acid-ant/frostfs-contract
1
0
Fork 0
forked from TrueCloudLab/frostfs-contract
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#74] neofsid: Support notary disabled work flow

Browse source 
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin 2021-04-29 16:17:41 +03:00 committed by Alex Vanin
parent 9cc57dcdf8
commit c0073266de
1 changed files with 76 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

82
neofsid/neofsid_contract.go
View file

@ -2,6 +2,7 @@ package neofsidcontract
import ( import (
"github.com/nspcc-dev/neo-go/pkg/interop" "github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management" "github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std" "github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime" "github.com/nspcc-dev/neo-go/pkg/interop/runtime"
@ -67,10 +68,31 @@ func AddKey(owner []byte, keys []interop.PublicKey) bool {
} }
ctx := storage.GetContext() ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
multiaddr := common.AlphabetAddress() var ( // for invocation collection without notary
if !runtime.CheckWitness(multiaddr) { alphabet []common.IRNode
panic("addKey: invocation from non inner ring node") nodeKey []byte
inderectCall bool
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("addKey: invocation from non inner ring node")
}
inderectCall = common.FromKnownContract(
ctx,
runtime.GetCallingScriptHash(),
containerContractKey,
)
} else {
multiaddr := common.AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
panic("addKey: invocation from non inner ring node")
}
} }
info := getUserInfo(ctx, owner) info := getUserInfo(ctx, owner)
@ -92,6 +114,18 @@ addLoop:
info.Keys = append(info.Keys, pubKey) info.Keys = append(info.Keys, pubKey)
} }
if notaryDisabled && !inderectCall {
threshold := len(alphabet)*2/3 + 1
id := invokeIDKeys(owner, keys, []byte("add"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return true
}
common.RemoveVotes(ctx, id)
}
common.SetSerialized(ctx, owner, info) common.SetSerialized(ctx, owner, info)
runtime.Log("addKey: key bound to the owner") runtime.Log("addKey: key bound to the owner")
@ -104,10 +138,24 @@ func RemoveKey(owner []byte, keys []interop.PublicKey) bool {
} }
ctx := storage.GetContext() ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
multiaddr := common.AlphabetAddress() var ( // for invocation collection without notary
if !runtime.CheckWitness(multiaddr) { alphabet []common.IRNode
panic("removeKey: invocation from non inner ring node") nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("removeKey: invocation from non inner ring node")
}
} else {
multiaddr := common.AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
panic("removeKey: invocation from non inner ring node")
}
} }
info := getUserInfo(ctx, owner) info := getUserInfo(ctx, owner)
@ -132,6 +180,19 @@ rmLoop:
} }
info.Keys = leftKeys info.Keys = leftKeys
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := invokeIDKeys(owner, keys, []byte("remove"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return true
}
common.RemoveVotes(ctx, id)
}
common.SetSerialized(ctx, owner, info) common.SetSerialized(ctx, owner, info)
return true return true
@ -161,3 +222,12 @@ func getUserInfo(ctx storage.Context, key interface{}) UserInfo {
return UserInfo{Keys: [][]byte{}} return UserInfo{Keys: [][]byte{}}
} }
func invokeIDKeys(owner []byte, keys []interop.PublicKey, prefix []byte) []byte {
prefix = append(prefix, owner...)
for i := range keys {
prefix = append(prefix, keys[i]...)
}
return crypto.Sha256(prefix)
}