isEmpty(context.receiverTokens)) {
+          return false;
+        }
+
+        return true;
+      },
+    },
+    {
+      error: 'INVALID_TX',
+      message: 'Sender token value must be positive',
+      fn: (context) => context.senderTokens.every((x) => new BN(x.value).gt(new BN(0))),
+    },
+    {
+      error: 'INVALID_TX',
+      message: 'Receiver token value must be positive',
+      fn: (context) => context.receiverTokens.every((x) => new BN(x.value).gt(new BN(0))),
+    },
+  ])
+);
+
+// TODO: verify-expiration
+
+runner.use(pipes.VerifySigner({ signer: 'itx.to' }));
+runner.use(pipes.VerifyListSize({ listKey: ['senderAssets', 'receiverAssets'] }));
+runner.use(pipes.VerifyListSize({ listKey: ['senderTokens', 'receiverTokens'] }));
+
+// TODO: anti-replay-exchange-attack
+
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.ExtractState({ from: 'tx.delegator', to: 'delegatorState', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyDelegation({ type: 'signature', signerKey: 'senderState', delegatorKey: 'delegatorState' }));
+runner.use(pipes.ExtractSigner({ signerKey: 'signerStates', delegatorKey: 'delegatorStates' }));
+runner.use(
+  pipes.VerifyDelegation({
+    type: 'multisig',
+    signerKey: 'signerStates',
+    delegatorKey: 'delegatorStates',
+    delegationKey: 'delegationStates',
+  })
+);
+
+runner.use(pipes.ExtractState({ from: 'tokenAddress', to: 'tokenStates', status: 'INVALID_TOKEN', table: 'token' }));
+
+runner.use(pipes.ExtractState({ from: 'receiver', to: 'receiverState', status: 'INVALID_RECEIVER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.VerifyAccountMigration({ senderKey: 'senderState', signerKey: 'signerStates' }));
+runner.use((context, next) => {
+  context.senderTokenConditions = {
+    owner: context.senderState.address,
+    tokens: context.senderTokens,
+  };
+  context.receiverTokenConditions = {
+    owner: context.receiverState.address,
+    tokens: context.receiverTokens,
+  };
+  next();
+});
+runner.use(pipes.VerifyTokenBalance({ ownerKey: 'senderState', conditionKey: 'senderTokenConditions' }));
+runner.use(pipes.VerifyTokenBalance({ ownerKey: 'receiverState', conditionKey: 'receiverTokenConditions' }));
+
+runner.use(pipes.AntiLandAttack({ senderState: 'senderState', receiverState: 'receiverState' }));
+
+runner.use(pipes.ExtractState({ from: 'senderAssets', to: 'priv.senderAssets', status: 'INVALID_ASSET', table: 'asset' })); // prettier-ignore
+runner.use(pipes.VerifyTransferrable({ assets: 'priv.senderAssets' }));
+runner.use(pipes.VerifyUpdater({ assetKey: 'priv.senderAssets', ownerKey: 'senderState' }));
+
+runner.use(pipes.ExtractState({ from: 'receiverAssets', to: 'priv.receiverAssets', status: 'INVALID_ASSET', table: 'asset' })); // prettier-ignore
+runner.use(pipes.VerifyTransferrable({ assets: 'priv.receiverAssets' }));
+runner.use(pipes.VerifyUpdater({ assetKey: 'priv.receiverAssets', ownerKey: 'receiverState' }));
+
+runner.use(pipes.UpdateOwner({ assets: 'priv.senderAssets', owner: 'receiverState' }));
+runner.use(pipes.UpdateOwner({ assets: 'priv.receiverAssets', owner: 'senderState' }));
+
+runner.use(
+  async (context, next) => {
+    const { tx, itx, senderAssets, receiverAssets, senderTokens, receiverTokens, senderState, receiverState, statedb } =
+      context;
+
+    const senderStateTokens = senderState.tokens || {};
+    const receiverStateTokens = receiverState.tokens || {};
+
+    for (const { address, value } of senderTokens) {
+      const delta = new BN(value);
+      senderStateTokens[address] = new BN(senderStateTokens[address]).sub(delta).toString();
