ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2026-06-04 09:16:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Improve invariant check for Permissioned Domains (#6134) (#6958)

Browse Source
This commit is contained in:
Olek
2026-04-20 17:01:07 -04:00
committed by Ed Hennis
parent 08d8e440c1
commit 519d9057a1
6 changed files with 610 additions and 260 deletions
Download Patch File Download Diff File Expand all files Collapse all files

689
src/test/app/Invariants_test.cpp
View File

@@ -62,6 +62,13 @@ class Invariants_test : public beast::unit_test::suite
test::jtx::Account const& b,
ApplyContext& ac)>;
static FeatureBitset
defaultAmendments()
{
return ripple::test::jtx::testable_amendments() |
featureInvariantsV1_1 | featureSingleAssetVault;
}
/** Run a specific test case to put the ledger into a state that will be
* detected by an invariant. Simulates the actions of a transaction that
* would violate an invariant.
@@ -89,25 +96,68 @@ class Invariants_test : public beast::unit_test::suite
{tecINVARIANT_FAILED, tefINVARIANT_FAILED},
Preclose const& preclose = {},
TxAccount setTxAccount = TxAccount::None)
{
return doInvariantCheck(
test::jtx::Env(*this, defaultAmendments()),
expect_logs,
precheck,
fee,
tx,
ters,
preclose,
setTxAccount);
}
void
doInvariantCheck(
test::jtx::Env&& env,
std::vector<std::string> const& expect_logs,
Precheck const& precheck,
XRPAmount fee = XRPAmount{},
STTx tx = STTx{ttACCOUNT_SET, [](STObject&) {}},
std::initializer_list<TER> ters =
{tecINVARIANT_FAILED, tefINVARIANT_FAILED},
Preclose const& preclose = {},
TxAccount setTxAccount = TxAccount::None)
{
using namespace test::jtx;
FeatureBitset amendments = testable_amendments() |
featureInvariantsV1_1 | featureSingleAssetVault;
Env env{*this, amendments};
Account const A1{"A1"};
Account const A2{"A2"};
env.fund(XRP(1000), A1, A2);
if (preclose)
BEAST_EXPECT(preclose(A1, A2, env));
env.close();
if (setTxAccount != TxAccount::None)
tx.setAccountID(
sfAccount, setTxAccount == TxAccount::A1 ? A1.id() : A2.id());
return doInvariantCheck(
std::move(env), A1, A2, expect_logs, precheck, fee, tx, ters);
}
void
doInvariantCheck(
test::jtx::Env&& env,
test::jtx::Account const& A1,
test::jtx::Account const& A2,
std::vector<std::string> const& expect_logs,
Precheck const& precheck,
XRPAmount fee = XRPAmount{},
STTx tx = STTx{ttACCOUNT_SET, [](STObject&) {}},
std::initializer_list<TER> ters = {
tecINVARIANT_FAILED,
tefINVARIANT_FAILED})
{
using namespace test::jtx;
OpenView ov{*env.current()};
test::StreamSink sink{beast::severities::kWarning};
beast::Journal jlog{sink};
if (setTxAccount != TxAccount::None)
tx.setAccountID(
sfAccount, setTxAccount == TxAccount::A1 ? A1.id() : A2.id());
ApplyContext ac{
env.app(),
ov,
@@ -127,20 +177,22 @@ class Invariants_test : public beast::unit_test::suite
for (TER const& terExpect : ters)
{
terActual = ac.checkInvariants(terActual, fee);
BEAST_EXPECT(terExpect == terActual);
BEAST_EXPECTS(
terExpect == terActual, std::to_string(TERtoInt(terActual)));
auto const messages = sink.messages().str();
BEAST_EXPECT(
messages.starts_with("Invariant failed:") ||
messages.starts_with("Transaction caused an exception"));
if (terActual != tesSUCCESS)
{
BEAST_EXPECTS(
messages.starts_with("Invariant failed:") ||
messages.starts_with("Transaction caused an exception"),
messages);
}
// std::cerr << messages << '\n';
for (auto const& m : expect_logs)
{
if (messages.find(m) == std::string::npos)
{
// uncomment if you want to log the invariant failure
// std::cerr << " --> " << m << std::endl;
fail();
}
BEAST_EXPECTS(messages.find(m) != std::string::npos, m);
}
}
}
@@ -1263,91 +1315,85 @@ class Invariants_test : public beast::unit_test::suite
});
}
void
static std::shared_ptr<SLE>
createPermissionedDomain(
ApplyContext& ac,
