Skip to content

Commit

Permalink
Merge branch 'manta' into release-v4.2.0-1
Browse files Browse the repository at this point in the history
  • Loading branch information
@ghzlatarev
ghzlatarev committed Jun 26, 2023
2 parents fd73496 + 7cdf806 commit 483a73e
Show file tree
Hide file tree
Showing 19 changed files with 1,025 additions and 92 deletions.
121 changes: 102 additions & 19 deletions .github/workflows/check_tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ env:
AWS_IMAGE_SEARCH_PATTERN: ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*
AWS_IMAGE_SEARCH_OWNERS: '["099720109477"]'
jobs:
start-unit-test-checks:
timeout-minutes: 240
start-integration-test-checks:
timeout-minutes: 480
runs-on: ubuntu-20.04
outputs:
runner-label: ${{ steps.start-self-hosted-runner.outputs.runner-label }}
Expand Down Expand Up @@ -73,23 +73,15 @@ jobs:
protoc --version
curl -s https://sh.rustup.rs -sSf | sh -s -- -y
source ${HOME}/.cargo/env
rustup update
rustup toolchain install nightly-2023-03-03
rustup default nightly-2023-03-03
rustup target add wasm32-unknown-unknown
- name: Run Unit Tests
env:
RUST_BACKTRACE: full
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: 20G
SCCACHE_DIR: /home/runner/.cache/sccache
run: |
source ${HOME}/.cargo/env
RUSTC_BOOTSTRAP=1 cargo test --release --features=runtime-benchmarks,try-runtime --workspace --exclude integration-tests
- name: Run Integration Tests
env:
RUST_BACKTRACE: full
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: 20G
SCCACHE_CACHE_SIZE: 120G
SCCACHE_DIR: /home/runner/.cache/sccache
run: |
source ${HOME}/.cargo/env
Expand All @@ -100,7 +92,7 @@ jobs:
env:
RUST_BACKTRACE: full
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: 20G
SCCACHE_CACHE_SIZE: 120G
SCCACHE_DIR: /home/runner/.cache/sccache
run: |
source ${HOME}/.cargo/env
Expand Down Expand Up @@ -132,9 +124,9 @@ jobs:
await octokit.rest.issues.updateComment({ owner, repo, comment_id: existingComment.id, body: updatedComment });
- name: stop sccache server
run: sccache --stop-server || true
stop-unit-test-checks:
stop-integration-test-checks:
timeout-minutes: 15
needs: start-unit-test-checks
needs: start-integration-test-checks
runs-on: ubuntu-20.04
if: ${{ always() }}
steps:
Expand All @@ -145,9 +137,9 @@ jobs:
github-token: ${{ secrets.SELF_HOSTED_RUNNER_TOKEN }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ needs.start-unit-test-checks.outputs.aws-region }}
runner-label: ${{ needs.start-unit-test-checks.outputs.runner-label }}
aws-instance-id: ${{ needs.start-unit-test-checks.outputs.aws-instance-id }}
aws-region: ${{ needs.start-integration-test-checks.outputs.aws-region }}
runner-label: ${{ needs.start-integration-test-checks.outputs.runner-label }}
aws-instance-id: ${{ needs.start-integration-test-checks.outputs.aws-instance-id }}
- name: discard stopper success/failure
run: true
start-benchmark-checks:
Expand Down Expand Up @@ -216,7 +208,7 @@ jobs:
env:
RUST_BACKTRACE: full
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: 20G
SCCACHE_CACHE_SIZE: 120G
SCCACHE_DIR: /home/runner/.cache/sccache
run: |
RUSTC_BOOTSTRAP=1 cargo run --release --features runtime-benchmarks,try-runtime \
Expand Down Expand Up @@ -246,3 +238,94 @@ jobs:
aws-instance-id: ${{ needs.start-benchmark-checks.outputs.aws-instance-id }}
- name: discard stopper success/failure
run: true
start-unit-test-checks:
timeout-minutes: 480
runs-on: ubuntu-20.04
outputs:
runner-label: ${{ steps.start-self-hosted-runner.outputs.runner-label }}
aws-region: ${{ steps.start-self-hosted-runner.outputs.aws-region }}
aws-instance-id: ${{ steps.start-self-hosted-runner.outputs.aws-instance-id }}
steps:
- id: start-self-hosted-runner
uses: audacious-network/aws-github-runner@v1.0.33
with:
mode: start
github-token: ${{ secrets.SELF_HOSTED_RUNNER_TOKEN }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
aws-instance-type: ${{ env.AWS_INSTANCE_TYPE }}
aws-instance-root-volume-size: ${{ env.AWS_INSTANCE_ROOT_VOLUME_SIZE }}
aws-image-search-pattern: ${{ env.AWS_IMAGE_SEARCH_PATTERN }}
aws-image-search-owners: ${{ env.AWS_IMAGE_SEARCH_OWNERS }}
- uses: actions/checkout@v2
- name: install sccache
env:
SCCACHE_RELEASE_URL: https://github.com/mozilla/sccache/releases/download
SCCACHE_VERSION: v0.2.15
run: |
SCCACHE_FILE=sccache-$SCCACHE_VERSION-x86_64-unknown-linux-musl
mkdir -p $HOME/.local/bin
curl -L "$SCCACHE_RELEASE_URL/$SCCACHE_VERSION/$SCCACHE_FILE.tar.gz" | tar xz
mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache
chmod +x $HOME/.local/bin/sccache
echo "$HOME/.local/bin" >> $GITHUB_PATH
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: cache cargo registry
uses: actions/cache@v2
with:
path: |
~/.cargo/registry
~/.cargo/git
key: cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
cargo-
- name: cache sccache
uses: actions/cache@v2
continue-on-error: false
with:
path: /home/runner/.cache/sccache
key: sccache-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
sccache-
- name: start sccache server
run: sccache --start-server
- name: init
run: |
sudo apt update
sudo apt install -y pkg-config libssl-dev protobuf-compiler
protoc --version
curl -s https://sh.rustup.rs -sSf | sh -s -- -y
source ${HOME}/.cargo/env
rustup update
rustup toolchain install nightly-2023-03-03
rustup default nightly-2023-03-03
rustup target add wasm32-unknown-unknown
- name: Run Unit Tests
env:
RUST_BACKTRACE: full
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: 120G
SCCACHE_DIR: /home/runner/.cache/sccache
run: |
source ${HOME}/.cargo/env
RUSTC_BOOTSTRAP=1 cargo test --release --features=runtime-benchmarks,try-runtime --workspace --exclude integration-tests
- name: stop sccache server
run: sccache --stop-server || true
stop-unit-test-checks:
needs: start-unit-test-checks
runs-on: ubuntu-20.04
if: ${{ always() }}
steps:
- continue-on-error: true
uses: audacious-network/aws-github-runner@v1.0.33
with:
mode: stop
github-token: ${{ secrets.SELF_HOSTED_RUNNER_TOKEN }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ needs.start-integration-test-checks.outputs.aws-region }}
runner-label: ${{ needs.start-integration-test-checks.outputs.runner-label }}
aws-instance-id: ${{ needs.start-integration-test-checks.outputs.aws-instance-id }}
- name: discard stopper success/failure
run: true
4 changes: 2 additions & 2 deletions node/src/chain_specs/calamari.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ pub const KUSAMA_RELAYCHAIN_LOCAL_NET: &str = "kusama-local";
pub const KUSAMA_RELAYCHAIN_DEV_NET: &str = "kusama-dev";