+      receiverStateTokens[address] = new BN(receiverStateTokens[address] || '0').add(delta).toString();
+    }
+
+    for (const { address, value } of receiverTokens) {
+      const delta = new BN(value);
+      senderStateTokens[address] = new BN(senderStateTokens[address]).add(delta).toString();
+      receiverStateTokens[address] = new BN(receiverStateTokens[address] || '0').sub(delta).toString();
+    }
+
+    const [newSenderState, newReceiverState] = await Promise.all([
+      // Update sender state
+      statedb.account.update(
+        senderState.address,
+        account.update(senderState, { nonce: tx.nonce, tokens: senderStateTokens }, context),
+        context
+      ),
+
+      // Update receiver state
+      statedb.account.update(
+        receiverState.address,
+        account.update(receiverState, { tokens: receiverStateTokens }, context),
+        context
+      ),
+    ]);
+
+    context.senderState = newSenderState;
+    context.receiverState = newReceiverState;
+
+    debug('exchange', {
+      from: tx.from,
+      to: itx.to,
+      sender: { assets: senderAssets.length, token: senderTokens.length },
+      receiver: { assets: receiverAssets.length, token: receiverTokens.length },
+    });
+
+    next();
+  },
+  { persistError: true }
+);
+
+module.exports = runner;

package/lib/protocols/trade/transfer-v2.js

@@ -0,0 +1,136 @@
+const isEmpty = require('empty-value');
+const getListField = require('@ocap/util/lib/get-list-field');
+const { decodeBigInt } = require('@ocap/message');
+const { BN } = require('@ocap/util');
+const { Runner, pipes } = require('@ocap/tx-pipeline');
+const { account } = require('@ocap/state');
+
+// eslint-disable-next-line global-require
+const debug = require('debug')(`${require('../../../package.json').name}:transfer-v2`);
+
+const runner = new Runner();
+
+runner.use(pipes.VerifyMultiSig(0));
+
+runner.use((context, next) => {
+  context.assets = getListField(context, 'itx.assets');
+  context.tokens = getListField(context, 'itx.tokens');
+  context.tokenAddress = context.tokens.map((x) => x.address);
+  next();
+});
+
+runner.use(
+  pipes.VerifyInfo([
+    {
+      error: 'INSUFFICIENT_DATA',
+      message: 'Can not transfer without any primary token or assets or secondary tokens',
+      fn: ({ itx, assets, tokens }) => {
+        if (itx.to && (itx.value || isEmpty(assets) === false || isEmpty(tokens) === false)) {
+          return true;
+        }
+        return false;
+      },
+    },
+    {
+      error: 'INVALID_TX',
+      message: 'Can not transfer primary token smaller than 0',
+      fn: ({ itx, assets, tokens }) => {
+        if (isEmpty(tokens) && isEmpty(assets)) {
+          const amount = itx.value ? decodeBigInt(itx.value) : 0;
+          if (new BN(amount).lte(new BN(0))) {
+            return false;
+          }
+        }
+
+        return true;
+      },
+    },
+  ])
+);
+
+runner.use(pipes.VerifyListSize({ listKey: ['assets', 'tokens'] }));
+
+// For backwards compatibility: merge primary and secondary tokens
+runner.use((context, next) => {
+  if (context.itx.value) {
+    const amount = new BN(decodeBigInt(context.itx.value));
+    if (amount.gt(new BN(0))) {
+      context.tokens.push({ address: context.config.token.address, value: amount.toString() });
+      context.itx.value = undefined;
+    }
+  }
+  next();
+});
+
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'INVALID_SENDER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.VerifyAccountMigration({ senderKey: 'senderState' }));
+
+runner.use(pipes.ExtractState({ from: 'tokenAddress', to: 'tokenStates', status: 'INVALID_TOKEN', table: 'token' }));
