hashgraph · Neeharika-Sompalli · Nov 8, 2023 · Oct 16, 2023 · Oct 16, 2023 · Oct 16, 2023
@@ -31,6 +31,7 @@
 import com.hedera.hapi.node.base.ResponseCodeEnum;
 import com.hedera.hapi.node.base.SubType;
 import com.hedera.hapi.node.state.token.Account;
+import com.hedera.hapi.node.transaction.TransactionBody;
 import com.hedera.node.app.fees.ExchangeRateManager;
 import com.hedera.node.app.fees.FeeManager;
 import com.hedera.node.app.service.token.ReadableAccountStore;
@@ -123,14 +124,27 @@ public void checkSolvency(
             // FUTURE ('#9550')
             final boolean ingestCheck)
             throws PreCheckException {
+        checkSolvency(txInfo.txBody(), txInfo.payerID(), txInfo.functionality(), account, fees, ingestCheck);
+    }
+
+    public void checkSolvency(
+            @NonNull final TransactionBody txBody,
+            @NonNull final AccountID payerID,
+            @NonNull final HederaFunctionality functionality,
+            @NonNull final Account account,
+            @NonNull final Fees fees,
+            // This is to match mono and pass HapiTest. Should reconsider later.
+            // FUTURE ('#9550')
+            final boolean ingestCheck)
+            throws PreCheckException {
         // Skip solvency check for privileged transactions or superusers
-        if (authorizer.hasWaivedFees(txInfo.payerID(), txInfo.functionality(), txInfo.txBody())) {
+        if (authorizer.hasWaivedFees(payerID, functionality, txBody)) {
             return;
         }
 
         final var totalFee = fees.totalFee();
         final var availableBalance = account.tinybarBalance();
-        final var offeredFee = txInfo.txBody().transactionFee();
+        final var offeredFee = txBody.transactionFee();
         final ResponseCodeEnum insufficientFeeResponseCode;
         if (ingestCheck) { // throw different exception for ingest
             insufficientFeeResponseCode = INSUFFICIENT_PAYER_BALANCE;
@@ -154,9 +168,9 @@ public void checkSolvency(
 
         final long additionalCosts;
         try {
-            final var now = txInfo.txBody().transactionIDOrThrow().transactionValidStartOrThrow();
-            additionalCosts = Math.max(0, estimateAdditionalCosts(txInfo, HapiUtils.asInstant(now)));
-        } catch (NullPointerException ex) {
+            final var now = txBody.transactionIDOrThrow().transactionValidStartOrThrow();
+            additionalCosts = Math.max(0, estimateAdditionalCosts(txBody, functionality, HapiUtils.asInstant(now)));
+        } catch (final NullPointerException ex) {
             // One of the required fields was not present
             throw new InsufficientBalanceException(INVALID_TRANSACTION_BODY, totalFee);
         }
@@ -170,31 +184,34 @@ public void checkSolvency(
 
     // FUTURE: This should be provided by the TransactionHandler:
     // https://github.com/hashgraph/hedera-services/issues/8354
-    private long estimateAdditionalCosts(@NonNull final TransactionInfo txInfo, @NonNull final Instant consensusTime) {
-        return switch (txInfo.functionality()) {
-            case CRYPTO_CREATE -> txInfo.txBody().cryptoCreateAccountOrThrow().initialBalance();
+    private long estimateAdditionalCosts(
+            @NonNull final TransactionBody txBody,
+            @NonNull final HederaFunctionality functionality,
+            @NonNull final Instant consensusTime) {
+        return switch (functionality) {
+            case CRYPTO_CREATE -> txBody.cryptoCreateAccountOrThrow().initialBalance();
             case CRYPTO_TRANSFER -> {
-                if (!txInfo.txBody().cryptoTransferOrThrow().hasTransfers()) {
+                if (!txBody.cryptoTransferOrThrow().hasTransfers()) {
                     yield 0L;
                 }
-                final var payerID = txInfo.txBody().transactionIDOrThrow().accountIDOrThrow();
-                yield -txInfo.txBody().cryptoTransferOrThrow().transfersOrThrow().accountAmountsOrThrow().stream()
+                final var payerID = txBody.transactionIDOrThrow().accountIDOrThrow();
+                yield -txBody.cryptoTransferOrThrow().transfersOrThrow().accountAmountsOrThrow().stream()
                         .filter(aa -> Objects.equals(aa.accountID(), payerID))
                         .mapToLong(AccountAmount::amount)
                         .sum();
             }
             case CONTRACT_CREATE -> {
-                final var contractCreate = txInfo.txBody().contractCreateInstanceOrThrow();
+                final var contractCreate = txBody.contractCreateInstanceOrThrow();
                 yield contractCreate.initialBalance()
                         + contractCreate.gas() * estimatedGasPriceInTinybars(CONTRACT_CREATE, consensusTime);
             }
             case CONTRACT_CALL -> {
-                final var contractCall = txInfo.txBody().contractCallOrThrow();
+                final var contractCall = txBody.contractCallOrThrow();
                 yield contractCall.amount()
                         + contractCall.gas() * estimatedGasPriceInTinybars(CONTRACT_CALL, consensusTime);
             }
             case ETHEREUM_TRANSACTION -> {
-                final var ethTxn = txInfo.txBody().ethereumTransactionOrThrow();
+                final var ethTxn = txBody.ethereumTransactionOrThrow();
                 yield ethTxn.maxGasAllowance();
             }
             default -> 0L;