std::shared_ptr<SLE>& sle,
test::jtx::Account const& A1,
test::jtx::Account const& A2)
test::jtx::Account const& A2,
std::uint32_t numCreds = 2,
std::uint32_t seq = 10)
{
sle->setAccountID(sfOwner, A1);
sle->setFieldU32(sfSequence, 10);
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), seq);
auto sle = std::make_shared<SLE>(pdKeylet);
STArray credentials(sfAcceptedCredentials, 2);
for (std::size_t n = 0; n < 2; ++n)
sle->setAccountID(sfOwner, A1);
sle->setFieldU32(sfSequence, seq);
if (numCreds)
{
auto cred = STObject::makeInnerObject(sfCredential);
cred.setAccountID(sfIssuer, A2);
auto credType = "cred_type" + std::to_string(n);
cred.setFieldVL(
sfCredentialType, Slice(credType.c_str(), credType.size()));
credentials.push_back(std::move(cred));
// This array is sorted naturally, but if you are going to change
// this behavior, don't forget to use credentials::makeSorted
STArray credentials(sfAcceptedCredentials, numCreds);
for (std::size_t n = 0; n < numCreds; ++n)
{
auto cred = STObject::makeInnerObject(sfCredential);
cred.setAccountID(sfIssuer, A2);
auto credType = "cred_type" + std::to_string(n);
cred.setFieldVL(
sfCredentialType, Slice(credType.c_str(), credType.size()));
credentials.push_back(std::move(cred));
}
sle->setFieldArray(sfAcceptedCredentials, credentials);
}
sle->setFieldArray(sfAcceptedCredentials, credentials);
ac.view().insert(sle);
return sle;
};
void
testPermissionedDomainInvariants()
testPermissionedDomainInvariants(FeatureBitset features)
{
using namespace test::jtx;
testcase << "PermissionedDomain";
doInvariantCheck(
{{"permissioned domain with no rules."}},
[](Account const& A1, Account const&, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
slePd->setAccountID(sfOwner, A1);
slePd->setFieldU32(sfSequence, 10);
bool const fixPDEnabled = features[fixPermissionedDomainInvariant];
std::initializer_list<TER> badTers = {
tecINVARIANT_FAILED, tecINVARIANT_FAILED};
std::initializer_list<TER> failTers = {
tecINVARIANT_FAILED, tefINVARIANT_FAILED};
ac.view().insert(slePd);
return true;
testcase << "PermissionedDomain" +
std::string(fixPDEnabled ? " fix" : "");
doInvariantCheck(
Env(*this, features),
{{"permissioned domain with no rules."}},
[](Account const& A1, Account const& A2, ApplyContext& ac) {
return createPermissionedDomain(ac, A1, A2, 0).get();
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain 2";
auto constexpr tooBig = maxPermissionedDomainCredentialsArraySize + 1;
doInvariantCheck(
Env(*this, features),
{{"permissioned domain bad credentials size " +
std::to_string(tooBig)}},
[](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
slePd->setAccountID(sfOwner, A1);
slePd->setFieldU32(sfSequence, 10);
STArray credentials(sfAcceptedCredentials, tooBig);
for (std::size_t n = 0; n < tooBig; ++n)
{
auto cred = STObject::makeInnerObject(sfCredential);
cred.setAccountID(sfIssuer, A2);
auto credType =
std::string("cred_type") + std::to_string(n);
cred.setFieldVL(
sfCredentialType,
Slice(credType.c_str(), credType.size()));
credentials.push_back(std::move(cred));
}
slePd->setFieldArray(sfAcceptedCredentials, credentials);
ac.view().insert(slePd);
return true;
return !!createPermissionedDomain(ac, A1, A2, tooBig);
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain 3";
doInvariantCheck(
Env(*this, features),
{{"permissioned domain credentials aren't sorted"}},
[](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
slePd->setAccountID(sfOwner, A1);
slePd->setFieldU32(sfSequence, 10);
auto slePd = createPermissionedDomain(ac, A1, A2, 0);
STArray credentials(sfAcceptedCredentials, 2);
for (std::size_t n = 0; n < 2; ++n)
@@ -1362,21 +1408,19 @@ class Invariants_test : public beast::unit_test::suite
credentials.push_back(std::move(cred));
}
