ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2026-04-29 15:37:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dfb3d970bec3a0a885a4e2387ffa0b72121bee39
rippled/include/xrpl/protocol/STValidation.h
Ed Hennis 8483115637 Lending protocol implementation (XLS-0066) 
- Add the LendingProtocol amendment
- Add Loan Broker and Loan ledger objects:
- Also add new SFields, Keylet functions, and an Invariant to verify no
  illegal field modification
- Update list of "constant" fields from spec
- Also add a general check for all object types for the type and index
  fields
- refactor: Check transaction flags in preflight0
- Adds a flagMask parameter to preflight1 so that it's impossible to
  forget to check flags.
- Also adds a short hash prefix to all Transactor log messages.
- refactor: Generalize Transactor preflight:
- Derived classes no longer need to explicitly check amendments, nor
  call into preflight1 or preflight2.
- implemeng LoanBrokerSet
- Transactions: LoanDelete, LoanManage, LoanDraw, LoanPay
- LoanBrokerSet creation mostly done. Need update.
- Also added a lookup table for pseudo account fields.
- Update changed field name.
- Modify modifiable fields in an update. Note there are only two.
- Add a node field to dirLink, defaulting sfOwnerNode, so other
  relationships can be updated.
- Create some helper classes for transaction fields
- Test that they work by converting some of the existing classes
- Finish creating helper classes for JTx fields
- Also change the pseudo account field lookup to a function that uses
  a switch
- Update tests, update pseudo-account checking
- Generalize some of the Invariant checks using macro files
  - Valid ledger entry type
  - Valid new account root and pseudo account check
- Enumerate transaction privileges for invariants
  - Allows them to be defined in transactions.macro instead of needing to
    scrutinize every existing Invariant class.
  - List is not necessarily comprehensive, but does cover every check
    where more than one transaction type is involved.
- Reserve a few values between Vault and Lending for future use
- Pseudo-account improvements
  - Define pseudo-account fields with an sfield flag
  - Pseudo-account invariant checks rules whenever a pseudo-account is
    created or modified.
- Move some helper functions.
- Check the regular key in the pseudo-transaction invariant check.
- Transactor::checkSign will always fail for a pseudo-account, so even
  if someone figures out how to get a good signature, it won't work.
- Fix account creation to check both amendments
- Add a validity range for sfDebtMaximum
- Change more "failed" messages. The goal here is to be able to search
  the log for "failed" and ONLY get test failures.
- NoModifiedUnmodifiableFields and ValidPseudoAccounts
- Move the Invariants_test class into the test namespace
- Clang wants an explicit ctor to emplace in a vector
- Refactor: Add a Transactor base function to make it easier to get the
  owner reserve increment as a fee.
- Refactor: Add an overload jtx::fee(increment) to pay an owner reserve.
- Initial implementation of LoanBrokerDelete
- Generalize the LoanBroker lifecycle test
- Refactor ApplyView::dirAdd to give access to low-level operations
  - Takes a page from #5362, which may turn out to be useful!
- Start writing Loan Broker invariants and tests
  - Specifically those mentioned for LoanBrokerDelete
- Move all detail namespaces to be under ripple
  - Avoids problems with namespace collisions / ambiguous symbol issues
    with unity builds, especially when adding or removing files.
- Add LoanBrokerCoverDeposit transaction
- Add LoanBrokerCoverWithdraw transaction
- Start writing tests for LoanBrokerCover*
- Add support for `Asset` and `MPTIssue` to some `jtx` helper classes
  and functions (`balance`, `expectLine`)
- Add support for pseudo-accounts to `jtx::Account` by allowing directly
  setting the AccountID without a matching key.
- Add Asset and MPTIssue support to more jtx objects / functions
  - Unfortunately, to work around some ambiguous symbol compilation
    errors, I had to change the implicit conversion from IOU to Asset to
    a conversion from IOU to PrettyAsset, and add a more explicit
    `asset()` function. This workaround only required changing two
    existing tests, so seems acceptable.
- Ensure that an account is not deleted with an XRP balance
  - Updates the AccountRootsDeletedClean invariant
- Finish up the Loan Broker tests
- Move inclusion of Transactor headers to transactions.macro
  - Only need to update in one place when adding a new transaction.
- Start implementing LoanSet transactor
  - Add some more values and functions to make it easier to work with
    basis point values / bips.
  - Fix several earlier mistakes.
