From 8fde41001eed614a423449ca697a094a4e57c653 Mon Sep 17 00:00:00 2001 From: Anna Shaleva Date: Wed, 22 Jul 2020 19:40:32 +0300 Subject: [PATCH] core, vm: remove allowed triggers from syscalls Closes #1205. --- pkg/core/interop/context.go | 2 -- pkg/core/interops.go | 64 ++++++++++++------------------------- pkg/vm/interop.go | 10 ++---- pkg/vm/json_test.go | 4 +-- pkg/vm/vm.go | 3 -- pkg/vm/vm_test.go | 24 -------------- 6 files changed, 25 insertions(+), 82 deletions(-) diff --git a/pkg/core/interop/context.go b/pkg/core/interop/context.go index 3b9d5edbd..775e21f1b 100644 --- a/pkg/core/interop/context.go +++ b/pkg/core/interop/context.go @@ -59,8 +59,6 @@ type Function struct { Name string Func func(*Context, *vm.VM) error Price int64 - // AllowedTriggers is a set of triggers which are allowed to initiate invocation. - AllowedTriggers trigger.Type // RequiredFlags is a set of flags which must be set during script invocations. // Default value is NoneFlag i.e. no flags are required. RequiredFlags smartcontract.CallFlag diff --git a/pkg/core/interops.go b/pkg/core/interops.go index 9ca064ec6..86b42713e 100644 --- a/pkg/core/interops.go +++ b/pkg/core/interops.go @@ -18,7 +18,6 @@ import ( "github.com/nspcc-dev/neo-go/pkg/core/interop/runtime" "github.com/nspcc-dev/neo-go/pkg/core/native" "github.com/nspcc-dev/neo-go/pkg/smartcontract" - "github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger" "github.com/nspcc-dev/neo-go/pkg/vm" "github.com/nspcc-dev/neo-go/pkg/vm/emit" ) @@ -74,31 +73,20 @@ var systemInterops = []interop.Function{ {Name: "System.Binary.Base64Encode", Func: runtimeEncode, Price: 100000}, {Name: "System.Binary.Deserialize", Func: runtimeDeserialize, Price: 500000}, {Name: "System.Binary.Serialize", Func: runtimeSerialize, Price: 100000}, - {Name: "System.Blockchain.GetBlock", Func: bcGetBlock, Price: 2500000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Blockchain.GetContract", Func: bcGetContract, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Blockchain.GetHeight", Func: bcGetHeight, Price: 400, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Blockchain.GetTransaction", Func: bcGetTransaction, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Blockchain.GetTransactionFromBlock", Func: bcGetTransactionFromBlock, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Blockchain.GetTransactionHeight", Func: bcGetTransactionHeight, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Contract.Call", Func: contractCall, Price: 1000000, - AllowedTriggers: trigger.System | trigger.Application, RequiredFlags: smartcontract.AllowCall}, - {Name: "System.Contract.CallEx", Func: contractCallEx, Price: 1000000, - AllowedTriggers: trigger.System | trigger.Application, RequiredFlags: smartcontract.AllowCall}, - {Name: "System.Contract.Create", Func: contractCreate, Price: 0, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, + {Name: "System.Blockchain.GetBlock", Func: bcGetBlock, Price: 2500000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Blockchain.GetContract", Func: bcGetContract, Price: 1000000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Blockchain.GetHeight", Func: bcGetHeight, Price: 400, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Blockchain.GetTransaction", Func: bcGetTransaction, Price: 1000000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Blockchain.GetTransactionFromBlock", Func: bcGetTransactionFromBlock, Price: 1000000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Blockchain.GetTransactionHeight", Func: bcGetTransactionHeight, Price: 1000000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Contract.Call", Func: contractCall, Price: 1000000, RequiredFlags: smartcontract.AllowCall}, + {Name: "System.Contract.CallEx", Func: contractCallEx, Price: 1000000, RequiredFlags: smartcontract.AllowCall}, + {Name: "System.Contract.Create", Func: contractCreate, Price: 0, RequiredFlags: smartcontract.AllowModifyStates}, {Name: "System.Contract.CreateStandardAccount", Func: contractCreateStandardAccount, Price: 