+runner.use((context, next) => {
+  context.tokenConditions = {
+    owner: context.senderState.address,
+    tokens: context.tokens,
+  };
+  next();
+});
+runner.use(pipes.VerifyTokenBalance({ ownerKey: 'senderState', conditionKey: 'tokenConditions' }));
+
+runner.use(pipes.ExtractState({ from: 'tx.delegator', to: 'delegatorState', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyDelegation({ type: 'signature', signerKey: 'senderState', delegatorKey: 'delegatorState' }));
+
+runner.use(pipes.ExtractReceiver({ from: 'itx.to', to: 'receiver' }));
+runner.use(pipes.ExtractState({ from: 'receiver', to: 'receiverState', status: 'OK', table: 'account' }));
+runner.use(pipes.AntiLandAttack({ senderState: 'senderState', receiverState: 'receiverState' }));
+
+runner.use(pipes.ExtractState({ from: 'assets', to: 'assetStates', status: 'INVALID_ASSET', table: 'asset' }));
+runner.use(pipes.VerifyTransferrable({ assets: 'assetStates' }));
+runner.use(pipes.VerifyUpdater({ assetKey: 'assetStates', ownerKey: 'senderState' }));
+
+// transfer assets to new owner
+runner.use((context, next) => {
+  const { itx, receiverState } = context;
+  context.receiverAddr = receiverState ? receiverState.address : itx.to;
+  return next();
+});
+runner.use(pipes.UpdateOwner({ assets: 'assetStates', owner: 'receiverAddr' }));
+
+// update statedb: transfer tokens to new owner
+runner.use(
+  async (context, next) => {
+    const { tx, itx, tokens, senderState, receiverAddr, receiverState, statedb } = context;
+
+    const { tokens: senderTokens = {} } = senderState;
+    const { tokens: receiverTokens = {} } = receiverState || {};
+    for (const token of tokens) {
+      const delta = new BN(token.value);
+      senderTokens[token.address] = new BN(senderTokens[token.address]).sub(delta).toString();
+      receiverTokens[token.address] = new BN(receiverTokens[token.address] || '0').add(delta).toString();
+    }
+
+    const [newSenderState, newReceiverState] = await Promise.all([
+      // Update sender state
+      statedb.account.update(
+        senderState.address,
+        account.update(senderState, { nonce: tx.nonce, pk: tx.pk, tokens: senderTokens }, context),
+        context
+      ),
+
+      // Update receiver state
+      statedb.account.updateOrCreate(
+        receiverState,
+        account.updateOrCreate(receiverState, { address: receiverAddr, tokens: receiverTokens }, context),
+        context
+      ),
+    ]);
+
+    context.senderState = newSenderState;
+    context.receiverState = newReceiverState;
+
+    debug('transfer-v2', { from: tx.from, to: itx.to, tokens });
+
+    next();
+  },
+  { persistError: true }
+);
+
+module.exports = runner;

package/lib/protocols/trade/transfer-v3.js

@@ -0,0 +1,241 @@
+/* eslint-disable function-paren-newline */
+/* eslint-disable prefer-object-spread */
+/* eslint-disable no-restricted-syntax */
+const { promisify } = require('util');
+const isEqual = require('lodash/isEqual');
+const { BN } = require('@ocap/util');
+const { Runner, pipes } = require('@ocap/tx-pipeline');
+const { account, asset } = require('@ocap/state');
+const getRelatedAddresses = require('@ocap/util/lib/get-related-addr');
+
+// eslint-disable-next-line global-require
+const debug = require('debug')(`${require('../../../package.json').name}:transfer-v2`);
+
+const { applyTokenUpdates } = require('../../util');
+
+const runner = new Runner();
+
+const verifyAssetOwner = promisify(pipes.VerifyUpdater({ assetKey: 'assets', ownerKey: 'owner' }));
+
+// 0. extract itx
+runner.use(
+  pipes.VerifyTxInput({
+    fieldKey: 'itx.inputs',
+    inputsKey: 'inputs',
+    sendersKey: 'senders',
