gaspersic/solana
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Move budget_program out of src/

Browse Source
This commit is contained in:
Michael Vines
2018-12-04 14:38:19 -08:00
parent 27d456bf93
commit 9ee858a00c
20 changed files with 212 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sdk/Cargo.toml
View File

@ -10,6 +10,7 @@ license = "Apache-2.0"
bincode = "1.0.0"
byteorder = "1.2.1"
bs58 = "0.2.0"
chrono = { version = "0.4.0", features = ["serde"] }
generic-array = { version = "0.12.0", default-features = false, features = ["serde"] }
log = "0.4.2"
ring = "0.13.2"

232
sdk/src/budget_expr.rs Normal file
View File

@ -0,0 +1,232 @@
//! The `budget_expr` module provides a domain-specific language for payment plans. Users create BudgetExpr objects that
//! are given to an interpreter. The interpreter listens for `Witness` transactions,
//! which it uses to reduce the payment plan. When the budget is reduced to a
//! `Payment`, the payment is executed.
use chrono::prelude::*;
use payment_plan::{Payment, Witness};
use pubkey::Pubkey;
use std::mem;
/// A data type representing a `Witness` that the payment plan is waiting on.
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub enum Condition {
/// Wait for a `Timestamp` `Witness` at or after the given `DateTime`.
Timestamp(DateTime<Utc>, Pubkey),
/// Wait for a `Signature` `Witness` from `Pubkey`.
Signature(Pubkey),
}
impl Condition {
/// Return true if the given Witness satisfies this Condition.
pub fn is_satisfied(&self, witness: &Witness, from: &Pubkey) -> bool {
match (self, witness) {
(Condition::Signature(pubkey), Witness::Signature) => pubkey == from,
(Condition::Timestamp(dt, pubkey), Witness::Timestamp(last_time)) => {
pubkey == from && dt <= last_time
}
_ => false,
}
}
}
/// A data type representing a payment plan.
#[repr(C)]
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub enum BudgetExpr {
/// Make a payment.
Pay(Payment),
/// Make a payment after some condition.
After(Condition, Payment),
/// Either make a payment after one condition or a different payment after another
/// condition, which ever condition is satisfied first.
Or((Condition, Payment), (Condition, Payment)),
/// Make a payment after both of two conditions are satisfied
And(Condition, Condition, Payment),
}
impl BudgetExpr {
/// Create the simplest budget - one that pays `tokens` to Pubkey.
pub fn new_payment(tokens: u64, to: Pubkey) -> Self {
BudgetExpr::Pay(Payment { tokens, to })
}
/// Create a budget that pays `tokens` to `to` after being witnessed by `from`.
pub fn new_authorized_payment(from: Pubkey, tokens: u64, to: Pubkey) -> Self {
BudgetExpr::After(Condition::Signature(from), Payment { tokens, to })
}
/// Create a budget that pays tokens` to `to` after being witnessed by 2x `from`s
pub fn new_2_2_multisig_payment(from0: Pubkey, from1: Pubkey, tokens: u64, to: Pubkey) -> Self {
BudgetExpr::And(
Condition::Signature(from0),
Condition::Signature(from1),
Payment { tokens, to },
)
}
/// Create a budget that pays `tokens` to `to` after the given DateTime.
pub fn new_future_payment(dt: DateTime<Utc>, from: Pubkey, tokens: u64, to: Pubkey) -> Self {
BudgetExpr::After(Condition::Timestamp(dt, from), Payment { tokens, to })
}
/// Create a budget that pays `tokens` to `to` after the given DateTime
/// unless cancelled by `from`.
pub fn new_cancelable_future_payment(
dt: DateTime<Utc>,
from: Pubkey,
tokens: u64,
to: Pubkey,
) -> Self {
BudgetExpr::Or(
(Condition::Timestamp(dt, from), Payment { tokens, to }),
(Condition::Signature(from), Payment { tokens, to: from }),
)
}
/// Return Payment if the budget requires no additional Witnesses.
pub fn final_payment(&self) -> Option<Payment> {
match self {
BudgetExpr::Pay(payment) => Some(payment.clone()),
_ => None,
}
}
/// Return true if the budget spends exactly `spendable_tokens`.
pub fn verify(&self, spendable_tokens: u64) -> bool {
match self {
BudgetExpr::Pay(payment)
| BudgetExpr::After(_, payment)