/// The default XCM version to set in genesis config.
pub const SAFE_XCM_VERSION: u32 = 2;
pub const CALAMARI_SAFE_XCM_VERSION: u32 = 2;

/// Calamari Chain Spec
pub type CalamariChainSpec = sc_service::GenericChainSpec<GenesisConfig, Extensions>;
Expand Down Expand Up @@ -233,7 +233,7 @@ fn calamari_dev_genesis(
asset_manager: Default::default(),
parachain_system: Default::default(),
polkadot_xcm: calamari_runtime::PolkadotXcmConfig {
safe_xcm_version: Some(SAFE_XCM_VERSION),
safe_xcm_version: Some(CALAMARI_SAFE_XCM_VERSION),
},
}
}
Expand Down
9 changes: 2 additions & 7 deletions node/src/chain_specs/dolphin.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,9 @@ use session_key_primitives::util::unchecked_account_id;

/// Dolphin Protocol Identifier
pub const DOLPHIN_PROTOCOL_ID: &str = "dolphin";
/// Kusama Relaychain Local Network Identifier
pub const KUSAMA_RELAYCHAIN_LOCAL_NET: &str = "kusama-local";

/// Kusama Relaychain Development Network Identifier
pub const KUSAMA_RELAYCHAIN_DEV_NET: &str = "kusama-dev";

/// The default XCM version to set in genesis config.
const SAFE_XCM_VERSION: u32 = 2;
const DOLPHIN_SAFE_XCM_VERSION: u32 = 2;

/// Specialized `ChainSpec` for the normal parachain runtime.
pub type DolphinChainSpec = sc_service::GenericChainSpec<GenesisConfig, Extensions>;
Expand Down Expand Up @@ -212,7 +207,7 @@ fn dolphin_dev_genesis(
technical_membership: Default::default(),
parachain_system: Default::default(),
polkadot_xcm: dolphin_runtime::PolkadotXcmConfig {
safe_xcm_version: Some(SAFE_XCM_VERSION),
safe_xcm_version: Some(DOLPHIN_SAFE_XCM_VERSION),
},
}
}
Expand Down
4 changes: 2 additions & 2 deletions node/src/chain_specs/manta/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ pub const POLKADOT_RELAYCHAIN_LOCAL_NET: &str = "polkadot-local";
pub const POLKADOT_RELAYCHAIN_DEV_NET: &str = "polkadot-dev";

/// The default XCM version to set in genesis config.
pub const SAFE_XCM_VERSION: u32 = 2;
pub const MANTA_SAFE_XCM_VERSION: u32 = 2;

/// Manta Chain Specification
pub type MantaChainSpec = sc_service::GenericChainSpec<manta_runtime::GenesisConfig, Extensions>;
Expand Down Expand Up @@ -147,7 +147,7 @@ fn manta_devnet_genesis(genesis_collators: Vec<Collator>) -> GenesisConfig {
},
parachain_system: Default::default(),
polkadot_xcm: PolkadotXcmConfig {
safe_xcm_version: Some(SAFE_XCM_VERSION),
safe_xcm_version: Some(MANTA_SAFE_XCM_VERSION),
},
asset_manager: Default::default(),
democracy: DemocracyConfig::default(),
Expand Down
31 changes: 30 additions & 1 deletion pallets/manta-pay/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ pub type FungibleLedgerError = assets::FungibleLedgerError<StandardAssetId, Asse
#[frame_support::pallet]
pub mod pallet {
use super::*;
use sp_runtime::traits::AccountIdConversion;
use sp_runtime::traits::{AccountIdConversion, Zero};

const STORAGE_VERSION: StorageVersion = StorageVersion::new(1);

Expand Down Expand Up @@ -211,6 +211,13 @@ pub mod pallet {
&& post.sink_accounts.is_empty(),
Error::<T>::InvalidShape
);
if !post.receiver_posts[0].utxo.is_transparent {
ensure!(
post.receiver_posts[0].utxo.public_asset == Asset::zero(),
Error::<T>::UnrestrictedPublicAsset
);
}