+    tokensKey: 'inputTokens',
+    assetsKey: 'inputAssets',
+  })
+);
+runner.use(
+  pipes.VerifyTxInput({
+    fieldKey: 'itx.outputs',
+    inputsKey: 'outputs',
+    sendersKey: 'receivers',
+    tokensKey: 'outputTokens',
+    assetsKey: 'outputAssets',
+  })
+);
+
+// 1. verify itx size: set hard limit here because more inputs leads to longer tx execute time
+runner.use(
+  pipes.VerifyListSize({
+    listKey: [
+      'inputs',
+      'outputs',
+      'senders',
+      'receivers',
+      'inputTokens',
+      'inputAssets',
+      'outputTokens',
+      'outputAssets',
+    ],
+  })
+);
+
+// 2. verify itx payload
+runner.use(
+  pipes.VerifyInfo([
+    {
+      error: 'INVALID_TX',
+      message: 'An owner can not exist in tx input and output at the same time',
+      fn: ({ senders, receivers }) => senders.every((x) => receivers.includes(x) === false),
+    },
+    {
+      error: 'INVALID_TX',
+      message: 'Input and output token address does not match',
+      fn: ({ inputTokens, outputTokens }) => isEqual(inputTokens, outputTokens),
+    },
+    {
+      error: 'INVALID_TX',
+      message: 'Input and output asset address does not match',
+      fn: ({ inputAssets, outputAssets }) => isEqual(inputAssets, outputAssets),
+    },
+
+    // If we made this far, token address must match with input and output
+    // Then we can safely sum all inputs and outputs and ensure that they match in amount
+    {
+      error: 'INVALID_TX',
+      message: 'Input and output token amount does not match',
+      fn: ({ inputs, outputs, inputTokens }) => {
+        const inputMap = {};
+        const outputMap = {};
+
+        inputs.forEach(({ tokensList }) => {
+          tokensList.forEach(({ address, value }) => {
+            if (typeof inputMap[address] === 'undefined') {
+              inputMap[address] = new BN(0);
+            }
+            inputMap[address] = inputMap[address].add(new BN(value));
+          });
+        });
+
+        outputs.forEach(({ tokensList }) => {
+          tokensList.forEach(({ address, value }) => {
+            if (typeof outputMap[address] === 'undefined') {
+              outputMap[address] = new BN(0);
+            }
+            outputMap[address] = outputMap[address].add(new BN(value));
+          });
+        });
+
+        return inputTokens.every((address) => inputMap[address].eq(outputMap[address]));
+      },
+    },
+  ])
+);
+
+// 3. verify multi sig
+runner.use(pipes.VerifyMultiSigV2({ signersKey: 'senders' }));
+
+// 4. verify sender & signer & receiver
+runner.use(pipes.ExtractState({ from: 'tx.from', to: 'senderState', status: 'OK', table: 'account' }));
+runner.use(pipes.ExtractState({ from: 'senders', to: 'signerStates', status: 'INVALID_SIGNER_STATE', table: 'account' })); // prettier-ignore
+runner.use(pipes.ExtractState({ from: 'receivers', to: 'receiverStates', status: 'OK', table: 'account' }));
+runner.use(pipes.VerifyAccountMigration({ signerKey: 'signerStates', senderKey: 'senderState' }));
+
+// 5. verify token state and balance
+runner.use(pipes.ExtractState({ from: 'inputTokens', to: 'tokenStates', status: 'INVALID_TOKEN', table: 'token' }));
+runner.use(pipes.VerifyTokenBalance({ ownerKey: 'signerStates', conditionKey: 'inputs' }));
+
+// 6. verify asset state and transferrable, ownership
+runner.use(pipes.ExtractState({ from: 'inputAssets', to: 'assetStates', status: 'INVALID_ASSET', table: 'asset' }));
+runner.use(pipes.VerifyTransferrable({ assets: 'assetStates' }));
+runner.use(async (context, next) => {
+  const { inputs, assetStates = [], signerStates } = context;
+  for (const input of inputs) {