| BudgetExpr::And(_, _, payment) => payment.tokens == spendable_tokens,
BudgetExpr::Or(a, b) => {
a.1.tokens == spendable_tokens && b.1.tokens == spendable_tokens
}
}
}
/// Apply a witness to the budget to see if the budget can be reduced.
/// If so, modify the budget in-place.
pub fn apply_witness(&mut self, witness: &Witness, from: &Pubkey) {
let new_expr = match self {
BudgetExpr::After(cond, payment) if cond.is_satisfied(witness, from) => {
Some(BudgetExpr::Pay(payment.clone()))
}
BudgetExpr::Or((cond, payment), _) if cond.is_satisfied(witness, from) => {
Some(BudgetExpr::Pay(payment.clone()))
}
BudgetExpr::Or(_, (cond, payment)) if cond.is_satisfied(witness, from) => {
Some(BudgetExpr::Pay(payment.clone()))
}
BudgetExpr::And(cond0, cond1, payment) => {
if cond0.is_satisfied(witness, from) {
Some(BudgetExpr::After(cond1.clone(), payment.clone()))
} else if cond1.is_satisfied(witness, from) {
Some(BudgetExpr::After(cond0.clone(), payment.clone()))
} else {
None
}
}
_ => None,
};
if let Some(expr) = new_expr {
mem::replace(self, expr);
}
}
}
#[cfg(test)]
mod tests {
use super::*;
use signature::{Keypair, KeypairUtil};
#[test]
fn test_signature_satisfied() {
let from = Pubkey::default();
assert!(Condition::Signature(from).is_satisfied(&Witness::Signature, &from));
}
#[test]
fn test_timestamp_satisfied() {
let dt1 = Utc.ymd(2014, 11, 14).and_hms(8, 9, 10);
let dt2 = Utc.ymd(2014, 11, 14).and_hms(10, 9, 8);
let from = Pubkey::default();
assert!(Condition::Timestamp(dt1, from).is_satisfied(&Witness::Timestamp(dt1), &from));
assert!(Condition::Timestamp(dt1, from).is_satisfied(&Witness::Timestamp(dt2), &from));
assert!(!Condition::Timestamp(dt2, from).is_satisfied(&Witness::Timestamp(dt1), &from));
}
#[test]
fn test_verify() {
let dt = Utc.ymd(2014, 11, 14).and_hms(8, 9, 10);
let from = Pubkey::default();
let to = Pubkey::default();
assert!(BudgetExpr::new_payment(42, to).verify(42));
assert!(BudgetExpr::new_authorized_payment(from, 42, to).verify(42));
assert!(BudgetExpr::new_future_payment(dt, from, 42, to).verify(42));
assert!(BudgetExpr::new_cancelable_future_payment(dt, from, 42, to).verify(42));
}
#[test]
fn test_authorized_payment() {
let from = Pubkey::default();
let to = Pubkey::default();
let mut expr = BudgetExpr::new_authorized_payment(from, 42, to);
expr.apply_witness(&Witness::Signature, &from);
assert_eq!(expr, BudgetExpr::new_payment(42, to));
}
#[test]
fn test_future_payment() {
let dt = Utc.ymd(2014, 11, 14).and_hms(8, 9, 10);
let from = Keypair::new().pubkey();
let to = Keypair::new().pubkey();
let mut expr = BudgetExpr::new_future_payment(dt, from, 42, to);
expr.apply_witness(&Witness::Timestamp(dt), &from);
assert_eq!(expr, BudgetExpr::new_payment(42, to));
}
#[test]
fn test_unauthorized_future_payment() {
// Ensure timestamp will only be acknowledged if it came from the
// whitelisted public key.
let dt = Utc.ymd(2014, 11, 14).and_hms(8, 9, 10);
let from = Keypair::new().pubkey();
let to = Keypair::new().pubkey();
let mut expr = BudgetExpr::new_future_payment(dt, from, 42, to);
let orig_expr = expr.clone();
expr.apply_witness(&Witness::Timestamp(dt), &to); // <-- Attack!
assert_eq!(expr, orig_expr);
}
#[test]
fn test_cancelable_future_payment() {
let dt = Utc.ymd(2014, 11, 14).and_hms(8, 9, 10);
let from = Pubkey::default();
let to = Pubkey::default();
let mut expr = BudgetExpr::new_cancelable_future_payment(dt, from, 42, to);
expr.apply_witness(&Witness::Timestamp(dt), &from);
assert_eq!(expr, BudgetExpr::new_payment(42, to));
let mut expr = BudgetExpr::new_cancelable_future_payment(dt, from, 42, to);
expr.apply_witness(&Witness::Signature, &from);
assert_eq!(expr, BudgetExpr::new_payment(42, from));
}
#[test]
fn test_2_2_multisig_payment() {
let from0 = Keypair::new().pubkey();
let from1 = Keypair::new().pubkey();
let to = Pubkey::default();
let mut expr = BudgetExpr::new_2_2_multisig_payment(from0, from1, 42, to);
expr.apply_witness(&Witness::Signature, &from0);
assert_eq!(expr, BudgetExpr::new_authorized_payment(from1, 42, to));
}
}

