mbiryukova/frostfs-contract
1
0
Fork 0
forked from TrueCloudLab/frostfs-contract
Code Pull requests Activity

Compare commits

base: mbiryukova:master
Branches Tags
mbiryukova:master
mbiryukova:feature/get_group_by_name
mbiryukova:support/v0.17
mbiryukova:support/v0.16
mbiryukova:v0.14.1-hotfix
mbiryukova:enable-notary-in-public-chains
TrueCloudLab:master
TrueCloudLab:kek
TrueCloudLab:support/v0.19
TrueCloudLab:support/v0.18
TrueCloudLab:support/v0.17
TrueCloudLab:support/v0.16
TrueCloudLab:v0.14.1-hotfix
TrueCloudLab:enable-notary-in-public-chains
TrueCloudLab:v0.19.0
TrueCloudLab:v0.18.0
TrueCloudLab:v0.19.1
TrueCloudLab:v0.19.2
TrueCloudLab:v0.19.3
TrueCloudLab:v0.19.4
TrueCloudLab:v0.20.0
TrueCloudLab:v0.21.0-rc.1
TrueCloudLab:v0.21.0-rc.2
TrueCloudLab:v0.21.0-rc.3
TrueCloudLab:v0.21.0-rc.4
..
compare: mbiryukova:enable-notary-in-public-chains
Branches Tags
mbiryukova:feature/get_group_by_name
mbiryukova:master
mbiryukova:support/v0.17
mbiryukova:support/v0.16
mbiryukova:v0.14.1-hotfix
mbiryukova:enable-notary-in-public-chains
TrueCloudLab:master
TrueCloudLab:kek
TrueCloudLab:support/v0.19
TrueCloudLab:support/v0.18
TrueCloudLab:support/v0.17
TrueCloudLab:support/v0.16
TrueCloudLab:v0.14.1-hotfix
TrueCloudLab:enable-notary-in-public-chains
TrueCloudLab:v0.19.0
TrueCloudLab:v0.18.0
TrueCloudLab:v0.19.1
TrueCloudLab:v0.19.2
TrueCloudLab:v0.19.3
TrueCloudLab:v0.19.4
TrueCloudLab:v0.20.0
TrueCloudLab:v0.21.0-rc.1
TrueCloudLab:v0.21.0-rc.2
TrueCloudLab:v0.21.0-rc.3
TrueCloudLab:v0.21.0-rc.4

1 commit
master ... enable-not

Author SHA1 Message Date
Alex Vanin
72571349a8 Enable notary and remove all ballots 
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
 2021-12-14 12:10:17 +03:00
85 changed files with 3885 additions and 4257 deletions
Show stats Expand all files Collapse all files

20
.forgejo/workflows/dco.yml
View file

@ -1,20 +0,0 @@
on: [pull_request]
jobs:
dco:
name: DCO
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: '1.20'
- name: Run commit format checker
uses: https://git.alexvan.in/alexvanin/dco-go@v1
with:
from: e19fe15e

20
.forgejo/workflows/tests.yml
View file

@ -1,20 +0,0 @@
on: [pull_request]
jobs:
tests:
name: Tests
runs-on: ubuntu-latest
strategy:
matrix:
go_versions: [ '1.19', '1.20' ]
fail-fast: false
steps:
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: '${{ matrix.go_versions }}'
- name: Run tests
run: make test

1
.github/CODEOWNERS vendored
View file

@ -1 +0,0 @@
* @carpawell @fyrchik @cthulhu-rider

45
.github/ISSUE_TEMPLATE/bug_report.md vendored
View file

@ -1,45 +0,0 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: community, triage, bug
assignees: ''
---
<!--- Provide a general summary of the issue in the Title above -->
## Expected Behavior
<!--- If you're describing a bug, tell us what should happen -->
<!--- If you're suggesting a change/improvement, tell us how it should work -->
## Current Behavior
<!--- If describing a bug, tell us what happens instead of the expected behavior -->
<!--- If suggesting a change/improvement, explain the difference from current behavior -->
## Possible Solution
<!--- Not obligatory -->
<!--- If no reason/fix/additions for the bug can be suggested, -->
<!--- uncomment the following phrase: -->
<!--- No fix can be suggested by a QA engineer. Further solutions shall be up to developers. -->
## Steps to Reproduce (for bugs)
<!--- Provide a link to a live example, or an unambiguous set of steps to -->
<!--- reproduce this bug. -->
1.
## Context
<!--- How has this issue affected you? What are you trying to accomplish? -->
<!--- Providing context helps us come up with a solution that is most useful in the real world -->
## Regression
<!-- Is this issue a regression? (Yes / No) -->
<!-- If Yes, optionally please include version or commit id or PR# that caused this regression, if you have these details. -->
## Your Environment
<!--- Include as many relevant details about the environment you experienced the bug in -->
* Version used:
* Server setup and configuration:
* Operating System and version (`uname -a`):

1
.github/ISSUE_TEMPLATE/config.yml vendored
View file

@ -1 +0,0 @@
blank_issues_enabled: false

20
.github/ISSUE_TEMPLATE/feature_request.md vendored
View file

@ -1,20 +0,0 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: community, triage
assignees: ''
---
## Is your feature request related to a problem? Please describe.
<!--- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
## Describe the solution you'd like
<!--- A clear and concise description of what you want to happen. -->
## Describe alternatives you've considered
<!--- A clear and concise description of any alternative solutions or features you've considered. -->
## Additional context
<!--- Add any other context or screenshots about the feature request here. -->

197
.github/logo.svg vendored
View file

@ -1,70 +1,129 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Generator: Adobe Illustrator 25.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Слой_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
viewBox="0 0 184.2 51.8" style="enable-background:new 0 0 184.2 51.8;" xml:space="preserve">
<style type="text/css">
.st0{display:none;}
.st1{display:inline;}
.st2{fill:#01E397;}
.st3{display:inline;fill:#010032;}
.st4{display:inline;fill:#00E599;}
.st5{display:inline;fill:#00AF92;}
.st6{fill:#00C3E5;}
</style>
<g id="Layer_2">
<g id="Layer_1-2" class="st0">
<g class="st1">
<path class="st2" d="M146.6,18.3v7.2h10.9V29h-10.9v10.7h-4V14.8h18v3.5H146.6z"/>
<path class="st2" d="M180,15.7c1.7,0.9,3,2.2,4,3.8l-3,2.7c-0.6-1.3-1.5-2.4-2.6-3.3c-1.3-0.7-2.8-1-4.3-1
c-1.4-0.1-2.8,0.3-4,1.1c-0.9,0.5-1.5,1.5-1.4,2.6c0,1,0.5,1.9,1.4,2.4c1.5,0.8,3.2,1.3,4.9,1.5c1.9,0.3,3.7,0.8,5.4,1.6
c1.2,0.5,2.2,1.3,2.9,2.3c0.6,1,1,2.2,0.9,3.4c0,1.4-0.5,2.7-1.3,3.8c-0.9,1.2-2.1,2.1-3.5,2.6c-1.7,0.6-3.4,0.9-5.2,0.8
c-5,0-8.6-1.6-10.7-5l2.9-2.8c0.7,1.4,1.8,2.5,3.1,3.3c1.5,0.7,3.1,1.1,4.7,1c1.5,0.1,2.9-0.2,4.2-0.9c0.9-0.5,1.5-1.5,1.5-2.6
c0-0.9-0.5-1.8-1.3-2.2c-1.5-0.7-3.1-1.2-4.8-1.5c-1.9-0.3-3.7-0.8-5.5-1.5c-1.2-0.5-2.2-1.4-3-2.4c-0.6-1-1-2.2-0.9-3.4
c0-1.4,0.4-2.7,1.2-3.8c0.8-1.2,2-2.2,3.3-2.8c1.6-0.7,3.4-1.1,5.2-1C176.1,14.3,178.2,14.8,180,15.7z"/>
</g>
<path class="st3" d="M73.3,16.3c1.9,1.9,2.9,4.5,2.7,7.1v15.9h-4V24.8c0-2.6-0.5-4.5-1.6-5.7c-1.2-1.2-2.8-1.8-4.5-1.7
c-1.3,0-2.5,0.3-3.7,0.8c-1.2,0.7-2.2,1.7-2.9,2.9c-0.8,1.5-1.1,3.2-1.1,4.9v13.3h-4V15.1l3.6,1.5v1.7c0.8-1.5,2.1-2.6,3.6-3.3
c1.5-0.8,3.2-1.2,4.9-1.1C68.9,13.8,71.3,14.7,73.3,16.3z"/>
<path class="st3" d="M104.4,28.3H85.6c0.1,2.2,1,4.3,2.5,5.9c1.5,1.4,3.5,2.2,5.6,2.1c1.6,0.1,3.2-0.2,4.6-0.9
c1.1-0.6,2-1.6,2.5-2.8l3.3,1.8c-0.9,1.7-2.3,3.1-4,4c-2,1-4.2,1.5-6.4,1.4c-3.7,0-6.7-1.1-8.8-3.4s-3.2-5.5-3.2-9.6s1-7.2,3-9.5
s5-3.4,8.7-3.4c2.1-0.1,4.2,0.5,6.1,1.5c1.6,1,3,2.5,3.8,4.2c0.9,1.8,1.3,3.9,1.3,5.9C104.6,26.4,104.6,27.4,104.4,28.3z
M88.1,19.3c-1.4,1.5-2.2,3.4-2.4,5.5h15.1c-0.2-2-1-3.9-2.3-5.5c-1.4-1.3-3.2-2-5.1-1.9C91.5,17.3,89.6,18,88.1,19.3z"/>
<path class="st3" d="M131,17.3c2.2,2.3,3.2,5.5,3.2,9.5s-1,7.3-3.2,9.6s-5.1,3.4-8.8,3.4s-6.7-1.1-8.9-3.4s-3.2-5.5-3.2-9.6
s1.1-7.2,3.2-9.5s5.1-3.4,8.9-3.4S128.9,15,131,17.3z M116.2,19.9c-1.5,2-2.2,4.4-2.1,6.9c-0.2,2.5,0.6,5,2.1,7
c1.5,1.7,3.7,2.7,6,2.6c2.3,0.1,4.4-0.9,5.9-2.6c1.5-2,2.3-4.5,2.1-7c0.1-2.5-0.6-4.9-2.1-6.9c-1.5-1.7-3.6-2.7-5.9-2.6
C119.9,17.2,117.7,18.2,116.2,19.9z"/>
<polygon class="st4" points="0,9.1 0,43.7 22.5,51.8 22.5,16.9 46.8,7.9 24.8,0 "/>
<polygon class="st5" points="24.3,17.9 24.3,36.8 46.8,44.9 46.8,9.6 "/>
</g>
<g>
<g>
<path class="st6" d="M41.6,17.5H28.2v6.9h10.4v3.3H28.2v10.2h-3.9V14.2h17.2V17.5z"/>
<path class="st6" d="M45.8,37.9v-18h3.3l0.4,3.2c0.5-1.2,1.2-2.1,2.1-2.7c0.9-0.6,2.1-0.9,3.5-0.9c0.4,0,0.7,0,1.1,0.1
c0.4,0.1,0.7,0.2,0.9,0.3l-0.5,3.4c-0.3-0.1-0.6-0.2-0.9-0.2C55.4,23,54.9,23,54.4,23c-0.7,0-1.5,0.2-2.2,0.6
c-0.7,0.4-1.3,1-1.8,1.8s-0.7,1.8-0.7,3v9.5H45.8z"/>
<path class="st6" d="M68.6,19.6c1.8,0,3.3,0.4,4.6,1.1c1.3,0.7,2.4,1.8,3.1,3.2s1.1,3.1,1.1,5c0,1.9-0.4,3.6-1.1,5
c-0.8,1.4-1.8,2.5-3.1,3.2c-1.3,0.7-2.9,1.1-4.6,1.1s-3.3-0.4-4.6-1.1c-1.3-0.7-2.4-1.8-3.2-3.2c-0.8-1.4-1.2-3.1-1.2-5
c0-1.9,0.4-3.6,1.2-5s1.8-2.5,3.2-3.2C65.3,19.9,66.8,19.6,68.6,19.6z M68.6,22.6c-1.1,0-2,0.2-2.8,0.7c-0.8,0.5-1.3,1.2-1.7,2.1
s-0.6,2.1-0.6,3.5c0,1.3,0.2,2.5,0.6,3.4s1,1.7,1.7,2.2s1.7,0.7,2.8,0.7c1.1,0,2-0.2,2.7-0.7c0.7-0.5,1.3-1.2,1.7-2.2
s0.6-2.1,0.6-3.4c0-1.4-0.2-2.5-0.6-3.5s-1-1.6-1.7-2.1C70.6,22.8,69.6,22.6,68.6,22.6z"/>
<path class="st6" d="M89.2,38.3c-1.8,0-3.4-0.3-4.9-1c-1.5-0.7-2.7-1.7-3.5-3l2.7-2.3c0.5,1,1.3,1.8,2.3,2.4
c1,0.6,2.2,0.9,3.6,0.9c1.1,0,2-0.2,2.6-0.6c0.6-0.4,1-0.9,1-1.6c0-0.5-0.2-0.9-0.5-1.2s-0.9-0.6-1.7-0.8l-3.8-0.8
c-1.9-0.4-3.3-1-4.1-1.9c-0.8-0.9-1.2-1.9-1.2-3.3c0-1,0.3-1.9,0.9-2.7c0.6-0.8,1.4-1.5,2.5-2s2.5-0.8,4-0.8c1.8,0,3.3,0.3,4.6,1
c1.3,0.6,2.2,1.5,2.9,2.7l-2.7,2.2c-0.5-1-1.1-1.7-2-2.1c-0.9-0.5-1.8-0.7-2.8-0.7c-0.8,0-1.4,0.1-2,0.3c-0.6,0.2-1,0.5-1.3,0.8
c-0.3,0.3-0.4,0.7-0.4,1.2c0,0.5,0.2,0.9,0.5,1.3s1,0.6,1.9,0.8l4.1,0.9c1.7,0.3,2.9,0.9,3.7,1.7c0.7,0.8,1.1,1.8,1.1,2.9
c0,1.2-0.3,2.2-0.9,3c-0.6,0.9-1.5,1.6-2.6,2C92.1,38.1,90.7,38.3,89.2,38.3z"/>
<path class="st6" d="M112.8,19.9v3H99.3v-3H112.8z M106.6,14.6v17.9c0,0.9,0.2,1.5,0.7,1.9c0.5,0.4,1.1,0.6,1.9,0.6
c0.6,0,1.2-0.1,1.7-0.3c0.5-0.2,0.9-0.5,1.3-0.8l0.9,2.8c-0.6,0.5-1.2,0.9-2,1.1c-0.8,0.3-1.7,0.4-2.7,0.4c-1,0-2-0.2-2.8-0.5
s-1.5-0.9-2-1.6c-0.5-0.8-0.7-1.7-0.8-3V15.7L106.6,14.6z"/>
<path d="M137.9,17.5h-13.3v6.9h10.4v3.3h-10.4v10.2h-3.9V14.2h17.2V17.5z"/>
<path d="M150.9,13.8c2.1,0,4,0.4,5.5,1.2c1.6,0.8,2.9,2,4,3.5l-2.6,2.5c-0.9-1.4-1.9-2.4-3.1-3c-1.1-0.6-2.5-0.9-4-0.9
c-1.2,0-2.1,0.2-2.8,0.5c-0.7,0.3-1.3,0.7-1.6,1.2c-0.3,0.5-0.5,1.1-0.5,1.7c0,0.7,0.3,1.4,0.8,1.9c0.5,0.6,1.5,1,2.9,1.3
l4.8,1.1c2.3,0.5,3.9,1.3,4.9,2.3c1,1,1.4,2.3,1.4,3.9c0,1.5-0.4,2.7-1.2,3.8c-0.8,1.1-1.9,1.9-3.3,2.5s-3.1,0.9-5,0.9
c-1.7,0-3.2-0.2-4.5-0.6c-1.3-0.4-2.5-1-3.5-1.8c-1-0.7-1.8-1.6-2.5-2.6l2.7-2.7c0.5,0.8,1.1,1.6,1.9,2.2
c0.8,0.7,1.7,1.2,2.7,1.5c1,0.4,2.2,0.5,3.4,0.5c1.1,0,2.1-0.1,2.9-0.4c0.8-0.3,1.4-0.7,1.8-1.2c0.4-0.5,0.6-1.1,0.6-1.9
c0-0.7-0.2-1.3-0.7-1.8c-0.5-0.5-1.3-0.9-2.6-1.2l-5.2-1.2c-1.4-0.3-2.6-0.8-3.6-1.3c-0.9-0.6-1.6-1.3-2.1-2.1s-0.7-1.8-0.7-2.8
c0-1.3,0.4-2.6,1.1-3.7c0.7-1.1,1.8-2,3.2-2.6C147.3,14.1,148.9,13.8,150.9,13.8z"/>
</g>
</g>
</g>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
sodipodi:docname="logo_fs.svg"
inkscape:version="1.0 (4035a4fb49, 2020-05-01)"
id="svg57"
version="1.1"
viewBox="0 0 105 25"
height="25mm"
width="105mm">
<defs
id="defs51">
<clipPath
clipPathUnits="userSpaceOnUse"
id="clipPath434">
<path
d="M 0,0 H 1366 V 768 H 0 Z"
id="path432" />
</clipPath>
</defs>
<sodipodi:namedview
inkscape:window-maximized="0"
inkscape:window-y="0"
inkscape:window-x="130"
inkscape:window-height="1040"
inkscape:window-width="1274"
height="50mm"
units="mm"
showgrid="false"
inkscape:document-rotation="0"
inkscape:current-layer="layer1"
inkscape:document-units="mm"
inkscape:cy="344.49897"
inkscape:cx="468.64708"
inkscape:zoom="0.7"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
borderopacity="1.0"
bordercolor="#666666"
pagecolor="#ffffff"
id="base" />
<metadata
id="metadata54">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
id="layer1"
inkscape:groupmode="layer"
inkscape:label="Layer 1">
<g
id="g424"
transform="matrix(0.35277777,0,0,-0.35277777,63.946468,10.194047)">
<path
d="m 0,0 v -8.093 h 12.287 v -3.94 H 0 V -24.067 H -4.534 V 3.898 H 15.677 V 0 Z"
style="fill:#00e396;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path426" />
</g>
<g
transform="matrix(0.35277777,0,0,-0.35277777,-315.43002,107.34005)"
id="g428">
<g
id="g430"
clip-path="url(#clipPath434)">
<g
id="g436"
transform="translate(1112.874,278.2981)">
<path
d="M 0,0 C 1.822,-0.932 3.354,-2.359 4.597,-4.28 L 1.165,-7.373 c -0.791,1.695 -1.779,2.924 -2.966,3.686 -1.186,0.763 -2.768,1.145 -4.745,1.145 -1.949,0 -3.461,-0.389 -4.534,-1.166 -1.074,-0.777 -1.61,-1.772 -1.61,-2.987 0,-1.13 0.523,-2.027 1.568,-2.69 1.045,-0.664 2.909,-1.236 5.593,-1.716 2.514,-0.452 4.512,-1.024 5.995,-1.716 1.483,-0.693 2.564,-1.554 3.242,-2.585 0.677,-1.031 1.016,-2.309 1.016,-3.834 0,-1.639 -0.466,-3.079 -1.398,-4.322 -0.932,-1.243 -2.239,-2.197 -3.919,-2.86 -1.681,-0.664 -3.623,-0.996 -5.826,-0.996 -5.678,0 -9.689,1.892 -12.033,5.678 l 3.178,3.178 c 0.903,-1.695 2.068,-2.939 3.495,-3.729 1.426,-0.791 3.199,-1.186 5.318,-1.186 2.005,0 3.58,0.345 4.724,1.038 1.144,0.692 1.716,1.674 1.716,2.945 0,1.017 -0.516,1.835 -1.547,2.457 -1.031,0.621 -2.832,1.172 -5.402,1.653 -2.571,0.479 -4.618,1.073 -6.143,1.779 -1.526,0.706 -2.635,1.582 -3.326,2.627 -0.693,1.045 -1.039,2.316 -1.039,3.813 0,1.582 0.438,3.023 1.314,4.322 0.875,1.299 2.14,2.33 3.792,3.093 1.653,0.763 3.58,1.144 5.783,1.144 C -4.018,1.398 -1.822,0.932 0,0"
style="fill:#00e396;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path438" />
</g>
<g
id="g440"
transform="translate(993.0239,277.5454)">
<path
d="m 0,0 c 2.054,-1.831 3.083,-4.465 3.083,-7.902 v -17.935 h -4.484 v 16.366 c 0,2.914 -0.626,5.024 -1.877,6.332 -1.253,1.308 -2.924,1.962 -5.016,1.962 -1.495,0 -2.896,-0.327 -4.204,-0.981 -1.308,-0.654 -2.381,-1.719 -3.222,-3.194 -0.841,-1.477 -1.261,-3.335 -1.261,-5.576 v -14.909 h -4.484 V 1.328 l 4.086,-1.674 0.118,-1.84 c 0.933,1.681 2.222,2.923 3.867,3.727 1.643,0.803 3.493,1.205 5.548,1.205 C -4.671,2.746 -2.055,1.83 0,0"
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path442" />
</g>
<g
id="g444"
transform="translate(1027.9968,264.0386)">
<path
d="m 0,0 h -21.128 c 0.261,-2.84 1.205,-5.044 2.83,-6.613 1.625,-1.57 3.727,-2.355 6.305,-2.355 2.054,0 3.763,0.356 5.128,1.065 1.363,0.71 2.288,1.738 2.774,3.083 l 3.755,-1.961 c -1.121,-1.981 -2.616,-3.495 -4.484,-4.54 -1.868,-1.046 -4.259,-1.569 -7.173,-1.569 -4.223,0 -7.538,1.289 -9.948,3.867 -2.41,2.578 -3.615,6.146 -3.615,10.704 0,4.558 1.149,8.127 3.447,10.705 2.298,2.578 5.557,3.867 9.779,3.867 2.615,0 4.876,-0.58 6.782,-1.738 1.905,-1.158 3.343,-2.728 4.315,-4.707 C -0.262,7.827 0.224,5.605 0.224,3.139 0.224,2.092 0.149,1.046 0,0 m -18.298,10.144 c -1.513,-1.457 -2.438,-3.512 -2.775,-6.165 h 16.982 c -0.3,2.615 -1.159,4.661 -2.578,6.137 -1.42,1.476 -3.307,2.214 -5.661,2.214 -2.466,0 -4.455,-0.728 -5.968,-2.186"
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path446" />
</g>
<g
id="g448"
transform="translate(1057.8818,276.4246)">
<path
d="m 0,0 c 2.41,-2.578 3.615,-6.147 3.615,-10.705 0,-4.558 -1.205,-8.126 -3.615,-10.704 -2.41,-2.578 -5.726,-3.867 -9.948,-3.867 -4.222,0 -7.537,1.289 -9.947,3.867 -2.41,2.578 -3.615,6.146 -3.615,10.704 0,4.558 1.205,8.127 3.615,10.705 2.41,2.578 5.725,3.867 9.947,3.867 C -5.726,3.867 -2.41,2.578 0,0 m -16.617,-2.858 c -1.607,-1.906 -2.41,-4.522 -2.41,-7.847 0,-3.326 0.803,-5.94 2.41,-7.846 1.607,-1.905 3.83,-2.858 6.669,-2.858 2.839,0 5.063,0.953 6.67,2.858 1.606,1.906 2.41,4.52 2.41,7.846 0,3.325 -0.804,5.941 -2.41,7.847 C -4.885,-0.953 -7.109,0 -9.948,0 c -2.839,0 -5.062,-0.953 -6.669,-2.858"
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path450" />
</g>
</g>
</g>
<g
id="g452"
transform="matrix(0.35277777,0,0,-0.35277777,5.8329581,6.5590171)">
<path
d="m 0,0 0.001,-38.946 25.286,-9.076 V -8.753 L 52.626,1.321 27.815,10.207 Z"
style="fill:#00e599;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path454" />
</g>
<g
id="g456"
transform="matrix(0.35277777,0,0,-0.35277777,15.479008,10.041927)">
<path
d="M 0,0 V -21.306 L 25.293,-30.364 25.282,9.347 Z"
style="fill:#00b091;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path458" />
</g>
</g>
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 5.5 KiB

After

Width:  |  Height:  |  Size: 6.5 KiB

20
.github/workflows/go.yml vendored Normal file
View file

@ -0,0 +1,20 @@
name: Go
on:
pull_request:
branches: [ master ]
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: Test
run: go test -v ./...