- Generalize the check*Sign functions to support CounterParty
  - checkSign, checkSingleSign, and checkMultiSign in STTx and Transactor
- Start writing Loan tests
  - Required adding support for counterparty signature to jtx framework:
    arbitrary signature field destination, multiple signer callbacks
- Get Counterparty signing working
- Add more LoanSet unit tests, added LoanBroker LoanSequence field
  - LoanSequence will prevent loan key collisions
- Change Loan object indexing, fix several broken LoanSet unit tests
  - Loan objects will now only be indexed by LoanBrokerID and
    LoanSequence, which is a new field in LoanBroker. Also changes
    Loan.Sequence to Loan.LoanSequence to match up.
  - Several tests weren't working because of `PrettyAsset` scaling. Also,
    `PrettyAsset` calculations could overflow. Made that less likely by
    changing the type of `scale_`.
  - LoanSet will fail if an account tries to loan to itself.
- Ensure that an account is not deleted with a non-zero owner count
  - Updates the AccountRootsDeletedClean invariant
- Add unit tests to create a Loan successfully
  - Fix a few field initializations in LoanSet
- Refactor issuance validity check in VaultCreate
  - Utility function: canAddHolding
  - Call canAddHolding from any transactor that call addEmptyHolding
    (LoanBrokerSet, LoanSet)
- Start implementing LoanManage transaction
  - Also add a ValidLoan invariant
- Finish `LoanManage` functionality and tests, modulo LoanDraw/Pay
- Allow existing trust lines to loan brokers to be managed (by issuer)
- Implement LoanDelete, and fix a bunch of math errors in LoanManage
- Update to match latest spec: compute interest, LoanBroker reserves
- refactor: Define getFlagsMask in the base Transactor class
  - Returns tfUniversalMask for most transactors
  - Only transactors that use other flags need to override
- Implement LoanDraw, and made good progress on related tests
- Start implementing LoanPay transaction
- Implement LoanPay
  - Also add an XRPL_ASSERT2, which splits the parts of the assert message
    so I don't have to remember the proper formatting.
2025-05-14 15:28:42 +01:00

294 lines
8.3 KiB
C++
Raw Blame History

//------------------------------------------------------------------------------
/*
This file is part of rippled: https://github.com/ripple/rippled
Copyright (c) 2012, 2013 Ripple Labs Inc.
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
//==============================================================================
#ifndef RIPPLE_PROTOCOL_STVALIDATION_H_INCLUDED
#define RIPPLE_PROTOCOL_STVALIDATION_H_INCLUDED
#include <xrpl/basics/Log.h>
#include <xrpl/beast/utility/instrumentation.h>
#include <xrpl/protocol/PublicKey.h>
#include <xrpl/protocol/STObject.h>
#include <xrpl/protocol/SecretKey.h>
#include <xrpl/protocol/Units.h>
#include <cstdint>
#include <functional>
#include <memory>
#include <optional>
#include <sstream>
namespace ripple {
// Validation flags
// This is a full (as opposed to a partial) validation
constexpr std::uint32_t vfFullValidation = 0x00000001;
// The signature is fully canonical
constexpr std::uint32_t vfFullyCanonicalSig = 0x80000000;
class STValidation final : public STObject, public CountedObject<STValidation>
{
bool mTrusted = false;
// Determines the validity of the signature in this validation; unseated
// optional if we haven't yet checked it, a boolean otherwise.
mutable std::optional<bool> valid_;
// The public key associated with the key used to sign this validation
PublicKey const signingPubKey_;
// The ID of the validator that issued this validation. For validators
// that use manifests this will be derived from the master public key.
NodeID const nodeID_;
NetClock::time_point seenTime_ = {};
public:
/** Construct a STValidation from a peer from serialized data.
@param sit Iterator over serialized data
@param lookupNodeID Invocable with signature
NodeID(PublicKey const&)
used to find the Node ID based on the public key
that signed the validation. For manifest based
validators, this should be the NodeID of the master
public key.
@param checkSignature Whether to verify the data was signed properly
@note Throws if the object is not valid
*/
template <class LookupNodeID>
STValidation(
SerialIter& sit,
LookupNodeID&& lookupNodeID,
bool checkSignature);
/** Construct, sign and trust a new STValidation issued by this node.