24
sdk/src/budget_instruction.rs Normal file
View File

@ -0,0 +1,24 @@
use budget_expr::BudgetExpr;
use chrono::prelude::{DateTime, Utc};
/// A smart contract.
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub struct Contract {
/// The number of tokens allocated to the `BudgetExpr` and any transaction fees.
pub tokens: u64,
pub budget_expr: BudgetExpr,
}
/// An instruction to progress the smart contract.
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub enum Instruction {
/// Declare and instantiate `BudgetExpr`.
NewBudget(BudgetExpr),
/// Tell a payment plan acknowledge the given `DateTime` has past.
ApplyTimestamp(DateTime<Utc>),
/// Tell the budget that the `NewBudget` with `Signature` has been
/// signed by the containing transaction's `Pubkey`.
ApplySignature,
}

14
sdk/src/budget_program.rs Normal file
View File

@ -0,0 +1,14 @@
use pubkey::Pubkey;
pub const BUDGET_PROGRAM_ID: [u8; 32] = [
129, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0,
];
pub fn id() -> Pubkey {
Pubkey::new(&BUDGET_PROGRAM_ID)
}
pub fn check_id(program_id: &Pubkey) -> bool {
program_id.as_ref() == BUDGET_PROGRAM_ID
}

345
sdk/src/budget_transaction.rs Normal file
View File

@ -0,0 +1,345 @@
//! The `budget_transaction` module provides functionality for creating Budget transactions.
use bincode::deserialize;
use budget_expr::{BudgetExpr, Condition};
use budget_instruction::Instruction;
use budget_program;
use chrono::prelude::*;
use hash::Hash;
use payment_plan::Payment;
use pubkey::Pubkey;
use signature::{Keypair, KeypairUtil};
use system_instruction::SystemInstruction;
use system_program;
use transaction::{self, Transaction};
pub trait BudgetTransaction {
fn budget_new_taxed(
from_keypair: &Keypair,
to: Pubkey,
tokens: u64,
fee: u64,
last_id: Hash,
) -> Self;
fn budget_new(from_keypair: &Keypair, to: Pubkey, tokens: u64, last_id: Hash) -> Self;
fn budget_new_timestamp(
from_keypair: &Keypair,
contract: Pubkey,
to: Pubkey,
dt: DateTime<Utc>,
last_id: Hash,
) -> Self;
fn budget_new_signature(
from_keypair: &Keypair,
contract: Pubkey,
to: Pubkey,
last_id: Hash,
) -> Self;
fn budget_new_on_date(
from_keypair: &Keypair,
to: Pubkey,
contract: Pubkey,
dt: DateTime<Utc>,
dt_pubkey: Pubkey,
cancelable: Option<Pubkey>,
tokens: u64,
last_id: Hash,
) -> Self;
fn budget_new_when_signed(
from_keypair: &Keypair,
to: Pubkey,
contract: Pubkey,
witness: Pubkey,
cancelable: Option<Pubkey>,
tokens: u64,
last_id: Hash,
) -> Self;
fn instruction(&self, program_index: usize) -> Option<Instruction>;
fn system_instruction(&self, program_index: usize) -> Option<SystemInstruction>;
fn verify_plan(&self) -> bool;
}
impl BudgetTransaction for Transaction {
/// Create and sign a new Transaction. Used for unit-testing.
fn budget_new_taxed(
from_keypair: &Keypair,
to: Pubkey,
tokens: u64,
fee: u64,
last_id: Hash,
) -> Self {
let contract = Keypair::new().pubkey();
let keys = vec![from_keypair.pubkey(), contract];
let system_instruction = SystemInstruction::Move { tokens };
let payment = Payment {
tokens: tokens - fee,
to,
};
let budget_instruction = Instruction::NewBudget(BudgetExpr::Pay(payment));
let program_ids = vec![system_program::id(), budget_program::id()];
let instructions = vec![
transaction::Instruction::new(0, &system_instruction, vec![0, 1]),
transaction::Instruction::new(1, &budget_instruction, vec![1]),
];
Self::new_with_instructions(
&[from_keypair],
&keys,
last_id,
fee,
program_ids,
instructions,
)
}
/// Create and sign a new Transaction. Used for unit-testing.
fn budget_new(from_keypair: &Keypair, to: Pubkey, tokens: u64, last_id: Hash) -> Self {
Self::budget_new_taxed(from_keypair, to, tokens, 0, last_id)
}
/// Create and sign a new Witness Timestamp. Used for unit-testing.
fn budget_new_timestamp(
from_keypair: &Keypair,
contract: Pubkey,
to: Pubkey,
dt: DateTime<Utc>,
last_id: Hash,
) -> Self {
let instruction = Instruction::ApplyTimestamp(dt);
Self::new(
from_keypair,
&[contract, to],
budget_program::id(),
&instruction,
last_id,
0,
)
}
/// Create and sign a new Witness Signature. Used for unit-testing.
fn budget_new_signature(
from_keypair: &Keypair,
contract: Pubkey,
to: Pubkey,
last_id: Hash,
) -> Self {
let instruction = Instruction::ApplySignature;
Self::new(
from_keypair,
&[contract, to],
budget_program::id(),
&instruction,
last_id,
0,
)
}
/// Create and sign a postdated Transaction. Used for unit-testing.
fn budget_new_on_date(
from_keypair: &Keypair,
to: Pubkey,
contract: Pubkey,
dt: DateTime<Utc>,
dt_pubkey: Pubkey,
cancelable: Option<Pubkey>,
tokens: u64,
last_id: Hash,
) -> Self {
let expr = if let Some(from) = cancelable {
BudgetExpr::Or(
(Condition::Timestamp(dt, dt_pubkey), Payment { tokens, to }),
(Condition::Signature(from), Payment { tokens, to: from }),
)
} else {
BudgetExpr::After(Condition::Timestamp(dt, dt_pubkey), Payment { tokens, to })
