Skip to content

Commit

Permalink
Merge pull request #1999 from radixdlt/tweak/various-markups-cuttlefish
Browse files Browse the repository at this point in the history
tweak: Markups for #1910, and some auth-zone neatenings
  • Loading branch information
iamyulong authored Nov 26, 2024
2 parents da59609 + 183207f commit ebe8dc2
Show file tree
Hide file tree
Showing 10 changed files with 226 additions and 98 deletions.
10 changes: 7 additions & 3 deletions radix-common/src/types/non_fungible_global_id.rs
Original file line number Diff line number Diff line change
Expand Up @@ -110,9 +110,13 @@ impl From<BlueprintId> for GlobalCaller {
}

impl GlobalCaller {
// Check if actor is a frame-owned object.
// See auth_module.rs for details.
pub fn is_frame_owned(&self) -> bool {
/// Due to a workaround in SystemV1, frame-owned objects were inadvertently assigned a `GlobalCaller`,
/// and for backwards compatibility had it replaced by `FRAME_OWNED_GLOBAL_MARKER`.
///
/// This function checks for that marker, to verify if the `GlobalCaller` is valid.
///
/// See auth_module.rs for more details.
pub fn is_actually_frame_owned(&self) -> bool {
match self {
GlobalCaller::GlobalObject(x) => x.eq(&FRAME_OWNED_GLOBAL_MARKER),
GlobalCaller::PackageBlueprint(_) => false,
Expand Down
2 changes: 2 additions & 0 deletions radix-engine-tests/assets/blueprints/steal/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ mod steal {
// It is assumed that the same account signed the transaction.
pub fn steal_from_account(&mut self, address: ComponentAddress) {
// Instantiate owned component and call it's methods while they are still owned.
// NOTE: This attack concept doesn't work if the child component was loaded from the substate
// store because it gets a `ReferenceOrigin::Global` instead of `ReferenceOrigin::FrameOwned`
let child_component = steal_child::StealChild::child_create();

let bucket = child_component.child_steal_from_account(address);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,30 +5,42 @@ use radix_engine_interface::blueprints::resource::*;
pub struct AuthZone {
pub proofs: Vec<Proof>,

// Virtualized resources, note that one cannot create proofs with virtual resources but only be used for AuthZone checks
pub simulate_all_proofs_under_resources: BTreeSet<ResourceAddress>,
pub implicit_non_fungible_proofs: BTreeSet<NonFungibleGlobalId>,

pub direct_caller_package_address: Option<PackageAddress>,
pub global_caller: Option<(GlobalCaller, Reference)>,

pub parent: Option<Reference>,
}

#[derive(ScryptoSbor)]
#[sbor(type_name = "AuthZone")]
/// This is just the same as `AuthZone`, but with old field names.
/// This allows us to have a fixed genesis schema for the resource package.
pub struct GenesisSchemaAuthZone {
pub proofs: Vec<Proof>,
pub virtual_resources: BTreeSet<ResourceAddress>,
pub virtual_non_fungibles: BTreeSet<NonFungibleGlobalId>,

pub local_caller_package_address: Option<PackageAddress>,
pub global_caller: Option<(GlobalCaller, Reference)>,

pub parent: Option<Reference>,
}

impl AuthZone {
pub fn new(
proofs: Vec<Proof>,
virtual_resources: BTreeSet<ResourceAddress>,
virtual_non_fungibles: BTreeSet<NonFungibleGlobalId>,
local_caller_package_address: Option<PackageAddress>,
simulate_all_proofs_under_resources: BTreeSet<ResourceAddress>,
implicit_non_fungible_proofs: BTreeSet<NonFungibleGlobalId>,
direct_caller_package_address: Option<PackageAddress>,
global_caller: Option<(GlobalCaller, Reference)>,
parent: Option<Reference>,
) -> Self {
Self {
proofs,
virtual_resources,
virtual_non_fungibles,
local_caller_package_address,
simulate_all_proofs_under_resources,
implicit_non_fungible_proofs,
direct_caller_package_address,
global_caller,
parent,
}
Expand All @@ -38,34 +50,34 @@ impl AuthZone {
&self.proofs
}

pub fn virtual_resources(&self) -> &BTreeSet<ResourceAddress> {
&self.virtual_resources
pub fn simulate_all_proofs_under_resources(&self) -> &BTreeSet<ResourceAddress> {
&self.simulate_all_proofs_under_resources
}

pub fn virtual_non_fungibles(&self) -> &BTreeSet<NonFungibleGlobalId> {
&self.virtual_non_fungibles
pub fn implicit_non_fungible_proofs(&self) -> &BTreeSet<NonFungibleGlobalId> {
&self.implicit_non_fungible_proofs
}

pub fn local_virtual_non_fungibles(&self) -> BTreeSet<NonFungibleGlobalId> {
let mut virtual_proofs = BTreeSet::new();
pub fn local_implicit_non_fungible_proofs(&self) -> BTreeSet<NonFungibleGlobalId> {
let mut local_implicit_non_fungible_proofs = BTreeSet::new();

