Skip to content

feat: Canonical sign payload for foreign chain transactions#1998

Merged
netrome merged 3 commits intomainfrom
1992-canonical-sign-payload-for-foreign-chain-transactions
Feb 6, 2026
Merged

feat: Canonical sign payload for foreign chain transactions#1998
netrome merged 3 commits intomainfrom
1992-canonical-sign-payload-for-foreign-chain-transactions

Conversation

@netrome
Copy link
Collaborator

@netrome netrome commented Feb 5, 2026
edited
Loading

Closes #1992

@netrome netrome linked an issue Feb 5, 2026 that may be closed by this pull request
Canonical sign payload for foreign chain transactions #1992
Closed
@netrome netrome force-pushed the 1992-canonical-sign-payload-for-foreign-chain-transactions branch 2 times, most recently from 1901e8c to 498e2b4 Compare February 6, 2026 09:21
@netrome netrome marked this pull request as ready for review February 6, 2026 09:24
gilcu3
gilcu3 previously approved these changes Feb 6, 2026
View reviewed changes
Copy link
Contributor

@gilcu3 gilcu3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

DSharifi
DSharifi requested changes Feb 6, 2026
View reviewed changes
Copy link
Contributor

@DSharifi DSharifi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

One blocker; I don't want expect/unwrap panic for production code that the node depends on.

@netrome netrome force-pushed the 1992-canonical-sign-payload-for-foreign-chain-transactions branch from 5c76a1b to 29e2e19 Compare February 6, 2026 11:14
@netrome netrome marked this pull request as draft February 6, 2026 11:22
@netrome netrome marked this pull request as ready for review February 6, 2026 13:26
@netrome netrome force-pushed the 1992-canonical-sign-payload-for-foreign-chain-transactions branch from d6ef49b to 3d3a8f2 Compare February 6, 2026 13:29
@netrome netrome requested review from DSharifi and gilcu3 February 6, 2026 13:29
@netrome netrome self-assigned this Feb 6, 2026
DSharifi
DSharifi previously approved these changes Feb 6, 2026
View reviewed changes
crates/contract-interface/src/types/foreign_chain.rs
Comment on lines +545 to +547
let mut hasher = sha2::Sha256::new();
borsh::BorshSerialize::serialize(self, &mut hasher)?;
Ok(Hash256(hasher.finalize().into()))
Copy link
Contributor

@DSharifi DSharifi Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I already found a good reason to not have this implementation in the interface type in the long run, unless we are generic over the hasher which is also not necessarily desirable.

On the contract, we should not use sha2 crate, and instead use the host function sha256 which near sdk exports near_sdk::env::sha256. for hashing. This will be much cheaper in terms of gas cost usage.

Copy link
Contributor

@gilcu3 gilcu3 Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah the use of host functions is something that can grant duplicate code, but we can also skip it by checking if we are in wasm or not, or a feature flag, that would include near_sdk to access host functions.

Copy link
Collaborator Author

@netrome netrome Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. It's not obvious that this is more performant since the host function doesn't take a writer as input. It probably is, but let's save that as a follow-up optimization then.

Copy link
Collaborator Author

@netrome netrome Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But that's a very interesting take on the logic vs data structures discussion. You're right that different users may have different implementations of algorithms etc.

Although I still think it's net-positive to expose a reference implementation. Anyone can implement their own but test it against the reference. But I'm all in favor of moving this to another crate.

gilcu3
gilcu3 previously approved these changes Feb 6, 2026
View reviewed changes
Copy link
Contributor

@gilcu3 gilcu3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@netrome netrome dismissed stale reviews from gilcu3 and DSharifi via 02bf552 February 6, 2026 13:52
@netrome netrome force-pushed the 1992-canonical-sign-payload-for-foreign-chain-transactions branch from 02bf552 to 3ae0285 Compare February 6, 2026 13:54
@netrome netrome force-pushed the 1992-canonical-sign-payload-for-foreign-chain-transactions branch from 3ae0285 to d67138d Compare February 6, 2026 14:00
@netrome netrome requested review from DSharifi and gilcu3 February 6, 2026 14:50
@netrome netrome enabled auto-merge February 6, 2026 14:55
@netrome netrome added this pull request to the merge queue Feb 6, 2026
Merged via the queue into main with commit dacc610 Feb 6, 2026
9 checks passed
@netrome netrome deleted the 1992-canonical-sign-payload-for-foreign-chain-transactions branch February 6, 2026 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gilcu3 gilcu3 gilcu3 approved these changes

@DSharifi DSharifi DSharifi approved these changes

Assignees

@netrome netrome

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Canonical sign payload for foreign chain transactions

3 participants

@netrome @gilcu3 @DSharifi