refactor: Introduce strictly typed and assuredly validated AccountId #4440
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
miraclx
requested review from
ailisp,
artob,
bowenwang1996,
chefsale,
EgorKulikov,
frankbraun,
frol,
khorolets,
matklad,
mfornet,
MaksymZavershynskyi,
olonho and
pmnoxx
as code owners
|
Since we now preemptively perform account ID validation, cases like these are ensured and extra testing is unnecessarily redundant. However, this, in turn, leads to having variants like nearcore/core/primitives/src/errors.rs Line 119 in a6bf293 Would be nice if we could clean that up a bit, without breaking a lot. |
|
Also, throughout the repo, a debug view has been used on As an example:
We could manually impl I bring this up because it's one of the issues with failing tests in CI snapshot (CI)---- adapters::tests::test_convert_block_changes_to_transactions stdout ----
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Snapshot Differences ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Snapshot file: chain/rosetta-rpc/src/adapters/snapshots/near_rosetta_rpc__adapters__tests__validators_update_transaction.snap
Snapshot: validators_update_transaction
Source: chain/rosetta-rpc/src/adapters/mod.rs:992
-old snapshot
+new results
────────────────────────────────────────────────────────────────────────────────
validators_update_transaction
────────────┬───────────────────────────────────────────────────────────────────
12 12 │ status: Some(
13 13 │ Success,
14 14 │ ),
15 15 │ account: AccountIdentifier {
- 16 │- address: "nfvalidator1.near",
+ 16 │+ address: AccountId(
+ 17 │+ "nfvalidator1.near",
+ 18 │+ ),
17 19 │ sub_account: None,
18 20 │ },
19 21 │ amount: Some(
20 22 │ Amount {
┈┈┈┈┈┈┈┈┈┈┈┈┼┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈
37 39 │ status: Some(
38 40 │ Success,
39 41 │ ),
40 42 │ account: AccountIdentifier {
- 41 │- address: "nfvalidator2.near",
+ 43 │+ address: AccountId(
+ 44 │+ "nfvalidator2.near",
+ 45 │+ ),
42 46 │ sub_account: None,
43 47 │ },
44 48 │ amount: Some(
45 49 │ Amount {
────────────┴───────────────────────────────────────────────────────────────────
thread 'adapters::tests::test_convert_block_changes_to_transactions' panicked at 'snapshot assertion for 'validators_update_transaction' failed in line 992', /var/lib/buildkite-agent/.cargo/registry/src/github.com-1ecc6299db9ec823/insta-1.6.3/src/runtime.rs:1026:9 |
|
Also, cc @chefsale Or should I engineer a workaround within this PR? |
miraclx
added
A-security
|
So, the CI machines are destroyed on every run, so we don't store the keys, but rather generate them on every run. I believe the issue is rather caused by some code change where we have missed something. I assume this failure comes from account ids being invalid and this is throwing an error now? I assume there is some part of code which generates this node key which we need to adapt. cc: @bowenwang1996 @frol Also just to verify we do not change the account id structure in the current generated key json files at all, but just have this additional check? If we do, we should ensure to be backwards compatible. |
chefsale
suggested changes
Jun 30, 2021
miraclx
commented
Jun 30, 2021
miraclx
force-pushed
the
strict-account-id-validity
branch
from
d2ac817
to
4a830d6
Compare
khorolets
approved these changes
Jul 28, 2021
ailisp
reviewed
Jul 28, 2021
|
|
||
| let n = 1; | ||
| let mut receipts = generate_receipts(small_transfer, n); | ||
| let invalid_account_id = "Invalid".to_string(); |
There was a problem hiding this comment.
Cool these errors are statically prevented
ailisp
reviewed
Jul 28, 2021
| } | ||
| // We retain these checks here as to maintain backwards compatibility | ||
| // with AccountId validation since we illegally parse an AccountId | ||
| // in near-vm-logic/logic.rs#fn(VMLogic::read_and_parse_account_id) |
ailisp
approved these changes
Jul 28, 2021
bowenwang1996
approved these changes
Jul 28, 2021
chefsale
approved these changes
Jul 28, 2021
mfornet
approved these changes
Jul 28, 2021
matklad
approved these changes
Jul 29, 2021
frol
changed the title
miraclx
added a commit
to miraclx/nearcore
that referenced
this pull request
Aug 2, 2021
…ear#4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves near#2074, supersedes near#2831. # Testing Plan * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed
miraclx
added a commit
that referenced
this pull request
Aug 2, 2021
…4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves #2074, supersedes #2831. * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed
6 tasks
frol
pushed a commit
that referenced
this pull request
Aug 5, 2021
# refactor: Introduce strictly typed and assuredly validated AccountId (#4440) This PR introduces a strictly typed structure - `AccountId` that enforces account ID validation. This way, we can ensure validity and thereby fail fast before an invalid account name is used. This also, optionally, ensures validation on {,de}serialization so, yeah.. The structure is defined within its own self-contained crate `near-account-id` to allow for easy publishing. The extra dependencies - `borsh`, `serde` are made optional to allow the crate to be lightweight enough to be depended upon. Within `nearcore`, the structure is reexported via `near_primitives::AccountId` and the crate via `near_primitives{,_core}::account::id` with default features (`borsh`, `serde`) but you can opt-out of those by depending on it directly. Resolves #2074, supersedes #2831. * [x] Existing unit tests pass with minor updates * [x] Nayduck tests pass without modifications * [x] Manually ensured that the protocol is not changed # impl workaround for invalid AccessKey-s in genesis records (resolves #4600) * [x] Manually booted a testnet node to ensure genesis loads properly and that no further AccountId-related issues occur. * [x] Ensured unit tests pass with no further updates * [x] Nayduck tests pass without modifications
near-bulldozer bot
pushed a commit
that referenced
this pull request
Dec 5, 2022
Fixes the following clippy error:
```
error: the since field must contain a semver-compliant version
--> core/account-id/src/lib.rs:302:18
|
302 | #[deprecated(since = "#4440", note = "AccountId construction without validation is illegal")]
| ^^^^^^^^^^^^^^^
|
= note: `#[deny(clippy::deprecated_semver)]` on by default
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#deprecated_semver
```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR introduces a strictly typed structure -
AccountIdthat enforces account ID validation.This way, we can ensure validity and thereby fail fast before an invalid account name is used.
This also, optionally, ensures validation on {,de}serialization so, yeah..
The structure is defined within its own self-contained crate
near-account-idto allow for easy publishing.The extra dependencies -
borsh,serdeare made optional to allow the crate to be lightweight enough to be depended upon.Within
nearcore, the structure is reexported vianear_primitives::AccountIdand the crate vianear_primitives{,_core}::account::idwith default features (borsh,serde) but you can opt-out of those by depending on it directly.Resolves #2074, supersedes #2831.
Testing Plan