Endpoint to parse contract imports and pragmas #103

davidyuk · 2022-08-29T19:21:55Z

I need to compile a contract created by user, it may contain some imports of files that I should pass to compiler in file_system option. I have access to file system, but I don't know what files imported. For privacy reasons I may not want to pass all local files in file_system option, also I don't want to implement an import parser as an error-prone approach. So I need an endpoint that accepts a single sophia file and return an array of its imports.

Additionally, would be nice to have a way to distinguish imports defined by language (a standard library?) and that ones that should be accessible in a local filesystem.

Pragmas parsing would help to identify a compatible compiler in case multiple available.

For example, for code:

@compiler >= 5

include "Option.aes"
include "String.aes"

contract FungibleTokenFull =
...

It should return something like this:

{
  "includes": ["Option.aes", "String.aes"],
  "pragmas": {
    "compiler": [["gte", 5]]
  }
}

The text was updated successfully, but these errors were encountered:

davidyuk · 2022-08-29T19:25:30Z

Then a malicious compiler can return something like "includes": ["~/.ssh/id_rsa"] and potentially get this file in file_system options. I don't know what's wrong with this architecture.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Endpoint to parse contract imports and pragmas #103

Endpoint to parse contract imports and pragmas #103

davidyuk commented Aug 29, 2022

davidyuk commented Aug 29, 2022

Endpoint to parse contract imports and pragmas #103

Endpoint to parse contract imports and pragmas #103

Comments

davidyuk commented Aug 29, 2022

davidyuk commented Aug 29, 2022