slePd->setFieldArray(sfAcceptedCredentials, credentials);
ac.view().insert(slePd);
ac.view().update(slePd);
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain 4";
doInvariantCheck(
Env(*this, features),
{{"permissioned domain credentials aren't unique"}},
[](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
slePd->setAccountID(sfOwner, A1);
slePd->setFieldU32(sfSequence, 10);
auto slePd = createPermissionedDomain(ac, A1, A2, 0);
STArray credentials(sfAcceptedCredentials, 2);
for (std::size_t n = 0; n < 2; ++n)
@@ -1387,22 +1431,20 @@ class Invariants_test : public beast::unit_test::suite
credentials.push_back(std::move(cred));
}
slePd->setFieldArray(sfAcceptedCredentials, credentials);
ac.view().insert(slePd);
ac.view().update(slePd);
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain Set 1";
doInvariantCheck(
Env(*this, features),
{{"permissioned domain with no rules."}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
// create PD
createPermissionedDomain(ac, slePd, A1, A2);
auto slePd = createPermissionedDomain(ac, A1, A2);
// update PD with empty rules
{
@@ -1414,19 +1456,17 @@ class Invariants_test : public beast::unit_test::suite
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain Set 2";
doInvariantCheck(
Env(*this, features),
{{"permissioned domain bad credentials size " +
std::to_string(tooBig)}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
// create PD
createPermissionedDomain(ac, slePd, A1, A2);
auto slePd = createPermissionedDomain(ac, A1, A2);
// update PD
{
@@ -1450,18 +1490,16 @@ class Invariants_test : public beast::unit_test::suite
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain Set 3";
doInvariantCheck(
Env(*this, features),
{{"permissioned domain credentials aren't sorted"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
// create PD
createPermissionedDomain(ac, slePd, A1, A2);
auto slePd = createPermissionedDomain(ac, A1, A2);
// update PD
{
@@ -1485,18 +1523,16 @@ class Invariants_test : public beast::unit_test::suite
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : badTers);
testcase << "PermissionedDomain Set 4";
doInvariantCheck(
Env(*this, features),
{{"permissioned domain credentials aren't unique"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
// create PD
createPermissionedDomain(ac, slePd, A1, A2);
auto slePd = createPermissionedDomain(ac, A1, A2);
// update PD
{
@@ -1516,8 +1552,168 @@ class Invariants_test : public beast::unit_test::suite
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : badTers);
std::initializer_list<TER> goodTers = {tesSUCCESS, tesSUCCESS};
std::vector<std::string> badMoreThan1{
{"transaction affected more than 1 permissioned domain entry."}};
std::vector<std::string> emptyV;
std::vector<std::string> badNoDomains{
{"no domain objects affected by"}};
std::vector<std::string> badNotDeleted{
{"domain object modified, but not deleted by "}};
std::vector<std::string> badDeleted{{"domain object deleted by"}};
std::vector<std::string> badTx{
{"domain object(s) affected by an unauthorized transaction."}};
{
testcase << "PermissionedDomain set 2 domains ";
doInvariantCheck(
Env(*this, features),
fixPDEnabled ? badMoreThan1 : emptyV,
[](Account const& A1, Account const& A2, ApplyContext& ac) {
createPermissionedDomain(ac, A1, A2);
createPermissionedDomain(ac, A1, A2, 2, 11);
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : goodTers);
}
{
testcase << "PermissionedDomain del 2 domains";
Env env1(*this, features);
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
[[maybe_unused]] auto [seq2, pd2] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
doInvariantCheck(
std::move(env1),
A1,
A2,
fixPDEnabled ? badMoreThan1 : emptyV,
[&pd1, &pd2](Account const&, Account const&, ApplyContext& ac) {
auto sle1 = ac.view().peek({ltPERMISSIONED_DOMAIN, pd1});
