Paych actor: Drop account req, use AuthenticateMessage to verify sigs #824
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## integration/builtin-api #824 +/- ##
==========================================================
Coverage ? 88.19%
==========================================================
Files ? 96
Lines ? 19884
Branches ? 0
==========================================================
Hits ? 17537
Misses ? 2347
Partials ? 0 |
anorth
requested changes
Nov 11, 2022
There was a problem hiding this comment.
this PR makes it possible to supply to/from ID addresses that don't actually exist in state at the time of paych creation.
We need to decide if this is something we want, or is undesirable.
I think it's undesirable. It's almost certainly an error from the caller, so a regression in functionality here.
actors/paych/src/ext.rs
Outdated
| pub mod account { | ||
| use super::*; | ||
|
|
||
| pub const AUTHENTICATE_MESSAGE_METHOD: u64 = 3; |
There was a problem hiding this comment.
This should use the exported frc42 method number in order to support other actors.
There was a problem hiding this comment.
Quite right, thank you.
actors/paych/src/lib.rs
Outdated
| // Resolve both parties if necessary. | ||
| // Note that this does NOT guarantee that the parties exist in state yet. | ||
| let to = | ||
| rt.resolve_address(¶ms.to).with_context_code(ExitCode::USR_NOT_FOUND, || { |
There was a problem hiding this comment.
The prior code returned USR_ILLEGAL_ARGUMENT here (in resolve_to_actor_id as well as if the actor type was wrong). The FRC46 token uses USR_NOT_FOUND.
In the first instance, I think it's better not to change behaviour right now, so use ILLEGAL_ARGUMENT. However, this address resolution thing strikes me as fundamental enough that maybe we should dedicate a new user exit code for it? Let's discuss in Slack.
Comment on lines
376
to
387
| rt.expect_send( | ||
| payer_addr, | ||
| AUTHENTICATE_MESSAGE_METHOD, | ||
| RawBytes::serialize(AuthenticateMessageParams { | ||
| signature: sv.clone().signature.unwrap().bytes, | ||
| message: sv.signing_bytes().unwrap(), | ||
| }) | ||
| .unwrap(), | ||
| TokenAmount::zero(), | ||
| RawBytes::default(), | ||
| ExitCode::OK, | ||
| ); |
There was a problem hiding this comment.
This block is duplicated enough to pull out to a helper function
|
FYI @Stebalien |
arajasek
force-pushed
the
asr/paych-accounts
branch
from
aaf1837
to
2840559
Compare
anorth
reviewed
Nov 15, 2022
actors/paych/src/lib.rs
Outdated
| // if raw was an ID address, we need to confirm that it actually exists in the state tree | ||
| Protocol::ID => { | ||
| let resolved = raw.id().map_err(|_| { | ||
| actor_error!(illegal_state, "failed to convert ID address to ID") |
There was a problem hiding this comment.
Nit: Just unwrap() this, we do it everywhere. I think if it deserialized and has ID protocol, this should not fail.
actors/paych/src/lib.rs
Outdated
| format!("no code for address {}", raw) | ||
| }) | ||
| } | ||
| // just resolve all other cases, will fail if not in state tree |
There was a problem hiding this comment.
I don't believe this. Knowing that the Init actor has one map of Address -> ID and another ID -> State, I would expect only the former to be inspected when resolving an address.
When we delete an actor, the address mapping remains but the actor state is deleted. Since the actor doesn't exist any more, I think we want this to fail to resolve in this use case (ref)
I get a sense you were trying to avoid get_actor_code_cid, but I really do think it's the perfect thing. The prior structure of (1) resolve to an ID address, then (2) check the actor exists (has code) was better.
