Define AccountId to hold a contract of being valid #2074

frol · 2020-02-03T23:12:50Z

We should leverage strong typing and safety contracts of Rust, and make AccountId type that enforces its validity. This way, we improve node security, especially, around RPC boundary.

…4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves #2074, supersedes #2831. # Testing Plan * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed

…ear#4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves near#2074, supersedes near#2831. # Testing Plan * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed

…4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves #2074, supersedes #2831. * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed

frol · 2021-08-04T13:23:54Z

Just for the future reference, we had to revert the PR due to #4600, and the fix will land in #4621.

# refactor: Introduce strictly typed and assuredly validated AccountId (#4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves #2074, supersedes #2831. * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed # impl workaround for invalid AccessKey-s in genesis records (resolves #4600) * [x] Manually booted a testnet node to ensure genesis loads properly and that no further AccountId-related issues occur. * [x] Ensured unit tests pass with no further updates * [x] Nayduck tests pass without modifications

This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves #2074, supersedes #2831. * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed * [x] Manually booted a testnet node to ensure genesis loads properly and that no further AccountId-related issues occur. * [x] Ensured unit tests pass with no further updates * [x] Nayduck tests pass without modifications

frol added C-enhancement Category: An issue proposing an enhancement or a PR with one. C-housekeeping Category: Refactoring, cleanups, code quality A-testing Area: Unit testing / integration testing A-security Area: Security issues A-RPC Area: rpc labels Feb 3, 2020

frol self-assigned this Feb 3, 2020

frol mentioned this issue Feb 3, 2020

RPC query account information and access keys by a specific block id #2038

Merged

weekly-digest bot mentioned this issue Feb 7, 2020

Weekly Digest (31 January, 2020 - 7 February, 2020) #2108

Closed

frol added the P-low Priority: low label Mar 14, 2020

ilblackdragon added this to the Post MainNet milestone Mar 18, 2020

frol mentioned this issue Apr 11, 2020

Fuzz testing RPC #2422

Open

3 tasks

frol mentioned this issue Jun 10, 2020

feat(core): Defined AccountId to hold a contract of being valid #2831

Closed

MaksymZavershynskyi modified the milestones: Post MainNet, Mainnet Guild 21.09.2020-02.10.2020 Sep 19, 2020

frol mentioned this issue Sep 28, 2020

Restrict Function method names to be only valid identifiers #3386

Open

frol assigned miraclx and unassigned frol Jun 3, 2021

miraclx mentioned this issue Jun 30, 2021

refactor: Introduce strictly typed and assuredly validated AccountId #4440

Merged

3 tasks

bowenwang1996 mentioned this issue Jul 2, 2021

Validate account_id when we parse it in vm-logic. #1266

Closed

near-bulldozer bot closed this as completed in #4440 Jul 29, 2021

miraclx mentioned this issue Aug 2, 2021

refactor: Reintroduce strictly typed AccountId #4621

Merged

6 tasks

frol reopened this Aug 4, 2021

frol closed this as completed in #4621 Aug 5, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Define AccountId to hold a contract of being valid #2074

Define AccountId to hold a contract of being valid #2074

frol commented Feb 3, 2020

frol commented Aug 4, 2021

Define AccountId to hold a contract of being valid #2074

Define AccountId to hold a contract of being valid #2074

Comments

frol commented Feb 3, 2020

frol commented Aug 4, 2021