auto sle2 = ac.view().peek({ltPERMISSIONED_DOMAIN, pd2});
ac.view().erase(sle1);
ac.view().erase(sle2);
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_DELETE, [](STObject&) {}},
fixPDEnabled ? failTers : goodTers);
}
{
testcase << "PermissionedDomain set 0 domains ";
doInvariantCheck(
Env(*this, features),
fixPDEnabled ? badNoDomains : emptyV,
[](Account const&, Account const&, ApplyContext&) {
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? badTers : goodTers);
}
{
testcase << "PermissionedDomain del 0 domains";
Env env1(*this, features);
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
[[maybe_unused]] auto [seq2, pd2] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
doInvariantCheck(
Env(*this, features),
A1,
A2,
fixPDEnabled ? badNoDomains : emptyV,
[](Account const&, Account const&, ApplyContext&) {
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_DELETE, [](STObject&) {}},
fixPDEnabled ? badTers : goodTers);
}
{
testcase << "PermissionedDomain set, delete domain";
Env env1(*this, features);
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
doInvariantCheck(
std::move(env1),
A1,
A2,
fixPDEnabled ? badDeleted : emptyV,
[&pd1](Account const&, Account const&, ApplyContext& ac) {
auto sle1 = ac.view().peek({ltPERMISSIONED_DOMAIN, pd1});
ac.view().erase(sle1);
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_SET, [](STObject&) {}},
fixPDEnabled ? failTers : goodTers);
}
{
testcase << "PermissionedDomain del, create domain ";
doInvariantCheck(
Env(*this, features),
fixPDEnabled ? badNotDeleted : emptyV,
[](Account const& A1, Account const& A2, ApplyContext& ac) {
createPermissionedDomain(ac, A1, A2);
return true;
},
XRPAmount{},
STTx{ttPERMISSIONED_DOMAIN_DELETE, [](STObject&) {}},
fixPDEnabled ? failTers : goodTers);
}
{
testcase << "PermissionedDomain invalid tx";
doInvariantCheck(
fixPDEnabled ? badTx : emptyV,
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
createPermissionedDomain(ac, A1, A2);
return true;
},
XRPAmount{},
STTx{ttPAYMENT, [](STObject&) {}},
failTers);
}
}
void
@@ -1641,13 +1837,43 @@ class Invariants_test : public beast::unit_test::suite
});
}
void
testPermissionedDEX()
static std::pair<std::uint32_t, uint256>
createPermissionedDomainEnv(
test::jtx::Env& env,
test::jtx::Account const& A1,
test::jtx::Account const& A2,
std::uint32_t numCreds = 2)
{
using namespace test::jtx;
testcase << "PermissionedDEX";
pdomain::Credentials credentials;
for (std::size_t n = 0; n < numCreds; ++n)
{
auto credType = "cred_type" + std::to_string(n);
credentials.push_back({A2, credType});
}
std::uint32_t const seq = env.seq(A1);
env(pdomain::setTx(A1, credentials));
uint256 key = pdomain::getNewDomain(env.meta());
// std::cout << "PD, acc: " << A1.id() << ", seq: " << seq << ", k: " <<
// key << std::endl;
return {seq, key};
}
void
testPermissionedDEX(FeatureBitset features)
{
using namespace test::jtx;
bool const fixPDEnabled = features[fixPermissionedDomainInvariant];
testcase << "PermissionedDEX" + std::string(fixPDEnabled ? " fix" : "");
doInvariantCheck(
Env(*this, features),
{{"domain doesn't exist"}},
[](Account const& A1, Account const&, ApplyContext& ac) {
Keylet const offerKey = keylet::offer(A1.id(), 10);
@@ -1675,12 +1901,9 @@ class Invariants_test : public beast::unit_test::suite
// missing domain ID in offer object
doInvariantCheck(
Env(*this, features),
{{"hybrid offer is malformed"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
createPermissionedDomain(ac, slePd, A1, A2);
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
@@ -1695,119 +1918,159 @@ class Invariants_test : public beast::unit_test::suite
return true;
},
XRPAmount{},
STTx{ttOFFER_CREATE, [&](STObject& tx) {}},
STTx{ttOFFER_CREATE, [&](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