// Local Caller package address
if let Some(local_package_address) = self.local_caller_package_address {
if let Some(local_package_address) = self.direct_caller_package_address {
let non_fungible_global_id =
NonFungibleGlobalId::package_of_direct_caller_badge(local_package_address);
virtual_proofs.insert(non_fungible_global_id);
local_implicit_non_fungible_proofs.insert(non_fungible_global_id);
}

// Global Caller
if let Some((global_caller, _global_caller_reference)) = &self.global_caller {
if !global_caller.is_frame_owned() {
if !global_caller.is_actually_frame_owned() {
let non_fungible_global_id =
NonFungibleGlobalId::global_caller_badge(global_caller.clone());
virtual_proofs.insert(non_fungible_global_id);
local_implicit_non_fungible_proofs.insert(non_fungible_global_id);
}
}

virtual_proofs
local_implicit_non_fungible_proofs
}

pub fn push(&mut self, proof: Proof) {
Expand All @@ -77,9 +89,9 @@ impl AuthZone {
}

pub fn remove_signature_proofs(&mut self) {
self.virtual_resources
self.simulate_all_proofs_under_resources
.retain(|x| x != &SECP256K1_SIGNATURE_RESOURCE && x != &ED25519_SIGNATURE_RESOURCE);
self.virtual_non_fungibles.retain(|x| {
self.implicit_non_fungible_proofs.retain(|x| {
x.resource_address() != SECP256K1_SIGNATURE_RESOURCE
&& x.resource_address() != ED25519_SIGNATURE_RESOURCE
});
Expand Down
2 changes: 1 addition & 1 deletion radix-engine/src/blueprints/resource/package.rs
Original file line number Diff line number Diff line change
Expand Up @@ -798,7 +798,7 @@ impl ResourceNativePackage {

let mut fields = Vec::new();
fields.push(FieldSchema::static_field(
aggregator.add_child_type_and_descendents::<AuthZone>(),
aggregator.add_child_type_and_descendents::<GenesisSchemaAuthZone>(),
));

let mut functions = index_map_new();
Expand Down
9 changes: 9 additions & 0 deletions radix-engine/src/system/actor.rs
Original file line number Diff line number Diff line change
Expand Up @@ -69,12 +69,21 @@ pub struct BlueprintHookActor {

#[derive(Debug, Clone, ScryptoSbor, PartialEq, Eq)]
pub enum Actor {
/// In System V1, there was an explicit call to initialize the transaction processor.
/// This call has to have an actor making the call, which is the Root.
///
/// From V2 onwards, we don't have an explicit function call to initialize the transaction
/// processor - but we still temporarily set a CallFrameInit with a `Root` actor.
/// This is used to set up the initial AuthZone in [`MultiThreadIntentProcessor::init`].
///
/// [`MultiThreadIntentProcessor::init`]: crate::system::transaction::multithread_intent_processor::MultiThreadIntentProcessor::init
Root,
Method(MethodActor),
Function(FunctionActor),
BlueprintHook(BlueprintHookActor),
}

// This is only used by `kernel_create_kernel_for_testing` in the testing framework.
impl Default for Actor {
fn default() -> Self {
Self::Root
Expand Down
7 changes: 7 additions & 0 deletions radix-engine/src/system/system_callback.rs
Original file line number Diff line number Diff line change
Expand Up @@ -246,6 +246,13 @@ impl SystemVersion {
true
}

pub fn should_inject_transaction_processor_proofs_in_call_function(&self) -> bool {
match self {
SystemVersion::V1 => true,
SystemVersion::V2 => false,
}
}

pub fn should_charge_for_transaction_intent(&self) -> bool {
match self {
SystemVersion::V1 => false,
Expand Down
Loading

0 comments on commit ebe8dc2

Please sign in to comment.