Integrate frostfsid into NNS #119
No reviewers
Labels
No labels
P0
P1
P2
P3
good first issue
Infrastructure
blocked
bug
config
discussion
documentation
duplicate
enhancement
go
help wanted
internal
invalid
kludge
observability
perfomance
question
refactoring
wontfix
No milestone
No project
No assignees
4 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: TrueCloudLab/frostfs-contract#119
Loading…
Reference in a new issue
No description provided.
Delete branch "achuprov/frostfs-contract:feat/integrate_frostfsid2nns"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
@ -0,0 +1,36 @@
package common
func HexToBytes(s []byte) []byte {
IMO having such low-level functions on a contract level is not worth it.
Do we need them?
TBH, the usage of this function can barely be common (so, I agree with @fyrchik). The second point is that the input parameter seems irrelevant to the function's name - hex is the slice of bytes? I believe the function can be renamed or commented
Fixed. Now using base 56.
@ -0,0 +16,4 @@
)
func checkFrostfsID(ctx storage.Context) bool {
frostfsIDAddress := getRecordsByType(ctx, []byte(tokenIDFromName(FrostfsIDNNSName)), FrostfsIDNNSName, TXT)
We can store address in base-58 and use
29bb3ff1cf/pkg/core/native/std.go (L108)
See #96
fixed
@ -0,0 +24,4 @@
frostfsidAddr := common.ReverseBytes(common.HexToBytes([]byte(frostfsIDAddress[0])))
signers := runtime.CurrentSigners()
for _, signer := range signers {
if res := contract.Call(frostfsidAddr, "getValueForSubjectKey", contract.All, signer.Account, FrostfsIDNNSTLDPermissionKey).(string); res == FrostfsIDTLDRegistrationAllowed {
Each signer has
Scope
, that is "bytecode area", where his signature is considered valid.I may be OK with paying for this transaction (use
None
scope), but not ok with using my permissions to allow SOMEONE to do whatever they want.Another problem with this line of code is multiple
contract.Call()
invocations. This is too costly.I think domain owner should be used here. He will own the domain, he should have the right to register.
Just for my curiosity. You've said: "use
None
scope". Will be the contract method called then? I am looking at"getValueForSubjectKey"
definition and it's expected that the method is invoked in the read context. So, why can't we useReadOnly | AllowCall
flags then?Signer scope (
None
,CalledByEntry
etc) is different from the call flags (ReadOnly
,AllowCall
, etc).fixed
@ -0,0 +26,4 @@
}
}
func ReverseBytes(b []byte) []byte {
Please, leave a comment that a copied version of the input slice is being reversed in fact
fixed
11d5b17bac
to7514f94daf
7514f94daf
tob6983ae888
b6983ae888
to062998cc6b
062998cc6b
to1a2fc7dc60
@ -41,3 +59,3 @@
func TestNNSGeneric(t *testing.T) {
c := newNNSInvoker(t, false)
c, _ := newNNSInvoker(t, false, false)
Please, let's not overcomplicate function signatures.
newNNSInvoker
is perfectly valid.We might have another
newNNSInvokerWithFrostfsID
which reusesnewNNSInvoker
and do not change unaffected tests. We need it only once (!).fixed
@ -473,2 +473,4 @@
}
// GetValueForSubjectKey GetSubjectKey returns the value associated with the key for the subject.
func GetValueForSubjectKey(addr interop.Hash160, name string) string {
I suggest to rename this function to
GetSubjectKV
Renamed
@ -0,0 +22,4 @@
}
frostfsIDAddress := getRecordsByType(ctx, []byte(tokenIDFromName(FrostfsIDNNSName)), FrostfsIDNNSName, TXT)
if len(frostfsIDAddress) == 0 {
Should this be
because below we use
frostfsIDAddress[1]
?
Do we have a strict requirement to have the address in both
Base56
andhex
formats? Thehex
format does not affect functionality.My comment was just about avoiding panic when result will contain just one element and we will try to access the second (
frostfsIDAddress[1]
)You're right. Fixed.
I'm not sure. It seems you fixed wrong line
@ -228,2 +228,4 @@
}
// GetValueForSubjectKey invokes `getValueForSubjectKey` method of contract.
func (c *ContractReader) GetValueForSubjectKey(addr util.Uint160, name string) (string, error) {
New method should also be added to
frsotfsid/client/client.go
file1a2fc7dc60
to15c4f02500
15c4f02500
tocdc4e23eb2
@ -268,1 +269,4 @@
// GetSubjectKV invokes `getSubjectKV` method of contract.
func (c Client) GetSubjectKV(addr util.Uint160, name string) (string, error) {
value, err := unwrap.UTF8String(c.act.Call(c.contract, getSubjectKVMethod, addr, name))
It seems we can write just
fixed
cdc4e23eb2
tob268eb5357
b268eb5357
to32508245c2
32508245c2
to0d76a79d5b
@ -0,0 +13,4 @@
const (
FrostfsIDNNSTLDPermissionKey = "nns-allow-register-tld"
FrostfsIDTLDRegistrationAllowed = "allow"
FrostfsIDTLDRegistrationDisallowed = "disallow"
It is used only in tests, could you remove it?
We explicitly do allow check, everything else should be disallow.
0d76a79d5b
to4881a8a46c
New commits pushed, approval review dismissed automatically according to repository settings
4881a8a46c
to48f06df25a
New commits pushed, approval review dismissed automatically according to repository settings
New commits pushed, approval review dismissed automatically according to repository settings
LGTM