| /// ResolveToActorID resolves the given address to it's actor ID. | ||
| /// If an actor ID for the given address dosen't exist yet, it tries to create one by sending | ||
| /// ResolveToActorID resolves the given address to its actor ID. | ||
| /// If an actor ID for the given address doesn't exist yet, it tries to create one by sending |
arajasek
force-pushed
the
asr/paych-accounts
branch
from
71194a8
to
fcc43c4
Compare
anorth
approved these changes
Nov 16, 2022
arajasek
added a commit
that referenced
this pull request
Nov 16, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 16, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 17, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 17, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 17, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 21, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 23, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 27, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 28, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 28, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 29, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 30, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Nov 30, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Dec 5, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Dec 7, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
vyzo
pushed a commit
that referenced
this pull request
Dec 7, 2022
* Remove the market actor state mutation pattern (#734) Fixes #656 * Proof of concept exported API for Account actor (#797) * Export stable methods for public access (#807) * Export Datacap Actor methods * Export Init Actor methods * Export Market Actor methods * Export Miner Actor methods * Export Multisig Actor methods * Export Verifreg Actor methods * Address review * Restrict internal APIs of all actors (#809) * Exported API method for market actor escrow/locked balance (#812) * Power actor: Add exported getters for raw power (#810) * Power actor: Add exported getters for raw power * FRC-XXXX is FRC-0042 * Power actor: network_raw_power: Return this_epoch_raw_byte_power * Power actor: miner_raw_power: Return whether above consensus min power * Power actor: types: serialize one-element structs transparently * Address review * Miner actor: Add exported getters for info and monies (#811) * Miner actor: Add exported getters for info and monies * Tweak comment * Miner actor: Replace GetWorker and GetControls with IsControllingAddress * Miner actor: Add exported GetAvailableBalance * Miner actor: Add exported GetVestingFunds * Miner actor: Remove exported monies getters * Miner actor: types: serialize one-element structs transparently * Address review * Address review * Built-in market API for deal proposal metadata (#818) * Call exported authenticate method from PSD (#829) Co-authored-by: zenground0 <[email protected]> * Drop CALLER_TYPES_SIGNABLE and signable caller validation (#821) * Market actor: Minor improvements to two exported getters (#826) * Market actor: GetDealTermExported: Return (start_epoch, duration) * Market actor: Export getter for deal total price * Exported API for market deal activation state (#819) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs (#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review * Account actor: Deprecate AuthenticateMessage (#856) * Market actor: Export PublishStorageDeals (#857) * Miner: Export several more methods (#863) * Miner: Export ChangeWorkerAddress * Miner: Export ChangePeerID * Miner: Export WithdrawBalance * Miner: Export ChangeMultiaddrs * Miner: Export ConfirmUpdateWorkerKey * Miner: Export RepayDebt * Miner: Export ChangeOwnerAddress * Miner: Add exported getters for PeerID & multiaddrs * Miner: Refactor: Rename ConfirmUpdateWorkerKey to ConfirmChangeWorkerAddress * Power actor: Export methods to CreateMiner and get miner counts (#868) * Power: Export CreateMiner * Power Actor: Export MinerCount and MinerConsensusCount * Update actors/power/src/lib.rs Co-authored-by: Alex <[email protected]> Co-authored-by: Alex <[email protected]> * Verifreg: Export AddVerifiedClient and GetClaims (#873) * Verifreg: Rename AddVerifierClientParams to AddVerifiedClientParams * Verifreg: Export AddVerifiedClient and GetClaims * Datacap actor: Modify exported methods (#909) * Datacap: Export Mint and Destroy * Datacap actor: Deprecate all internal methods * Datacap actor: Rename BalanceOf to Balance * Datacap actor: Add Granularity method * fix: comments on newly exported methods (#910) Co-authored-by: RK <[email protected]> Co-authored-by: Alex <[email protected]> Co-authored-by: ZenGround0 <[email protected]> Co-authored-by: zenground0 <[email protected]>
