This repository has been archived by the owner on Aug 2, 2022. It is now read-only.
Add eosio.sudo contract #4429
Merged
Add eosio.sudo contract #4429
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
moskvanaft
suggested changes
Jul 2, 2018
contracts/eosio.sudo/eosio.sudo.cpp
Outdated
| require_auth( executer ); | ||
|
|
||
| size_t trx_pos = ds.tellp(); | ||
| send_deferred( (uint128_t(executer) << 64) | current_time(), executer, buffer+trx_pos, size ); |
There was a problem hiding this comment.
Shouldn't it be size-trx_pos ?
There was a problem hiding this comment.
It should be. Thanks.
In practice, send_deferred is pretty flexible about the size passed in as long as it isn't smaller than the actual size of the serialized transaction data, but indeed size-trx_pos is the correct expression for the argument to pass into this send_deferred call.
moskvanaft
approved these changes
Jul 2, 2018
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #4142.
Adds a new contract (eosio.sudo) that is meant to be deployed to a privileged account
eosio.sudo. This contract provides just one actionexecwhich takes a transaction and schedules it as a deferred transaction while bypassing normal authorization checks (which it can do since it is on a privileged account).It does however check for authorization of itself (as well as authorization of the
executer). The idea is that theeosio.sudoaccount should have its permissions set up like all the othereosio.*accounts: satisfied entirely by theactivepermission of theeosioaccount, which in turn is fully satisfied by theactivepermission of theeosio.prodsaccount. Effectively, it means that only a greater than two-thirds supermajority of the active block producers are able to use theeosio.sudo::execaction to execute any transaction while bypassing all regular authorization checks.This PR also includes tests related to the eosio.sudo contract, including testing the ability to propose a transaction that uses
eosio.sudo::execvia the eosio.msig contract.Also, @moskvanaft's changes to cleos to add the
cleos multisig propose_trxaccount were added into this PR as well (those changes were originally meant for the v1.1 release) because it would be infeasible to deploy and use the eosio.sudo contract without it.