4
.gitignore vendored
View file

@ -4,7 +4,3 @@
config.json
/vendor/
.idea
/bin/
# debhelpers
**/.debhelper

138
CHANGELOG.md
View file

@ -1,130 +1,5 @@
# Changelog
Changelog for FrostFS Contract
## [Unreleased]
### Added
### Changed
### Removed
- `subnet` contract (#20)
### Updated
### Fixed
### Updating from v0.17.0
## [0.17.0] - 2023-04-13 - Furtwängler
### Added
### Changed
### Removed
- Notary disabled code from all contracts (#7)
### Updated
- `neo-go` to `v0.99.4`
### Fixed
### Updating from v0.16.0
## [0.16.0] - 2022-10-17 - Anmado (안마도, 鞍馬島)
### Added
- Support `MAINTENANCE` state of storage nodes (#269)
### Changed
- `netmap.Snapshot` and all similar methods return (#269)
### Updated
- NNS contract now sets domain expiration based on `register` arguments (#262)
### Fixed
- NNS `renew` now can only be done by the domain owner
### Updating from v0.15.5
Update deployed `Netmap` contract using `Update` method: storage of the contract
has been incompatibly changed.
## [0.15.5] - 2022-08-23
### Updated
- Update neo-go to v0.99.2 (#261)
- Makefile now takes only `v*` tags into account (#255)
## [0.15.4] - 2022-07-27
Only a version bump to update manifest.
## [0.15.3] - 2022-07-22
### Added
- Allow to build archive from source (#250)
### Changed
- Update neo-go to the latest version
- Use proper type for integer constants (#248)
## [0.15.2] - 2022-06-07
### Added
- `container.Count` method (#242)
### Changed
- Update neo-go to v0.99.0 (#246)
## [0.15.1] - 2022-04-13
### Fixed
- Max domain name fragement length (#238)
### Added
- `netmap.UpdateSnapshotCount` method (#232)
- Notifications of successful container and storage node operations (#236)
### Changed
- Update neo-go to v0.98.2 (#234)
## [0.15.0] - 2022-03-23 - Heuksando (흑산도, 黑山島)
### Fixed
- Split `UpdateState` method to allow Alphabet nodes remove storage nodes from
network map based on consensus decision in notary-enabled environment (#225)
### Changed
- Increase from 2 to 10 stored network maps in netmap contract (#224)
- Use public keys instead of `IRNode` structures in neofs and netmap contracts
(#222)
## [0.14.2] - 2022-02-07
### Fixed
- Remove duplicate records in NNS contract (#196)
### Changed
- Evict container estimations on every put (#215)
- Update neo-go to v0.98.1
## [0.14.1] - 2022-01-24
### Fixed
- Remove migration routine for reputation contract update (#220)
- Remove version check for subnet contract update (#220)
### Added
- Append version to `Update` arguments for subnet contract (#220)
## [0.14.0] - 2022-01-14 - Geojedo (거제도, 巨濟島)
### Fixed
- Sync `Update` method signature in NNS contract (#197)
- Use current block index in all `GetDisgnatedByRole` invocations (#209)
### Added
- Version check during contract update (#204)
### Changed
- Use `storage.RemovePrefix` in subnet contract (#199)
### Removed
- Netmap contract hash usage in proxy contract (#205)
- Legacy contract owner records from contract storage (#202)
Changelog for NeoFS Contract
## [0.13.2] - 2021-12-14
@ -419,17 +294,6 @@ Preview4-testnet version of NeoFS contracts.
Preview4 compatible contracts.
[Unreleased]: https://github.com/nspcc-dev/neofs-contract/compare/v0.16.0...master
[0.16.0]: https://github.com/nspcc-dev/neofs-contract/compare/v0.15.5...v0.16.0
[0.15.5]: https://github.com/nspcc-dev/neofs-contract/compare/v0.15.4...v0.15.5
[0.15.4]: https://github.com/nspcc-dev/neofs-contract/compare/v0.15.3...v0.15.4
[0.15.3]: https://github.com/nspcc-dev/neofs-contract/compare/v0.15.2...v0.15.3
[0.15.2]: https://github.com/nspcc-dev/neofs-contract/compare/v0.15.1...v0.15.2
[0.15.1]: https://github.com/nspcc-dev/neofs-contract/compare/v0.15.0...v0.15.1
[0.15.0]: https://github.com/nspcc-dev/neofs-contract/compare/v0.14.2...v0.15.0
[0.14.2]: https://github.com/nspcc-dev/neofs-contract/compare/v0.14.1...v0.14.2
[0.14.1]: https://github.com/nspcc-dev/neofs-contract/compare/v0.14.0...v0.14.1
[0.14.0]: https://github.com/nspcc-dev/neofs-contract/compare/v0.13.2...v0.14.0
[0.13.2]: https://github.com/nspcc-dev/neofs-contract/compare/v0.13.1...v0.13.2
[0.13.1]: https://github.com/nspcc-dev/neofs-contract/compare/v0.13.0...v0.13.1
[0.13.0]: https://github.com/nspcc-dev/neofs-contract/compare/v0.12.2...v0.13.0

35
Makefile
View file

@ -1,29 +1,19 @@
#!/usr/bin/make -f
SHELL=bash
# GOBIN is used only to install neo-go and allows to override
# the location of written binary.
export GOBIN ?= $(shell pwd)/bin
GOBIN ?= $(shell go env GOPATH)/bin
NEOGO ?= $(GOBIN)/cli
VERSION ?= $(shell git describe --tags --dirty --match "v*" --always --abbrev=8 2>/dev/null || cat VERSION 2>/dev/null || echo "develop")
# .deb package versioning
OS_RELEASE = $(shell lsb_release -cs)
PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
sed "s/-/~/")-${OS_RELEASE}
VERSION?=$(shell git describe --tags)
.PHONY: all build clean test neo-go
.PHONY: alphabet mainnet morph nns sidechain
.PHONY: debpackage debclean
build: neo-go all
all: sidechain mainnet
sidechain: alphabet morph nns
alphabet_sc = alphabet
morph_sc = audit balance container frostfsid netmap proxy reputation
mainnet_sc = frostfs processing
morph_sc = audit balance container neofsid netmap proxy reputation subnet
mainnet_sc = neofs processing
nns_sc = nns
define sc_template
@ -55,7 +45,6 @@ test:
clean:
find . -name '*.nef' -exec rm -rf {} \;
find . -name 'config.json' -exec rm -rf {} \;
rm -rf ./bin/
mr_proper: clean
for sc in $(alphabet_sc); do\
@ -63,18 +52,6 @@ mr_proper: clean
done
archive: build
@tar --transform "s|^./|frostfs-contract-$(VERSION)/|" \
-czf frostfs-contract-$(VERSION).tar.gz \
@tar --transform "s|^./|neofs-contract-$(VERSION)/|" \
-czf neofs-contract-$(VERSION).tar.gz \
$(shell find . -name '*.nef' -o -name 'config.json')
# Package for Debian
debpackage:
dch --package frostfs-contract \
--controlmaint \
--newversion $(PKG_VERSION) \
--distribution $(OS_RELEASE) \
"Please see CHANGELOG.md for code changes for $(VERSION)"
dpkg-buildpackage --no-sign -b
debclean:
dh clean