+    const { owner, assetsList } = input;
+    const states = assetStates.filter((x) => assetsList.includes(x.address));
+    const signer = signerStates.find((x) => x.address === owner);
+
+    try {
+      // eslint-disable-next-line no-await-in-loop
+      await verifyAssetOwner({ assets: states, owner: signer });
+    } catch (err) {
+      return next(err);
+    }
+  }
+
+  return next();
+});
+
+runner.use(
+  async (context, next) => {
+    const {
+      tx,
+      inputs,
+      outputs,
+      receivers,
+      senderState,
+      signerStates,
+      receiverStates = [],
+      assetStates = [],
+      statedb,
+    } = context;
+
+    const signerUpdates = {};
+    inputs.forEach((x) => {
+      const { owner, tokensList } = x;
+      signerUpdates[owner] = applyTokenUpdates(
+        tokensList,
+        signerStates.find((s) => s.address === owner),
+        'sub'
+      );
+    });
+
+    const receiverUpdates = {};
+    const assetUpdates = {};
+    outputs.forEach((x) => {
+      const { owner, tokensList, assetsList } = x;
+      const ownerState = receiverStates.find((s) => getRelatedAddresses(s).includes(owner)) || { address: owner };
+      receiverUpdates[ownerState.address] = applyTokenUpdates(tokensList, ownerState, 'add');
+      assetsList.forEach((address) => {
+        assetUpdates[address] = { owner: ownerState.address };
+      });
+    });
+
+    const sender = senderState ? senderState.address : tx.from;
+    const isAlsoSigner = !!signerUpdates[sender];
+    const isAlsoReceiver = !!receiverUpdates[sender];
+
+    debug('transfer-v3', { signerUpdates, receiverUpdates, assetUpdates, isAlsoSigner, isAlsoReceiver });
+
+    const [newSenderState, newSignerStates, newReceiverStates, newAssetStates] = await Promise.all([
+      // Update sender state
+      statedb.account.updateOrCreate(
+        senderState,
+        account.updateOrCreate(
+          senderState,
+          Object.assign(
+            { address: sender, nonce: tx.nonce, pk: tx.pk },
+            signerUpdates[sender] || {},
+            receiverUpdates[sender] || {}
+          ),
+          context
+        ),
+        context
+      ),
+
+      // Update signer state
+      Promise.all(
+        signerStates
+          .filter((x) => x.address !== sender)
+          .map((x) => statedb.account.update(x.address, account.update(x, signerUpdates[x.address], context), context))
+      ),
+
+      // UpdateOrCreate receiver state
+      Promise.all(
+        receivers
+          .filter((x) => x !== sender)
+          .map((x) => {
+            const receiverState = receiverStates.find((s) => getRelatedAddresses(s).includes(x));
+            const owner = receiverState ? receiverState.address : x;
+            return statedb.account.updateOrCreate(
+              receiverState,
+              account.updateOrCreate(receiverState, { ...receiverUpdates[owner], address: owner }, context),
+              context
+            );
+          })
+      ),
+
+      // Update asset state
+      Promise.all(
+        assetStates.map((x) =>
+          statedb.asset.update(x.address, asset.update(x, assetUpdates[x.address], context), context)
+        )
+      ),
+    ]);
+
+    context.senderState = newSenderState;
+    context.signerStates = isAlsoSigner ? newSignerStates.concat(newSenderState) : newSignerStates;
+    context.receiverStates = isAlsoReceiver ? newReceiverStates.concat(newSenderState) : newReceiverStates;
+    context.assetStates = newAssetStates;
+
+    debug('transfer-v3', { inputs, outputs });
+
+    next();
+  },
+  { persistError: true }
+);
+
+module.exports = runner;