// Prevent ledger bloat from zero value transactions
for source in post.sources.iter() {
ensure!(
Expand All @@ -236,6 +243,12 @@ pub mod pallet {
&& post.sink_accounts.len() == 1,
Error::<T>::InvalidShape
);
if !post.receiver_posts[0].utxo.is_transparent {
ensure!(
post.receiver_posts[0].utxo.public_asset == Asset::zero(),
Error::<T>::UnrestrictedPublicAsset
);
}
for sink in post.sinks.iter() {
ensure!(asset_value_decode(*sink) > 0u128, Error::<T>::ZeroTransfer);
}
Expand Down Expand Up @@ -270,6 +283,15 @@ pub mod pallet {
&& post.sink_accounts.is_empty(),
Error::<T>::InvalidShape
);
for post in post.receiver_posts.iter() {
if !post.utxo.is_transparent {
ensure!(
post.utxo.public_asset == Asset::zero(),
Error::<T>::UnrestrictedPublicAsset
);
}
}

Self::post_transaction(Some(origin), vec![], vec![], post)
}

Expand Down Expand Up @@ -372,6 +394,13 @@ pub mod pallet {
/// An asset present in this transfer has already been spent.
AssetSpent,

/// UnrestrictedPublicAsset
///
/// The public asset of a receiver post utxo cannot be unrestricted,
/// Otherwise it gives a potential attacker control over the nullifier
/// value for no particular reason
UnrestrictedPublicAsset,

/// Invalid UTXO Accumulator Output
///
/// The sender was constructed on an invalid version of the ledger state.
Expand Down
57 changes: 56 additions & 1 deletion pallets/manta-pay/src/test/payment.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ use crate::{
},
Error, FungibleLedger,
};
use frame_support::{assert_noop, assert_ok};
use frame_support::{assert_noop, assert_ok, sp_runtime::traits::Zero};
use manta_accounting::transfer::test::value_distribution;
use manta_crypto::{
arkworks::constraint::fp::Fp,
Expand Down Expand Up @@ -780,3 +780,58 @@ fn pull_ledger_diff_should_work() {
assert_eq!(runtime_pull_response.senders, decoded_senders);
});
}

/// Unrestricted public assets in receiver posts are not allowed
#[test]
fn unrestricted_public_asset_not_allowed() {
new_test_ext().execute_with(|| {
let mut rng = OsRng;
let total_supply: u128 = rng.gen();
let unrestricted_asset_id = crate::Asset {
id: [1u8; 32],
..Zero::zero()
};
let unrestricted_asset_value = crate::Asset {
value: [1u8; 16],
..Zero::zero()
};

let mut mint = sample_to_private(field_from_id(1), 10, &mut rng);
mint.receiver_posts[0].utxo.public_asset = unrestricted_asset_id;
assert_noop!(
MantaPay::to_private(MockOrigin::signed(ALICE), mint.clone()),
Error::<Test>::UnrestrictedPublicAsset,
);
mint.receiver_posts[0].utxo.public_asset = unrestricted_asset_value;
assert_noop!(
MantaPay::to_private(MockOrigin::signed(ALICE), mint),
Error::<Test>::UnrestrictedPublicAsset,
);

for mut reclaim in reclaim_test(1, total_supply / 2, None, &mut rng) {
reclaim.receiver_posts[0].utxo.public_asset = unrestricted_asset_id;
assert_noop!(
MantaPay::to_public(MockOrigin::signed(ALICE), reclaim.clone()),
Error::<Test>::UnrestrictedPublicAsset,
);
reclaim.receiver_posts[0].utxo.public_asset = unrestricted_asset_value;
assert_noop!(
MantaPay::to_public(MockOrigin::signed(ALICE), reclaim),
Error::<Test>::UnrestrictedPublicAsset,
);
}

for mut private_transfer in private_transfer_test(1, None, &mut rng) {
private_transfer.receiver_posts[0].utxo.public_asset = unrestricted_asset_id;
assert_noop!(
MantaPay::private_transfer(MockOrigin::signed(ALICE), private_transfer.clone()),
Error::<Test>::UnrestrictedPublicAsset,
);
private_transfer.receiver_posts[0].utxo.public_asset = unrestricted_asset_value;
assert_noop!(
MantaPay::private_transfer(MockOrigin::signed(ALICE), private_transfer),
Error::<Test>::UnrestrictedPublicAsset,
);
}
});
}
Loading

0 comments on commit 483a73e

Please sign in to comment.