Support for lsfDepositAuth (RIPD-1487):

The DepositAuth feature allows an account to require that it signs for any funds that are deposited to the account. For the time being this limits the account to accepting only XRP, although there are plans to allow IOU payments in the future. The lsfDepositAuth protections are not extended to offers. If an account creates an offer it is in effect saying, “I will accept funds from anyone who takes this offer.” Therefore, the typical user of the lsfDepositAuth flag will choose never to create any offers. But they can if they so choose. The DepositAuth feature leaves a small gap in its protections. An XRP payment is allowed to a destination account with the lsfDepositAuth flag set if: - The Destination XRP balance is less than or equal to the base reserve and - The value of the XRP Payment is less than or equal to the base reserve. This exception is intended to make it impossible for an account to wedge itself by spending all of its XRP on fees and leave itself unable to pay the fee to get more XRP. This commit - adds featureDepositAuth, - adds the lsfDepositAuth flag, - adds support for lsfDepositAuth in SetAccount.cpp - adds support in Payment.cpp for rejecting payments that don't meet the lsfDepositAuth requirements, - adds unit tests for Payment transactions to an an account with lsfDepositAuth set. - adds Escrow and PayChan support for lsfDepositAuth along with as unit tests.
2025-12-06 17:27:55 +00:00 · 2017-08-25 12:55:48 -07:00
parent a307d2d03f
commit 259394029a
17 changed files with 689 additions and 127 deletions
--- a/src/ripple/app/tx/impl/SetAccount.cpp
+++ b/src/ripple/app/tx/impl/SetAccount.cpp
@@ -201,38 +201,37 @@ SetAccount::preclaim(PreclaimContext const& ctx)
 TER
 SetAccount::doApply ()
 {
-    std::uint32_t const uTxFlags = ctx_.tx.getFlags ();
-
-    auto const sle = view().peek(
-        keylet::account(account_));
+    auto const sle = view().peek(keylet::account(account_));

    std::uint32_t const uFlagsIn = sle->getFieldU32 (sfFlags);
    std::uint32_t uFlagsOut = uFlagsIn;

-    std::uint32_t const uSetFlag = ctx_.tx.getFieldU32 (sfSetFlag);
-    std::uint32_t const uClearFlag = ctx_.tx.getFieldU32 (sfClearFlag);
+    STTx const& tx {ctx_.tx};
+    std::uint32_t const uSetFlag {tx.getFieldU32 (sfSetFlag)};
+    std::uint32_t const uClearFlag {tx.getFieldU32 (sfClearFlag)};

    // legacy AccountSet flags
-    bool bSetRequireDest   = (uTxFlags & TxFlag::requireDestTag) || (uSetFlag == asfRequireDest);
-    bool bClearRequireDest = (uTxFlags & tfOptionalDestTag) || (uClearFlag == asfRequireDest);
-    bool bSetRequireAuth   = (uTxFlags & tfRequireAuth) || (uSetFlag == asfRequireAuth);
-    bool bClearRequireAuth = (uTxFlags & tfOptionalAuth) || (uClearFlag == asfRequireAuth);
-    bool bSetDisallowXRP   = (uTxFlags & tfDisallowXRP) || (uSetFlag == asfDisallowXRP);
-    bool bClearDisallowXRP = (uTxFlags & tfAllowXRP) || (uClearFlag == asfDisallowXRP);
-
-    bool sigWithMaster = false;
+    std::uint32_t const uTxFlags {tx.getFlags ()};
+    bool const bSetRequireDest   {(uTxFlags & TxFlag::requireDestTag) || (uSetFlag == asfRequireDest)};
+    bool const bClearRequireDest {(uTxFlags & tfOptionalDestTag) || (uClearFlag == asfRequireDest)};
+    bool const bSetRequireAuth   {(uTxFlags & tfRequireAuth) || (uSetFlag == asfRequireAuth)};
+    bool const bClearRequireAuth {(uTxFlags & tfOptionalAuth) || (uClearFlag == asfRequireAuth)};
+    bool const bSetDisallowXRP   {(uTxFlags & tfDisallowXRP) || (uSetFlag == asfDisallowXRP)};
+    bool const bClearDisallowXRP {(uTxFlags & tfAllowXRP) || (uClearFlag == asfDisallowXRP)};

+    bool const sigWithMaster {[&tx, &acct = account_] ()
    {
-        auto const spk = ctx_.tx.getSigningPubKey();
+        auto const spk = tx.getSigningPubKey();

        if (publicKeyType (makeSlice (spk)))
        {
            PublicKey const signingPubKey (makeSlice (spk));

-            if (calcAccountID(signingPubKey) == account_)
-                sigWithMaster = true;
+            if (calcAccountID(signingPubKey) == acct)
+                return true;
        }
-    }
+        return false;
+    }()};