// more than one entry in sfAdditionalBooks
doInvariantCheck(
{{"hybrid offer is malformed"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
createPermissionedDomain(ac, slePd, A1, A2);
{
Env env1(*this, features);
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
sleOffer->setFlag(lsfHybrid);
sleOffer->setFieldH256(sfDomainID, pdKeylet.key);
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
STArray bookArr;
bookArr.push_back(STObject::makeInnerObject(sfBook));
bookArr.push_back(STObject::makeInnerObject(sfBook));
sleOffer->setFieldArray(sfAdditionalBooks, bookArr);
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{ttOFFER_CREATE, [&](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
doInvariantCheck(
std::move(env1),
A1,
A2,
{{"hybrid offer is malformed"}},
[&pd1](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
sleOffer->setFlag(lsfHybrid);
sleOffer->setFieldH256(sfDomainID, pd1);
STArray bookArr;
bookArr.push_back(STObject::makeInnerObject(sfBook));
bookArr.push_back(STObject::makeInnerObject(sfBook));
sleOffer->setFieldArray(sfAdditionalBooks, bookArr);
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{ttOFFER_CREATE, [&](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
}
// hybrid offer missing sfAdditionalBooks
doInvariantCheck(
{{"hybrid offer is malformed"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
createPermissionedDomain(ac, slePd, A1, A2);
{
Env env1(*this, features);
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
sleOffer->setFlag(lsfHybrid);
sleOffer->setFieldH256(sfDomainID, pdKeylet.key);
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{ttOFFER_CREATE, [&](STObject& tx) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
doInvariantCheck(
{{"transaction consumed wrong domains"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
createPermissionedDomain(ac, slePd, A1, A2);
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
Keylet const badDomainKeylet =
keylet::permissionedDomain(A1.id(), 20);
auto sleBadPd = std::make_shared<SLE>(badDomainKeylet);
createPermissionedDomain(ac, sleBadPd, A1, A2);
doInvariantCheck(
std::move(env1),
A1,
A2,
{{"hybrid offer is malformed"}},
[&pd1](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
sleOffer->setFlag(lsfHybrid);
sleOffer->setFieldH256(sfDomainID, pd1);
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{ttOFFER_CREATE, [&](STObject&) {}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
}
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
sleOffer->setFieldH256(sfDomainID, pdKeylet.key);
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{
ttOFFER_CREATE,
[&](STObject& tx) {
Account const A1{"A1"};
Keylet const badDomainKey =
keylet::permissionedDomain(A1.id(), 20);
tx.setFieldH256(sfDomainID, badDomainKey.key);
tx.setFieldAmount(sfTakerPays, A1["USD"](10));
tx.setFieldAmount(sfTakerGets, XRP(1));
}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
{
Env env1(*this, features);
doInvariantCheck(
{{"domain transaction affected regular offers"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const pdKeylet = keylet::permissionedDomain(A1.id(), 10);
auto slePd = std::make_shared<SLE>(pdKeylet);
createPermissionedDomain(ac, slePd, A1, A2);
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{
ttOFFER_CREATE,
[&](STObject& tx) {
Account const A1{"A1"};
Keylet const domainKey =
keylet::permissionedDomain(A1.id(), 10);
tx.setFieldH256(sfDomainID, domainKey.key);
tx.setFieldAmount(sfTakerPays, A1["USD"](10));
tx.setFieldAmount(sfTakerGets, XRP(1));
}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
[[maybe_unused]] auto [seq2, pd2] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
doInvariantCheck(
std::move(env1),
A1,
A2,