arajasek
added a commit
that referenced
this pull request
Dec 11, 2022
…#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
arajasek
added a commit
that referenced
this pull request
Jan 12, 2023
* Proof of concept exported API for Account actor (#797) * Export stable methods for public access (#807) * Export Datacap Actor methods * Export Init Actor methods * Export Market Actor methods * Export Miner Actor methods * Export Multisig Actor methods * Export Verifreg Actor methods * Address review * Restrict internal APIs of all actors (#809) * Exported API method for market actor escrow/locked balance (#812) * Power actor: Add exported getters for raw power (#810) * Power actor: Add exported getters for raw power * FRC-XXXX is FRC-0042 * Power actor: network_raw_power: Return this_epoch_raw_byte_power * Power actor: miner_raw_power: Return whether above consensus min power * Power actor: types: serialize one-element structs transparently * Address review * Miner actor: Add exported getters for info and monies (#811) * Miner actor: Add exported getters for info and monies * Tweak comment * Miner actor: Replace GetWorker and GetControls with IsControllingAddress * Miner actor: Add exported GetAvailableBalance * Miner actor: Add exported GetVestingFunds * Miner actor: Remove exported monies getters * Miner actor: types: serialize one-element structs transparently * Address review * Address review * Built-in market API for deal proposal metadata (#818) * Call exported authenticate method from PSD (#829) Co-authored-by: zenground0 <[email protected]> * Drop CALLER_TYPES_SIGNABLE and signable caller validation (#821) * Market actor: Minor improvements to two exported getters (#826) * Market actor: GetDealTermExported: Return (start_epoch, duration) * Market actor: Export getter for deal total price * Exported API for market deal activation state (#819) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs (#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review * Account actor: Deprecate AuthenticateMessage (#856) * Market actor: Export PublishStorageDeals (#857) * Miner: Export several more methods (#863) * Miner: Export ChangeWorkerAddress * Miner: Export ChangePeerID * Miner: Export WithdrawBalance * Miner: Export ChangeMultiaddrs * Miner: Export ConfirmUpdateWorkerKey * Miner: Export RepayDebt * Miner: Export ChangeOwnerAddress * Miner: Add exported getters for PeerID & multiaddrs * Miner: Refactor: Rename ConfirmUpdateWorkerKey to ConfirmChangeWorkerAddress * Power actor: Export methods to CreateMiner and get miner counts (#868) * Power: Export CreateMiner * Power Actor: Export MinerCount and MinerConsensusCount * Update actors/power/src/lib.rs Co-authored-by: Alex <[email protected]> Co-authored-by: Alex <[email protected]> * Verifreg: Export AddVerifiedClient and GetClaims (#873) * Verifreg: Rename AddVerifierClientParams to AddVerifiedClientParams * Verifreg: Export AddVerifiedClient and GetClaims * Datacap actor: Modify exported methods (#909) * Datacap: Export Mint and Destroy * Datacap actor: Deprecate all internal methods * Datacap actor: Rename BalanceOf to Balance * Datacap actor: Add Granularity method * fix: comments on newly exported methods (#910) * Miner: Export method to GetPendingOwner * MarketNotifyDeal (#944) Co-authored-by: zenground0 <[email protected]> * Verifreg: Call AuthenticateMessage instead of validating siggys * Multisig: Do not export any functionality (#967) * use const for EX_DEAL_EXPIRED (#954) * Address review Co-authored-by: Alex <[email protected]> Co-authored-by: ZenGround0 <[email protected]> Co-authored-by: zenground0 <[email protected]> Co-authored-by: Shashank <[email protected]>
shamb0
pushed a commit
to shamb0/builtin-actors
that referenced
this pull request
Jan 31, 2023
…filecoin-project#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review
shamb0
pushed a commit
to shamb0/builtin-actors
that referenced
this pull request
Jan 31, 2023