    //
    // RequireAuth
@@ -317,11 +316,13 @@ SetAccount::doApply ()
    //
    if (uSetFlag == asfDefaultRipple)
    {
-        uFlagsOut   |= lsfDefaultRipple;
+        JLOG(j_.trace()) << "Set lsfDefaultRipple.";
+        uFlagsOut |= lsfDefaultRipple;
    }
    else if (uClearFlag == asfDefaultRipple)
    {
-        uFlagsOut   &= ~lsfDefaultRipple;
+        JLOG(j_.trace()) << "Clear lsfDefaultRipple.";
+        uFlagsOut &= ~lsfDefaultRipple;
    }

    //
@@ -331,7 +332,7 @@ SetAccount::doApply ()
    {
        if (!sigWithMaster && !(uFlagsIn & lsfDisableMaster))
        {
-            JLOG(j_.trace()) << "Can't use regular key to set NoFreeze.";
+            JLOG(j_.trace()) << "Must use master key to set NoFreeze.";
            return tecNEED_MASTER_KEY;
        }

@@ -361,22 +362,39 @@ SetAccount::doApply ()
    //
    if ((uSetFlag == asfAccountTxnID) && !sle->isFieldPresent (sfAccountTxnID))
    {
-        JLOG(j_.trace()) << "Set AccountTxnID";
+        JLOG(j_.trace()) << "Set AccountTxnID.";
        sle->makeFieldPresent (sfAccountTxnID);
        }

    if ((uClearFlag == asfAccountTxnID) && sle->isFieldPresent (sfAccountTxnID))
    {
-        JLOG(j_.trace()) << "Clear AccountTxnID";
+        JLOG(j_.trace()) << "Clear AccountTxnID.";
        sle->makeFieldAbsent (sfAccountTxnID);
    }

+    //
+    // DepositAuth
+    //
+    if (view().rules().enabled(featureDepositAuth))
+    {
+        if (uSetFlag == asfDepositAuth)
+        {
+            JLOG(j_.trace()) << "Set lsfDepositAuth.";
+            uFlagsOut |= lsfDepositAuth;
+        }
+        else if (uClearFlag == asfDepositAuth)
+        {
+            JLOG(j_.trace()) << "Clear lsfDepositAuth.";
+            uFlagsOut &= ~lsfDepositAuth;
+        }
+    }
+
    //
    // EmailHash
    //
-    if (ctx_.tx.isFieldPresent (sfEmailHash))
+    if (tx.isFieldPresent (sfEmailHash))
    {
-        uint128 const uHash = ctx_.tx.getFieldH128 (sfEmailHash);
+        uint128 const uHash = tx.getFieldH128 (sfEmailHash);

        if (!uHash)
        {
@@ -393,9 +411,9 @@ SetAccount::doApply ()
    //
    // WalletLocator
    //
-    if (ctx_.tx.isFieldPresent (sfWalletLocator))
+    if (tx.isFieldPresent (sfWalletLocator))
    {
-        uint256 const uHash = ctx_.tx.getFieldH256 (sfWalletLocator);
+        uint256 const uHash = tx.getFieldH256 (sfWalletLocator);

        if (!uHash)
        {
@@ -412,9 +430,9 @@ SetAccount::doApply ()
    //
    // MessageKey
    //
-    if (ctx_.tx.isFieldPresent (sfMessageKey))
+    if (tx.isFieldPresent (sfMessageKey))
    {
-        Blob const messageKey = ctx_.tx.getFieldVL (sfMessageKey);
+        Blob const messageKey = tx.getFieldVL (sfMessageKey);

        if (messageKey.empty ())
        {
@@ -431,9 +449,9 @@ SetAccount::doApply ()
    //
    // Domain
    //
-    if (ctx_.tx.isFieldPresent (sfDomain))
+    if (tx.isFieldPresent (sfDomain))
    {
-        Blob const domain = ctx_.tx.getFieldVL (sfDomain);
+        Blob const domain = tx.getFieldVL (sfDomain);

        if (domain.empty ())
        {
@@ -450,9 +468,9 @@ SetAccount::doApply ()
    //
    // TransferRate
    //
-    if (ctx_.tx.isFieldPresent (sfTransferRate))
+    if (tx.isFieldPresent (sfTransferRate))
    {
-        std::uint32_t uRate = ctx_.tx.getFieldU32 (sfTransferRate);
+        std::uint32_t uRate = tx.getFieldU32 (sfTransferRate);

        if (uRate == 0 || uRate == QUALITY_ONE)
        {
@@ -469,9 +487,9 @@ SetAccount::doApply ()
    //
    // TickSize
    //
-    if (ctx_.tx.isFieldPresent (sfTickSize))
+    if (tx.isFieldPresent (sfTickSize))
    {
-        auto uTickSize = ctx_.tx[sfTickSize];
+        auto uTickSize = tx[sfTickSize];
        if ((uTickSize == 0) || (uTickSize == Quality::maxTickSize))
        {
            JLOG(j_.trace()) << "unset tick size";