51
README.md
View file

@ -1,34 +1,35 @@
<p align="center">
<img src="./.github/logo.svg" width="500px" alt="FrostFS">
<img src="./.github/logo.svg" width="500px" alt="NeoFS">
</p>
<p align="center">
<a href="https://frostfs.info">FrostFS</a> related smart contracts.
<a href="https://fs.neo.org">NeoFS</a> related smart contracts.
</p>
---
# Overview
FrostFS-Contract contains all FrostFS related contracts written for
NeoFS-Contract contains all NeoFS related contracts written for
[neo-go](https://github.com/nspcc-dev/neo-go) compiler. These contracts
are deployed both in the mainchain and the sidechain.
are deployed both in main chain and side chain.
Mainchain contracts:
Main chain contracts:
- frostfs
- neofs
- processing
Sidechain contracts:
Side chain contracts:
- alphabet
- audit
- balance
- container
- frostfsid
- neofsid
- netmap
- nns
- proxy
- reputation
- subnet
# Getting started
@ -36,11 +37,11 @@ Sidechain contracts:
To compile smart contracts you need:
- [neo-go](https://github.com/nspcc-dev/neo-go) >= 0.99.2
- [neo-go](https://github.com/nspcc-dev/neo-go) >= 0.98.0
## Compilation
To build and compile smart contract, run `make all` command. Compiled contracts
To build and compile smart contract run `make all` command. Compiled contracts
`*_contract.nef` and manifest `config.json` files are placed in the
corresponding directories.
@ -50,12 +51,13 @@ $ make all
/home/user/go/bin/cli contract compile -i audit -c audit/config.yml -m audit/config.json -o audit/audit_contract.nef
/home/user/go/bin/cli contract compile -i balance -c balance/config.yml -m balance/config.json -o balance/balance_contract.nef
/home/user/go/bin/cli contract compile -i container -c container/config.yml -m container/config.json -o container/container_contract.nef
/home/user/go/bin/cli contract compile -i frostfsid -c frostfsid/config.yml -m frostfsid/config.json -o frostfsid/frostfsid_contract.nef
/home/user/go/bin/cli contract compile -i neofsid -c neofsid/config.yml -m neofsid/config.json -o neofsid/neofsid_contract.nef
/home/user/go/bin/cli contract compile -i netmap -c netmap/config.yml -m netmap/config.json -o netmap/netmap_contract.nef
/home/user/go/bin/cli contract compile -i proxy -c proxy/config.yml -m proxy/config.json -o proxy/proxy_contract.nef
/home/user/go/bin/cli contract compile -i reputation -c reputation/config.yml -m reputation/config.json -o reputation/reputation_contract.nef
/home/user/go/bin/cli contract compile -i subnet -c subnet/config.yml -m subnet/config.json -o subnet/subnet_contract.nef
/home/user/go/bin/cli contract compile -i nns -c nns/config.yml -m nns/config.json -o nns/nns_contract.nef
/home/user/go/bin/cli contract compile -i frostfs -c frostfs/config.yml -m frostfs/config.json -o frostfs/frostfs_contract.nef
/home/user/go/bin/cli contract compile -i neofs -c neofs/config.yml -m neofs/config.json -o neofs/neofs_contract.nef
/home/user/go/bin/cli contract compile -i processing -c processing/config.yml -m processing/config.json -o processing/processing_contract.nef
```
@ -67,24 +69,25 @@ $ NEOGO=/home/user/neo-go/bin/neo-go make all
Remove compiled files with `make clean` or `make mr_proper` command.
## Building Debian package
To build Debian package containing compiled contracts, run `make debpackage`
command. Package will install compiled contracts `*_contract.nef` and manifest
`config.json` with corresponding directories to `/var/lib/neofs/contract` for
further usage.
It will download and build neo-go, if needed.
To clean package-related files, use `make debclean`.
# Testing
Smartcontract tests reside in `tests/` directory. To execute test suite
after applying changes, simply run `make test`.
after applying changes simply run `make test`.
```
$ make test
ok git.frostfs.info/TrueCloudLab/frostfs-contract/tests 0.462s
ok github.com/nspcc-dev/neofs-contract/tests 0.462s
```
# NeoFS API compatibility
|neofs-contract version|supported NeoFS API versions|
|:------------------:|:--------------------------:|
|v0.9.x|[v2.7.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.7.0), [v2.8.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.8.0)|
|v0.10.x|[v2.7.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.7.0), [v2.8.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.8.0)|
|v0.11.x|[v2.7.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.7.0), [v2.8.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.8.0), [v2.9.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.9.0)|
|v0.12.x|[v2.10.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.10.0)|
|v0.13.x|[v2.11.0](https://github.com/nspcc-dev/neofs-api/releases/tag/v2.11.0)|
# License
This project is licensed under the GPLv3 License - see the

1
VERSION
View file

@ -1 +0,0 @@
v0.18.0

152
alphabet/alphabet_contract.go
View file

@ -1,14 +1,15 @@
package alphabet
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/gas"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/neo"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
const (
@ -32,18 +33,18 @@ func OnNEP17Payment(from interop.Hash160, amount int, data interface{}) {
}
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
ctx := storage.GetContext()
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
proxyContract := data.([]interface{})[0] // better to hardcode it
storage.Put(ctx, proxyKey, proxyContract)
return
}
args := data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrNetmap interop.Hash160
addrProxy interop.Hash160
@ -52,7 +53,9 @@ func _deploy(data interface{}, isUpdate bool) {
total int
})
if len(args.addrNetmap) != interop.Hash160Len || len(args.addrProxy) != interop.Hash160Len {
ctx := storage.GetContext()
if len(args.addrNetmap) != interop.Hash160Len || !args.notaryDisabled && len(args.addrProxy) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
@ -62,26 +65,34 @@ func _deploy(data interface{}, isUpdate bool) {
storage.Put(ctx, indexKey, args.index)
storage.Put(ctx, totalKey, args.total)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
common.InitVote(ctx)
runtime.Log(args.name + " notary disabled")
}
runtime.Log(args.name + " contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("alphabet contract updated")
}
// GAS returns the amount of the sidechain GAS stored in the contract account.
// GAS returns amount of side chain GAS stored in contract account.
func Gas() int {
return gas.BalanceOf(runtime.GetExecutingScriptHash())
}
// NEO returns the amount of sidechain NEO stored in the contract account.
// NEO returns amount of side chain NEO stored in contract account.
func Neo() int {
return neo.BalanceOf(runtime.GetExecutingScriptHash())
}
@ -99,7 +110,7 @@ func index(ctx storage.Context) int {
return storage.Get(ctx, indexKey).(int)
}
func checkPermission(ir []interop.PublicKey) bool {
func checkPermission(ir []common.IRNode) bool {
ctx := storage.GetReadOnlyContext()
index := index(ctx) // read from contract memory
@ -108,18 +119,22 @@ func checkPermission(ir []interop.PublicKey) bool {
}
node := ir[index]
return runtime.CheckWitness(node)
return runtime.CheckWitness(node.PublicKey)
}
// Emit method produces sidechain GAS and distributes it among Inner Ring nodes
// and proxy contract. It can be invoked only by an Alphabet node of the Inner Ring.
// Emit method produces side chain GAS and distributes it among Inner Ring nodes
// and proxy contract. Can be invoked only by Alphabet node of the Inner Ring.
//
// To produce GAS, an alphabet contract transfers all available NEO from the contract
// account to itself. 50% of the GAS in the contract account
// are transferred to proxy contract. 43.75% of the GAS are equally distributed
// among all Inner Ring nodes. Remaining 6.25% of the GAS stay in the contract.
// To produce GAS, alphabet contract transfers all available NEO from contract
// account to itself. If notary enabled, then 50% of the GAS in the contract account
// transferred to proxy contract. 43.75% of the GAS are equally distributed
// among all Inner Ring nodes. Remaining 6.25% of the GAS stays in the contract.
//
// If notary disabled, then 87.5% of the GAS are equally distributed among all
// Inner Ring nodes. Remaining 12.5% of the GAS stays in the contract.
func Emit() {
ctx := storage.GetReadOnlyContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
alphabet := common.AlphabetNodes()
if !checkPermission(alphabet) {
@ -134,28 +149,37 @@ func Emit() {
gasBalance := gas.BalanceOf(contractHash)
proxyAddr := storage.Get(ctx, proxyKey).(interop.Hash160)
if !notaryDisabled {
proxyAddr := storage.Get(ctx, proxyKey).(interop.Hash160)
proxyGas := gasBalance / 2
if proxyGas == 0 {
panic("no gas to emit")
proxyGas := gasBalance / 2
if proxyGas == 0 {
panic("no gas to emit")
}
if !gas.Transfer(contractHash, proxyAddr, proxyGas, nil) {
runtime.Log("could not transfer GAS to proxy contract")
}
gasBalance -= proxyGas
runtime.Log("utility token has been emitted to proxy contract")
}
if !gas.Transfer(contractHash, proxyAddr, proxyGas, nil) {
runtime.Log("could not transfer GAS to proxy contract")
var innerRing []common.IRNode
if notaryDisabled {
netmapContract := storage.Get(ctx, netmapKey).(interop.Hash160)
innerRing = common.InnerRingNodesFromNetmap(netmapContract)
} else {
innerRing = common.InnerRingNodes()
}
gasBalance -= proxyGas
runtime.Log("utility token has been emitted to proxy contract")
innerRing := common.InnerRingNodes()
gasPerNode := gasBalance * 7 / 8 / len(innerRing)
if gasPerNode != 0 {
for _, node := range innerRing {
address := contract.CreateStandardAccount(node)
address := contract.CreateStandardAccount(node.PublicKey)
if !gas.Transfer(contractHash, address, gasPerNode, nil) {
runtime.Log("could not transfer GAS to one of IR node")
}
@ -165,19 +189,34 @@ func Emit() {
}
}
// Vote method votes for the sidechain committee. It requires multisignature from
// Vote method votes for side chain committee. Requires multisignature from
// Alphabet nodes of the Inner Ring.
//
// This method is used when governance changes the list of Alphabet nodes of the
// Inner Ring. Alphabet nodes share keys with sidechain validators, therefore
// it is required to change them as well. To do that, NEO holders (which are
// alphabet contracts) should vote for a new committee.
// This method is used when governance changes list of Alphabet nodes of the
// Inner Ring. Alphabet nodes share keys with side chain validators, therefore
// it is required to change them as well. To do that NEO holders, which are
// alphabet contracts, should vote for new committee.
func Vote(epoch int, candidates []interop.PublicKey) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
index := index(ctx)
name := name(ctx)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("invalid invoker")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
curEpoch := currentEpoch(ctx)
if epoch != curEpoch {
@ -187,21 +226,50 @@ func Vote(epoch int, candidates []interop.PublicKey) {
candidate := candidates[index%len(candidates)]
address := runtime.GetExecutingScriptHash()
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := voteID(epoch, candidates)
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
ok := neo.Vote(address, candidate)
if ok {
runtime.Log(name + ": successfully voted for validator")
} else {
runtime.Log(name + ": vote has been failed")
}
return
}
// Name returns the Glagolitic name of the contract.
func voteID(epoch interface{}, args []interop.PublicKey) []byte {
var (
result []byte
epochBytes = epoch.([]byte)
)
result = append(result, epochBytes...)
for i := range args {
result = append(result, args[i]...)
}
return crypto.Sha256(result)
}
// Name returns Glagolitic name of the contract.
func Name() string {
ctx := storage.GetReadOnlyContext()
return name(ctx)
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}

2
alphabet/config.yml
View file

@ -1,4 +1,4 @@
name: "Alphabet"
name: "NeoFS Alphabet"
safemethods: ["gas", "neo", "name", "version"]
permissions:
- methods: ["update", "transfer", "vote"]

31
alphabet/doc.go
View file

@ -1,32 +1,21 @@
/*
Alphabet contract is a contract deployed in FrostFS sidechain.
Alphabet contract is a contract deployed in NeoFS side chain.
Alphabet contract is designed to support GAS production and vote for new
validators in the sidechain. NEO token is required to produce GAS and vote for
a new committee. It can be distributed among alphabet nodes of the Inner Ring.
However, some of them may be malicious, and some NEO can be lost. It will destabilize
the economic of the sidechain. To avoid it, all 100,000,000 NEO are
Alphabet contract is designed to support GAS producing and voting for new
validators in the side chain. NEO token is required to produce GAS and vote for
a new committee. If can be distributed among alphabet nodes of Inner Ring.
However, some of them may be malicious and some NEO can be lost. It will lead
to side chain economic destabilization. To avoid it, all 100 000 000 NEO are
distributed among all alphabet contracts.
To identify alphabet contracts, they are named with letters of the Glagolitic alphabet.
Names are set at contract deploy. Alphabet nodes of the Inner Ring communicate with
To identify alphabet contracts, they are named with letters of the Glagolitic.
Names are set at contract deploy. Alphabet nodes of Inner Ring communicate with
one of the alphabetical contracts to emit GAS. To vote for a new list of side
chain committee, alphabet nodes of the Inner Ring create multisignature transactions
chain committee, alphabet nodes of Inner Ring create multisignature transactions
for each alphabet contract.
# Contract notifications
Contract notifications
Alphabet contract does not produce notifications to process.
# Contract storage scheme
| Key | Value | Description |
|--------------------|------------|-------------------------------------------------|
| `netmapScriptHash` | Hash160 | netmap contract hash |
| `proxyScriptHash` | Hash160 | proxy contract hash |
| `name` | string | assigned glagolitic letter |
| `index` | int | the index of deployed alphabet contract |
| `threshold` | int | the total number of deployed alphabet contracts |
*/
package alphabet

74
audit/audit_contract.go
View file

@ -1,13 +1,14 @@
package audit
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
type (
@ -18,8 +19,8 @@ type (
}
)
// Audit key is a combination of the epoch, the container ID and the public key of the node that
// has executed the audit. Together, it shouldn't be more than 64 bytes. We can't shrink
// Audit key is a combination of epoch, container ID and public key of node that
// executed audit. Together it should be no more than 64 bytes. We can't shrink
// epoch and container ID since we iterate over these values. But we can shrink
// public key by using first bytes of the hashed value.
@ -42,59 +43,73 @@ const (
)
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
ctx := storage.GetContext()
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
args := data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrNetmap interop.Hash160
})
ctx := storage.GetContext()
if len(args.addrNetmap) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
storage.Put(ctx, netmapContractKey, args.addrNetmap)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
runtime.Log("audit contract notary disabled")
}
runtime.Log("audit contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("audit contract updated")
}
// Put method stores a stable marshalled `DataAuditResult` structure. It can be
// Put method stores stable marshalled `DataAuditResult` structure. Can be
// invoked only by Inner Ring nodes.
//
// Inner Ring nodes perform audit of containers and produce `DataAuditResult`
// structures. They are stored in audit contract and used for settlements
// Inner Ring nodes perform audit of the containers and produce `DataAuditResult`
// structures. They are being stored in audit contract and used for settlements
// in later epochs.
func Put(rawAuditResult []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
innerRing := common.InnerRingNodes()
var innerRing []common.IRNode
if notaryDisabled {
netmapContract := storage.Get(ctx, netmapContractKey).(interop.Hash160)
innerRing = common.InnerRingNodesFromNetmap(netmapContract)
} else {
innerRing = common.InnerRingNodes()
}
hdr := newAuditHeader(rawAuditResult)
presented := false
for i := range innerRing {
ir := innerRing[i]
if common.BytesEqual(ir, hdr.from) {
if common.BytesEqual(ir.PublicKey, hdr.from) {
presented = true
break
@ -110,16 +125,16 @@ func Put(rawAuditResult []byte) {
runtime.Log("audit: result has been saved")
}
// Get method returns a stable marshaled DataAuditResult structure.
// Get method returns stable marshaled DataAuditResult structure.
//
// The ID of the DataAuditResult can be obtained from listing methods.
// ID of the DataAuditResult can be obtained from listing methods.
func Get(id []byte) []byte {
ctx := storage.GetReadOnlyContext()
return storage.Get(ctx, id).([]byte)
}
// List method returns a list of all available DataAuditResult IDs from
// the contract storage.
// List method returns list of all available DataAuditResult IDs from
// contract storage.
func List() [][]byte {
ctx := storage.GetReadOnlyContext()
it := storage.Find(ctx, []byte{}, storage.KeysOnly)
@ -127,8 +142,8 @@ func List() [][]byte {
return list(it)
}
// ListByEpoch method returns a list of DataAuditResult IDs generated during
// the specified epoch.
// ListByEpoch method returns list of DataAuditResult IDs generated in
// specified epoch.
func ListByEpoch(epoch int) [][]byte {
ctx := storage.GetReadOnlyContext()
var buf interface{} = epoch
@ -137,8 +152,8 @@ func ListByEpoch(epoch int) [][]byte {
return list(it)
}
// ListByCID method returns a list of DataAuditResult IDs generated during
// the specified epoch for the specified container.
// ListByCID method returns list of DataAuditResult IDs generated in
// specified epoch for specified container.
func ListByCID(epoch int, cid []byte) [][]byte {
ctx := storage.GetReadOnlyContext()
@ -150,8 +165,8 @@ func ListByCID(epoch int, cid []byte) [][]byte {
return list(it)
}
// ListByNode method returns a list of DataAuditResult IDs generated in
// the specified epoch for the specified container by the specified Inner Ring node.
// ListByNode method returns list of DataAuditResult IDs generated in
// specified epoch for specified container by specified Inner Ring node.
func ListByNode(epoch int, cid []byte, key interop.PublicKey) [][]byte {
ctx := storage.GetReadOnlyContext()
hdr := auditHeader{
@ -170,6 +185,7 @@ func list(it iterator.Iterator) [][]byte {
ignore := [][]byte{
[]byte(netmapContractKey),
[]byte(notaryDisabledKey),
}
loop:
@ -187,12 +203,12 @@ loop:
return result
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}
// readNext reads the length from the first byte, and then reads data (max 127 bytes).
// readNext reads length from first byte and then reads data (max 127 bytes).
func readNext(input []byte) ([]byte, int) {
var buf interface{} = input[0]
ln := buf.(int)

2
audit/config.yml
View file

@ -1,4 +1,4 @@
name: "Audit"
name: "NeoFS Audit"
safemethods: ["get", "list", "listByEpoch", "listByCID", "listByNode", "version"]
permissions:
- methods: ["update"]

28
audit/doc.go
View file

@ -1,30 +1,22 @@
/*
Audit contract is a contract deployed in FrostFS sidechain.
Audit contract is a contract deployed in NeoFS side chain.
Inner Ring nodes perform audit of the registered containers during every epoch.
If a container contains StorageGroup objects, an Inner Ring node initializes
Inner Ring nodes perform an audit of the registered containers in every epoch.
If container contains StorageGroup objects, then the Inner Ring node initializes
a series of audit checks. Based on the results of these checks, the Inner Ring
node creates a DataAuditResult structure for the container. The content of this
structure makes it possible to determine which storage nodes have been examined and
see the status of these checks. Regarding this information, the container owner is
structure makes it possible to determine which storage nodes were examined and
the status of these checks. Based on this information, container owner is
charged for data storage.
Audit contract is used as a reliable and verifiable storage for all
DataAuditResult structures. At the end of data audit routine, Inner Ring
Audit contract is used as reliable and verifiable storage for all
DataAuditResult structures. At the end of the data audit routine, the Inner Ring
nodes send a stable marshaled version of the DataAuditResult structure to the
contract. When Alphabet nodes of the Inner Ring perform settlement operations,
they make a list and get these AuditResultStructures from the audit contract.
they list and get these AuditResultStructures from the audit contract.
# Contract notifications
Audit contract does not produce notifications to process.
# Contract storage scheme
| Key | Value | Description |
|--------------------|------------|-----------------------------------------------------------|
| `netmapScriptHash` | Hash160 | netmap contract hash |
| auditID | ByteArray | serialized DataAuditResult structure |
Contract notifications
Alphabet contract does not produce notifications to process.
*/
package audit

248
balance/balance_contract.go
View file

@ -1,13 +1,14 @@
package balance
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
type (
@ -21,9 +22,9 @@ type (
CirculationKey string
}
// Account structure stores metadata of each FrostFS balance account.
// Account structure stores metadata of each NeoFS balance account.
Account struct {
// Active balance
// Active balance
Balance int
// Until valid for lock accounts
Until int
@ -34,7 +35,7 @@ type (
)
const (
symbol = "FROSTFS"
symbol = "NEOFS"
decimals = 12
circulation = "MainnetGAS"
@ -58,23 +59,22 @@ func init() {
}
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
ctx := storage.GetContext()
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
args := data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrNetmap interop.Hash160
addrContainer interop.Hash160
})
ctx := storage.GetContext()
if len(args.addrNetmap) != interop.Hash160Len || len(args.addrContainer) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
@ -82,67 +82,109 @@ func _deploy(data interface{}, isUpdate bool) {
storage.Put(ctx, netmapContractKey, args.addrNetmap)
storage.Put(ctx, containerContractKey, args.addrContainer)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
common.InitVote(ctx)
runtime.Log("balance contract notary disabled")
}
runtime.Log("balance contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("balance contract updated")
}
// Symbol is a NEP-17 standard method that returns FROSTFS token symbol.
// Symbol is a NEP-17 standard method that returns NEOFS token symbol.
func Symbol() string {
return token.Symbol
}
// Decimals is a NEP-17 standard method that returns precision of FrostFS
// Decimals is a NEP-17 standard method that returns precision of NeoFS
// balances.
func Decimals() int {
return token.Decimals
}
// TotalSupply is a NEP-17 standard method that returns total amount of main
// chain GAS in FrostFS network.
// chain GAS in the NeoFS network.
func TotalSupply() int {
ctx := storage.GetReadOnlyContext()
return token.getSupply(ctx)
}
// BalanceOf is a NEP-17 standard method that returns FrostFS balance of the specified
// BalanceOf is a NEP-17 standard method that returns NeoFS balance of specified
// account.
func BalanceOf(account interop.Hash160) int {
ctx := storage.GetReadOnlyContext()
return token.balanceOf(ctx, account)
}
// Transfer is a NEP-17 standard method that transfers FrostFS balance from one
// account to another. It can be invoked only by the account owner.
// Transfer is a NEP-17 standard method that transfers NeoFS balance from one
// account to other. Can be invoked only by account owner.
//
// It produces Transfer and TransferX notifications. TransferX notification
// Produces Transfer and TransferX notifications. TransferX notification
// will have empty details field.
func Transfer(from, to interop.Hash160, amount int, data interface{}) bool {
ctx := storage.GetContext()
return token.transfer(ctx, from, to, amount, false, nil)
}
// TransferX is a method for FrostFS balance to be transferred from one account to
// another. It can be invoked by the account owner or by Alphabet nodes.
// TransferX is a method for NeoFS balance transfers from one account to
// another. Can be invoked by account owner or by Alphabet nodes.
//
// It produces Transfer and TransferX notifications.
// Produces Transfer and TransferX notifications.
//
// TransferX method expands Transfer method by having extra details argument.
// TransferX method also allows to transfer assets by Alphabet nodes of the
// Inner Ring with multisignature.
// Also TransferX method allows to transfer assets by Alphabet nodes of the
// Inner Ring with multi signature.
func TransferX(from, to interop.Hash160, amount int, details []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
indirectCall bool
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked from inner ring")
}
indirectCall = common.FromKnownContract(
ctx,
runtime.GetCallingScriptHash(),
containerContractKey,
)
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
if notaryDisabled && !indirectCall {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{from, to, amount}, []byte("transfer"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
result := token.transfer(ctx, from, to, amount, true, details)
if !result {
@ -152,18 +194,33 @@ func TransferX(from, to interop.Hash160, amount int, details []byte) {
runtime.Log("successfully transferred assets")
}
// Lock is a method that transfers assets from a user account to the lock account
// related to the user. It can be invoked only by Alphabet nodes of the Inner Ring.
// Lock is a method that transfers assets from user account to lock account
// related to the user. Can be invoked only by Alphabet nodes of the Inner Ring.
//
// It produces Lock, Transfer and TransferX notifications.
// Produces Lock, Transfer and TransferX notifications.
//
// Lock method is invoked by Alphabet nodes of the Inner Ring when they process
// Withdraw notification from FrostFS contract. This should transfer assets
// to a new lock account that won't be used for anything beside Unlock and Burn.
// Lock method invoked by Alphabet nodes of the Inner Ring when they process
// Withdraw notification from NeoFS contract. This should transfer assets
// to new lock account that won't be used for anything besides Unlock and Burn.
func Lock(txDetails []byte, from, to interop.Hash160, amount, until int) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked from inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
details := common.LockTransferDetails(txDetails)
@ -173,6 +230,18 @@ func Lock(txDetails []byte, from, to interop.Hash160, amount, until int) {
Parent: from,
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{txDetails}, []byte("lock"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
common.SetSerialized(ctx, to, lockAccount)
result := token.transfer(ctx, from, to, amount, true, details)
@ -185,15 +254,28 @@ func Lock(txDetails []byte, from, to interop.Hash160, amount, until int) {
runtime.Notify("Lock", txDetails, from, to, amount, until)
}
// NewEpoch is a method that checks timeout on lock accounts and returns assets
// if lock is not available anymore. It can be invoked only by NewEpoch method
// NewEpoch is a method that checks timeout on lock accounts and return assets
// if lock is not available anymore. Can be invoked only by NewEpoch method
// of Netmap contract.
//
// It produces Transfer and TransferX notifications.
// Produces Transfer and TransferX notifications.
func NewEpoch(epochNum int) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
if notaryDisabled {
indirectCall := common.FromKnownContract(
ctx,
runtime.GetCallingScriptHash(),
netmapContractKey,
)
if !indirectCall {
panic("this method must be invoked from inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
it := storage.Find(ctx, []byte{}, storage.KeysOnly)
for iterator.Next(it) {
@ -215,22 +297,49 @@ func NewEpoch(epochNum int) {
}
}
// Mint is a method that transfers assets to a user account from an empty account.
// It can be invoked only by Alphabet nodes of the Inner Ring.
// Mint is a method that transfers assets to user account from empty account.