…ecoin-project#1004) * Proof of concept exported API for Account actor (filecoin-project#797) * Export stable methods for public access (filecoin-project#807) * Export Datacap Actor methods * Export Init Actor methods * Export Market Actor methods * Export Miner Actor methods * Export Multisig Actor methods * Export Verifreg Actor methods * Address review * Restrict internal APIs of all actors (filecoin-project#809) * Exported API method for market actor escrow/locked balance (filecoin-project#812) * Power actor: Add exported getters for raw power (filecoin-project#810) * Power actor: Add exported getters for raw power * FRC-XXXX is FRC-0042 * Power actor: network_raw_power: Return this_epoch_raw_byte_power * Power actor: miner_raw_power: Return whether above consensus min power * Power actor: types: serialize one-element structs transparently * Address review * Miner actor: Add exported getters for info and monies (filecoin-project#811) * Miner actor: Add exported getters for info and monies * Tweak comment * Miner actor: Replace GetWorker and GetControls with IsControllingAddress * Miner actor: Add exported GetAvailableBalance * Miner actor: Add exported GetVestingFunds * Miner actor: Remove exported monies getters * Miner actor: types: serialize one-element structs transparently * Address review * Address review * Built-in market API for deal proposal metadata (filecoin-project#818) * Call exported authenticate method from PSD (filecoin-project#829) Co-authored-by: zenground0 <[email protected]> * Drop CALLER_TYPES_SIGNABLE and signable caller validation (filecoin-project#821) * Market actor: Minor improvements to two exported getters (filecoin-project#826) * Market actor: GetDealTermExported: Return (start_epoch, duration) * Market actor: Export getter for deal total price * Exported API for market deal activation state (filecoin-project#819) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs (filecoin-project#824) * Paych actor: Drop account req, use AuthenticateMessage to verify sigs * Address review * Address review * Account actor: Deprecate AuthenticateMessage (filecoin-project#856) * Market actor: Export PublishStorageDeals (filecoin-project#857) * Miner: Export several more methods (filecoin-project#863) * Miner: Export ChangeWorkerAddress * Miner: Export ChangePeerID * Miner: Export WithdrawBalance * Miner: Export ChangeMultiaddrs * Miner: Export ConfirmUpdateWorkerKey * Miner: Export RepayDebt * Miner: Export ChangeOwnerAddress * Miner: Add exported getters for PeerID & multiaddrs * Miner: Refactor: Rename ConfirmUpdateWorkerKey to ConfirmChangeWorkerAddress * Power actor: Export methods to CreateMiner and get miner counts (filecoin-project#868) * Power: Export CreateMiner * Power Actor: Export MinerCount and MinerConsensusCount * Update actors/power/src/lib.rs Co-authored-by: Alex <[email protected]> Co-authored-by: Alex <[email protected]> * Verifreg: Export AddVerifiedClient and GetClaims (filecoin-project#873) * Verifreg: Rename AddVerifierClientParams to AddVerifiedClientParams * Verifreg: Export AddVerifiedClient and GetClaims * Datacap actor: Modify exported methods (filecoin-project#909) * Datacap: Export Mint and Destroy * Datacap actor: Deprecate all internal methods * Datacap actor: Rename BalanceOf to Balance * Datacap actor: Add Granularity method * fix: comments on newly exported methods (filecoin-project#910) * Miner: Export method to GetPendingOwner * MarketNotifyDeal (filecoin-project#944) Co-authored-by: zenground0 <[email protected]> * Verifreg: Call AuthenticateMessage instead of validating siggys * Multisig: Do not export any functionality (filecoin-project#967) * use const for EX_DEAL_EXPIRED (filecoin-project#954) * Address review Co-authored-by: Alex <[email protected]> Co-authored-by: ZenGround0 <[email protected]> Co-authored-by: zenground0 <[email protected]> Co-authored-by: Shashank <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Part of #424.
In addition to obviating the need for Paych to/from addresses to be accounts, this also removes the need for them to exist in state at the time of creation -- this PR makes it possible to supply to/from ID addresses that don't actually exist in state at the time of paych creation.
We need to decide if this is something we want, or is undesirable. If the latter, we probably want a new syscall to check for ID addrs existing in state (we could achieve this by misusing existing syscalls, but I would prefer not to).