10000}, - {Name: "System.Contract.Destroy", Func: contractDestroy, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, + {Name: "System.Contract.Destroy", Func: contractDestroy, Price: 1000000, RequiredFlags: smartcontract.AllowModifyStates}, {Name: "System.Contract.IsStandard", Func: contractIsStandard, Price: 30000}, {Name: "System.Contract.GetCallFlags", Func: contractGetCallFlags, Price: 30000}, - {Name: "System.Contract.Update", Func: contractUpdate, Price: 0, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, + {Name: "System.Contract.Update", Func: contractUpdate, Price: 0, RequiredFlags: smartcontract.AllowModifyStates}, {Name: "System.Enumerator.Concat", Func: enumerator.Concat, Price: 400}, {Name: "System.Enumerator.Create", Func: enumerator.Create, Price: 400}, {Name: "System.Enumerator.Next", Func: enumerator.Next, Price: 1000000}, @@ -119,28 +107,19 @@ var systemInterops = []interop.Function{ {Name: "System.Runtime.GetInvocationCounter", Func: runtime.GetInvocationCounter, Price: 400}, {Name: "System.Runtime.GetNotifications", Func: runtime.GetNotifications, Price: 10000}, {Name: "System.Runtime.GetScriptContainer", Func: engineGetScriptContainer, Price: 250}, - {Name: "System.Runtime.GetTime", Func: runtimeGetTime, Price: 250, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Runtime.GetTime", Func: runtimeGetTime, Price: 250, RequiredFlags: smartcontract.AllowStates}, {Name: "System.Runtime.GetTrigger", Func: runtimeGetTrigger, Price: 250}, {Name: "System.Runtime.Log", Func: runtimeLog, Price: 1000000, RequiredFlags: smartcontract.AllowNotify}, {Name: "System.Runtime.Notify", Func: runtimeNotify, Price: 1000000, RequiredFlags: smartcontract.AllowNotify}, {Name: "System.Runtime.Platform", Func: runtimePlatform, Price: 250}, - {Name: "System.Storage.Delete", Func: storageDelete, Price: StoragePrice, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, - {Name: "System.Storage.Find", Func: storageFind, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Storage.Get", Func: storageGet, Price: 1000000, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Storage.GetContext", Func: storageGetContext, Price: 400, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Storage.GetReadOnlyContext", Func: storageGetReadOnlyContext, Price: 400, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, - {Name: "System.Storage.Put", Func: storagePut, Price: 0, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, // These don't have static price in C# code. - {Name: "System.Storage.PutEx", Func: storagePutEx, Price: 0, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, - {Name: "System.Storage.AsReadOnly", Func: storageContextAsReadOnly, Price: 400, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Storage.Delete", Func: storageDelete, Price: StoragePrice, RequiredFlags: smartcontract.AllowModifyStates}, + {Name: "System.Storage.Find", Func: storageFind, Price: 1000000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Storage.Get", Func: storageGet, Price: 1000000, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Storage.GetContext", Func: storageGetContext, Price: 400, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Storage.GetReadOnlyContext", Func: storageGetReadOnlyContext, Price: 400, RequiredFlags: smartcontract.AllowStates}, + {Name: "System.Storage.Put", Func: storagePut, Price: 0, RequiredFlags: smartcontract.AllowModifyStates}, // These don't have static price in C# code. + {Name: "System.Storage.PutEx", Func: storagePutEx, Price: 0, RequiredFlags: smartcontract.AllowModifyStates}, + {Name: "System.Storage.AsReadOnly", Func: storageContextAsReadOnly, Price: 400, RequiredFlags: smartcontract.AllowStates}, } var neoInterops = []interop.Function{ @@ -150,8 +129,7 @@ var neoInterops = []interop.Function{ {Name: "Neo.Crypto.CheckMultisigWithECDsaSecp256k1", Func: crypto.ECDSASecp256k1CheckMultisig, Price: 0}, {Name: "Neo.Crypto.SHA256", Func: crypto.Sha256, Price: 1000000}, {Name: "Neo.Crypto.RIPEMD160", Func: crypto.RipeMD160, Price: 1000000}, - {Name: "Neo.Native.Deploy", Func: native.Deploy, Price: 0, - AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, + {Name: "Neo.Native.Deploy", Func: native.Deploy, Price: 0, RequiredFlags: smartcontract.AllowModifyStates}, } // initIDinInteropsSlice initializes IDs from names in one given diff --git a/pkg/vm/interop.go b/pkg/vm/interop.go index 7caa9b114..218d93332 100644 --- a/pkg/vm/interop.go +++ b/pkg/vm/interop.go @@ -6,7 +6,6 @@ import ( "sort" "github.com/nspcc-dev/neo-go/pkg/smartcontract" - "github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger" "github.com/nspcc-dev/neo-go/pkg/vm/emit" "github.com/nspcc-dev/neo-go/pkg/vm/stackitem" ) @@ -16,12 +15,9 @@ type InteropFunc func(vm *VM) error // InteropFuncPrice represents an interop function with a price. type InteropFuncPrice struct { - Func InteropFunc - Price int64 - // AllowedTriggers is a mask representing triggers which should be allowed by an interop. - // 0 is interpreted as All. - AllowedTriggers trigger.Type - RequiredFlags smartcontract.CallFlag + Func InteropFunc + Price int64 + RequiredFlags smartcontract.CallFlag } // interopIDFuncPrice adds an ID to the InteropFuncPrice. diff --git a/pkg/vm/json_test.go b/pkg/vm/json_test.go index 395041994..8fc7a0d1a 100644 --- a/pkg/vm/json_test.go +++ b/pkg/vm/json_test.go @@ -18,7 +18,6 @@ import ( "github.com/nspcc-dev/neo-go/pkg/encoding/bigint" "github.com/nspcc-dev/neo-go/pkg/smartcontract" - "github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger" "github.com/nspcc-dev/neo-go/pkg/vm/opcode" "github.com/nspcc-dev/neo-go/pkg/vm/stackitem" "github.com/stretchr/testify/require" @@ -127,8 +126,7 @@ func getTestingInterop(id uint32) *InteropFuncPrice { } case binary.LittleEndian.Uint32([]byte{0x55, 0x55, 0x55, 0x55}): return &InteropFuncPrice{ - Func: f, - AllowedTriggers: trigger.Application, + Func: f, } } return nil diff --git a/pkg/vm/vm.go b/pkg/vm/vm.go index bd5ab19fc..02bc9ffe7 100644 --- a/pkg/vm/vm.go +++ b/pkg/vm/vm.go @@ -1253,9 +1253,6 @@ func (v *VM) execute(ctx *Context, op opcode.Opcode, parameter []byte) (err erro case opcode.SYSCALL: interopID := GetInteropID(parameter) ifunc := v.GetInteropByID(interopID) - if ifunc.AllowedTriggers != 0 && ifunc.AllowedTriggers&v.trigger == 0 { - panic(fmt.Sprintf("trigger not allowed: %s", v.trigger)) - } if !v.Context().callFlag.Has(ifunc.RequiredFlags) { panic(fmt.Sprintf("missing call flags: %05b vs %05b", v.Context().callFlag, ifunc.RequiredFlags)) } diff --git a/pkg/vm/vm_test.go b/pkg/vm/vm_test.go index 359d26488..07d486c07 100644 --- a/pkg/vm/vm_test.go +++ b/pkg/vm/vm_test.go @@ -14,7 +14,6 @@ import ( "github.com/nspcc-dev/neo-go/pkg/internal/random" "github.com/nspcc-dev/neo-go/pkg/io" "github.com/nspcc-dev/neo-go/pkg/smartcontract" - "github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger" "github.com/nspcc-dev/neo-go/pkg/vm/emit" "github.com/nspcc-dev/neo-go/pkg/vm/opcode" "github.com/nspcc-dev/neo-go/pkg/vm/stackitem" @@ -841,29 +840,6 @@ func TestCallFlags(t *testing.T) { t.Run("AllFlagsProvided", getTestCallFlagsFunc(readOnly, smartcontract.ReadOnly, new(int))) } -func getTestTriggerFunc(syscall []byte, tr trigger.Type, result interface{}) func(t *testing.T) { - return func(t *testing.T) { - script := append([]byte{byte(opcode.SYSCALL)}, syscall...) - v := NewWithTrigger(tr) - v.RegisterInteropGetter(getTestingInterop) - v.LoadScript(script) - if result == nil { - checkVMFailed(t, v) - return - } - runVM(t, v) - require.Equal(t, result, v.PopResult()) - } -} - -func TestAllowedTriggers(t *testing.T) { - noFlags := []byte{0x77, 0x77, 0x77, 0x77} - appOnly := []byte{0x55, 0x55, 0x55, 0x55} - t.Run("Application/NeedNothing", getTestTriggerFunc(noFlags, trigger.Application, new(int))) - t.Run("Application/NeedApplication", getTestTriggerFunc(appOnly, trigger.Application, new(int))) - t.Run("System/NeedApplication", getTestTriggerFunc(appOnly, trigger.System, nil)) -} - func callNTimes(n uint16) []byte { return makeProgram( opcode.PUSHINT16, opcode.Opcode(n), opcode.Opcode(n>>8), // little-endian