// Can be invoked only by Alphabet nodes of the Inner Ring.
//
// It produces Mint, Transfer and TransferX notifications.
// Produces Mint, Transfer and TransferX notifications.
//
// Mint method is invoked by Alphabet nodes of the Inner Ring when they process
// Deposit notification from FrostFS contract. Before that, Alphabet nodes should
// synchronize precision of mainchain GAS contract and Balance contract.
// Mint increases total supply of NEP-17 compatible FrostFS token.
// Mint method invoked by Alphabet nodes of the Inner Ring when they process
// Deposit notification from NeoFS contract. Before that Alphabet nodes should
// synchronize precision of main chain GAS contract and Balance contract.
// Mint increases total supply of NEP-17 compatible NeoFS token.
func Mint(to interop.Hash160, amount int, txDetails []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked from inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
details := common.MintTransferDetails(txDetails)
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{txDetails}, []byte("mint"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
ok := token.transfer(ctx, nil, to, amount, true, details)
if !ok {
panic("can't transfer assets")
@ -243,24 +352,51 @@ func Mint(to interop.Hash160, amount int, txDetails []byte) {
runtime.Notify("Mint", to, amount)
}
// Burn is a method that transfers assets from a user account to an empty account.
// It can be invoked only by Alphabet nodes of the Inner Ring.
// Burn is a method that transfers assets from user account to empty account.
// Can be invoked only by Alphabet nodes of the Inner Ring.
//
// It produces Burn, Transfer and TransferX notifications.
// Produces Burn, Transfer and TransferX notifications.
//
// Burn method is invoked by Alphabet nodes of the Inner Ring when they process
// Cheque notification from FrostFS contract. It means that locked assets have been
// transferred to the user in the mainchain, therefore the lock account should be destroyed.
// Before that, Alphabet nodes should synchronize precision of mainchain GAS
// Burn method invoked by Alphabet nodes of the Inner Ring when they process
// Cheque notification from NeoFS contract. It means that locked assets were
// transferred to user in main chain, therefore lock account should be destroyed.
// Before that Alphabet nodes should synchronize precision of main chain GAS
// contract and Balance contract. Burn decreases total supply of NEP-17
// compatible FrostFS token.
// compatible NeoFS token.
func Burn(from interop.Hash160, amount int, txDetails []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked from inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
details := common.BurnTransferDetails(txDetails)
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{txDetails}, []byte("burn"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
ok := token.transfer(ctx, from, nil, amount, true, details)
if !ok {
panic("can't transfer assets")
@ -277,7 +413,7 @@ func Burn(from interop.Hash160, amount int, txDetails []byte) {
runtime.Notify("Burn", from, amount)
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}
@ -351,7 +487,7 @@ func (t Token) canTransfer(ctx storage.Context, from, to interop.Hash160, amount
return amountFrom, true
}
// isUsableAddress checks if the sender is either a correct NEO address or SC address.
// isUsableAddress checks if the sender is either the correct NEO address or SC address.
func isUsableAddress(addr interop.Hash160) bool {
if len(addr) == 20 {
if runtime.CheckWitness(addr) {

9
balance/config.yml
View file

@ -1,11 +1,6 @@
name: "Balance"
name: "NeoFS Balance"
supportedstandards: ["NEP-17"]
safemethods:
- "balanceOf"
- "decimals"
- "symbol"
- "totalSupply"
- "version"
safemethods: ["balanceOf", "decimals", "symbol", "totalSupply", "version"]
permissions:
- methods: ["update"]
events:

120
balance/doc.go
View file

@ -1,87 +1,79 @@
/*
Balance contract is a contract deployed in FrostFS sidechain.
Balance contract is a contract deployed in NeoFS side chain.
Balance contract stores all FrostFS account balances. It is a NEP-17 compatible
contract, so it can be tracked and controlled by N3 compatible network
Balance contract stores all NeoFS account balances. It is NEP-17 compatible
contract so in can be tracked and controlled by N3 compatible network
monitors and wallet software.
This contract is used to store all micro transactions in the sidechain, such as
data audit settlements or container fee payments. It is inefficient to make such
small payment transactions in the mainchain. To process small transfers, balance
small payment transactions in main chain. To process small transfers, balance
contract has higher (12) decimal precision than native GAS contract.
FrostFS balances are synchronized with mainchain operations. Deposit produces
minting of FROSTFS tokens in Balance contract. Withdraw locks some FROSTFS tokens
in a special lock account. When FrostFS contract transfers GAS assets back to the
user, the lock account is destroyed with burn operation.
NeoFS balances are synchronized with main chain operations. Deposit produce
minting of NEOFS tokens in Balance contract. Withdraw locks some NEOFS tokens
in special lock account. When NeoFS contract transfers GAS assets back to the
user, lock account is destroyed with burn operation.
# Contract notifications
Contract notifications
Transfer notification. This is a NEP-17 standard notification.
Transfer notification. This is NEP-17 standard notification.
Transfer:
- name: from
type: Hash160
- name: to
type: Hash160
- name: amount
type: Integer
Transfer:
- name: from
type: Hash160
- name: to
type: Hash160
- name: amount
type: Integer
TransferX notification. This is an enhanced transfer notification with details.
TransferX notification. This is enhanced transfer notification with details.
TransferX:
- name: from
type: Hash160
- name: to
type: Hash160
- name: amount
type: Integer
- name: details
type: ByteArray
TransferX:
- name: from
type: Hash160
- name: to
type: Hash160
- name: amount
type: Integer
- name: details
type: ByteArray
Lock notification. This notification is produced when a lock account is
created. It contains information about the mainchain transaction that has produced
the asset lock, the address of the lock account and the FrostFS epoch number until which the
lock account is valid. Alphabet nodes of the Inner Ring catch notification and initialize
Cheque method invocation of FrostFS contract.
Lock notification. This notification is produced when Lock account has been
created. It contains information about main chain transaction that produced
asset lock, address of lock account and NeoFS epoch number until lock account
is valid. Alphabet nodes of the Inner Ring catch notification and initialize
Cheque method invocation of the NeoFS contract.
Lock:
- name: txID
type: ByteArray
- name: from
type: Hash160
- name: to
type: Hash160
- name: amount
type: Integer
- name: until
type: Integer
Lock:
- name: txID
type: ByteArray
- name: from
type: Hash160
- name: to
type: Hash160
- name: amount
type: Integer
- name: until
type: Integer
Mint notification. This notification is produced when user balance is
replenished from deposit in the mainchain.
replenished from deposit in the main chain.
Mint:
- name: to
type: Hash160
- name: amount
type: Integer
Mint:
- name: to
type: Hash160
- name: amount
type: Integer
Burn notification. This notification is produced after user balance is reduced
when FrostFS contract has transferred GAS assets back to the user.
Burn:
- name: from
type: Hash160
- name: amount
type: Integer
# Contract storage scheme
| Key | Value | Description |
|-----------------------|------------|----------------------------------|
| `netmapScriptHash` | Hash160 | netmap contract hash |
| `containerScriptHash` | Hash160 | container contract hash |
| circulationKey | int | the token circulation key value |
when NeoFS contract transferred GAS assets back to the user.
Burn:
- name: from
type: Hash160
- name: amount
type: Integer
*/
package balance

26
common/common.go
View file

@ -1,26 +0,0 @@
package common
import (
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neo-go/pkg/interop/util"
)
const (
panicMsgForNotaryDisabledEnv = "contract not applicable for notary-disabled environment"
)
// BytesEqual compares two slices of bytes by wrapping them into strings,
// which is necessary with new util.Equals interop behaviour, see neo-go#1176.
func BytesEqual(a []byte, b []byte) bool {
return util.Equals(string(a), string(b))
}
// RmAndCheckNotaryDisabledKey remove notary disabled key from storage and
// panic in notary disabled environment
func RmAndCheckNotaryDisabledKey(data interface{}, key interface{}) {
//TODO(@acid-ant): #9 remove notaryDisabled from args in future version
storage.Delete(storage.GetContext(), key)
if data.([]interface{})[0].(bool) {
panic(panicMsgForNotaryDisabledEnv)
}
}

57
common/ir.go
View file

@ -6,22 +6,47 @@ import (
"github.com/nspcc-dev/neo-go/pkg/interop/native/ledger"
"github.com/nspcc-dev/neo-go/pkg/interop/native/neo"
"github.com/nspcc-dev/neo-go/pkg/interop/native/roles"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
)
type IRNode struct {
PublicKey interop.PublicKey
}
// InnerRingNodes return a list of inner ring nodes from state validator role
// in the sidechain.
func InnerRingNodes() []interop.PublicKey {
blockHeight := ledger.CurrentIndex()
return roles.GetDesignatedByRole(roles.NeoFSAlphabet, uint32(blockHeight+1))
const irListMethod = "innerRingList"
// InnerRingInvoker returns public key of inner ring node that invoked contract.
// Work around for environments without notary support.
func InnerRingInvoker(ir []IRNode) interop.PublicKey {
for i := 0; i < len(ir); i++ {
node := ir[i]
if runtime.CheckWitness(node.PublicKey) {
return node.PublicKey
}
}
return nil
}
// AlphabetNodes returns a list of alphabet nodes from committee in the sidechain.
func AlphabetNodes() []interop.PublicKey {
return neo.GetCommittee()
// InnerRingNodes return list of inner ring nodes from state validator role
// in side chain.
func InnerRingNodes() []IRNode {
blockHeight := ledger.CurrentIndex()
list := roles.GetDesignatedByRole(roles.NeoFSAlphabet, uint32(blockHeight+1))
return keysToNodes(list)
}
// InnerRingNodesFromNetmap gets list of inner ring through
// calling "innerRingList" method of smart contract.
// Work around for environments without notary support.
func InnerRingNodesFromNetmap(sc interop.Hash160) []IRNode {
return contract.Call(sc, irListMethod, contract.ReadOnly).([]IRNode)
}
// AlphabetNodes return list of alphabet nodes from committee in side chain.
func AlphabetNodes() []IRNode {
list := neo.GetCommittee()
return keysToNodes(list)
}
// AlphabetAddress returns multi address of alphabet public keys.
@ -36,8 +61,8 @@ func CommitteeAddress() []byte {
return Multiaddress(committee, true)
}
// Multiaddress returns default multisignature account address for N keys.
// If committee set to true, it is `M = N/2+1` committee account.
// Multiaddress returns default multi signature account address for N keys.
// If committee set to true, then it is `M = N/2+1` committee account.
func Multiaddress(n []interop.PublicKey, committee bool) []byte {
threshold := len(n)*2/3 + 1
if committee {
@ -46,3 +71,15 @@ func Multiaddress(n []interop.PublicKey, committee bool) []byte {
return contract.CreateMultisigAccount(threshold, n)
}
func keysToNodes(list []interop.PublicKey) []IRNode {
result := []IRNode{}
for i := range list {
result = append(result, IRNode{
PublicKey: list[i],
})
}
return result
}

9
common/storage.go
View file

@ -5,6 +5,15 @@ import (
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
)
func GetList(ctx storage.Context, key interface{}) [][]byte {
data := storage.Get(ctx, key)
if data != nil {
return std.Deserialize(data.([]byte)).([][]byte)
}
return [][]byte{}
}
// SetSerialized serializes data and puts it into contract storage.
func SetSerialized(ctx storage.Context, key interface{}, value interface{}) {
data := std.Serialize(value)

2
common/transfer.go
View file

@ -39,7 +39,7 @@ func ContainerFeeTransferDetails(cid []byte) []byte {
return append(containerFeePrefix, cid...)
}
// AbortWithMessage calls `runtime.Log` with the passed message
// AbortWithMessage calls `runtime.Log` with passed message
// and calls `ABORT` opcode.
func AbortWithMessage(msg string) {
runtime.Log(msg)

3
common/update.go
View file

@ -4,9 +4,6 @@ import (
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
)
// LegacyOwnerKey is storage key used to store contract owner.
const LegacyOwnerKey = "contractOwner"
// HasUpdateAccess returns true if contract can be updated.
func HasUpdateAccess() bool {
return runtime.CheckWitness(CommitteeAddress())

8
common/version.go
View file

@ -4,15 +4,15 @@ import "github.com/nspcc-dev/neo-go/pkg/interop/native/std"
const (
major = 0
minor = 18
patch = 0
minor = 13
patch = 2
// Versions from which an update should be performed.
// These should be used in a group (so prevMinor can be equal to minor if there are
// any migration routines.
prevMajor = 0
prevMinor = 16
prevPatch = 0
prevMinor = 12
prevPatch = 2
Version = major*1_000_000 + minor*1_000 + patch

147
common/vote.go Normal file
View file

@ -0,0 +1,147 @@
package common
import (
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/ledger"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neo-go/pkg/interop/util"
)
type Ballot struct {
// ID of the voting decision.
ID []byte
// Public keys of already voted inner ring nodes.
Voters []interop.PublicKey
// Height of block with the last vote.
Height int
}
const voteKey = "ballots"
const blockDiff = 20 // change base on performance evaluation
func InitVote(ctx storage.Context) {
SetSerialized(ctx, voteKey, []Ballot{})
}
// Vote adds ballot for the decision with specific 'id' and returns amount
// on unique voters for that decision.
func Vote(ctx storage.Context, id, from []byte) int {
var (
newCandidates []Ballot
candidates = getBallots(ctx)
found = -1
blockHeight = ledger.CurrentIndex()
)
for i := 0; i < len(candidates); i++ {
cnd := candidates[i]
if blockHeight-cnd.Height > blockDiff {
continue
}
if BytesEqual(cnd.ID, id) {
voters := cnd.Voters
for j := range voters {
if BytesEqual(voters[j], from) {
return len(voters)
}
}
voters = append(voters, from)
cnd = Ballot{ID: id, Voters: voters, Height: blockHeight}
found = len(voters)
}
newCandidates = append(newCandidates, cnd)
}
if found < 0 {
voters := []interop.PublicKey{from}
newCandidates = append(newCandidates, Ballot{
ID: id,
Voters: voters,
Height: blockHeight})
found = 1
}
SetSerialized(ctx, voteKey, newCandidates)
return found
}
// RemoveVotes clears ballots of the decision that has been accepted by
// inner ring nodes.
func RemoveVotes(ctx storage.Context, id []byte) {
var (
newCandidates []Ballot
candidates = getBallots(ctx)
)
for i := 0; i < len(candidates); i++ {
cnd := candidates[i]
if !BytesEqual(cnd.ID, id) {
newCandidates = append(newCandidates, cnd)
}
}
SetSerialized(ctx, voteKey, newCandidates)
}
// getBallots returns deserialized slice of vote ballots.
func getBallots(ctx storage.Context) []Ballot {
data := storage.Get(ctx, voteKey)
if data != nil {
return std.Deserialize(data.([]byte)).([]Ballot)
}
return []Ballot{}
}
// BytesEqual compares two slice of bytes by wrapping them into strings,
// which is necessary with new util.Equal interop behaviour, see neo-go#1176.
func BytesEqual(a []byte, b []byte) bool {
return util.Equals(string(a), string(b))
}
// InvokeID returns hashed value of prefix and args concatenation. Used to
// identify different ballots.
func InvokeID(args []interface{}, prefix []byte) []byte {
for i := range args {
arg := args[i].([]byte)
prefix = append(prefix, arg...)
}
return crypto.Sha256(prefix)
}
/*
Check if invocation made from known container or audit contracts.
This is necessary because calls from these contracts require to do transfer
without signature collection (1 invoke transfer).
IR1, IR2, IR3, IR4 -(4 invokes)-> [ Container Contract ] -(1 invoke)-> [ Balance Contract ]
We can do 1 invoke transfer if:
- invoke happened from inner ring node,
- it is indirect invocation from other smart-contract.
However there is a possible attack, when malicious inner ring node creates
malicious smart-contract in morph chain to do indirect call.
MaliciousIR -(1 invoke)-> [ Malicious Contract ] -(1 invoke) -> [ Balance Contract ]
To prevent that, we have to allow 1 invoke transfer from authorised well known
smart-contracts, that will be set up at `Init` method.
*/
func FromKnownContract(ctx storage.Context, caller interop.Hash160, key string) bool {
addr := storage.Get(ctx, key).(interop.Hash160)
return BytesEqual(caller, addr)
}

20
common/witness.go
View file

@ -3,31 +3,31 @@ package common
import "github.com/nspcc-dev/neo-go/pkg/interop/runtime"
var (
// ErrAlphabetWitnessFailed appears when the method must be
// called by the Alphabet but was not.
// ErrAlphabetWitnessFailed appears when method must be
// called by Alphabet but was not.
ErrAlphabetWitnessFailed = "alphabet witness check failed"
// ErrOwnerWitnessFailed appears when the method must be called
// by an owner of some assets but was not.
// ErrOwnerWitnessFailed appears when method must be called
// by owner of some assets but was not.
ErrOwnerWitnessFailed = "owner witness check failed"
// ErrWitnessFailed appears when the method must be called
// ErrWitnessFailed appears when method must be called
// using certain public key but was not.
ErrWitnessFailed = "witness check failed"
)
// CheckAlphabetWitness checks witness of the passed caller.
// It panics with ErrAlphabetWitnessFailed message on fail.
func CheckAlphabetWitness() {
checkWitnessWithPanic(AlphabetAddress(), ErrAlphabetWitnessFailed)
// Panics with ErrAlphabetWitnessFailed message on fail.
func CheckAlphabetWitness(caller []byte) {
checkWitnessWithPanic(caller, ErrAlphabetWitnessFailed)
}
// CheckOwnerWitness checks witness of the passed caller.
// It panics with ErrOwnerWitnessFailed message on fail.
// Panics with ErrOwnerWitnessFailed message on fail.
func CheckOwnerWitness(caller []byte) {
checkWitnessWithPanic(caller, ErrOwnerWitnessFailed)
}
// CheckWitness checks witness of the passed caller.
// It panics with ErrWitnessFailed message on fail.
// Panics with ErrWitnessFailed message on fail.
func CheckWitness(caller []byte) {
checkWitnessWithPanic(caller, ErrWitnessFailed)
}

51
container/config.yml
View file

@ -1,42 +1,37 @@
name: "Container"
safemethods:
- "count"
- "containersOf"
- "deletionInfo"
- "eACL"
- "get"
- "getContainerSize"
- "iterateContainerSizes"
- "list"
- "listContainerSizes"
- "owner"
- "version"
name: "NeoFS Container"
safemethods: ["get", "owner", "list", "eACL", "getContainerSize", "listContainerSizes", "version"]
permissions:
- methods:
- "addKey"
- "addRecord"
- "deleteRecords"
- "register"
- "transferX"
- "update"
- methods: ["update", "addKey", "transferX",
"addRoot", "register", "addRecord", "deleteRecords"]
events:
- name: PutSuccess
- name: containerPut
parameters:
- name: containerID
type: Hash256
- name: container
type: ByteArray
- name: signature
type: Signature
- name: publicKey
type: PublicKey
- name: DeleteSuccess
- name: token
type: ByteArray
- name: containerDelete
parameters:
- name: containerID
type: ByteArray
- name: SetEACLSuccess
parameters:
- name: containerID
- name: signature
type: Signature
- name: token
type: ByteArray
- name: setEACL
parameters:
- name: eACL
type: ByteArray
- name: signature
type: Signature
- name: publicKey
type: PublicKey
- name: token
type: ByteArray
- name: StartEstimation
parameters:
- name: epoch

472
container/container_contract.go
View file

@ -1,16 +1,15 @@
package container
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/convert"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
type (
@ -44,13 +43,13 @@ type (
)
const (
frostfsIDContractKey = "identityScriptHash"
balanceContractKey = "balanceScriptHash"
netmapContractKey = "netmapScriptHash"
nnsContractKey = "nnsScriptHash"
nnsRootKey = "nnsRoot"
nnsHasAliasKey = "nnsHasAlias"
notaryDisabledKey = "notary"
neofsIDContractKey = "identityScriptHash"
balanceContractKey = "balanceScriptHash"
netmapContractKey = "netmapScriptHash"
nnsContractKey = "nnsScriptHash"
nnsRootKey = "nnsRoot"
nnsHasAliasKey = "nnsHasAlias"
notaryDisabledKey = "notary"
// RegistrationFeeKey is a key in netmap config which contains fee for container registration.
RegistrationFeeKey = "ContainerFee"
@ -60,70 +59,32 @@ const (
// V2 format
containerIDSize = 32 // SHA256 size
singleEstimatePrefix = "est"
estimateKeyPrefix = "cnr"
containerKeyPrefix = 'x'
ownerKeyPrefix = 'o'
graveKeyPrefix = 'g'
estimatePostfixSize = 10
// CleanupDelta contains the number of the last epochs for which container estimations are present.
CleanupDelta = 3
// TotalCleanupDelta contains the number of the epochs after which estimation
// will be removed by epoch tick cleanup if any of the nodes hasn't updated
// container size and/or container has been removed. It must be greater than CleanupDelta.
TotalCleanupDelta = CleanupDelta + 1
estimateKeyPrefix = "cnr"
estimatePostfixSize = 10
cleanupDelta = 3
// NotFoundError is returned if container is missing.
NotFoundError = "container does not exist"
// default SOA record field values
defaultRefresh = 3600 // 1 hour
defaultRetry = 600 // 10 min
defaultExpire = 3600 * 24 * 365 * 10 // 10 years
defaultTTL = 3600 // 1 hour
defaultRefresh = 3600 // 1 hour
defaultRetry = 600 // 10 min
defaultExpire = 604800 // 1 week
defaultTTL = 3600 // 1 hour
)
var (
eACLPrefix = []byte("eACL")
)
// OnNEP11Payment is needed for registration with contract as the owner to work.
// OnNEP11Payment is needed for registration with contract as owner to work.
func OnNEP11Payment(a interop.Hash160, b int, c []byte, d interface{}) {
}
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
it := storage.Find(ctx, []byte{}, storage.None)
for iterator.Next(it) {
item := iterator.Value(it).(struct {
key []byte
value []byte
})
// Migrate container.
if len(item.key) == containerIDSize {
storage.Delete(ctx, item.key)
storage.Put(ctx, append([]byte{containerKeyPrefix}, item.key...), item.value)
}
// Migrate owner-cid map.
if len(item.key) == 25 /* owner id size */ +containerIDSize {
storage.Delete(ctx, item.key)
storage.Put(ctx, append([]byte{ownerKeyPrefix}, item.key...), item.value)
}
}
return
}
args := data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrNetmap interop.Hash160
addrBalance interop.Hash160
@ -132,6 +93,13 @@ func _deploy(data interface{}, isUpdate bool) {
nnsRoot string
})
if isUpdate {
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
if len(args.addrNetmap) != interop.Hash160Len ||
len(args.addrBalance) != interop.Hash160Len ||
len(args.addrID) != interop.Hash160Len {
@ -140,10 +108,17 @@ func _deploy(data interface{}, isUpdate bool) {
storage.Put(ctx, netmapContractKey, args.addrNetmap)
storage.Put(ctx, balanceContractKey, args.addrBalance)
storage.Put(ctx, frostfsIDContractKey, args.addrID)
storage.Put(ctx, neofsIDContractKey, args.addrID)
storage.Put(ctx, nnsContractKey, args.addrNNS)
storage.Put(ctx, nnsRootKey, args.nnsRoot)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
common.InitVote(ctx)
runtime.Log("container contract notary disabled")
}
// add NNS root for container alias domains
registerNiceNameTLD(args.addrNNS, args.nnsRoot)
@ -158,31 +133,32 @@ func registerNiceNameTLD(addrNNS interop.Hash160, nnsRoot string) {
}
res := contract.Call(addrNNS, "register", contract.All,
nnsRoot, runtime.GetExecutingScriptHash(), "ops@frostfs.info",
nnsRoot, runtime.GetExecutingScriptHash(), "ops@nspcc.ru",
defaultRefresh, defaultRetry, defaultExpire, defaultTTL).(bool)
if !res {
panic("can't register NNS TLD")
}
}
// Update method updates contract source code and manifest. It can be invoked
// by committee only.
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("container contract updated")
}
// Put method creates a new container if it has been invoked by Alphabet nodes
// of the Inner Ring.
// Put method creates new container if it was invoked by Alphabet nodes
// of the Inner Ring. Otherwise it produces containerPut notification.
//
// Container should be a stable marshaled Container structure from API.
// Signature is a RFC6979 signature of the Container.
// PublicKey contains the public key of the signer.
// Token is optional and should be a stable marshaled SessionToken structure from
// Container should be stable marshaled Container structure from API.
// Signature is a RFC6979 signature of Container.
// PublicKey contains public key of the signer.
// Token is optional and should be stable marshaled SessionToken structure from
// API.
func Put(container []byte, signature interop.Signature, publicKey interop.PublicKey, token []byte) {
PutNamed(container, signature, publicKey, token, "", "")
@ -194,10 +170,11 @@ func PutNamed(container []byte, signature interop.Signature,
publicKey interop.PublicKey, token []byte,
name, zone string) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
ownerID := ownerFromBinaryContainer(container)
containerID := crypto.Sha256(container)
frostfsIDContractAddr := storage.Get(ctx, frostfsIDContractKey).(interop.Hash160)
neofsIDContractAddr := storage.Get(ctx, neofsIDContractKey).(interop.Hash160)
cnr := Container{
value: container,
sig: signature,
@ -234,14 +211,33 @@ func PutNamed(container []byte, signature interop.Signature,
panic("insufficient balance to create container")
}
common.CheckAlphabetWitness()
if notaryDisabled {
nodeKey := common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
runtime.Notify("containerPut", container, signature, publicKey, token)
return
}
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{container, signature, publicKey}, []byte("put"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
// todo: check if new container with unique container id
details := common.ContainerFeeTransferDetails(containerID)
for i := 0; i < len(alphabet); i++ {
node := alphabet[i]
to := contract.CreateStandardAccount(node)
to := contract.CreateStandardAccount(node.PublicKey)
contract.Call(balanceContractAddr, "transferX",
contract.All,
@ -257,7 +253,7 @@ func PutNamed(container []byte, signature interop.Signature,
if name != "" {
if needRegister {
res := contract.Call(nnsContractAddr, "register", contract.All,
domain, runtime.GetExecutingScriptHash(), "ops@frostfs.info",
domain, runtime.GetExecutingScriptHash(), "ops@nspcc.ru",
defaultRefresh, defaultRetry, defaultExpire, defaultTTL).(bool)
if !res {
panic("can't register the domain " + domain)
@ -271,14 +267,13 @@ func PutNamed(container []byte, signature interop.Signature,
}
if len(token) == 0 { // if container created directly without session
contract.Call(frostfsIDContractAddr, "addKey", contract.All, ownerID, [][]byte{publicKey})
contract.Call(neofsIDContractAddr, "addKey", contract.All, ownerID, [][]byte{publicKey})
}
runtime.Log("added new container")
runtime.Notify("PutSuccess", containerID, publicKey)
}
// checkNiceNameAvailable checks if the nice name is available for the container.
// checkNiceNameAvailable checks if nice name is available for the container.
// It panics if the name is taken. Returned value specifies if new domain registration is needed.
func checkNiceNameAvailable(nnsContractAddr interop.Hash160, domain string) bool {
isAvail := contract.Call(nnsContractAddr, "isAvailable",
@ -302,31 +297,53 @@ func checkNiceNameAvailable(nnsContractAddr interop.Hash160, domain string) bool
return false
}
// Delete method removes a container from the contract storage if it has been
// invoked by Alphabet nodes of the Inner Ring.
// Delete method removes container from contract storage if it was
// invoked by Alphabet nodes of the Inner Ring. Otherwise it produces
// containerDelete notification.
//
// Signature is a RFC6979 signature of the container ID.
// Token is optional and should be a stable marshaled SessionToken structure from
// Signature is a RFC6979 signature of container ID.
// Token is optional and should be stable marshaled SessionToken structure from
// API.
//
// If the container doesn't exist, it panics with NotFoundError.
func Delete(containerID []byte, signature interop.Signature, publicKey interop.PublicKey, token []byte) {
// If a container doesn't exist it panics with NotFoundError.