{{"transaction consumed wrong domains"}},
[&pd1](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
sleOffer->setFieldH256(sfDomainID, pd1);
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{
ttOFFER_CREATE,
[&pd2, &A1](STObject& tx) {
tx.setFieldH256(sfDomainID, pd2);
tx.setFieldAmount(sfTakerPays, A1["USD"](10));
tx.setFieldAmount(sfTakerGets, XRP(1));
}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
}
{
Env env1(*this, features);
Account const A1{"A1"};
Account const A2{"A2"};
env1.fund(XRP(1000), A1, A2);
env1.close();
[[maybe_unused]] auto [seq1, pd1] =
createPermissionedDomainEnv(env1, A1, A2);
env1.close();
doInvariantCheck(
std::move(env1),
A1,
A2,
{{"domain transaction affected regular offers"}},
[&](Account const& A1, Account const& A2, ApplyContext& ac) {
Keylet const offerKey = keylet::offer(A2.id(), 10);
auto sleOffer = std::make_shared<SLE>(offerKey);
sleOffer->setAccountID(sfAccount, A2);
sleOffer->setFieldAmount(sfTakerPays, A1["USD"](10));
sleOffer->setFieldAmount(sfTakerGets, XRP(1));
ac.view().insert(sleOffer);
return true;
},
XRPAmount{},
STTx{
ttOFFER_CREATE,
[&](STObject& tx) {
Account const A1{"A1"};
tx.setFieldH256(sfDomainID, pd1);
tx.setFieldAmount(sfTakerPays, A1["USD"](10));
tx.setFieldAmount(sfTakerGets, XRP(1));
}},
{tecINVARIANT_FAILED, tecINVARIANT_FAILED});
}
}
Keylet
@@ -4116,8 +4379,14 @@ public:
testNoZeroEscrow();
testValidNewAccountRoot();
testNFTokenPageInvariants();
testPermissionedDomainInvariants();
testPermissionedDEX();
testPermissionedDomainInvariants(
defaultAmendments() | fixPermissionedDomainInvariant);
testPermissionedDomainInvariants(
defaultAmendments() - fixPermissionedDomainInvariant);
testPermissionedDEX(
defaultAmendments() | fixPermissionedDomainInvariant);
testPermissionedDEX(
defaultAmendments() - fixPermissionedDomainInvariant);
testNoModifiedUnmodifiableFields();
testValidPseudoAccounts();
testValidLoanBroker();

39
src/test/app/PermissionedDomains_test.cpp
View File

@@ -53,18 +53,25 @@ exceptionExpected(Env& env, Json::Value const& jv)
class PermissionedDomains_test : public beast::unit_test::suite
{
FeatureBitset withoutFeature_{
testable_amendments() - featurePermissionedDomains};
testable_amendments() - featurePermissionedDomains -
fixPermissionedDomainInvariant};
FeatureBitset withFeature_{
(testable_amendments() //
| featurePermissionedDomains | featureCredentials) -
fixPermissionedDomainInvariant};
FeatureBitset withFix_{
testable_amendments() //
| featurePermissionedDomains | featureCredentials};
| featurePermissionedDomains | featureCredentials |
fixPermissionedDomainInvariant};
// Verify that each tx type can execute if the feature is enabled.
void
testEnabled()
testEnabled(FeatureBitset features)
{
testcase("Enabled");
Account const alice("alice");
Env env(*this, withFeature_);
Env env(*this, features);
env.fund(XRP(1000), alice);
pdomain::Credentials credentials{{alice, "first credential"}};
env(pdomain::setTx(alice, credentials));
@@ -279,10 +286,10 @@ class PermissionedDomains_test : public beast::unit_test::suite
// Test PermissionedDomainSet
void
testSet()
testSet(FeatureBitset features)
{
testcase("Set");
Env env(*this, withFeature_);
Env env(*this, features);
env.set_parse_failure_expected(true);
int const accNum = 12;
@@ -459,10 +466,10 @@ class PermissionedDomains_test : public beast::unit_test::suite
// Test PermissionedDomainDelete
void
testDelete()
testDelete(FeatureBitset features)
{
testcase("Delete");
Env env(*this, withFeature_);
Env env(*this, features);
Account const alice("alice");
env.fund(XRP(1000), alice);
@@ -516,14 +523,14 @@ class PermissionedDomains_test : public beast::unit_test::suite
}
void
testAccountReserve()
testAccountReserve(FeatureBitset features)
{
// Verify that the reserve behaves as expected for creating.