@@ -16,9 +16,13 @@
 
 package com.hedera.node.app.workflows.handle;
 
+import static com.hedera.hapi.node.base.ResponseCodeEnum.DUPLICATE_TRANSACTION;
+import static com.hedera.hapi.node.base.ResponseCodeEnum.INVALID_SIGNATURE;
 import static com.hedera.node.app.spi.HapiUtils.functionOf;
 import static com.hedera.node.app.spi.workflows.HandleContext.TransactionCategory.CHILD;
 import static com.hedera.node.app.spi.workflows.HandleContext.TransactionCategory.PRECEDING;
+import static com.hedera.node.app.state.HederaRecordCache.DuplicateCheckResult.NO_DUPLICATE;
+import static com.hedera.node.app.state.HederaRecordCache.DuplicateCheckResult.SAME_NODE;
 import static java.util.Objects.requireNonNull;
 
 import com.hedera.hapi.node.base.AccountID;
@@ -62,9 +66,13 @@
 import com.hedera.node.app.spi.workflows.FunctionalityResourcePrices;
 import com.hedera.node.app.spi.workflows.HandleContext;
 import com.hedera.node.app.spi.workflows.HandleException;
+import com.hedera.node.app.spi.workflows.InsufficientNonFeeDebitsException;
+import com.hedera.node.app.spi.workflows.InsufficientServiceFeeException;
 import com.hedera.node.app.spi.workflows.PreCheckException;
 import com.hedera.node.app.spi.workflows.TransactionKeys;
+import com.hedera.node.app.state.HederaRecordCache;
 import com.hedera.node.app.state.WrappedHederaState;
+import com.hedera.node.app.workflows.SolvencyPreCheck;
 import com.hedera.node.app.workflows.TransactionChecker;
 import com.hedera.node.app.workflows.dispatcher.ReadableStoreFactory;
 import com.hedera.node.app.workflows.dispatcher.ServiceApiFactory;
@@ -110,13 +118,14 @@ public class HandleContextImpl implements HandleContext, FeeContext {
     private final ServiceApiFactory serviceApiFactory;
     private final WritableStoreFactory writableStoreFactory;
     private final BlockRecordInfo blockRecordInfo;
-    private final RecordCache recordCache;
+    private final HederaRecordCache recordCache;
     private final FeeAccumulator feeAccumulator;
     private final Function<SubType, FeeCalculator> feeCalculatorCreator;
     private final FeeManager feeManager;
     private final Instant userTransactionConsensusTime;
     private final ExchangeRateManager exchangeRateManager;
     private final Authorizer authorizer;
+    private final SolvencyPreCheck solvencyPreCheck;
 