};
let instruction = Instruction::NewBudget(expr);
Self::new(
from_keypair,
&[contract],
budget_program::id(),
&instruction,
last_id,
0,
)
}
/// Create and sign a multisig Transaction.
fn budget_new_when_signed(
from_keypair: &Keypair,
to: Pubkey,
contract: Pubkey,
witness: Pubkey,
cancelable: Option<Pubkey>,
tokens: u64,
last_id: Hash,
) -> Self {
let expr = if let Some(from) = cancelable {
BudgetExpr::Or(
(Condition::Signature(witness), Payment { tokens, to }),
(Condition::Signature(from), Payment { tokens, to: from }),
)
} else {
BudgetExpr::After(Condition::Signature(witness), Payment { tokens, to })
};
let instruction = Instruction::NewBudget(expr);
Self::new(
from_keypair,
&[contract],
budget_program::id(),
&instruction,
last_id,
0,
)
}
fn instruction(&self, instruction_index: usize) -> Option<Instruction> {
deserialize(&self.userdata(instruction_index)).ok()
}
fn system_instruction(&self, instruction_index: usize) -> Option<SystemInstruction> {
deserialize(&self.userdata(instruction_index)).ok()
}
/// Verify only the payment plan.
fn verify_plan(&self) -> bool {
if let Some(SystemInstruction::Move { tokens }) = self.system_instruction(0) {
if let Some(Instruction::NewBudget(expr)) = self.instruction(1) {
if !(self.fee <= tokens && expr.verify(tokens - self.fee)) {
return false;
}
}
}
true
}
}
#[cfg(test)]
mod tests {
use super::*;
use bincode::{deserialize, serialize};
#[test]
fn test_claim() {
let keypair = Keypair::new();
let zero = Hash::default();
let tx0 = Transaction::budget_new(&keypair, keypair.pubkey(), 42, zero);
assert!(tx0.verify_plan());
}
#[test]
fn test_transfer() {
let zero = Hash::default();
let keypair0 = Keypair::new();
let keypair1 = Keypair::new();
let pubkey1 = keypair1.pubkey();
let tx0 = Transaction::budget_new(&keypair0, pubkey1, 42, zero);
assert!(tx0.verify_plan());
}
#[test]
fn test_transfer_with_fee() {
let zero = Hash::default();
let keypair0 = Keypair::new();
let pubkey1 = Keypair::new().pubkey();
assert!(Transaction::budget_new_taxed(&keypair0, pubkey1, 1, 1, zero).verify_plan());
}
#[test]
fn test_serialize_claim() {
let expr = BudgetExpr::Pay(Payment {
tokens: 0,
to: Default::default(),
});
let instruction = Instruction::NewBudget(expr);
let instructions = vec![transaction::Instruction::new(0, &instruction, vec![])];
let claim0 = Transaction {
account_keys: vec![],
last_id: Default::default(),
signatures: vec![],
program_ids: vec![],
instructions,
fee: 0,
};
let buf = serialize(&claim0).unwrap();
let claim1: Transaction = deserialize(&buf).unwrap();
assert_eq!(claim1, claim0);
}
#[test]
fn test_token_attack() {
let zero = Hash::default();
let keypair = Keypair::new();
let pubkey = keypair.pubkey();
let mut tx = Transaction::budget_new(&keypair, pubkey, 42, zero);
let mut system_instruction = tx.system_instruction(0).unwrap();
if let SystemInstruction::Move { ref mut tokens } = system_instruction {
*tokens = 1_000_000; // <-- attack, part 1!
let mut instruction = tx.instruction(1).unwrap();
if let Instruction::NewBudget(ref mut expr) = instruction {
if let BudgetExpr::Pay(ref mut payment) = expr {
payment.tokens = *tokens; // <-- attack, part 2!
}
}
tx.instructions[1].userdata = serialize(&instruction).unwrap();
}
tx.instructions[0].userdata = serialize(&system_instruction).unwrap();
assert!(tx.verify_plan());
assert!(!tx.verify_signature());
}
#[test]
fn test_hijack_attack() {
let keypair0 = Keypair::new();
let keypair1 = Keypair::new();
let thief_keypair = Keypair::new();
let pubkey1 = keypair1.pubkey();
let zero = Hash::default();
let mut tx = Transaction::budget_new(&keypair0, pubkey1, 42, zero);
let mut instruction = tx.instruction(1);
if let Some(Instruction::NewBudget(ref mut expr)) = instruction {
if let BudgetExpr::Pay(ref mut payment) = expr {
payment.to = thief_keypair.pubkey(); // <-- attack!
}
}
tx.instructions[1].userdata = serialize(&instruction).unwrap();
assert!(tx.verify_plan());
assert!(!tx.verify_signature());
}
#[test]
fn test_overspend_attack() {
let keypair0 = Keypair::new();
let keypair1 = Keypair::new();
let zero = Hash::default();
let mut tx = Transaction::budget_new(&keypair0, keypair1.pubkey(), 1, zero);
let mut instruction = tx.instruction(1).unwrap();
if let Instruction::NewBudget(ref mut expr) = instruction {
if let BudgetExpr::Pay(ref mut payment) = expr {
payment.tokens = 2; // <-- attack!
}
}
tx.instructions[1].userdata = serialize(&instruction).unwrap();
assert!(!tx.verify_plan());
// Also, ensure all branchs of the plan spend all tokens
let mut instruction = tx.instruction(1).unwrap();
if let Instruction::NewBudget(ref mut expr) = instruction {
if let BudgetExpr::Pay(ref mut payment) = expr {
payment.tokens = 0; // <-- whoops!
}
}
tx.instructions[1].userdata = serialize(&instruction).unwrap();
assert!(!tx.verify_plan());
}
}