func Delete(containerID []byte, signature interop.Signature, token []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
ownerID := getOwnerByID(ctx, containerID)
if ownerID == nil {
return
}
common.CheckAlphabetWitness()
if notaryDisabled {
alphabet := common.AlphabetNodes()
nodeKey := common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
runtime.Notify("containerDelete", containerID, signature, token)
return
}
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{containerID, signature}, []byte("delete"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
key := append([]byte(nnsHasAliasKey), containerID...)
domain := storage.Get(ctx, key).(string)
if len(domain) != 0 {
storage.Delete(ctx, key)
// We should do `getRecord` first because NNS record could be deleted
// by other means (expiration, manual), thus leading to failing `deleteRecord`
// and inability to delete a container. We should also check if we own the record in case.
// by other means (expiration, manual) thus leading to failing `deleteRecord`
// and inability to delete container. We should also check that we own the record in case.
nnsContractAddr := storage.Get(ctx, nnsContractKey).(interop.Hash160)
res := contract.Call(nnsContractAddr, "getRecords", contract.ReadStates|contract.AllowCall, domain, 16 /* TXT */)
if res != nil && std.Base58Encode(containerID) == string(res.([]interface{})[0].(string)) {
@ -335,33 +352,13 @@ func Delete(containerID []byte, signature interop.Signature, publicKey interop.P
}
removeContainer(ctx, containerID, ownerID)
runtime.Log("remove container")
runtime.Notify("DeleteSuccess", containerID)
}
type DelInfo struct {
Owner interop.Hash160
Epoch int
}
// DeletionInfo method returns container deletion info.
// If the container had never existed, NotFoundError is throwed.
// It can be used to check whether non-existing container was indeed deleted
// or does not yet exist at some height.
func DeletionInfo(containerID []byte) DelInfo {
ctx := storage.GetReadOnlyContext()
graveKey := append([]byte{graveKeyPrefix}, containerID...)
data := storage.Get(ctx, graveKey).([]byte)
if data == nil {
panic(NotFoundError)
}
return std.Deserialize(data).(DelInfo)
}
// Get method returns a structure that contains a stable marshaled Container structure,
// the signature, the public key of the container creator and a stable marshaled SessionToken
// Get method returns structure that contains stable marshaled Container structure,
// signature, public key of the container creator and stable marshaled SessionToken
// structure if it was provided.
//
// If the container doesn't exist, it panics with NotFoundError.
// If a container doesn't exist it panics with NotFoundError.
func Get(containerID []byte) Container {
ctx := storage.GetReadOnlyContext()
cnt := getContainer(ctx, containerID)
@ -371,9 +368,9 @@ func Get(containerID []byte) Container {
return cnt
}
// Owner method returns a 25 byte Owner ID of the container.
// Owner method returns 25 byte Owner ID of the container.
//
// If the container doesn't exist, it panics with NotFoundError.
// If a container doesn't exist it panics with NotFoundError.
func Owner(containerID []byte) []byte {
ctx := storage.GetReadOnlyContext()
owner := getOwnerByID(ctx, containerID)
@ -383,29 +380,7 @@ func Owner(containerID []byte) []byte {
return owner
}
// Count method returns the number of registered containers.
func Count() int {
count := 0
ctx := storage.GetReadOnlyContext()
it := storage.Find(ctx, []byte{containerKeyPrefix}, storage.KeysOnly)
for iterator.Next(it) {
count++
}
return count
}
// ContainersOf iterates over all container IDs owned by the specified owner.
// If owner is nil, it iterates over all containers.
func ContainersOf(owner []byte) iterator.Iterator {
ctx := storage.GetReadOnlyContext()
key := []byte{ownerKeyPrefix}
if len(owner) != 0 {
key = append(key, owner...)
}
return storage.Find(ctx, key, storage.ValuesOnly)
}
// List method returns a list of all container IDs owned by the specified owner.
// List method returns list of all container IDs owned by specified owner.
func List(owner []byte) [][]byte {
ctx := storage.GetReadOnlyContext()
@ -415,7 +390,7 @@ func List(owner []byte) [][]byte {
var list [][]byte
it := storage.Find(ctx, append([]byte{ownerKeyPrefix}, owner...), storage.ValuesOnly)
it := storage.Find(ctx, owner, storage.ValuesOnly)
for iterator.Next(it) {
id := iterator.Value(it).([]byte)
list = append(list, id)
@ -424,18 +399,20 @@ func List(owner []byte) [][]byte {
return list
}
// SetEACL method sets a new extended ACL table related to the contract
// if it was invoked by Alphabet nodes of the Inner Ring.
// SetEACL method sets new extended ACL table related to the contract
// if it was invoked by Alphabet nodes of the Inner Ring. Otherwise it produces
// setEACL notification.
//
// EACL should be a stable marshaled EACLTable structure from API.
// Signature is a RFC6979 signature of the Container.
// PublicKey contains the public key of the signer.
// Token is optional and should be a stable marshaled SessionToken structure from
// EACL should be stable marshaled EACLTable structure from API.
// Signature is a RFC6979 signature of Container.
// PublicKey contains public key of the signer.
// Token is optional and should be stable marshaled SessionToken structure from
// API.
//
// If the container doesn't exist, it panics with NotFoundError.
// If a container doesn't exist it panics with NotFoundError.
func SetEACL(eACL []byte, signature interop.Signature, publicKey interop.PublicKey, token []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
// V2 format
// get container ID
@ -448,7 +425,27 @@ func SetEACL(eACL []byte, signature interop.Signature, publicKey interop.PublicK
panic(NotFoundError)
}
common.CheckAlphabetWitness()
if notaryDisabled {
alphabet := common.AlphabetNodes()
nodeKey := common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
runtime.Notify("setEACL", eACL, signature, publicKey, token)
return
}
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{eACL}, []byte("setEACL"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
rule := ExtendedACL{
value: eACL,
@ -462,14 +459,13 @@ func SetEACL(eACL []byte, signature interop.Signature, publicKey interop.PublicK
common.SetSerialized(ctx, key, rule)
runtime.Log("success")
runtime.Notify("SetEACLSuccess", containerID, publicKey)
}
// EACL method returns a structure that contains a stable marshaled EACLTable structure,
// the signature, the public key of the extended ACL setter and a stable marshaled SessionToken
// EACL method returns structure that contains stable marshaled EACLTable structure,
// signature, public key of the extended ACL setter and stable marshaled SessionToken
// structure if it was provided.
//
// If the container doesn't exist, it panics with NotFoundError.
// If a container doesn't exist it panics with NotFoundError.
func EACL(containerID []byte) ExtendedACL {
ctx := storage.GetReadOnlyContext()
@ -482,10 +478,10 @@ func EACL(containerID []byte) ExtendedACL {
}
// PutContainerSize method saves container size estimation in contract
// memory. It can be invoked only by Storage nodes from the network map. This method
// memory. Can be invoked only by Storage nodes from the network map. Method
// checks witness based on the provided public key of the Storage node.
//
// If the container doesn't exist, it panics with NotFoundError.
// If a container doesn't exist it panics with NotFoundError.
func PutContainerSize(epoch int, cid []byte, usedSize int, pubKey interop.PublicKey) {
ctx := storage.GetContext()
@ -507,18 +503,17 @@ func PutContainerSize(epoch int, cid []byte, usedSize int, pubKey interop.Public
}
storage.Put(ctx, key, std.Serialize(s))
updateEstimations(ctx, epoch, cid, pubKey, false)
runtime.Log("saved container size estimation")
}
// GetContainerSize method returns the container ID and a slice of container
// estimations. Container estimation includes the public key of the Storage Node
// that registered estimation and value of estimation.
// GetContainerSize method returns container ID and slice of container
// estimations. Container estimation includes public key of the Storage Node
// that registered estimation and value of estimation.
//
// Use the ID obtained from ListContainerSizes method. Estimations are removed
// from contract storage every epoch, see NewEpoch method; therefore, this method
// can return different results during different epochs.
// Use ID obtained from ListContainerSizes method. Estimations are removed
// from contract storage every epoch, see NewEpoch method, therefore method
// can return different results in different epochs.
func GetContainerSize(id []byte) containerSizes {
ctx := storage.GetReadOnlyContext()
@ -531,8 +526,8 @@ func GetContainerSize(id []byte) containerSizes {
return getContainerSizeEstimation(ctx, id, cid)
}
// ListContainerSizes method returns the IDs of container size estimations
// that have been registered for the specified epoch.
// ListContainerSizes method returns IDs of container size estimations
// that has been registered for specified epoch.
func ListContainerSizes(epoch int) [][]byte {
ctx := storage.GetReadOnlyContext()
@ -563,88 +558,137 @@ func ListContainerSizes(epoch int) [][]byte {
return result
}
// IterateContainerSizes method returns iterator over container size estimations
// that have been registered for the specified epoch.
func IterateContainerSizes(epoch int) iterator.Iterator {
ctx := storage.GetReadOnlyContext()
var buf interface{} = epoch
key := []byte(estimateKeyPrefix)
key = append(key, buf.([]byte)...)
return storage.Find(ctx, key, storage.DeserializeValues)
}
// NewEpoch method removes all container size estimations from epoch older than
// epochNum + 3. It can be invoked only by NewEpoch method of the Netmap contract.
// epochNum + 3. Can be invoked only by NewEpoch method of the Netmap contract.
func NewEpoch(epochNum int) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
if notaryDisabled {
indirectCall := common.FromKnownContract(
ctx,
runtime.GetCallingScriptHash(),
netmapContractKey,
)
if !indirectCall {
panic("method must be invoked by inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
cleanupContainers(ctx, epochNum)
candidates := keysToDelete(ctx, epochNum)
for _, candidate := range candidates {
storage.Delete(ctx, candidate)
}
}
// StartContainerEstimation method produces StartEstimation notification.
// It can be invoked only by Alphabet nodes of the Inner Ring.
// Can be invoked only by Alphabet nodes of the Inner Ring.
func StartContainerEstimation(epoch int) {
common.CheckAlphabetWitness()
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("method must be invoked by inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{epoch}, []byte("startEstimation"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
runtime.Notify("StartEstimation", epoch)
runtime.Log("notification has been produced")
}
// StopContainerEstimation method produces StopEstimation notification.
// It can be invoked only by Alphabet nodes of the Inner Ring.
// Can be invoked only by Alphabet nodes of the Inner Ring.
func StopContainerEstimation(epoch int) {
common.CheckAlphabetWitness()
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("method must be invoked by inner ring")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{epoch}, []byte("stopEstimation"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
runtime.Notify("StopEstimation", epoch)
runtime.Log("notification has been produced")
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}
func addContainer(ctx storage.Context, id, owner []byte, container Container) {
containerListKey := append([]byte{ownerKeyPrefix}, owner...)
containerListKey = append(containerListKey, id...)
containerListKey := append(owner, id...)
storage.Put(ctx, containerListKey, id)
idKey := append([]byte{containerKeyPrefix}, id...)
common.SetSerialized(ctx, idKey, container)
graveKey := append([]byte{graveKeyPrefix}, id...)
storage.Delete(ctx, graveKey)
common.SetSerialized(ctx, id, container)
}
func removeContainer(ctx storage.Context, id []byte, owner []byte) {
containerListKey := append([]byte{ownerKeyPrefix}, owner...)
containerListKey = append(containerListKey, id...)
containerListKey := append(owner, id...)
storage.Delete(ctx, containerListKey)
storage.Delete(ctx, append([]byte{containerKeyPrefix}, id...))
graveKey := append([]byte{graveKeyPrefix}, id...)
netmapContractAddr := storage.Get(ctx, netmapContractKey).(interop.Hash160)
epoch := contract.Call(netmapContractAddr, "epoch", contract.ReadOnly).(int)
common.SetSerialized(ctx, graveKey, DelInfo{
Owner: owner,
Epoch: epoch,
})
storage.Delete(ctx, id)
}
func getAllContainers(ctx storage.Context) [][]byte {
var list [][]byte
it := storage.Find(ctx, []byte{containerKeyPrefix}, storage.KeysOnly|storage.RemovePrefix)
it := storage.Find(ctx, []byte{}, storage.KeysOnly)
for iterator.Next(it) {
key := iterator.Value(it).([]byte) // it MUST BE `storage.KeysOnly`
// V2 format
list = append(list, key)
if len(key) == containerIDSize {
list = append(list, key)
}
}
return list
@ -661,7 +705,7 @@ func getEACL(ctx storage.Context, cid []byte) ExtendedACL {
}
func getContainer(ctx storage.Context, cid []byte) Container {
data := storage.Get(ctx, append([]byte{containerKeyPrefix}, cid...))
data := storage.Get(ctx, cid)
if data != nil {
return std.Deserialize(data.([]byte)).(Container)
}
@ -713,7 +757,7 @@ func getContainerSizeEstimation(ctx storage.Context, key, cid []byte) containerS
}
// isStorageNode looks into _previous_ epoch network map, because storage node
// announces container size estimation of the previous epoch.
// announce container size estimation of previous epoch.
func isStorageNode(ctx storage.Context, key interop.PublicKey) bool {
netmapContractAddr := storage.Get(ctx, netmapContractKey).(interop.Hash160)
snapshot := contract.Call(netmapContractAddr, "snapshot", contract.ReadOnly, 1).([]storageNode)
@ -731,33 +775,9 @@ func isStorageNode(ctx storage.Context, key interop.PublicKey) bool {
return false
}
func updateEstimations(ctx storage.Context, epoch int, cid []byte, pub interop.PublicKey, isUpdate bool) {
h := crypto.Ripemd160(pub)
estKey := append([]byte(singleEstimatePrefix), cid...)
estKey = append(estKey, h...)
func keysToDelete(ctx storage.Context, epoch int) [][]byte {
results := [][]byte{}
var newEpochs []int
rawList := storage.Get(ctx, estKey).([]byte)
if rawList != nil {
epochs := std.Deserialize(rawList).([]int)
for _, oldEpoch := range epochs {
if !isUpdate && epoch-oldEpoch > CleanupDelta {
key := append([]byte(estimateKeyPrefix), convert.ToBytes(oldEpoch)...)
key = append(key, cid...)
key = append(key, h[:estimatePostfixSize]...)
storage.Delete(ctx, key)
} else {
newEpochs = append(newEpochs, oldEpoch)
}
}
}
newEpochs = append(newEpochs, epoch)
common.SetSerialized(ctx, estKey, newEpochs)
}
func cleanupContainers(ctx storage.Context, epoch int) {
it := storage.Find(ctx, []byte(estimateKeyPrefix), storage.KeysOnly)
for iterator.Next(it) {
k := iterator.Value(it).([]byte)
@ -766,8 +786,10 @@ func cleanupContainers(ctx storage.Context, epoch int) {
var n interface{} = nbytes
if epoch-n.(int) > TotalCleanupDelta {
storage.Delete(ctx, k)
if epoch-n.(int) > cleanupDelta {
results = append(results, k)
}
}
return results
}

76
container/doc.go
View file

@ -1,44 +1,68 @@
/*
Container contract is a contract deployed in FrostFS sidechain.
Container contract is a contract deployed in NeoFS side chain.
Container contract stores and manages containers, extended ACLs and container
size estimations. Contract does not perform sanity or signature checks of
size estimations. Contract does not perform sanity or signature checks of the
containers or extended ACLs, it is done by Alphabet nodes of the Inner Ring.
Alphabet nodes approve it by invoking the same Put or SetEACL methods with
the same arguments.
# Contract notifications
Contract notifications
containerPut notification. This notification is produced when user wants to
create new container. Alphabet nodes of the Inner Ring catch notification and
validate container data, signature and token if it is present.
containerPut:
- name: container
type: ByteArray
- name: signature
type: Signature
- name: publicKey
type: PublicKey
- name: token
type: ByteArray
containerDelete notification. This notification is produced when container owner
wants to delete container. Alphabet nodes of the Inner Ring catch notification
and validate container ownership, signature and token if it is present.
containerDelete:
- name: containerID
type: ByteArray
- name: signature
type: Signature
- name: token
type: ByteArray
setEACL notification. This notification is produced when container owner wants
to update extended ACL of the container. Alphabet nodes of the Inner Ring catch
notification and validate container ownership, signature and token if it is
present.
setEACL:
- name: eACL
type: ByteArray
- name: signature
type: Signature
- name: publicKey
type: PublicKey
- name: token
type: ByteArray
StartEstimation notification. This notification is produced when Storage nodes
should exchange estimation values of container sizes among other Storage nodes.
StartEstimation:
- name: epoch
type: Integer
StartEstimation:
- name: epoch
type: Integer
StopEstimation notification. This notification is produced when Storage nodes
should calculate average container size based on received estimations and store
it in Container contract.
StopEstimation:
- name: epoch
type: Integer
# Contract storage scheme
| Key | Value | Description |
|-----------------------------------------------------------------------------------------------------|
| `netmapScriptHash` | Hash160 | netmap contract hash |
| `balanceScriptHash` | Hash160 | balance contract hash |
| `identityScriptHash` | Hash160 | frostfsID contract hash |
| `nnsContractKey` | Hash160 | nns contract hash |
| `nnsRoot` | string | default value for domain zone |
| `cnr` + epoch + containerID + publicKeyHash[:10] | ByteArray | estimated container size |
| `est` + containerID + publicKeyHash | ByteArray | serialized epochs array |
| `o` + ownerID + containerID | ByteArray | container ID |
| `x` + containerID | ByteArray | serialized container struct |
| `nnsHasAlias` + containerID | string | domain name |
StopEstimation:
- name: epoch
type: Integer
*/
package container

5
debian/changelog vendored
View file

@ -1,5 +0,0 @@
frostfs-contract (0.0.0) stable; urgency=medium
* Initial release
-- TrueCloudLab <tech@frostfs.info> Wed, 24 Aug 2022 18:29:49 +0300

33
debian/control vendored
View file

@ -1,33 +0,0 @@
Source: frostfs-contract
Section: misc
Priority: optional
Maintainer: FrostFS <tech@frostfs.info>
Build-Depends: debhelper-compat (= 13), git, devscripts, neo-go
Standards-Version: 4.5.1
Homepage: https://fs.neo.org/
Vcs-Git: https://git.frostfs.info/TrueCloudLab/frostfs-contract.git
Vcs-Browser: https://git.frostfs.info/TrueCloudLab/frostfs-contract
Package: frostfs-contract
Architecture: all
Depends: ${misc:Depends}
Description: FrostFS-Contract contains all FrostFS related contracts.
Contracts are written for neo-go compiler.
These contracts are deployed both in the mainchain and the sidechain.
.
Mainchain contracts:
.
- frostfs
- processing
.
Sidechain contracts:
.
- alphabet
- audit
- balance
- container
- frostfsid
- netmap
- nns
- proxy
- reputation

23
debian/copyright vendored
View file

@ -1,23 +0,0 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: frostfs-contract
Upstream-Contact: tech@frostfs.info
Source: https://git.frostfs.info/TrueCloudLab/frostfs-contract
Files: *
Copyright: 2022 TrueCloudLab (@TrueCloudLab)
Copyright: 2018-2022 NeoSPCC (@nspcc-dev)
License: GPL-3
This program is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program or at /usr/share/common-licenses/GPL-3.
If not, see <http://www.gnu.org/licenses/>.

1
debian/neofs-contract.docs vendored
View file

@ -1 +0,0 @@
README*

39
debian/postinst.ex vendored
View file

@ -1,39 +0,0 @@
#!/bin/sh
# postinst script for frostfs-contract
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
configure)
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

37
debian/postrm.ex vendored
View file

@ -1,37 +0,0 @@
#!/bin/sh
# postrm script for frostfs-contract
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postrm> `remove'
# * <postrm> `purge'
# * <old-postrm> `upgrade' <new-version>
# * <new-postrm> `failed-upgrade' <old-version>
# * <new-postrm> `abort-install'
# * <new-postrm> `abort-install' <old-version>
# * <new-postrm> `abort-upgrade' <old-version>
# * <disappearer's-postrm> `disappear' <overwriter>
# <overwriter-version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
*)
echo "postrm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

35
debian/preinst.ex vendored
View file

@ -1,35 +0,0 @@
#!/bin/sh
# preinst script for frostfs-contract
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <new-preinst> `install'
# * <new-preinst> `install' <old-version>
# * <new-preinst> `upgrade' <old-version>
# * <old-preinst> `abort-upgrade' <new-version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
install|upgrade)
;;
abort-upgrade)
;;
*)
echo "preinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

38
debian/prerm.ex vendored
View file

@ -1,38 +0,0 @@
#!/bin/sh
# prerm script for frostfs-contract
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <prerm> `remove'
# * <old-prerm> `upgrade' <new-version>
# * <new-prerm> `failed-upgrade' <old-version>
# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
# * <deconfigured's-prerm> `deconfigure' `in-favour'
# <package-being-installed> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
remove|upgrade|deconfigure)
;;
failed-upgrade)
;;
*)
echo "prerm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

20
debian/rules vendored
View file

@ -1,20 +0,0 @@
#!/usr/bin/make -f
SERVICE = frostfs-contract
export NEOGO ?= $(shell command -v neo-go)
%:
dh $@
override_dh_auto_build:
make all
override_dh_auto_install:
install -D -m 0750 -d debian/$(SERVICE)/var/lib/frostfs/contract
find . -maxdepth 2 \( -name '*.nef' -o -name 'config.json' \) -exec cp --parents \{\} debian/$(SERVICE)/var/lib/frostfs/contract \;
override_dh_installchangelogs:
dh_installchangelogs -k CHANGELOG.md

1
debian/source/format vendored
View file

@ -1 +0,0 @@
3.0 (quilt)

94
frostfs/doc.go
View file

@ -1,94 +0,0 @@
/*
FrostFS contract is a contract deployed in FrostFS mainchain.
FrostFS contract is an entry point to FrostFS users. This contract stores all FrostFS
related GAS, registers new Inner Ring candidates and produces notifications
to control the sidechain.
While mainchain committee controls the list of Alphabet nodes in native
RoleManagement contract, FrostFS can't change more than 1\3 keys at a time.
FrostFS contract contains the actual list of Alphabet nodes in the sidechain.
Network configuration is also stored in FrostFS contract. All changes in
configuration are mirrored in the sidechain with notifications.
# Contract notifications
Deposit notification. This notification is produced when user transfers native
GAS to the FrostFS contract address. The same amount of FROSTFS token will be
minted in Balance contract in the sidechain.
Deposit:
- name: from
type: Hash160
- name: amount
type: Integer
- name: receiver
type: Hash160
- name: txHash
type: Hash256
Withdraw notification. This notification is produced when a user wants to
withdraw GAS from the internal FrostFS balance and has paid fee for that.
Withdraw:
- name: user
type: Hash160
- name: amount
type: Integer
- name: txHash
type: Hash256
Cheque notification. This notification is produced when FrostFS contract
has successfully transferred assets back to the user after withdraw.
Cheque:
- name: id
type: ByteArray
- name: user
type: Hash160
- name: amount
type: Integer
- name: lockAccount
type: ByteArray
Bind notification. This notification is produced when a user wants to bind
public keys with the user account (OwnerID). Keys argument is an array of ByteArray.
Bind:
- name: user
type: ByteArray
- name: keys
type: Array
Unbind notification. This notification is produced when a user wants to unbind
public keys with the user account (OwnerID). Keys argument is an array of ByteArray.
Unbind:
- name: user
type: ByteArray
- name: keys
type: Array
SetConfig notification. This notification is produced when Alphabet nodes update
FrostFS network configuration value.
SetConfig
- name: id
type: ByteArray
- name: key
type: ByteArray
- name: value
type: ByteArray
# Contract storage scheme
| Key | Value | Description |
|-----------------------------------------------------------------------------|
| `processingScriptHash` | Hash160 | processing contract hash |
| `candidates` + candidateKey | ByteArray | it flags inner ring candidate |
| `config` + postfix | ByteArray | serialized config data |
*/
package frostfs

400
frostfs/frostfs_contract.go
View file

@ -1,400 +0,0 @@
package frostfs
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/gas"
"github.com/nspcc-dev/neo-go/pkg/interop/native/ledger"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/roles"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
)
type (
record struct {
key []byte
val []byte
}
)
const (
// CandidateFeeConfigKey contains fee for a candidate registration.
CandidateFeeConfigKey = "InnerRingCandidateFee"
withdrawFeeConfigKey = "WithdrawFee"
alphabetKey = "alphabet"
candidatesKey = "candidates"
notaryDisabledKey = "notary"
processingContractKey = "processingScriptHash"
maxBalanceAmount = 9000 // Max integer of Fixed12 in JSON bound (2**53-1)
maxBalanceAmountGAS = int64(maxBalanceAmount) * 1_0000_0000
// hardcoded value to ignore deposit notification in onReceive
ignoreDepositNotification = "\x57\x0b"
)
var (
configPrefix = []byte("config")
)
// _deploy sets up initial alphabet node keys.
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
return
}
args := data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrProc interop.Hash160
keys []interop.PublicKey
config [][]byte
})
if len(args.keys) == 0 {
panic("at least one alphabet key must be provided")
}
if len(args.addrProc) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
for i := 0; i < len(args.keys); i++ {
pub := args.keys[i]
if len(pub) != interop.PublicKeyCompressedLen {
panic("incorrect public key length")
}
}
// initialize all storage slices
common.SetSerialized(ctx, alphabetKey, args.keys)
storage.Put(ctx, processingContractKey, args.addrProc)
ln := len(args.config)
if ln%2 != 0 {
panic("bad configuration")
}
for i := 0; i < ln/2; i++ {
key := args.config[i*2]
val := args.config[i*2+1]
setConfig(ctx, key, val)
}
runtime.Log("frostfs: contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// only by sidechain committee.
func Update(script []byte, manifest []byte, data interface{}) {
blockHeight := ledger.CurrentIndex()
alphabetKeys := roles.GetDesignatedByRole(roles.NeoFSAlphabet, uint32(blockHeight+1))
alphabetCommittee := common.Multiaddress(alphabetKeys, true)
if !runtime.CheckWitness(alphabetCommittee) {
panic(common.ErrAlphabetWitnessFailed)
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
runtime.Log("frostfs contract updated")
}
// AlphabetAddress returns 2\3n+1 multisignature address of alphabet nodes.
// It is used in sidechain notary disabled environment.
func AlphabetAddress() interop.Hash160 {
ctx := storage.GetReadOnlyContext()
return multiaddress(getAlphabetNodes(ctx))
}
// InnerRingCandidates returns an array of structures that contain an Inner Ring
// candidate node key.
func InnerRingCandidates() []common.IRNode {
ctx := storage.GetReadOnlyContext()
nodes := []common.IRNode{}
it := storage.Find(ctx, candidatesKey, storage.KeysOnly|storage.RemovePrefix)
for iterator.Next(it) {
pub := iterator.Value(it).([]byte)
nodes = append(nodes, common.IRNode{PublicKey: pub})
}
return nodes
}
// InnerRingCandidateRemove removes a key from a list of Inner Ring candidates.
// It can be invoked by Alphabet nodes or the candidate itself.
//
// This method does not return fee back to the candidate.
func InnerRingCandidateRemove(key interop.PublicKey) {
ctx := storage.GetContext()
keyOwner := runtime.CheckWitness(key)
if !keyOwner {
multiaddr := AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
panic("this method must be invoked by candidate or alphabet")
}
}
prefix := []byte(candidatesKey)
stKey := append(prefix, key...)
if storage.Get(ctx, stKey) != nil {
storage.Delete(ctx, stKey)