     private ReadableStoreFactory readableStoreFactory;
     private AttributeValidator attributeValidator;
@@ -145,6 +154,7 @@ public class HandleContextImpl implements HandleContext, FeeContext {
      * @param exchangeRateManager   The {@link ExchangeRateManager} used to obtain exchange rate information
      * @param userTransactionConsensusTime The consensus time of the user transaction, not any child transactions
      * @param authorizer            The {@link Authorizer} used to authorize the transaction
+     * @param solvencyPreCheck      The {@link SolvencyPreCheck} used to validate if the account is able to pay the fees
      */
     public HandleContextImpl(
             @NonNull final TransactionBody txBody,
@@ -163,11 +173,12 @@ public HandleContextImpl(
             @NonNull final TransactionDispatcher dispatcher,
             @NonNull final ServiceScopeLookup serviceScopeLookup,
             @NonNull final BlockRecordInfo blockRecordInfo,
-            @NonNull final RecordCache recordCache,
+            @NonNull final HederaRecordCache recordCache,
             @NonNull final FeeManager feeManager,
             @NonNull final ExchangeRateManager exchangeRateManager,
             @NonNull final Instant userTransactionConsensusTime,
-            @NonNull final Authorizer authorizer) {
+            @NonNull final Authorizer authorizer,
+            @NonNull final SolvencyPreCheck solvencyPreCheck) {
         this.txBody = requireNonNull(txBody, "txBody must not be null");
         this.functionality = requireNonNull(functionality, "functionality must not be null");
         this.payer = requireNonNull(payer, "payer must not be null");
@@ -210,6 +221,7 @@ public HandleContextImpl(
         }
 
         this.exchangeRateManager = requireNonNull(exchangeRateManager, "exchangeRateManager must not be null");
+        this.solvencyPreCheck = requireNonNull(solvencyPreCheck, "solvencyPreCheck must not be null");
     }
 
     private WrappedHederaState current() {
@@ -242,7 +254,7 @@ public Key payerKey() {
 
     @NonNull
     @Override
-    public FeeCalculator feeCalculator(@NonNull SubType subType) {
+    public FeeCalculator feeCalculator(@NonNull final SubType subType) {
         return feeCalculatorCreator.apply(subType);
     }
 
@@ -334,7 +346,8 @@ public ExpiryValidator expiryValidator() {
 
     @NonNull
     @Override
-    public TransactionKeys allKeysForTransaction(@NonNull TransactionBody nestedTxn, @NonNull AccountID payerForNested)
+    public TransactionKeys allKeysForTransaction(
+            @NonNull final TransactionBody nestedTxn, @NonNull final AccountID payerForNested)
             throws PreCheckException {
         dispatcher.dispatchPureChecks(nestedTxn);
         final var nestedContext = new PreHandleContextImpl(
@@ -368,7 +381,7 @@ public SignatureVerification verificationFor(@NonNull final Bytes evmAlias) {
 
     @Override
     public boolean isSuperUser() {
-        return authorizer.isSuperUser(payer);
+        return authorizer.isSuperUser(payer());
     }
 
     @Override
@@ -550,16 +563,16 @@ private void dispatchSyntheticTxn(
             // Synthetic transaction bodies do not have transaction ids, node account
             // ids, and so on; hence we don't need to validate them with the checker
             dispatcher.dispatchPureChecks(txBody);
-        } catch (PreCheckException e) {
+        } catch (final PreCheckException e) {
             childRecordBuilder.status(e.responseCode());
             return;
         }
 
         final var childStack = new SavepointStackImpl(current());
-        HederaFunctionality function;
+        final HederaFunctionality function;
         try {
             function = functionOf(txBody);
-        } catch (UnknownHederaFunctionality e) {
+        } catch (final UnknownHederaFunctionality e) {
             logger.error("Possible bug: unknown function in transaction body", e);
             childRecordBuilder.status(ResponseCodeEnum.INVALID_TRANSACTION_BODY);
             return;
@@ -573,11 +586,26 @@ private void dispatchSyntheticTxn(
             try {
                 childPayerKey =
                         accountStore.getAccountById(transactionID.accountID()).key();
-            } catch (NullPointerException ex) {
+            } catch (final NullPointerException ex) {
                 childRecordBuilder.status(ResponseCodeEnum.INVALID_TRANSACTION_ID);
                 return;
             }
         }
+
+        try {
+            validate(
+                    verifier,
+                    function,
+                    body(),
+                    payer(),
+                    payerKey,
+                    childCategory,
+                    networkInfo().selfNodeInfo().nodeId());
+        } catch (final PreCheckException e) {
+            childRecordBuilder.status(e.responseCode());
+            return;
+        }
+
         final var childContext = new HandleContextImpl(
                 txBody,
                 function,
@@ -599,18 +627,99 @@ private void dispatchSyntheticTxn(
                 feeManager,
                 exchangeRateManager,
                 userTransactionConsensusTime,
-                authorizer);
+                authorizer,
+                solvencyPreCheck);
 
         try {
             dispatcher.dispatchHandle(childContext);
             childRecordBuilder.status(ResponseCodeEnum.SUCCESS);
             childStack.commitFullStack();
-        } catch (HandleException e) {
+        } catch (final HandleException e) {
             childRecordBuilder.status(e.getStatus());
             recordListBuilder.revertChildrenOf(childRecordBuilder);
         }
     }
 