6
sdk/src/lib.rs
View File

@ -1,10 +1,15 @@
pub mod account;
pub mod bpf_loader;
pub mod budget_expr;
pub mod budget_instruction;
pub mod budget_program;
pub mod budget_transaction;
pub mod hash;
pub mod loader_instruction;
pub mod native_loader;
pub mod native_program;
pub mod packet;
pub mod payment_plan;
pub mod pubkey;
pub mod signature;
pub mod storage_program;
@ -18,6 +23,7 @@ pub mod vote_program;
extern crate bincode;
extern crate bs58;
extern crate byteorder;
extern crate chrono;
extern crate generic_array;
extern crate log;
extern crate ring;

27
sdk/src/payment_plan.rs Normal file
View File

@ -0,0 +1,27 @@
//! The `plan` module provides a domain-specific language for payment plans. Users create BudgetExpr objects that
//! are given to an interpreter. The interpreter listens for `Witness` transactions,
//! which it uses to reduce the payment plan. When the plan is reduced to a
//! `Payment`, the payment is executed.
use chrono::prelude::*;
use pubkey::Pubkey;
/// The types of events a payment plan can process.
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub enum Witness {
/// The current time.
Timestamp(DateTime<Utc>),
/// A signature from Pubkey.
Signature,
}
/// Some amount of tokens that should be sent to the `to` `Pubkey`.
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub struct Payment {
/// Amount to be paid.
pub tokens: u64,
/// The `Pubkey` that `tokens` should be paid to.
pub to: Pubkey,
}