runtime.Log("candidate has been removed")
}
}
// InnerRingCandidateAdd adds a key to a list of Inner Ring candidates.
// It can be invoked only by the candidate itself.
//
// This method transfers fee from a candidate to the contract account.
// Fee value is specified in FrostFS network config with the key InnerRingCandidateFee.
func InnerRingCandidateAdd(key interop.PublicKey) {
ctx := storage.GetContext()
common.CheckWitness(key)
stKey := append([]byte(candidatesKey), key...)
if storage.Get(ctx, stKey) != nil {
panic("candidate already in the list")
}
from := contract.CreateStandardAccount(key)
to := runtime.GetExecutingScriptHash()
fee := getConfig(ctx, CandidateFeeConfigKey).(int)
transferred := gas.Transfer(from, to, fee, []byte(ignoreDepositNotification))
if !transferred {
panic("failed to transfer funds, aborting")
}
storage.Put(ctx, stKey, []byte{1})
runtime.Log("candidate has been added")
}
// OnNEP17Payment is a callback for NEP-17 compatible native GAS contract.
// It takes no more than 9000.0 GAS. Native GAS has precision 8, and
// FrostFS balance contract has precision 12. Values bigger than 9000.0 can
// break JSON limits for integers when precision is converted.
func OnNEP17Payment(from interop.Hash160, amount int, data interface{}) {
rcv := data.(interop.Hash160)
if common.BytesEqual(rcv, []byte(ignoreDepositNotification)) {
return
}
if amount <= 0 {
common.AbortWithMessage("amount must be positive")
} else if maxBalanceAmountGAS < int64(amount) {
common.AbortWithMessage("out of max amount limit")
}
caller := runtime.GetCallingScriptHash()
if !common.BytesEqual(caller, interop.Hash160(gas.Hash)) {
common.AbortWithMessage("only GAS can be accepted for deposit")
}
switch len(rcv) {
case 20:
case 0:
rcv = from
default:
common.AbortWithMessage("invalid data argument, expected Hash160")
}
runtime.Log("funds have been transferred")
tx := runtime.GetScriptContainer()
runtime.Notify("Deposit", from, amount, rcv, tx.Hash)
}
// Withdraw initializes gas asset withdraw from FrostFS. It can be invoked only
// by the specified user.
//
// This method produces Withdraw notification to lock assets in the sidechain and
// transfers withdraw fee from a user account to each Alphabet node. If notary
// is enabled in the mainchain, fee is transferred to Processing contract.
// Fee value is specified in FrostFS network config with the key WithdrawFee.
func Withdraw(user interop.Hash160, amount int) {
if !runtime.CheckWitness(user) {
panic("you should be the owner of the wallet")
}
if amount < 0 {
panic("non positive amount number")
}
if amount > maxBalanceAmount {
panic("out of max amount limit")
}
ctx := storage.GetContext()
// transfer fee to proxy contract to pay cheque invocation
fee := getConfig(ctx, withdrawFeeConfigKey).(int)
processingAddr := storage.Get(ctx, processingContractKey).(interop.Hash160)
transferred := gas.Transfer(user, processingAddr, fee, []byte{})
if !transferred {
panic("failed to transfer withdraw fee, aborting")
}
// notify alphabet nodes
amount = amount * 100000000
tx := runtime.GetScriptContainer()
runtime.Notify("Withdraw", user, amount, tx.Hash)
}
// Cheque transfers GAS back to the user from the contract account, if assets were
// successfully locked in FrostFS balance contract. It can be invoked only by
// Alphabet nodes.
//
// This method produces Cheque notification to burn assets in sidechain.
func Cheque(id []byte, user interop.Hash160, amount int, lockAcc []byte) {
common.CheckAlphabetWitness()
from := runtime.GetExecutingScriptHash()
transferred := gas.Transfer(from, user, amount, nil)
if !transferred {
panic("failed to transfer funds, aborting")
}
runtime.Log("funds have been transferred")
runtime.Notify("Cheque", id, user, amount, lockAcc)
}
// Bind method produces notification to bind the specified public keys in FrostFSID
// contract in the sidechain. It can be invoked only by specified user.
//
// This method produces Bind notification. This method panics if keys are not
// 33 byte long. User argument must be a valid 20 byte script hash.
func Bind(user []byte, keys []interop.PublicKey) {
if !runtime.CheckWitness(user) {
panic("you should be the owner of the wallet")
}
for i := 0; i < len(keys); i++ {
pubKey := keys[i]
if len(pubKey) != interop.PublicKeyCompressedLen {
panic("incorrect public key size")
}
}
runtime.Notify("Bind", user, keys)
}
// Unbind method produces notification to unbind the specified public keys in FrostFSID
// contract in the sidechain. It can be invoked only by the specified user.
//
// This method produces Unbind notification. This method panics if keys are not
// 33 byte long. User argument must be a valid 20 byte script hash.
func Unbind(user []byte, keys []interop.PublicKey) {
if !runtime.CheckWitness(user) {
panic("you should be the owner of the wallet")
}
for i := 0; i < len(keys); i++ {
pubKey := keys[i]
if len(pubKey) != interop.PublicKeyCompressedLen {
panic("incorrect public key size")
}
}
runtime.Notify("Unbind", user, keys)
}
// Config returns configuration value of FrostFS configuration. If the key does
// not exists, returns nil.
func Config(key []byte) interface{} {
ctx := storage.GetReadOnlyContext()
return getConfig(ctx, key)
}
// SetConfig key-value pair as a FrostFS runtime configuration value. It can be invoked
// only by Alphabet nodes.
func SetConfig(id, key, val []byte) {
ctx := storage.GetContext()
common.CheckAlphabetWitness()
setConfig(ctx, key, val)
runtime.Notify("SetConfig", id, key, val)
runtime.Log("configuration has been updated")
}
// ListConfig returns an array of structures that contain a key and a value of all
// FrostFS configuration records. Key and value are both byte arrays.
func ListConfig() []record {
ctx := storage.GetReadOnlyContext()
var config []record
it := storage.Find(ctx, configPrefix, storage.None)
for iterator.Next(it) {
pair := iterator.Value(it).(struct {
key []byte
val []byte
})
r := record{key: pair.key[len(configPrefix):], val: pair.val}
config = append(config, r)
}
return config
}
// Version returns version of the contract.
func Version() int {
return common.Version
}
// getAlphabetNodes returns a deserialized slice of nodes from storage.
func getAlphabetNodes(ctx storage.Context) []interop.PublicKey {
data := storage.Get(ctx, alphabetKey)
if data != nil {
return std.Deserialize(data.([]byte)).([]interop.PublicKey)
}
return []interop.PublicKey{}
}
// getConfig returns the installed frostfs configuration value or nil if it is not set.
func getConfig(ctx storage.Context, key interface{}) interface{} {
postfix := key.([]byte)
storageKey := append(configPrefix, postfix...)
return storage.Get(ctx, storageKey)
}
// setConfig sets a frostfs configuration value in the contract storage.
func setConfig(ctx storage.Context, key, val interface{}) {
postfix := key.([]byte)
storageKey := append(configPrefix, postfix...)
storage.Put(ctx, storageKey, val)
}
// multiaddress returns a multisignature address from the list of IRNode structures
// with m = 2/3n+1.
func multiaddress(keys []interop.PublicKey) []byte {
threshold := len(keys)*2/3 + 1
return contract.CreateMultisigAccount(threshold, keys)
}

29
frostfsid/doc.go
View file

@ -1,29 +0,0 @@
/*
FrostFSID contract is a contract deployed in FrostFS sidechain.
FrostFSID contract is used to store connection between an OwnerID and its public keys.
OwnerID is a 25-byte N3 wallet address that can be produced from a public key.
It is one-way conversion. In simple cases, FrostFS verifies ownership by checking
signature and relation between a public key and an OwnerID.
In more complex cases, a user can use public keys unrelated to the OwnerID to maintain
secure access to the data. FrostFSID contract stores relation between an OwnerID and
arbitrary public keys. Data owner can bind a public key with its account or unbind it
by invoking Bind or Unbind methods of FrostFS contract in the mainchain. After that,
Alphabet nodes produce multisigned AddKey and RemoveKey invocations of FrostFSID
contract.
# Contract notifications
FrostFSID contract does not produce notifications to process.
# Contract storage scheme
| Key | Value | Description |
|-----------------------------|------------|----------------------------------|
| `processingScriptHash` | Hash160 | netmap contract hash |
| `containerScriptHash` | Hash160 | container contract hash |
| `o` + ownerID + publicKey | ByteArray | it flags owner's public key |
*/
package frostfsid

160
frostfsid/frostfsid_contract.go
View file

@ -1,160 +0,0 @@
package frostfsid
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
)
type (
UserInfo struct {
Keys [][]byte
}
)
const (
ownerSize = 1 + interop.Hash160Len + 4
)
const (
netmapContractKey = "netmapScriptHash"
containerContractKey = "containerScriptHash"
notaryDisabledKey = "notary"
ownerKeysPrefix = 'o'
)
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
return
}
args := data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrNetmap interop.Hash160
addrContainer interop.Hash160
})
if len(args.addrNetmap) != interop.Hash160Len || len(args.addrContainer) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
storage.Put(ctx, netmapContractKey, args.addrNetmap)
storage.Put(ctx, containerContractKey, args.addrContainer)
runtime.Log("frostfsid contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
runtime.Log("frostfsid contract updated")
}
// AddKey binds a list of the provided public keys to the OwnerID. It can be invoked only by
// Alphabet nodes.
//
// This method panics if the OwnerID is not an ownerSize byte or the public key is not 33 byte long.
// If the key is already bound, the method ignores it.
func AddKey(owner []byte, keys []interop.PublicKey) {
// V2 format
if len(owner) != ownerSize {
panic("incorrect owner")
}
for i := range keys {
if len(keys[i]) != interop.PublicKeyCompressedLen {
panic("incorrect public key")
}
}
ctx := storage.GetContext()
common.CheckAlphabetWitness()
ownerKey := append([]byte{ownerKeysPrefix}, owner...)
for i := range keys {
stKey := append(ownerKey, keys[i]...)
storage.Put(ctx, stKey, []byte{1})
}
runtime.Log("key bound to the owner")
}
// RemoveKey unbinds the provided public keys from the OwnerID. It can be invoked only by
// Alphabet nodes.
//
// This method panics if the OwnerID is not an ownerSize byte or the public key is not 33 byte long.
// If the key is already unbound, the method ignores it.
func RemoveKey(owner []byte, keys []interop.PublicKey) {
// V2 format
if len(owner) != ownerSize {
panic("incorrect owner")
}
for i := range keys {
if len(keys[i]) != interop.PublicKeyCompressedLen {
panic("incorrect public key")
}
}
ctx := storage.GetContext()
multiaddr := common.AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
panic("invocation from non inner ring node")
}
ownerKey := append([]byte{ownerKeysPrefix}, owner...)
for i := range keys {
stKey := append(ownerKey, keys[i]...)
storage.Delete(ctx, stKey)
}
}
// Key method returns a list of 33-byte public keys bound with the OwnerID.
//
// This method panics if the owner is not ownerSize byte long.
func Key(owner []byte) [][]byte {
// V2 format
if len(owner) != ownerSize {
panic("incorrect owner")
}
ctx := storage.GetReadOnlyContext()
ownerKey := append([]byte{ownerKeysPrefix}, owner...)
info := getUserInfo(ctx, ownerKey)
return info.Keys
}
// Version returns the version of the contract.
func Version() int {
return common.Version
}
func getUserInfo(ctx storage.Context, key interface{}) UserInfo {
it := storage.Find(ctx, key, storage.KeysOnly|storage.RemovePrefix)
pubs := [][]byte{}
for iterator.Next(it) {
pub := iterator.Value(it).([]byte)
pubs = append(pubs, pub)
}
return UserInfo{Keys: pubs}
}

7
go.mod
View file

@ -1,10 +1,9 @@
module git.frostfs.info/TrueCloudLab/frostfs-contract
module github.com/nspcc-dev/neofs-contract
go 1.14
require (
github.com/mr-tron/base58 v1.2.0
github.com/nspcc-dev/neo-go v0.101.5-0.20230808195420-5fc61be5f6c5
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230808195420-5fc61be5f6c5
github.com/stretchr/testify v1.8.1
github.com/nspcc-dev/neo-go v0.98.0
github.com/stretchr/testify v1.7.0
)

1140
go.sum
View file

File diff suppressed because it is too large Load diff

9
frostfs/config.yml → neofs/config.yml
View file

@ -1,10 +1,5 @@
name: "FrostFS"
safemethods:
- "alphabetAddress"
- "config"
- "innerRingCandidates"
- "listConfig"
- "version"
name: "NeoFS"
safemethods: ["alphabetList", "alphabetAddress", "innerRingCandidates", "config", "listConfig", "version"]
permissions:
- methods: ["update", "transfer"]
events:

95
neofs/doc.go Normal file
View file

@ -0,0 +1,95 @@
/*
NeoFS contract is a contract deployed in NeoFS main chain.
NeoFS contract is an entry point to NeoFS users. This contract stores all NeoFS
related GAS, registers new Inner Ring candidates and produces notifications
to control side chain.
While main chain committee controls list of Alphabet nodes in native
RoleManagement contract, NeoFS can't change more than 1\3 keys at a time.
NeoFS contract contains actual list of Alphabet nodes in the side chain.
Network configuration also stored in NeoFS contract. All the changes in
configuration are mirrored in side chain with notifications.
Contract notifications
Deposit notification. This notification is produced when user transfers native
GAS to the NeoFS contract address. The same amount of NEOFS token will be
minted in Balance contract in the side chain.
Deposit:
- name: from
type: Hash160
- name: amount
type: Integer
- name: receiver
type: Hash160
- name: txHash
type: Hash256
Withdraw notification. This notification is produced when user wants to
withdraw GAS from internal NeoFS balance and has payed fee for that.
Withdraw:
- name: user
type: Hash160
- name: amount
type: Integer
- name: txHash
type: Hash256
Cheque notification. This notification is produced when NeoFS contract
successfully transferred assets back to the user after withdraw.
Cheque:
- name: id
type: ByteArray
- name: user
type: Hash160
- name: amount
type: Integer
- name: lockAccount
type: ByteArray
Bind notification. This notification is produced when user wants to bind
public keys with user account (OwnerID). Keys argument is array of ByteArray.
Bind:
- name: user
type: ByteArray
- name: keys
type: Array
Unbind notification. This notification is produced when user wants to unbind
public keys with user account (OwnerID). Keys argument is an array of ByteArray.
Unbind:
- name: user
type: ByteArray
- name: keys
type: Array
AlphabetUpdate notification. This notification is produced when Alphabet nodes
updated it's list in the contract. Alphabet argument is an array of ByteArray. It
contains public keys of new alphabet nodes.
AlphabetUpdate:
- name: id
type: ByteArray
- name: alphabet
type: Array
SetConfig notification. This notification is produced when Alphabet nodes update
NeoFS network configuration value.
SetConfig
- name: id
type: ByteArray
- name: key
type: ByteArray
- name: value
type: ByteArray
*/
package neofs

579
neofs/neofs_contract.go Normal file
View file

@ -0,0 +1,579 @@
package neofs
import (
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/gas"
"github.com/nspcc-dev/neo-go/pkg/interop/native/ledger"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/roles"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
type (
record struct {
key []byte
val []byte
}
)
const (
// CandidateFeeConfigKey contains fee for a candidate registration.
CandidateFeeConfigKey = "InnerRingCandidateFee"
withdrawFeeConfigKey = "WithdrawFee"
alphabetKey = "alphabet"
candidatesKey = "candidates"
notaryDisabledKey = "notary"
processingContractKey = "processingScriptHash"
maxBalanceAmount = 9000 // Max integer of Fixed12 in JSON bound (2**53-1)
maxBalanceAmountGAS = maxBalanceAmount * 1_0000_0000
// hardcoded value to ignore deposit notification in onReceive
ignoreDepositNotification = "\x57\x0b"
)
var (
configPrefix = []byte("config")
)
// _deploy sets up initial alphabet node keys.
func _deploy(data interface{}, isUpdate bool) {
if isUpdate {
ctx := storage.GetContext()
nodes := getNodes(ctx, candidatesKey)
storage.Delete(ctx, candidatesKey)
for i := range nodes {
key := append([]byte(candidatesKey), nodes[i].PublicKey...)
storage.Put(ctx, key, []byte{1})
}
return
}
args := data.(struct {
notaryDisabled bool
addrProc interop.Hash160
keys []interop.PublicKey
config [][]byte
})
ctx := storage.GetContext()
var irList []common.IRNode
if len(args.keys) == 0 {
panic("at least one alphabet key must be provided")
}
if len(args.addrProc) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
for i := 0; i < len(args.keys); i++ {
pub := args.keys[i]
if len(pub) != interop.PublicKeyCompressedLen {
panic("incorrect public key length")
}
irList = append(irList, common.IRNode{PublicKey: pub})
}
// initialize all storage slices
common.SetSerialized(ctx, alphabetKey, irList)
storage.Put(ctx, processingContractKey, args.addrProc)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
common.InitVote(ctx)
runtime.Log("neofs contract notary disabled")
}
ln := len(args.config)
if ln%2 != 0 {
panic("bad configuration")
}
for i := 0; i < ln/2; i++ {
key := args.config[i*2]
val := args.config[i*2+1]
setConfig(ctx, key, val)
}
runtime.Log("neofs: contract initialized")
}
// Update method updates contract source code and manifest. Can be invoked
// only by side chain committee.
func Update(script []byte, manifest []byte, data interface{}) {
blockHeight := ledger.CurrentIndex()
alphabetKeys := roles.GetDesignatedByRole(roles.NeoFSAlphabet, uint32(blockHeight))
alphabetCommittee := common.Multiaddress(alphabetKeys, true)
common.CheckAlphabetWitness(alphabetCommittee)
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("neofs contract updated")
}
// AlphabetList returns array of alphabet node keys. Use in side chain notary
// disabled environment.
func AlphabetList() []common.IRNode {
ctx := storage.GetReadOnlyContext()
return getNodes(ctx, alphabetKey)
}
// AlphabetAddress returns 2\3n+1 multi signature address of alphabet nodes.
// Used in side chain notary disabled environment.
func AlphabetAddress() interop.Hash160 {
ctx := storage.GetReadOnlyContext()
return multiaddress(getNodes(ctx, alphabetKey))
}
// InnerRingCandidates returns array of structures that contain Inner Ring
// candidate node key.
func InnerRingCandidates() []common.IRNode {
ctx := storage.GetReadOnlyContext()
nodes := []common.IRNode{}
it := storage.Find(ctx, candidatesKey, storage.KeysOnly|storage.RemovePrefix)
for iterator.Next(it) {
pub := iterator.Value(it).([]byte)
nodes = append(nodes, common.IRNode{PublicKey: pub})
}
return nodes
}
// InnerRingCandidateRemove removes key from the list of Inner Ring candidates.
// Can be invoked by Alphabet nodes or candidate itself.
//
// Method does not return fee back to the candidate.
func InnerRingCandidateRemove(key interop.PublicKey) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
keyOwner := runtime.CheckWitness(key)
if !keyOwner {
if notaryDisabled {
alphabet = getNodes(ctx, alphabetKey)
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked by candidate or alphabet")
}
} else {
multiaddr := AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
panic("this method must be invoked by candidate or alphabet")
}
}
}
if notaryDisabled && !keyOwner {
threshold := len(alphabet)*2/3 + 1
id := append(key, []byte("delete")...)
hashID := crypto.Sha256(id)
n := common.Vote(ctx, hashID, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, hashID)
}
prefix := []byte(candidatesKey)
stKey := append(prefix, key...)
if storage.Get(ctx, stKey) != nil {
storage.Delete(ctx, stKey)
runtime.Log("candidate has been removed")
}
}
// InnerRingCandidateAdd adds key to the list of Inner Ring candidates.
// Can be invoked only by candidate itself.
//
// This method transfers fee from candidate to contract account.
// Fee value specified in NeoFS network config with the key InnerRingCandidateFee.
func InnerRingCandidateAdd(key interop.PublicKey) {
ctx := storage.GetContext()
common.CheckWitness(key)
stKey := append([]byte(candidatesKey), key...)
if storage.Get(ctx, stKey) != nil {
panic("candidate already in the list")
}
from := contract.CreateStandardAccount(key)
to := runtime.GetExecutingScriptHash()
fee := getConfig(ctx, CandidateFeeConfigKey).(int)
transferred := gas.Transfer(from, to, fee, []byte(ignoreDepositNotification))
if !transferred {
panic("failed to transfer funds, aborting")
}
storage.Put(ctx, stKey, []byte{1})
runtime.Log("candidate has been added")
}
// OnNEP17Payment is a callback for NEP-17 compatible native GAS contract.
// It takes no more than 9000.0 GAS. Native GAS has precision 8 and
// NeoFS balance contract has precision 12. Values bigger than 9000.0 can
// break JSON limits for integers when precision is converted.
func OnNEP17Payment(from interop.Hash160, amount int, data interface{}) {
rcv := data.(interop.Hash160)
if common.BytesEqual(rcv, []byte(ignoreDepositNotification)) {
return
}
if amount <= 0 {
common.AbortWithMessage("amount must be positive")
} else if maxBalanceAmountGAS < amount {
common.AbortWithMessage("out of max amount limit")
}
caller := runtime.GetCallingScriptHash()
if !common.BytesEqual(caller, interop.Hash160(gas.Hash)) {
common.AbortWithMessage("only GAS can be accepted for deposit")
}
switch len(rcv) {
case 20:
case 0:
rcv = from
default:
common.AbortWithMessage("invalid data argument, expected Hash160")
}
runtime.Log("funds have been transferred")
tx := runtime.GetScriptContainer()
runtime.Notify("Deposit", from, amount, rcv, tx.Hash)
}
// Withdraw initialize gas asset withdraw from NeoFS. Can be invoked only
// by the specified user.
//
// This method produces Withdraw notification to lock assets in side chain and
// transfers withdraw fee from user account to each Alphabet node. If notary
// is enabled in main chain, fee is transferred to Processing contract.
// Fee value specified in NeoFS network config with the key WithdrawFee.
func Withdraw(user interop.Hash160, amount int) {
if !runtime.CheckWitness(user) {
panic("you should be the owner of the wallet")
}
if amount < 0 {
panic("non positive amount number")
}
if amount > maxBalanceAmount {
panic("out of max amount limit")
}
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
// transfer fee to proxy contract to pay cheque invocation
fee := getConfig(ctx, withdrawFeeConfigKey).(int)
if notaryDisabled {
alphabet := getNodes(ctx, alphabetKey)
for _, node := range alphabet {
processingAddr := contract.CreateStandardAccount(node.PublicKey)
transferred := gas.Transfer(user, processingAddr, fee, []byte{})
if !transferred {
panic("failed to transfer withdraw fee, aborting")
}
}
} else {
processingAddr := storage.Get(ctx, processingContractKey).(interop.Hash160)
transferred := gas.Transfer(user, processingAddr, fee, []byte{})
if !transferred {
panic("failed to transfer withdraw fee, aborting")
}
}
// notify alphabet nodes
amount = amount * 100000000
tx := runtime.GetScriptContainer()
runtime.Notify("Withdraw", user, amount, tx.Hash)
}
// Cheque transfers GAS back to the user from contract account, if assets were
// successfully locked in NeoFS balance contract. Can be invoked only by
// Alphabet nodes.
//
// This method produces Cheque notification to burn assets in side chain.
func Cheque(id []byte, user interop.Hash160, amount int, lockAcc []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = getNodes(ctx, alphabetKey)
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked by alphabet")
}
} else {
multiaddr := AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
from := runtime.GetExecutingScriptHash()
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
transferred := gas.Transfer(from, user, amount, nil)
if !transferred {
panic("failed to transfer funds, aborting")
}
runtime.Log("funds have been transferred")
runtime.Notify("Cheque", id, user, amount, lockAcc)
}
// Bind method produces notification to bind specified public keys in NeoFSID
// contract in side chain. Can be invoked only by specified user.
//
// This method produces Bind notification. Method panics if keys are not
// 33 byte long. User argument must be valid 20 byte script hash.
func Bind(user []byte, keys []interop.PublicKey) {
if !runtime.CheckWitness(user) {
panic("you should be the owner of the wallet")
}
for i := 0; i < len(keys); i++ {
pubKey := keys[i]
if len(pubKey) != interop.PublicKeyCompressedLen {
panic("incorrect public key size")
}
}
runtime.Notify("Bind", user, keys)
}
// Unbind method produces notification to unbind specified public keys in NeoFSID
// contract in side chain. Can be invoked only by specified user.
//
// This method produces Unbind notification. Method panics if keys are not
// 33 byte long. User argument must be valid 20 byte script hash.
func Unbind(user []byte, keys []interop.PublicKey) {
if !runtime.CheckWitness(user) {
panic("you should be the owner of the wallet")
}
for i := 0; i < len(keys); i++ {
pubKey := keys[i]
if len(pubKey) != interop.PublicKeyCompressedLen {
panic("incorrect public key size")
}
}
runtime.Notify("Unbind", user, keys)
}
// AlphabetUpdate updates list of alphabet nodes with provided list of
// public keys. Can be invoked only by alphabet nodes.
//
// This method used in notary disabled side chain environment. In this case
// actual alphabet list should be stored in the NeoFS contract.
func AlphabetUpdate(id []byte, args []interop.PublicKey) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
if len(args) == 0 {
panic("bad arguments")
}
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = getNodes(ctx, alphabetKey)
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked by alphabet")
}
} else {
multiaddr := AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
newAlphabet := []common.IRNode{}
for i := 0; i < len(args); i++ {
pubKey := args[i]
if len(pubKey) != interop.PublicKeyCompressedLen {
panic("invalid public key in alphabet list")
}
newAlphabet = append(newAlphabet, common.IRNode{
PublicKey: pubKey,
})
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
common.SetSerialized(ctx, alphabetKey, newAlphabet)
runtime.Notify("AlphabetUpdate", id, newAlphabet)
runtime.Log("alphabet list has been updated")
}
// Config returns configuration value of NeoFS configuration. If key does
// not exists, returns nil.
func Config(key []byte) interface{} {
ctx := storage.GetReadOnlyContext()
return getConfig(ctx, key)
}
// SetConfig key-value pair as a NeoFS runtime configuration value. Can be invoked
// only by Alphabet nodes.
func SetConfig(id, key, val []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = getNodes(ctx, alphabetKey)
nodeKey = common.InnerRingInvoker(alphabet)
if len(key) == 0 {
panic("this method must be invoked by alphabet")
}
} else {
multiaddr := AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
setConfig(ctx, key, val)
runtime.Notify("SetConfig", id, key, val)
runtime.Log("configuration has been updated")
}
// ListConfig returns array of structures that contain key and value of all
// NeoFS configuration records. Key and value are both byte arrays.
func ListConfig() []record {
ctx := storage.GetReadOnlyContext()
var config []record
it := storage.Find(ctx, configPrefix, storage.None)
for iterator.Next(it) {
pair := iterator.Value(it).(struct {
key []byte
val []byte
})
r := record{key: pair.key[len(configPrefix):], val: pair.val}
config = append(config, r)
}
return config
}
// Version returns version of the contract.
func Version() int {
return common.Version
}
// getNodes returns deserialized slice of nodes from storage.
func getNodes(ctx storage.Context, key string) []common.IRNode {
data := storage.Get(ctx, key)
if data != nil {
return std.Deserialize(data.([]byte)).([]common.IRNode)
}
return []common.IRNode{}
}
// getConfig returns installed neofs configuration value or nil if it is not set.
func getConfig(ctx storage.Context, key interface{}) interface{} {
postfix := key.([]byte)
storageKey := append(configPrefix, postfix...)
return storage.Get(ctx, storageKey)
}
// setConfig sets neofs configuration value in the contract storage.
func setConfig(ctx storage.Context, key, val interface{}) {
postfix := key.([]byte)
storageKey := append(configPrefix, postfix...)
storage.Put(ctx, storageKey, val)
}
// multiaddress returns multi signature address from list of IRNode structures
// with m = 2/3n+1.
func multiaddress(n []common.IRNode) []byte {
threshold := len(n)*2/3 + 1
keys := []interop.PublicKey{}
for _, node := range n {
key := node.PublicKey
keys = append(keys, key)
}