@param signTime When the validation is signed
@param publicKey The current signing public key
@param secretKey The current signing secret key
@param nodeID ID corresponding to node's public master key
@param f callback function to "fill" the validation with necessary data
*/
template <typename F>
STValidation(
NetClock::time_point signTime,
PublicKey const& pk,
SecretKey const& sk,
NodeID const& nodeID,
F&& f);
// Hash of the validated ledger
uint256
getLedgerHash() const;
// Hash of consensus transaction set used to generate ledger
uint256
getConsensusHash() const;
NetClock::time_point
getSignTime() const;
NetClock::time_point
getSeenTime() const noexcept;
PublicKey const&
getSignerPublic() const noexcept;
NodeID const&
getNodeID() const noexcept;
bool
isValid() const noexcept;
bool
isFull() const noexcept;
bool
isTrusted() const noexcept;
uint256
getSigningHash() const;
void
setTrusted();
void
setUntrusted();
void
setSeen(NetClock::time_point s);
Blob
getSerialized() const;
Blob
getSignature() const;
std::string
render() const
{
std::stringstream ss;
ss << "validation: " << " ledger_hash: " << getLedgerHash()
<< " consensus_hash: " << getConsensusHash()
<< " sign_time: " << to_string(getSignTime())
<< " seen_time: " << to_string(getSeenTime())
<< " signer_public_key: " << getSignerPublic()
<< " node_id: " << getNodeID() << " is_valid: " << isValid()
<< " is_full: " << isFull() << " is_trusted: " << isTrusted()
<< " signing_hash: " << getSigningHash()
<< " base58: " << toBase58(TokenType::NodePublic, getSignerPublic());
return ss.str();
}
private:
static SOTemplate const&
validationFormat();
STBase*
copy(std::size_t n, void* buf) const override;
STBase*
move(std::size_t n, void* buf) override;
friend class detail::STVar;
};
template <class LookupNodeID>
STValidation::STValidation(
SerialIter& sit,
LookupNodeID&& lookupNodeID,
bool checkSignature)
: STObject(validationFormat(), sit, sfValidation)
, signingPubKey_([this]() {
auto const spk = getFieldVL(sfSigningPubKey);
if (publicKeyType(makeSlice(spk)) != KeyType::secp256k1)
Throw<std::runtime_error>("Invalid public key in validation");
return PublicKey{makeSlice(spk)};
}())
, nodeID_(lookupNodeID(signingPubKey_))
{
if (checkSignature && !isValid())
{
JLOG(debugLog().error()) << "Invalid signature in validation: "
<< getJson(JsonOptions::none);
Throw<std::runtime_error>("Invalid signature in validation");
}
XRPL_ASSERT(
nodeID_.isNonZero(),
"ripple::STValidation::STValidation(SerialIter) : nonzero node");
}
/** Construct, sign and trust a new STValidation issued by this node.
@param signTime When the validation is signed
@param publicKey The current signing public key
@param secretKey The current signing secret key
@param nodeID ID corresponding to node's public master key
@param f callback function to "fill" the validation with necessary data
*/
template <typename F>
STValidation::STValidation(
NetClock::time_point signTime,
PublicKey const& pk,
SecretKey const& sk,
NodeID const& nodeID,
F&& f)
: STObject(validationFormat(), sfValidation)
, signingPubKey_(pk)
, nodeID_(nodeID)
, seenTime_(signTime)
{
XRPL_ASSERT(
nodeID_.isNonZero(),
"ripple::STValidation::STValidation(PublicKey, SecretKey) : nonzero "
"node");
// First, set our own public key:
if (publicKeyType(pk) != KeyType::secp256k1)
LogicError("We can only use secp256k1 keys for signing validations");
setFieldVL(sfSigningPubKey, pk.slice());
setFieldU32(sfSigningTime, signTime.time_since_epoch().count());
// Perform additional initialization
f(*this);
// Finally, sign the validation and mark it as trusted:
setFlag(vfFullyCanonicalSig);
setFieldVL(sfSignature, signDigest(pk, sk, getSigningHash()));
setTrusted();
// Check to ensure that all required fields are present.
for (auto const& e : validationFormat())
{
if (e.style() == soeREQUIRED && !isFieldPresent(e.sField()))
LogicError(
"Required field '" + e.sField().getName() +
"' missing from validation.");
}
// We just signed this, so it should be valid.
valid_ = true;
}
inline PublicKey const&
STValidation::getSignerPublic() const noexcept
{
return signingPubKey_;
}
inline NodeID const&
STValidation::getNodeID() const noexcept
{
return nodeID_;
}
inline bool
STValidation::isTrusted() const noexcept
{
return mTrusted;
}
inline void
STValidation::setTrusted()
{
mTrusted = true;
}
inline void
STValidation::setUntrusted()
{
mTrusted = false;
}
inline void
STValidation::setSeen(NetClock::time_point s)
{
seenTime_ = s;
}
} // namespace ripple
#endif
Reference in New Issue View Git Blame Copy Permalink