testcase("Account Reserve");
using namespace test::jtx;
Env env(*this, withFeature_);
Env env(*this, features);
Account const alice("alice");
// Fund alice enough to exist, but not enough to meet
@@ -570,12 +577,16 @@ public:
void
run() override
{
testEnabled();
testEnabled(withFeature_);
testEnabled(withFix_);
testCredentialsDisabled();
testDisabled();
testSet();
testDelete();
testAccountReserve();
testSet(withFeature_);
testSet(withFix_);
testDelete(withFeature_);
testDelete(withFix_);
testAccountReserve(withFeature_);
testAccountReserve(withFix_);
}
};

26
src/test/jtx/impl/balance.cpp
View File

@@ -23,6 +23,11 @@ namespace ripple {
namespace test {
namespace jtx {
#define TEST_EXPECT(cond) env.test.expect(cond, __FILE__, __LINE__)
#define TEST_EXPECTS(cond, reason) \
((cond) ? (env.test.pass(), true) \
: (env.test.fail((reason), __FILE__, __LINE__), false))
void
doBalance(
Env& env,
@@ -36,11 +41,14 @@ doBalance(
auto const sle = env.le(keylet::account(account));
if (none)
{
env.test.expect(!sle);
TEST_EXPECT(!sle);
}
else if (env.test.expect(sle))
else if (TEST_EXPECT(sle))
{
env.test.expect(sle->getFieldAmount(sfBalance) == value);
TEST_EXPECTS(
sle->getFieldAmount(sfBalance) == value,
sle->getFieldAmount(sfBalance).getText() + " / " +
value.getText());
}
}
else
@@ -48,15 +56,15 @@ doBalance(
auto const sle = env.le(keylet::line(account, issue));
if (none)
{
env.test.expect(!sle);
TEST_EXPECT(!sle);
}
else if (env.test.expect(sle))
else if (TEST_EXPECT(sle))
{
auto amount = sle->getFieldAmount(sfBalance);
amount.setIssuer(issue.account);
if (account > issue.account)
amount.negate();
env.test.expect(amount == value);
TEST_EXPECTS(amount == value, amount.getText());
}
}
}
@@ -72,12 +80,12 @@ doBalance(
auto const sle = env.le(keylet::mptoken(mptIssue.getMptID(), account));
if (none)
{
env.test.expect(!sle);
TEST_EXPECT(!sle);
}
else if (env.test.expect(sle))
else if (TEST_EXPECT(sle))
{
STAmount const amount{mptIssue, sle->getFieldU64(sfMPTAmount)};
env.test.expect(amount == value);
TEST_EXPECT(amount == value);
}
}

109
src/xrpld/app/tx/detail/InvariantCheck.cpp
View File

@@ -1660,7 +1660,7 @@ ValidMPTIssuance::finalize(
void
ValidPermissionedDomain::visitEntry(
bool,
bool isDel,
std::shared_ptr<SLE const> const& before,
std::shared_ptr<SLE const> const& after)
{
@@ -1669,41 +1669,32 @@ ValidPermissionedDomain::visitEntry(
if (after && after->getType() != ltPERMISSIONED_DOMAIN)
return;
auto check = [](SleStatus& sleStatus,
std::shared_ptr<SLE const> const& sle) {
auto check = [isDel](
std::vector<SleStatus>& sleStatus,
std::shared_ptr<SLE const> const& sle) {
auto const& credentials = sle->getFieldArray(sfAcceptedCredentials);
sleStatus.credentialsSize_ = credentials.size();
auto const sorted = credentials::makeSorted(credentials);
sleStatus.isUnique_ = !sorted.empty();
SleStatus ss{credentials.size(), false, !sorted.empty(), isDel};
// If array have duplicates then all the other checks are invalid
sleStatus.isSorted_ = false;
if (sleStatus.isUnique_)