return contract.CreateMultisigAccount(threshold, keys)
}

2
frostfsid/config.yml → neofsid/config.yml
View file

@ -1,4 +1,4 @@
name: "Identity"
name: "NeoFS ID"
safemethods: ["key", "version"]
permissions:
- methods: ["update"]

20
neofsid/doc.go Normal file
View file

@ -0,0 +1,20 @@
/*
NeoFSID contract is a contract deployed in NeoFS side chain.
NeoFSID contract used to store connection between OwnerID and it's public keys.
OwnerID is a 25-byte N3 wallet address that can be produced from public key.
It is one-way conversion. In simple cases NeoFS verifies ownership by checking
signature and relation between public key and OwnerID.
In more complex cases, user can use public keys unrelated to OwnerID to maintain
secure access to the data. NeoFSID contract stores relation between OwnerID and
arbitrary public keys. Data owner can bind or unbind public key with it's account
by invoking Bind or Unbind methods of NeoFS contract in main chain. After that,
Alphabet nodes produce multi signed AddKey and RemoveKey invocations of NeoFSID
contract.
Contract notifications
NeoFSID contract does not produce notifications to process.
*/
package neofsid

234
neofsid/neofsid_contract.go Normal file
View file

@ -0,0 +1,234 @@
package neofsid
import (
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
type (
UserInfo struct {
Keys [][]byte
}
)
const (
ownerSize = 1 + interop.Hash160Len + 4
)
const (
netmapContractKey = "netmapScriptHash"
containerContractKey = "containerScriptHash"
notaryDisabledKey = "notary"
ownerKeysPrefix = 'o'
)
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
if isUpdate {
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
args := data.(struct {
notaryDisabled bool
addrNetmap interop.Hash160
addrContainer interop.Hash160
})
if len(args.addrNetmap) != interop.Hash160Len || len(args.addrContainer) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
storage.Put(ctx, netmapContractKey, args.addrNetmap)
storage.Put(ctx, containerContractKey, args.addrContainer)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
common.InitVote(ctx)
runtime.Log("neofsid contract notary disabled")
}
runtime.Log("neofsid contract initialized")
}
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("neofsid contract updated")
}
// AddKey binds list of provided public keys to OwnerID. Can be invoked only by
// Alphabet nodes.
//
// This method panics if OwnerID is not ownerSize byte or public key is not 33 byte long.
// If key is already bound, ignores it.
func AddKey(owner []byte, keys []interop.PublicKey) {
// V2 format
if len(owner) != ownerSize {
panic("incorrect owner")
}
for i := range keys {
if len(keys[i]) != interop.PublicKeyCompressedLen {
panic("incorrect public key")
}
}
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
indirectCall bool
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("invocation from non inner ring node")
}
indirectCall = common.FromKnownContract(
ctx,
runtime.GetCallingScriptHash(),
containerContractKey)
if indirectCall {
threshold := len(alphabet)*2/3 + 1
id := invokeIDKeys(owner, keys, []byte("add"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
ownerKey := append([]byte{ownerKeysPrefix}, owner...)
for i := range keys {
stKey := append(ownerKey, keys[i]...)
storage.Put(ctx, stKey, []byte{1})
}
runtime.Log("key bound to the owner")
}
// RemoveKey unbinds provided public keys from OwnerID. Can be invoked only by
// Alphabet nodes.
//
// This method panics if OwnerID is not ownerSize byte or public key is not 33 byte long.
// If key is already unbound, ignores it.
func RemoveKey(owner []byte, keys []interop.PublicKey) {
// V2 format
if len(owner) != ownerSize {
panic("incorrect owner")
}
for i := range keys {
if len(keys[i]) != interop.PublicKeyCompressedLen {
panic("incorrect public key")
}
}
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("invocation from non inner ring node")
}
threshold := len(alphabet)*2/3 + 1
id := invokeIDKeys(owner, keys, []byte("remove"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
} else {
multiaddr := common.AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
panic("invocation from non inner ring node")
}
}
ownerKey := append([]byte{ownerKeysPrefix}, owner...)
for i := range keys {
stKey := append(ownerKey, keys[i]...)
storage.Delete(ctx, stKey)
}
}
// Key method returns list of 33-byte public keys bound with OwnerID.
//
// This method panics if owner is not ownerSize byte long.
func Key(owner []byte) [][]byte {
// V2 format
if len(owner) != ownerSize {
panic("incorrect owner")
}
ctx := storage.GetReadOnlyContext()
ownerKey := append([]byte{ownerKeysPrefix}, owner...)
info := getUserInfo(ctx, ownerKey)
return info.Keys
}
// Version returns version of the contract.
func Version() int {
return common.Version
}
func getUserInfo(ctx storage.Context, key interface{}) UserInfo {
it := storage.Find(ctx, key, storage.KeysOnly|storage.RemovePrefix)
pubs := [][]byte{}
for iterator.Next(it) {
pub := iterator.Value(it).([]byte)
pubs = append(pubs, pub)
}
return UserInfo{Keys: pubs}
}
func invokeIDKeys(owner []byte, keys []interop.PublicKey, prefix []byte) []byte {
prefix = append(prefix, owner...)
for i := range keys {
prefix = append(prefix, keys[i]...)
}
return crypto.Sha256(prefix)
}

22
netmap/config.yml
View file

@ -1,13 +1,5 @@
name: "Netmap"
safemethods:
- "config"
- "epoch"
- "listConfig"
- "netmap"
- "netmapCandidates"
- "snapshot"
- "snapshotByEpoch"
- "version"
name: "NeoFS Netmap"
safemethods: ["innerRingList", "epoch", "netmap", "netmapCandidates", "snapshot", "snapshotByEpoch", "config", "listConfig", "version"]
permissions:
- methods: ["update", "newEpoch"]
events:
@ -15,22 +7,12 @@ events:
parameters:
- name: nodeInfo
type: ByteArray
- name: AddPeerSuccess
parameters:
- name: publicKey
type: PublicKey
- name: UpdateState
parameters:
- name: state
type: Integer
- name: publicKey
type: PublicKey
- name: UpdateStateSuccess
parameters:
- name: publicKey
type: PublicKey
- name: state
type: Integer
- name: NewEpoch
parameters:
- name: epoch

54
netmap/doc.go
View file

@ -1,46 +1,34 @@
/*
Netmap contract is a contract deployed in FrostFS sidechain.
Netmap contract is a contract deployed in NeoFS side chain.
Netmap contract stores and manages FrostFS network map, Storage node candidates
and epoch number counter.
Netmap contract stores and manages NeoFS network map, Storage node candidates
and epoch number counter. In notary disabled environment, contract also stores
list of Inner Ring node keys.
# Contract notifications
Contract notifications
AddPeer notification. This notification is produced when a Storage node sends
a bootstrap request by invoking AddPeer method.
AddPeer notification. This notification is produced when Storage node sends
bootstrap request by invoking AddPeer method.
AddPeer
- name: nodeInfo
type: ByteArray
AddPeer
- name: nodeInfo
type: ByteArray
UpdateState notification. This notification is produced when a Storage node wants
to change its state (go offline) by invoking UpdateState method. Supported
UpdateState notification. This notification is produced when Storage node wants
to change it's state (go offline) by invoking UpdateState method. Supported
states: (2) -- offline.
UpdateState
- name: state
type: Integer
- name: publicKey
type: PublicKey
UpdateState
- name: state
type: Integer
- name: publicKey
type: PublicKey
NewEpoch notification. This notification is produced when a new epoch is applied
NewEpoch notification. This notification is produced when new epoch is applied
in the network by invoking NewEpoch method.
NewEpoch
- name: epoch
type: Integer
# Contract storage scheme
| Key | Value | Description |
|-----------------------------|------------|-----------------------------------|
| `snapshotCount` | int | snapshot count |
| `snapshotEpoch` | int | snapshot epoch |
| `snapshotBlock` | int | snapshot block |
| `snapshot_` + snapshotNum | ByteArray | serialized '[]Node' array |
| `snapshotCurrent` | int | current snapshot |
| `balanceScriptHash` | Hash160 | balance contract hash |
| `containerScriptHash` | Hash160 | container contract hash |
NewEpoch
- name: epoch
type: Integer
*/
package netmap

659
netmap/netmap_contract.go
View file

@ -1,59 +1,44 @@
package netmap
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto"
"github.com/nspcc-dev/neo-go/pkg/interop/native/ledger"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/std"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
// NodeState is an enumeration for node states.
type NodeState int
type (
storageNode struct {
info []byte
}
// Various Node states
const (
_ NodeState = iota
netmapNode struct {
node storageNode
state nodeState
}
// NodeStateOnline stands for nodes that are in full network and
// operational availability.
NodeStateOnline
nodeState int
// NodeStateOffline stands for nodes that are in network unavailability.
NodeStateOffline
// NodeStateMaintenance stands for nodes under maintenance with partial
// network availability.
NodeStateMaintenance
record struct {
key []byte
val []byte
}
)
// Node groups data related to FrostFS storage nodes registered in the FrostFS
// network. The information is stored in the current contract.
type Node struct {
// Information about the node encoded according to the FrostFS binary
// protocol.
BLOB []byte
// Current node state.
State NodeState
}
const (
notaryDisabledKey = "notary"
innerRingKey = "innerring"
// DefaultSnapshotCount contains the number of previous snapshots stored by this contract.
// Must be less than 255.
DefaultSnapshotCount = 10
snapshotCountKey = "snapshotCount"
snapshotKeyPrefix = "snapshot_"
snapshotCurrentIDKey = "snapshotCurrent"
snapshotEpoch = "snapshotEpoch"
snapshotBlockKey = "snapshotBlock"
snapshot0Key = "snapshotCurrent"
snapshot1Key = "snapshotPrevious"
snapshotEpoch = "snapshotEpoch"
snapshotBlockKey = "snapshotBlock"
containerContractKey = "containerScriptHash"
balanceContractKey = "balanceScriptHash"
@ -61,6 +46,13 @@ const (
cleanupEpochMethod = "newEpoch"
)
const (
// V2 format
_ nodeState = iota
onlineState
offlineState
)
var (
configPrefix = []byte("config")
candidatePrefix = []byte("candidate")
@ -70,16 +62,12 @@ var (
func _deploy(data interface{}, isUpdate bool) {
ctx := storage.GetContext()
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
var args = data.(struct {
//TODO(@acid-ant): #9 remove notaryDisabled in future version
notaryDisabled bool
addrBalance interop.Hash160
addrContainer interop.Hash160
keys []interop.PublicKey
config [][]byte
version int
})
ln := len(args.config)
@ -95,7 +83,9 @@ func _deploy(data interface{}, isUpdate bool) {
}
if isUpdate {
common.CheckVersion(args.version)
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
@ -104,153 +94,273 @@ func _deploy(data interface{}, isUpdate bool) {
}
// epoch number is a little endian int, it doesn't need to be serialized
storage.Put(ctx, snapshotCountKey, DefaultSnapshotCount)
storage.Put(ctx, snapshotEpoch, 0)
storage.Put(ctx, snapshotBlockKey, 0)
prefix := []byte(snapshotKeyPrefix)
for i := 0; i < DefaultSnapshotCount; i++ {
common.SetSerialized(ctx, append(prefix, byte(i)), []Node{})
}
storage.Put(ctx, snapshotCurrentIDKey, 0)
common.SetSerialized(ctx, snapshot0Key, []netmapNode{})
common.SetSerialized(ctx, snapshot1Key, []netmapNode{})
storage.Put(ctx, balanceContractKey, args.addrBalance)
storage.Put(ctx, containerContractKey, args.addrContainer)
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
var irList []common.IRNode
for i := 0; i < len(args.keys); i++ {
key := args.keys[i]
irList = append(irList, common.IRNode{PublicKey: key})
}
common.SetSerialized(ctx, innerRingKey, irList)
common.InitVote(ctx)
runtime.Log("netmap contract notary disabled")
}
runtime.Log("netmap contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("netmap contract updated")
}
// AddPeerIR accepts Alphabet calls in the notary-enabled contract setting and
// behaves similar to AddPeer in the notary-disabled one.
// InnerRingList method returns slice of structures that contains public key of
// Inner Ring node. Should be used only in notary disabled environment.
//
// AddPeerIR MUST NOT be called in notary-disabled contract setting.
// AddPeerIR MUST be called by the Alphabet member only.
func AddPeerIR(nodeInfo []byte) {
ctx := storage.GetContext()
common.CheckAlphabetWitness()
publicKey := nodeInfo[2:35] // V2 format: offset:2, len:33
addToNetmap(ctx, publicKey, Node{
BLOB: nodeInfo,
State: NodeStateOnline,
})
// If notary enabled, then look to NeoFSAlphabet role in native RoleManagement
// contract of the side chain.
func InnerRingList() []common.IRNode {
ctx := storage.GetReadOnlyContext()
return getIRNodes(ctx)
}
// AddPeer accepts information about the network map candidate in the FrostFS
// binary protocol format and does nothing. Keep method because storage node
// creates a notary transaction with this method, which produces a notary
// notification (implicit here).
func AddPeer(nodeInfo []byte) {
// V2 format - offset:2, len:33
common.CheckWitness(nodeInfo[2:35])
// UpdateInnerRing method updates list of Inner Ring node keys. Should be used
// only in notary disabled environment. Can be invoked only by Alphabet nodes.
//
// If notary enabled, then update NeoFSAlphabet role in native RoleManagement
// contract of the side chain. Use notary service to collect multi signature.
func UpdateInnerRing(keys []interop.PublicKey) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked by alphabet nodes")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
var irList []common.IRNode
for i := 0; i < len(keys); i++ {
key := keys[i]
irList = append(irList, common.IRNode{PublicKey: key})
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := keysID(keys, []byte("updateIR"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
runtime.Log("inner ring list updated")
common.SetSerialized(ctx, innerRingKey, irList)
}
// Register method tries to add new candidate to the network map by
// emitting AddPeer notification. Should be invoked by the registree.
func Register(nodeInfo []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
if notaryDisabled {
panic("Register should only be called in notary-enabled environment")
}
common.CheckAlphabetWitness(common.AlphabetAddress())
addToNetmap(ctx, storageNode{info: nodeInfo})
return
}
// updates state of the network map candidate by its public key in the contract
// storage, and throws UpdateStateSuccess notification after this.
// AddPeer method adds new candidate to the next network map if it was invoked
// by Alphabet node. If it was invoked by node candidate, it produces AddPeer
// notification. Otherwise method throws panic.
//
// State MUST be from the NodeState enum.
func updateCandidateState(ctx storage.Context, publicKey interop.PublicKey, state NodeState) {
switch state {
case NodeStateOffline:
removeFromNetmap(ctx, publicKey)
runtime.Log("remove storage node from the network map")
case NodeStateOnline, NodeStateMaintenance:
updateNetmapState(ctx, publicKey, state)
runtime.Log("update state of the network map candidate")
default:
panic("unsupported state")
// If the candidate already exists, it's info is updated.
// NodeInfo argument contains stable marshaled version of netmap.NodeInfo
// structure.
func AddPeer(nodeInfo []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
}
runtime.Notify("UpdateStateSuccess", publicKey, state)
// If notary is enabled or caller is not an alphabet node,
// just emit the notification for alphabet.
if !notaryDisabled || len(nodeKey) == 0 {
// V2 format
publicKey := nodeInfo[2:35] // offset:2, len:33
common.CheckWitness(publicKey)
runtime.Notify("AddPeer", nodeInfo)
return
}
candidate := storageNode{
info: nodeInfo,
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
rawCandidate := std.Serialize(candidate)
id := crypto.Sha256(rawCandidate)
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
addToNetmap(ctx, candidate)
}
// UpdateState accepts new state to be assigned to network map candidate
// identified by the given public key, identifies the signer.
// Applicable only for notary-enabled environment.
// UpdateState method updates state of node from the network map candidate list
// if it was invoked by Alphabet node. If it was invoked by public key owner,
// then it produces UpdateState notification. Otherwise method throws panic.
//
// Signers:
// State argument defines node state. The only supported state now is (2) --
// offline state. Node is removed from network map candidate list.
//
// (a) candidate himself only, if provided public key corresponds to the signer
// (b) Alphabet member only
// (ab) both candidate and Alphabet member
// (c) others
//
// UpdateState case-by-case behavior:
//
// (a) panics
// (b) panics
// (ab) updates candidate's state in the contract storage (*), and throws
// UpdateStateSuccess with the provided key and new state
// (c) panics
//
// (*) Candidate is removed from the candidate set if state is NodeStateOffline.
// Any other state is written into candidate's descriptor in the contract storage.
// If requested candidate is missing, panic occurs. Throws UpdateStateSuccess
// notification on success.
//
// State MUST be from the NodeState enum. Public key MUST be
// interop.PublicKeyCompressedLen bytes.
func UpdateState(state NodeState, publicKey interop.PublicKey) {
// Method panics when invoked with unsupported states.
func UpdateState(state int, publicKey interop.PublicKey) {
if len(publicKey) != interop.PublicKeyCompressedLen {
panic("incorrect public key")
}
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckWitness(publicKey)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
updateCandidateState(ctx, publicKey, state)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
common.CheckWitness(publicKey)
runtime.Notify("UpdateState", state, publicKey)
return
}
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{state, publicKey}, []byte("update"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
} else {
multiaddr := common.AlphabetAddress()
common.CheckWitness(publicKey)
common.CheckAlphabetWitness(multiaddr)
}
switch nodeState(state) {
case offlineState:
removeFromNetmap(ctx, publicKey)
runtime.Log("remove storage node from the network map")
default:
panic("unsupported state")
}
}
// UpdateStateIR accepts Alphabet calls in the notary-enabled contract setting
// and behaves similar to UpdateState, but does not require candidate's
// signature presence.
// NewEpoch method changes epoch number up to provided epochNum argument. Can
// be invoked only by Alphabet nodes. If provided epoch number is less or equal
// current epoch number, method throws panic.
//
// UpdateStateIR MUST NOT be called in notary-disabled contract setting.
// UpdateStateIR MUST be called by the Alphabet member only.
func UpdateStateIR(state NodeState, publicKey interop.PublicKey) {
ctx := storage.GetContext()
common.CheckAlphabetWitness()
updateCandidateState(ctx, publicKey, state)
}
// NewEpoch method changes the epoch number up to the provided epochNum argument. It can
// be invoked only by Alphabet nodes. If provided epoch number is less than the
// current epoch number or equals it, the method throws panic.
//
// When epoch number is updated, the contract sets storage node candidates as the current
// network map. The contract also invokes NewEpoch method on Balance and Container
// When epoch number updated, contract sets storage node candidates as current
// network map. Also contract invokes NewEpoch method on Balance and Container
// contracts.
//
// It produces NewEpoch notification.
// Produces NewEpoch notification.
func NewEpoch(epochNum int) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("this method must be invoked by inner ring nodes")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{epochNum}, []byte("epoch"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
currentEpoch := storage.Get(ctx, snapshotEpoch).(int)
if epochNum <= currentEpoch {
panic("invalid epoch") // ignore invocations with invalid epoch
}
dataOnlineState := filterNetmap(ctx)
data0snapshot := getSnapshot(ctx, snapshot0Key)
dataOnlineState := filterNetmap(ctx, onlineState)
runtime.Log("process new epoch")
@ -258,12 +368,11 @@ func NewEpoch(epochNum int) {
storage.Put(ctx, snapshotEpoch, epochNum)
storage.Put(ctx, snapshotBlockKey, ledger.CurrentIndex())
id := storage.Get(ctx, snapshotCurrentIDKey).(int)
id = (id + 1) % getSnapshotCount(ctx)
storage.Put(ctx, snapshotCurrentIDKey, id)
// put actual snapshot into previous snapshot
common.SetSerialized(ctx, snapshot1Key, data0snapshot)
// put netmap into actual snapshot
common.SetSerialized(ctx, snapshotKeyPrefix+string([]byte{byte(id)}), dataOnlineState)
common.SetSerialized(ctx, snapshot0Key, dataOnlineState)
// make clean up routines in other contracts
cleanup(ctx, epochNum)
@ -271,190 +380,116 @@ func NewEpoch(epochNum int) {
runtime.Notify("NewEpoch", epochNum)
}
// Epoch method returns the current epoch number.
// Epoch method returns current epoch number.
func Epoch() int {
ctx := storage.GetReadOnlyContext()
return storage.Get(ctx, snapshotEpoch).(int)
}
// LastEpochBlock method returns the block number when the current epoch was applied.
// LastEpochBlock method returns block number when current epoch was applied.
func LastEpochBlock() int {
ctx := storage.GetReadOnlyContext()
return storage.Get(ctx, snapshotBlockKey).(int)
}
// Netmap returns set of information about the storage nodes representing a network
// map in the current epoch.
//
// Current state of each node is represented in the State field. It MAY differ
// with the state encoded into BLOB field, in this case binary encoded state
// MUST NOT be processed.
func Netmap() []Node {
// Netmap method returns list of structures that contain byte array of stable
// marshalled netmap.NodeInfo structure. These structure contain Storage nodes
// of current epoch.
func Netmap() []storageNode {
ctx := storage.GetReadOnlyContext()
id := storage.Get(ctx, snapshotCurrentIDKey).(int)
return getSnapshot(ctx, snapshotKeyPrefix+string([]byte{byte(id)}))
return getSnapshot(ctx, snapshot0Key)
}
// NetmapCandidates returns set of information about the storage nodes
// representing candidates for the network map in the coming epoch.
//
// Current state of each node is represented in the State field. It MAY differ
// with the state encoded into BLOB field, in this case binary encoded state
// MUST NOT be processed.
func NetmapCandidates() []Node {
// Snapshot method returns list of structures that contain node state
// and byte array of stable marshalled netmap.NodeInfo structure.
// These structure contain Storage node candidates for next epoch.
func NetmapCandidates() []netmapNode {
ctx := storage.GetReadOnlyContext()
return getNetmapNodes(ctx)
}
// Snapshot returns set of information about the storage nodes representing a network
// map in (current-diff)-th epoch.
// Snapshot method returns list of structures that contain node state
// (online: 1) and byte array of stable marshalled netmap.NodeInfo structure.
// These structure contain Storage nodes of specified epoch.
//
// Diff MUST NOT be negative. Diff MUST be less than maximum number of network
// map snapshots stored in the contract. The limit is a contract setting,
// DefaultSnapshotCount by default. See UpdateSnapshotCount for details.
//
// Current state of each node is represented in the State field. It MAY differ
// with the state encoded into BLOB field, in this case binary encoded state
// MUST NOT be processed.
func Snapshot(diff int) []Node {
ctx := storage.GetReadOnlyContext()
count := getSnapshotCount(ctx)
if diff < 0 || count <= diff {
// Netmap contract contains only two recent network map snapshot: current and
// previous epoch. For diff bigger than 1 or less than 0 method throws panic.
func Snapshot(diff int) []storageNode {
var key string
switch diff {
case 0:
key = snapshot0Key
case 1:
key = snapshot1Key
default:
panic("incorrect diff")
}
id := storage.Get(ctx, snapshotCurrentIDKey).(int)
needID := (id - diff + count) % count
key := snapshotKeyPrefix + string([]byte{byte(needID)})
ctx := storage.GetReadOnlyContext()
return getSnapshot(ctx, key)
}
func getSnapshotCount(ctx storage.Context) int {
return storage.Get(ctx, snapshotCountKey).(int)
}
// UpdateSnapshotCount updates the number of the stored snapshots.
// If a new number is less than the old one, old snapshots are removed.
// Otherwise, history is extended with empty snapshots, so
// `Snapshot` method can return invalid results for `diff = new-old` epochs
// until `diff` epochs have passed.
// SnapshotByEpoch method returns list of structures that contain node state
// (online: 1) and byte array of stable marshalled netmap.NodeInfo structure.
// These structure contain Storage nodes of specified epoch.
//
// Count MUST NOT be negative.
func UpdateSnapshotCount(count int) {
common.CheckAlphabetWitness()
if count < 0 {
panic("count must be positive")
}
ctx := storage.GetContext()
curr := getSnapshotCount(ctx)
if curr == count {
panic("count has not changed")
}
storage.Put(ctx, snapshotCountKey, count)
id := storage.Get(ctx, snapshotCurrentIDKey).(int)
var delStart, delFinish int
if curr < count {
// Increase history size.
//
// Old state (N = count, K = curr, E = current index, C = current epoch)
// KEY INDEX: 0 | 1 | ... | E | E+1 | ... | K-1 | ... | N-1
// EPOCH : C-E | C-E+1 | ... | C | C-K+1 | ... | C-E-1 |
//
// New state:
// KEY INDEX: 0 | 1 | ... | E | E+1 | ... | K-1 | ... | N-1
// EPOCH : C-E | C-E+1 | ... | C | nil | ... | . | ... | C-E-1
//
// So we need to move tail snapshots N-K keys forward,
// i.e. from E+1 .. K to N-K+E+1 .. N
diff := count - curr
lower := diff + id + 1
for k := count - 1; k >= lower; k-- {
moveSnapshot(ctx, k-diff, k)
}
delStart, delFinish = id+1, id+1+diff
if curr < delFinish {
delFinish = curr
}
} else {
// Decrease history size.
//
// Old state (N = curr, K = count)
// KEY INDEX: 0 | 1 | ... K1 ... | E | E+1 | ... K2-1 ... | N-1
// EPOCH : C-E | C-E+1 | ... .. ... | C | C-N+1 | ... ... ... | C-E-1
var step, start int
if id < count {
// K2 case, move snapshots from E+1+N-K .. N-1 range to E+1 .. K-1
// New state:
// KEY INDEX: 0 | 1 | ... | E | E+1 | ... | K-1
// EPOCH : C-E | C-E+1 | ... | C | C-K+1 | ... | C-E-1
step = curr - count
start = id + 1
} else {
// New state:
// KEY INDEX: 0 | 1 | ... | K-1
// EPOCH : C-K+1 | C-K+2 | ... | C
// K1 case, move snapshots from E-K+1 .. E range to 0 .. K-1
// AND replace current id with K-1
step = id - count + 1
storage.Put(ctx, snapshotCurrentIDKey, count-1)
}
for k := start; k < count; k++ {
moveSnapshot(ctx, k+step, k)
}
delStart, delFinish = count, curr
}
for k := delStart; k < delFinish; k++ {
key := snapshotKeyPrefix + string([]byte{byte(k)})
storage.Delete(ctx, key)
}
}
func moveSnapshot(ctx storage.Context, from, to int) {
keyFrom := snapshotKeyPrefix + string([]byte{byte(from)})
keyTo := snapshotKeyPrefix + string([]byte{byte(to)})
data := storage.Get(ctx, keyFrom)
storage.Put(ctx, keyTo, data)
}
// SnapshotByEpoch returns set of information about the storage nodes representing
// a network map in the given epoch.
//
// Behaves like Snapshot: it is called after difference with the current epoch is
// calculated.
func SnapshotByEpoch(epoch int) []Node {
// Netmap contract contains only two recent network map snapshot: current and
// previous epoch. For all others epoch method throws panic.
func SnapshotByEpoch(epoch int) []storageNode {
ctx := storage.GetReadOnlyContext()
currentEpoch := storage.Get(ctx, snapshotEpoch).(int)
return Snapshot(currentEpoch - epoch)
}
// Config returns configuration value of FrostFS configuration. If key does
// Config returns configuration value of NeoFS configuration. If key does
// not exists, returns nil.
func Config(key []byte) interface{} {
ctx := storage.GetReadOnlyContext()
return getConfig(ctx, key)
}
// SetConfig key-value pair as a FrostFS runtime configuration value. It can be invoked
// SetConfig key-value pair as a NeoFS runtime configuration value. Can be invoked
// only by Alphabet nodes.
func SetConfig(id, key, val []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
common.CheckAlphabetWitness()
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
panic("invoked by non inner ring node")
}
} else {
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
setConfig(ctx, key, val)
runtime.Log("configuration has been updated")
}
type record struct {
key []byte
val []byte
}