+    private void validate(
+            @NonNull final KeyVerifier verifier,
+            final HederaFunctionality function,
+            final TransactionBody txBody,
+            final AccountID payer,
+            final Key payerKey,
+            final TransactionCategory txCategory,
+            final long nodeID)
+            throws PreCheckException {
+
+        final PreHandleContextImpl preHandleContext;
+
+        preHandleContext = new PreHandleContextImpl(readableStoreFactory(), txBody, payer, configuration(), dispatcher);
+        dispatcher.dispatchPreHandle(preHandleContext);
+
+        // Check for duplicate transactions. It is perfectly normal for there to be duplicates -- it is valid for
+        // a user to intentionally submit duplicates to multiple nodes as a hedge against dishonest nodes, or for
+        // other reasons. If we find a duplicate, we *will not* execute the transaction, we will simply charge
+        // the payer (whether the payer from the transaction or the node in the event of a due diligence failure)
+        // and create an appropriate record to save in state and send to the record stream.
+        final var duplicateCheckResult = recordCache.hasDuplicate(txBody.transactionID(), nodeID);
+        if (duplicateCheckResult != NO_DUPLICATE && duplicateCheckResult != SAME_NODE) {
+            throw new PreCheckException(DUPLICATE_TRANSACTION);
+        }
+
+        // Check the status and solvency of the payer
+        try {
+
+            final var fee = dispatchComputeFees(txBody, payer);
+            final var payerAccount = solvencyPreCheck.getPayerAccount(readableStoreFactory(), payer);
+            solvencyPreCheck.checkSolvency(txBody, payer, functionality, payerAccount, fee, true);
+        } catch (final InsufficientServiceFeeException | InsufficientNonFeeDebitsException e) {
+            throw new PreCheckException(e.responseCode());
+        }
+
+        // Check the time box of the transaction
+        checker.checkTimeBox(txBody, userTransactionConsensusTime);
+
+        // Check if the payer has the required permissions
+        if (!authorizer.isAuthorized(payer, function)) {
+            if (function == HederaFunctionality.SYSTEM_DELETE) {
+                throw new PreCheckException(ResponseCodeEnum.NOT_SUPPORTED);
+            }
+            throw new PreCheckException(ResponseCodeEnum.UNAUTHORIZED);
+        }
+
+        // Check if the transaction is privileged and if the payer has the required privileges
+        final var privileges = authorizer.hasPrivilegedAuthorization(payer, function, txBody);
+        if (privileges == SystemPrivilege.UNAUTHORIZED) {
+            throw new PreCheckException(ResponseCodeEnum.AUTHORIZATION_FAILED);
+        }
+        if (privileges == SystemPrivilege.IMPERMISSIBLE) {
+            throw new PreCheckException(ResponseCodeEnum.ENTITY_NOT_ALLOWED_TO_DELETE);
+        }
+
+        // Skip payer verification when dispatching a child transaction
+        if (!txCategory.equals(CHILD)) {
+            // Check all signature verifications. This will also wait, if validation is still ongoing.
+            final var payerKeyVerification = verifier.verificationFor(payerKey);
+            if (payerKeyVerification.failed()) {
+                throw new PreCheckException(INVALID_SIGNATURE);
+            }
+        }
+
+        // verify all the keys
+        for (final var key : preHandleContext.requiredNonPayerKeys()) {
+            final var verification = verifier.verificationFor(key);
+            if (verification.failed()) {
+                throw new PreCheckException(INVALID_SIGNATURE);
+            }
+        }
+        // If there are any hollow accounts whose signatures need to be verified, verify them
+        for (final var hollowAccount : preHandleContext.requiredHollowAccounts()) {
+            final var verification = verifier.verificationFor(hollowAccount.alias());
+            if (verification.failed()) {
+                throw new PreCheckException(INVALID_SIGNATURE);
+            }
+        }
+    }
+
     @Override
     @NonNull
     public <T> T addChildRecordBuilder(@NonNull final Class<T> recordBuilderClass) {