if (ss.isUnique_)
{
unsigned i = 0;
for (auto const& cred : sorted)
{
auto const& credTx = credentials[i++];
sleStatus.isSorted_ = (cred.first == credTx[sfIssuer]) &&
ss.isSorted_ = (cred.first == credTx[sfIssuer]) &&
(cred.second == credTx[sfCredentialType]);
if (!sleStatus.isSorted_)
if (!ss.isSorted_)
break;
}
}
sleStatus.emplace_back(std::move(ss));
};
if (before)
{
sleStatus_[0] = SleStatus();
check(*sleStatus_[0], after);
}
if (after)
{
sleStatus_[1] = SleStatus();
check(*sleStatus_[1], after);
}
check(sleStatus_, after);
}
bool
@@ -1714,9 +1705,6 @@ ValidPermissionedDomain::finalize(
ReadView const& view,
beast::Journal const& j)
{
if (tx.getTxnType() != ttPERMISSIONED_DOMAIN_SET || result != tesSUCCESS)
return true;
auto check = [](SleStatus const& sleStatus, beast::Journal const& j) {
if (!sleStatus.credentialsSize_)
{
@@ -1753,8 +1741,79 @@ ValidPermissionedDomain::finalize(
return true;
};
return (sleStatus_[0] ? check(*sleStatus_[0], j) : true) &&
(sleStatus_[1] ? check(*sleStatus_[1], j) : true);
if (view.rules().enabled(fixPermissionedDomainInvariant))
{
// No permissioned domains should be affected if the transaction failed
if (result != tesSUCCESS)
// If nothing changed, all is good. If there were changes, that's
// bad.
return sleStatus_.empty();
if (sleStatus_.size() > 1)
{
JLOG(j.fatal()) << "Invariant failed: transaction affected more "
"than 1 permissioned domain entry.";
return false;
}
switch (tx.getTxnType())
{
case ttPERMISSIONED_DOMAIN_SET: {
if (sleStatus_.empty())
{
JLOG(j.fatal())
<< "Invariant failed: no domain objects affected by "
"PermissionedDomainSet";
return false;
}
auto const& sleStatus = sleStatus_[0];
if (sleStatus.isDelete_)
{
JLOG(j.fatal()) << "Invariant failed: domain object "
"deleted by PermissionedDomainSet";
return false;
}
return check(sleStatus, j);
}
case ttPERMISSIONED_DOMAIN_DELETE: {
if (sleStatus_.empty())
{
JLOG(j.fatal())
<< "Invariant failed: no domain objects affected by "
"PermissionedDomainDelete";
return false;
}
if (!sleStatus_[0].isDelete_)
{
JLOG(j.fatal()) << "Invariant failed: domain object "
"modified, but not deleted by "
"PermissionedDomainDelete";
return false;
}
return true;
}
default: {
if (!sleStatus_.empty())
{
JLOG(j.fatal()) << "Invariant failed: " << sleStatus_.size()
<< " domain object(s) affected by an "
"unauthorized transaction. "
<< tx.getTxnType();
return false;
}
return true;
}
}
}
else
{
if (tx.getTxnType() != ttPERMISSIONED_DOMAIN_SET ||
result != tesSUCCESS || sleStatus_.empty())
return true;
return check(sleStatus_[0], j);
}
}
//------------------------------------------------------------------------------

6
src/xrpld/app/tx/detail/InvariantCheck.h
View File

@@ -614,9 +614,11 @@ class ValidPermissionedDomain
struct SleStatus
{
std::size_t credentialsSize_{0};
bool isSorted_ = false, isUnique_ = false;
bool isSorted_ = false;
bool isUnique_ = false;
bool isDelete_ = false;
};
std::optional<SleStatus> sleStatus_[2];
std::vector<SleStatus> sleStatus_;
public:
void