// ListConfig returns an array of structures that contain key and value of all
// FrostFS configuration records. Key and value are both byte arrays.
// ListConfig returns array of structures that contain key and value of all
// NeoFS configuration records. Key and value are both byte arrays.
func ListConfig() []record {
ctx := storage.GetReadOnlyContext()
@ -474,20 +509,24 @@ func ListConfig() []record {
return config
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}
// serializes and stores the given Node by its public key in the contract storage,
// and throws AddPeerSuccess notification after this.
//
// Public key MUST match the one encoded in BLOB field.
func addToNetmap(ctx storage.Context, publicKey []byte, node Node) {
storageKey := append(candidatePrefix, publicKey...)
storage.Put(ctx, storageKey, std.Serialize(node))
func addToNetmap(ctx storage.Context, n storageNode) {
var (
newNode = n.info
newNodeKey = newNode[2:35]
storageKey = append(candidatePrefix, newNodeKey...)
runtime.Notify("AddPeerSuccess", interop.PublicKey(publicKey))
node = netmapNode{
node: n,
state: onlineState,
}
)
storage.Put(ctx, storageKey, std.Serialize(node))
}
func removeFromNetmap(ctx storage.Context, key interop.PublicKey) {
@ -495,52 +534,41 @@ func removeFromNetmap(ctx storage.Context, key interop.PublicKey) {
storage.Delete(ctx, storageKey)
}
func updateNetmapState(ctx storage.Context, key interop.PublicKey, state NodeState) {
storageKey := append(candidatePrefix, key...)
raw := storage.Get(ctx, storageKey).([]byte)
if raw == nil {
panic("peer is missing")
}
node := std.Deserialize(raw).(Node)
node.State = state
storage.Put(ctx, storageKey, std.Serialize(node))
}
func filterNetmap(ctx storage.Context) []Node {
func filterNetmap(ctx storage.Context, st nodeState) []storageNode {
var (
netmap = getNetmapNodes(ctx)
result = []Node{}
result = []storageNode{}
)
for i := 0; i < len(netmap); i++ {
item := netmap[i]
if item.State != NodeStateOffline {
result = append(result, item)
if item.state == st {
result = append(result, item.node)
}
}
return result
}
func getNetmapNodes(ctx storage.Context) []Node {
result := []Node{}
func getNetmapNodes(ctx storage.Context) []netmapNode {
result := []netmapNode{}
it := storage.Find(ctx, candidatePrefix, storage.ValuesOnly|storage.DeserializeValues)
for iterator.Next(it) {
node := iterator.Value(it).(Node)
node := iterator.Value(it).(netmapNode)
result = append(result, node)
}
return result
}
func getSnapshot(ctx storage.Context, key string) []Node {
func getSnapshot(ctx storage.Context, key string) []storageNode {
data := storage.Get(ctx, key)
if data != nil {
return std.Deserialize(data.([]byte)).([]Node)
return std.Deserialize(data.([]byte)).([]storageNode)
}
return []Node{}
return []storageNode{}
}
func getConfig(ctx storage.Context, key interface{}) interface{} {
@ -564,3 +592,26 @@ func cleanup(ctx storage.Context, epoch int) {
containerContractAddr := storage.Get(ctx, containerContractKey).(interop.Hash160)
contract.Call(containerContractAddr, cleanupEpochMethod, contract.All, epoch)
}
func getIRNodes(ctx storage.Context) []common.IRNode {
data := storage.Get(ctx, innerRingKey)
if data != nil {
return std.Deserialize(data.([]byte)).([]common.IRNode)
}
return []common.IRNode{}
}
func keysID(args []interop.PublicKey, prefix []byte) []byte {
var (
result []byte
)
result = append(result, prefix...)
for i := range args {
result = append(result, args[i]...)
}
return crypto.Sha256(result)
}

17
nns/doc.go
View file

@ -1,17 +0,0 @@
/*
# Contract storage scheme
| Key | Value | Description |
|--------------------------------------|------------|-----------------------------------|
| 0x0 | int | total supply of minted domains |
| 0x1 + accountAddr | int | account's balance |
| 0x2 + accountAddr + tokenKey | ByteArray | token ID |
| 0x10 | int | price for domain registration |
| 0x20 | int | set of roots |
| 0x21 + tokenKey | ByteArray | serialized NameState struct |
| 0x22 + tokenKey + Hash160(tokenName) | Hash160 | container contract hash |
*/
package nns

4
nns/namestate.go
View file

@ -9,13 +9,13 @@ import (
type NameState struct {
Owner interop.Hash160
Name string
Expiration int64
Expiration int
Admin interop.Hash160
}
// ensureNotExpired panics if domain name is expired.
func (n NameState) ensureNotExpired() {
if int64(runtime.GetTime()) >= n.Expiration {
if runtime.GetTime() >= n.Expiration {
panic("name has expired")
}
}

18
nns/nns.yml
View file

@ -1,20 +1,8 @@
name: "NameService"
supportedstandards: ["NEP-11"]
safemethods:
- "balanceOf"
- "decimals"
- "getAllRecords"
- "getPrice"
- "getRecord"
- "isAvailable"
- "ownerOf"
- "properties"
- "symbol"
- "totalSupply"
- "tokensOf"
- "tokens"
- "resolve"
- "roots"
safemethods: ["balanceOf", "decimals", "symbol", "totalSupply", "tokensOf", "ownerOf",
"tokens", "properties", "roots", "getPrice", "isAvailable", "getRecord",
"resolve", "getAllRecords"]
events:
- name: Transfer
parameters:

155
nns/nns_contract.go
View file

@ -4,12 +4,11 @@ implementation. This token is a compatible analogue of C# Neo Name Service
token and is aimed to serve as a domain name service for Neo smart-contracts,
thus it's NeoNameService. This token can be minted with new domain name
registration, the domain name itself is your NFT. Corresponding domain root
must be added by committee before a new domain name can be registered.
must be added by the committee before new domain name can be registered.
*/
package nns
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
@ -20,13 +19,14 @@ import (
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neo-go/pkg/interop/util"
"github.com/nspcc-dev/neofs-contract/common"
)
// Prefixes used for contract data storage.
const (
// prefixTotalSupply contains total supply of minted domains.
prefixTotalSupply byte = 0x00
// prefixBalance contains map from the owner to their balance.
// prefixBalance contains map from owner to his balance.
prefixBalance byte = 0x01
// prefixAccountToken contains map from (owner + token key) to token ID,
// where token key = hash160(token ID) and token ID = domain name.
@ -46,11 +46,11 @@ const (
// Values constraints.
const (
// maxRegisterPrice is the maximum price of register method.
maxRegisterPrice = int64(1_0000_0000_0000)
maxRegisterPrice = 1_0000_0000_0000
// maxRootLength is the maximum domain root length.
maxRootLength = 16
// maxDomainNameFragmentLength is the maximum length of the domain name fragment.
maxDomainNameFragmentLength = 63
maxDomainNameFragmentLength = 62
// minDomainNameLength is minimum domain length.
minDomainNameLength = 3
// maxDomainNameLength is maximum domain length.
@ -64,7 +64,7 @@ const (
// defaultRegisterPrice is the default price for new domain registration.
defaultRegisterPrice = 10_0000_0000
// millisecondsInYear is amount of milliseconds per year.
millisecondsInYear = int64(365 * 24 * 3600 * 1000)
millisecondsInYear = 365 * 24 * 3600 * 1000
)
// RecordState is a type that registered entities are saved to.
@ -76,21 +76,61 @@ type RecordState struct {
}
// Update updates NameService contract.
func Update(nef []byte, manifest string, data interface{}) {
func Update(nef []byte, manifest string) {
checkCommittee()
// Calculating keys and serializing requires calling
// std and crypto contracts. This can be helpful on update
// thus we provide `AllowCall` to management.Update.
// management.Update(nef, []byte(manifest))
management.UpdateWithData(nef, []byte(manifest), common.AppendVersion(data))
runtime.Log("nns contract updated")
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, nef, manifest, common.AppendVersion(nil))
}
// _deploy initializes defaults (total supply and registration price) on contract deploy.
func _deploy(data interface{}, isUpdate bool) {
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
ctx := storage.GetContext()
committee := common.CommitteeAddress()
it := storage.Find(ctx, []byte{prefixRoot}, storage.KeysOnly|storage.RemovePrefix)
for iterator.Next(it) {
name := iterator.Value(it).(string)
if name != "neofs" {
continue
}
ns := NameState{
Owner: committee,
Name: name,
Expiration: runtime.GetTime() + millisecondsInYear,
}
tokenKey := getTokenKey([]byte(name))
putNameStateWithKey(ctx, tokenKey, ns)
putSoaRecord(ctx, name, "ops@nspcc.ru",
3600 /* 1 hour */, 600, /* 10 min */
604800 /* 1 week */, 3600 /* 1 hour */)
}
r := GetRecords("container.neofs", TXT)
owner := shBEFromLEHex(r[0])
it = storage.Find(ctx, []byte{prefixRoot}, storage.KeysOnly|storage.RemovePrefix)
for iterator.Next(it) {
name := iterator.Value(it).(string)
if name == "neofs" {
continue
}
ns := NameState{
Owner: owner,
Name: name,
Expiration: runtime.GetTime() + millisecondsInYear,
}
tokenKey := getTokenKey([]byte(name))
putNameStateWithKey(ctx, tokenKey, ns)
putSoaRecord(ctx, name, "ops@nspcc.ru",
3600 /* 1 hour */, 600, /* 10 min */
604800 /* 1 week */, 3600 /* 1 hour */)
}
return
}
@ -99,6 +139,39 @@ func _deploy(data interface{}, isUpdate bool) {
storage.Put(ctx, []byte{prefixRegisterPrice}, defaultRegisterPrice)
}
// remove after v0.13.1 upgrade
func shBEFromLEHex(s string) interop.Hash160 {
res := make([]byte, interop.Hash160Len)
ln := len(s) / 2
for i := 0; i < ln; i++ {
a := hexToNum(s[i*2])
b := hexToNum(s[i*2+1])
var n interface{} = a*16 + b
res[ln-1-i] = n.([]byte)[0]
}
return res
}
// remove after v0.13.1 upgrade
func hexToNum(s uint8) int {
if s >= '0' && s <= '9' {
return int(s) - 48
}
if s >= 'A' && s <= 'F' {
return int(s) - 55
}
if s >= 'a' && s <= 'f' {
return int(s) - 87
}
panic("invalid hex")
}
// Symbol returns NeoNameService symbol.
func Symbol() string {
return "NNS"
@ -109,25 +182,25 @@ func Decimals() int {
return 0
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}
// TotalSupply returns the overall number of domains minted by NeoNameService contract.
// TotalSupply returns overall number of domains minted by the NeoNameService contract.
func TotalSupply() int {
ctx := storage.GetReadOnlyContext()
return getTotalSupply(ctx)
}
// OwnerOf returns the owner of the specified domain.
// OwnerOf returns owner of the specified domain.
func OwnerOf(tokenID []byte) interop.Hash160 {
ctx := storage.GetReadOnlyContext()
ns := getNameState(ctx, tokenID)
return ns.Owner
}
// Properties returns a domain name and an expiration date of the specified domain.
// Properties returns domain name and expiration date of the specified domain.
func Properties(tokenID []byte) map[string]interface{} {
ctx := storage.GetReadOnlyContext()
ns := getNameState(ctx, tokenID)
@ -137,7 +210,7 @@ func Properties(tokenID []byte) map[string]interface{} {
}
}
// BalanceOf returns the overall number of domains owned by the specified owner.
// BalanceOf returns overall number of domains owned by the specified owner.
func BalanceOf(owner interop.Hash160) int {
if !isValid(owner) {
panic(`invalid owner`)
@ -165,7 +238,7 @@ func TokensOf(owner interop.Hash160) iterator.Iterator {
return storage.Find(ctx, append([]byte{prefixAccountToken}, owner...), storage.ValuesOnly)
}
// Transfer transfers the domain with the specified name to a new owner.
// Transfer transfers domain with the specified name to new owner.
func Transfer(to interop.Hash160, tokenID []byte, data interface{}) bool {
if !isValid(to) {
panic(`invalid receiver`)
@ -202,7 +275,7 @@ func Roots() iterator.Iterator {
}
// SetPrice sets the domain registration price.
func SetPrice(price int64) {
func SetPrice(price int) {
checkCommittee()
if price < 0 || price > maxRegisterPrice {
panic("The price is out of range.")
@ -217,7 +290,7 @@ func GetPrice() int {
return storage.Get(ctx, []byte{prefixRegisterPrice}).(int)
}
// IsAvailable checks whether the provided domain name is available.
// IsAvailable checks whether provided domain name is available.
func IsAvailable(name string) bool {
fragments := splitAndCheck(name, false)
if fragments == nil {
@ -234,10 +307,10 @@ func IsAvailable(name string) bool {
return parentExpired(ctx, 0, fragments)
}
// parentExpired returns true if any domain from fragments doesn't exist or is expired.
// parentExpired returns true if any domain from fragments doesn't exist or expired.
// first denotes the deepest subdomain to check.
func parentExpired(ctx storage.Context, first int, fragments []string) bool {
now := int64(runtime.GetTime())
now := runtime.GetTime()
last := len(fragments) - 1
name := fragments[last]
for i := last; i >= first; i-- {
@ -256,7 +329,7 @@ func parentExpired(ctx storage.Context, first int, fragments []string) bool {
return false
}
// Register registers a new domain with the specified owner and name if it's available.
// Register registers new domain with the specified owner and name if it's available.
func Register(name string, owner interop.Hash160, email string, refresh, retry, expire, ttl int) bool {
fragments := splitAndCheck(name, true)
if fragments == nil {
@ -309,7 +382,7 @@ func Register(name string, owner interop.Hash160, email string, refresh, retry,
nsBytes := storage.Get(ctx, append([]byte{prefixName}, tokenKey...))
if nsBytes != nil {
ns := std.Deserialize(nsBytes.([]byte)).(NameState)
if int64(runtime.GetTime()) < ns.Expiration {
if runtime.GetTime() < ns.Expiration {
return false
}
oldOwner = ns.Owner
@ -318,10 +391,9 @@ func Register(name string, owner interop.Hash160, email string, refresh, retry,
updateTotalSupply(ctx, +1)
}
ns := NameState{
Owner: owner,
Name: name,
// NNS expiration is in milliseconds
Expiration: int64(runtime.GetTime() + expire*1000),
Owner: owner,
Name: name,
Expiration: runtime.GetTime() + millisecondsInYear,
}
putNameStateWithKey(ctx, tokenKey, ns)
putSoaRecord(ctx, name, email, refresh, retry, expire, ttl)
@ -331,20 +403,19 @@ func Register(name string, owner interop.Hash160, email string, refresh, retry,
}
// Renew increases domain expiration date.
func Renew(name string) int64 {
func Renew(name string) int {
if len(name) > maxDomainNameLength {
panic("invalid domain name format")
}
runtime.BurnGas(GetPrice())
ctx := storage.GetContext()
ns := getNameState(ctx, []byte(name))
ns.checkAdmin()
ns.Expiration += millisecondsInYear
putNameState(ctx, ns)
return ns.Expiration
}
// UpdateSOA updates soa record.
// UpdateSOA update soa record.
func UpdateSOA(name, email string, refresh, retry, expire, ttl int) {
if len(name) > maxDomainNameLength {
panic("invalid domain name format")
@ -370,7 +441,7 @@ func SetAdmin(name string, admin interop.Hash160) {
putNameState(ctx, ns)
}
// SetRecord adds a new record of the specified type to the provided domain.
// SetRecord adds new record of the specified type to the provided domain.
func SetRecord(name string, typ RecordType, id byte, data string) {
tokenID := []byte(tokenIDFromName(name))
if !checkBaseRecords(typ, data) {
@ -398,7 +469,7 @@ func checkBaseRecords(typ RecordType, data string) bool {
}
}
// AddRecord adds a new record of the specified type to the provided domain.
// AddRecord adds new record of the specified type to the provided domain.
func AddRecord(name string, typ RecordType, data string) {
tokenID := []byte(tokenIDFromName(name))
if !checkBaseRecords(typ, data) {
@ -444,7 +515,7 @@ func Resolve(name string, typ RecordType) []string {
return resolve(ctx, nil, name, typ, 2)
}
// GetAllRecords returns an Iterator with RecordState items for the given name.
// GetAllRecords returns an Iterator with RecordState items for given name.
func GetAllRecords(name string) iterator.Iterator {
tokenID := []byte(tokenIDFromName(name))
ctx := storage.GetReadOnlyContext()
@ -491,7 +562,7 @@ func getTotalSupply(ctx storage.Context) int {
return val.(int)
}
// updateTotalSupply adds the specified diff to the total supply.
// updateTotalSupply adds specified diff to the total supply.
func updateTotalSupply(ctx storage.Context, diff int) {
tsKey := []byte{prefixTotalSupply}
ts := getTotalSupply(ctx)
@ -588,7 +659,7 @@ func addRecord(ctx storage.Context, tokenId []byte, name string, typ RecordType,
storeRecord(ctx, recordKey, name, typ, id, data)
}
// storeRecord puts record to storage.
// storeRecord put record to storage.
func storeRecord(ctx storage.Context, recordKey []byte, name string, typ RecordType, id byte, data string) {
rs := RecordState{
Name: name,
@ -645,19 +716,19 @@ func updateSoaSerial(ctx storage.Context, tokenId []byte) {
storage.Put(ctx, recordKey, recBytes)
}
// getRecordsKey returns the prefix used to store domain records of different types.
// getRecordsKey returns prefix used to store domain records of different types.
func getRecordsKey(tokenId []byte, name string) []byte {
recordKey := append([]byte{prefixRecord}, getTokenKey(tokenId)...)
return append(recordKey, getTokenKey([]byte(name))...)
}
// getRecordsKeyByType returns the key used to store domain records.
// getRecordsKeyByType returns key used to store domain records.
func getRecordsKeyByType(tokenId []byte, name string, typ RecordType) []byte {
recordKey := getRecordsKey(tokenId, name)
return append(recordKey, byte(typ))
}
// getIdRecordKey returns the key used to store domain records.
// getIdRecordKey returns key used to store domain records.
func getIdRecordKey(tokenId []byte, name string, typ RecordType, id byte) []byte {
recordKey := getRecordsKey(tokenId, name)
return append(recordKey, byte(typ), id)
@ -683,7 +754,7 @@ func checkCommittee() {
// checkFragment validates root or a part of domain name.
// 1. Root domain must start with a letter.
// 2. All other fragments must start and end with a letter or a digit.
// 2. All other fragments must start and end in a letter or a digit.
func checkFragment(v string, isRoot bool) bool {
maxLength := maxDomainNameFragmentLength
if isRoot {
@ -844,7 +915,7 @@ func checkIPv6(data string) bool {
return true
}
// tokenIDFromName returns token ID (domain.root) from the provided name.
// tokenIDFromName returns token ID (domain.root) from provided name.
func tokenIDFromName(name string) string {
fragments := splitAndCheck(name, true)
if fragments == nil {
@ -860,7 +931,7 @@ func tokenIDFromName(name string) string {
nsBytes := storage.Get(ctx, nameKey)
if nsBytes != nil {
ns := std.Deserialize(nsBytes.([]byte)).(NameState)
if int64(runtime.GetTime()) < ns.Expiration {
if runtime.GetTime() < ns.Expiration {
return name[sum:]
}
}
@ -869,7 +940,7 @@ func tokenIDFromName(name string) string {
return name
}
// resolve resolves the provided name using record with the specified type and given
// resolve resolves provided name using record with the specified type and given
// maximum redirections constraint.
func resolve(ctx storage.Context, res []string, name string, typ RecordType, redirect int) []string {
if redirect < 0 {

4
nns/recordtype.go
View file

@ -3,7 +3,7 @@ package nns
// RecordType is domain name service record types.
type RecordType byte
// Record types are defined in [RFC 1035](https://tools.ietf.org/html/rfc1035)
// Record types defined in [RFC 1035](https://tools.ietf.org/html/rfc1035)
const (
// A represents address record type.
A RecordType = 1
@ -15,7 +15,7 @@ const (
TXT RecordType = 16
)
// Record types are defined in [RFC 3596](https://tools.ietf.org/html/rfc3596)
// Record types defined in [RFC 3596](https://tools.ietf.org/html/rfc3596)
const (
// AAAA represents IPv6 address record type.
AAAA RecordType = 28

2
processing/config.yml
View file

@ -1,4 +1,4 @@
name: "Multi Signature Processing"
name: "NeoFS Multi Signature Processing"
safemethods: ["verify", "version"]
permissions:
- methods: ["update"]

29
processing/doc.go
View file

@ -1,29 +1,22 @@
/*
Processing contract is a contract deployed in FrostFS mainchain.
Processing contract is a contract deployed in NeoFS main chain.
Processing contract pays for all multisignature transaction executions when notary
service is enabled in the mainchain. Notary service prepares multisigned transactions,
however they should contain sidechain GAS to be executed. It is inconvenient to
Processing contract pays for all multi signature transaction executions when notary
service enabled in main chain. Notary service prepares multi signed transaction,
however they should contain side chain GAS to be executed. It is inconvenient to
ask Alphabet nodes to pay for these transactions: nodes can change over time,
some nodes will spend sidechain GAS faster. It leads to economic instability.
some nodes will spend side chain GAS faster, it creates economic instability.
Processing contract exists to solve this issue. At the Withdraw invocation of
FrostFS contract, a user pays fee directly to this contract. This fee is used to
pay for Cheque invocation of FrostFS contract that returns mainchain GAS back
to the user. The address of the Processing contract is used as the first signer in
the multisignature transaction. Therefore, NeoVM executes Verify method of the
contract and if invocation is verified, Processing contract pays for the
NeoFS contract, user pays fee directly to this contract. This fee is used to
pay for Cheque invocation of NeoFS contract that returns main chain GAS back
to the user. Address of the Processing contract is uses as the first signer in
the multi signature transaction. Therefore NeoVM executes Verify method of the
contract and if invocation is verified, then Processing contract pays for the
execution.
# Contract notifications
Contract notifications
Processing contract does not produce notifications to process.
# Contract storage scheme
| Key | Value | Description |
|-----------------------------|------------|----------------------------------|
| `frostfsScriptHash` | Hash160 | frostFS contract hash |
*/
package processing

29
processing/processing_contract.go
View file

@ -1,7 +1,6 @@
package processing
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/native/gas"
@ -10,10 +9,11 @@ import (
"github.com/nspcc-dev/neo-go/pkg/interop/native/roles"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
const (
frostfsContractKey = "frostfsScriptHash"
neofsContractKey = "neofsScriptHash"
multiaddrMethod = "alphabetAddress"
)
@ -28,52 +28,51 @@ func OnNEP17Payment(from interop.Hash160, amount int, data interface{}) {
func _deploy(data interface{}, isUpdate bool) {
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
return
}
args := data.(struct {
addrFrostFS interop.Hash160
addrNeoFS interop.Hash160
})
ctx := storage.GetContext()
if len(args.addrFrostFS) != interop.Hash160Len {
if len(args.addrNeoFS) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
storage.Put(ctx, frostfsContractKey, args.addrFrostFS)
storage.Put(ctx, neofsContractKey, args.addrNeoFS)
runtime.Log("processing contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// only by the sidechain committee.
// Update method updates contract source code and manifest. Can be invoked
// only by side chain committee.
func Update(script []byte, manifest []byte, data interface{}) {
blockHeight := ledger.CurrentIndex()
alphabetKeys := roles.GetDesignatedByRole(roles.NeoFSAlphabet, uint32(blockHeight+1))
alphabetKeys := roles.GetDesignatedByRole(roles.NeoFSAlphabet, uint32(blockHeight))
alphabetCommittee := common.Multiaddress(alphabetKeys, true)
if !runtime.CheckWitness(alphabetCommittee) {
panic("only side chain committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("processing contract updated")
}
// Verify method returns true if transaction contains valid multisignature of
// Verify method returns true if transaction contains valid multi signature of
// Alphabet nodes of the Inner Ring.
func Verify() bool {
ctx := storage.GetContext()
frostfsContractAddr := storage.Get(ctx, frostfsContractKey).(interop.Hash160)
multiaddr := contract.Call(frostfsContractAddr, multiaddrMethod, contract.ReadOnly).(interop.Hash160)
neofsContractAddr := storage.Get(ctx, neofsContractKey).(interop.Hash160)
multiaddr := contract.Call(neofsContractAddr, multiaddrMethod, contract.ReadOnly).(interop.Hash160)
return runtime.CheckWitness(multiaddr)
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}

2
proxy/config.yml
View file

@ -1,4 +1,4 @@
name: "Notary Proxy"
name: "NeoFS Notary Proxy"
safemethods: ["verify", "version"]
permissions:
- methods: ["update"]

27
proxy/doc.go
View file

@ -1,26 +1,21 @@
/*
Proxy contract is a contract deployed in FrostFS sidechain.
Proxy contract is a contract deployed in NeoFS side chain.
Proxy contract pays for all multisignature transaction executions when notary
service is enabled in the sidechain. Notary service prepares multisigned transactions,
however they should contain sidechain GAS to be executed. It is inconvenient to
Proxy contract pays for all multi signature transaction executions when notary
service enabled in side chain. Notary service prepares multi signed transaction,
however they should contain side chain GAS to be executed. It is inconvenient to
ask Alphabet nodes to pay for these transactions: nodes can change over time,
some nodes will spend sidechain GAS faster. It leads to economic instability.
some nodes will spend side chain GAS faster, it creates economic instability.
Proxy contract exists to solve this issue. While Alphabet contracts hold all
sidechain NEO, proxy contract holds most of the sidechain GAS. Alphabet
contracts emit half of the available GAS to the proxy contract. The address of the
Proxy contract is used as the first signer in a multisignature transaction.
Therefore, NeoVM executes Verify method of the contract; and if invocation is
verified, Proxy contract pays for the execution.
side chain NEO, proxy contract holds most of the side chain GAS. Alphabet
contracts emits half of the available GAS to the proxy contract. Address of the
Proxy contract is used as the first signer in the multi signature transaction.
Therefore NeoVM executes Verify method of the contract and if invocation is
verified, then Proxy contract pays for the execution.
# Contract notifications
Contract notifications
Proxy contract does not produce notifications to process.
# Contract storage scheme
Proxy contract does not use storage
*/
package proxy

31
proxy/proxy_contract.go
View file

@ -1,12 +1,18 @@
package proxy
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/native/gas"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/native/neo"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
const (
netmapContractKey = "netmapScriptHash"
)
// OnNEP17Payment is a callback for NEP-17 compatible native GAS contract.
@ -19,26 +25,37 @@ func OnNEP17Payment(from interop.Hash160, amount int, data interface{}) {
func _deploy(data interface{}, isUpdate bool) {
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
return
}
args := data.(struct {
addrNetmap interop.Hash160
})
ctx := storage.GetContext()
if len(args.addrNetmap) != interop.Hash160Len {
panic("incorrect length of contract script hash")
}
storage.Put(ctx, netmapContractKey, args.addrNetmap)
runtime.Log("proxy contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("proxy contract updated")
}
// Verify method returns true if transaction contains valid multisignature of
// Verify method returns true if transaction contains valid multi signature of
// Alphabet nodes of the Inner Ring.
func Verify() bool {
alphabet := neo.GetCommittee()
@ -52,7 +69,7 @@ func Verify() bool {
return true
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}

2
reputation/config.yml
View file

@ -1,4 +1,4 @@
name: "Reputation"
name: "NeoFS Reputation"
safemethods: ["get", "getByID", "listByEpoch"]
permissions:
- methods: ["update"]

16
reputation/doc.go
View file

@ -1,25 +1,17 @@
/*
Reputation contract is a contract deployed in FrostFS sidechain.
Reputation contract is a contract deployed in NeoFS side chain.
Inner Ring nodes produce data audit for each container during each epoch. In the end,
Inner Ring nodes produce data audit for each container in each epoch. In the end
nodes produce DataAuditResult structure that contains information about audit
progress. Reputation contract provides storage for such structures and simple
interface to iterate over available DataAuditResults on specified epoch.
During settlement process, Alphabet nodes fetch all DataAuditResult structures
from the epoch and execute balance transfers from data owners to Storage and
Inner Ring nodes if data audit succeeds.
Inner Ring nodes, if data audit succeed.
# Contract notifications
Contract notifications
Reputation contract does not produce notifications to process.
# Contract storage scheme
| Key | Value | Description |
|-----------------------------|------------|-----------------------------------|
| `c` + epoch + peerID | int | peer reputation count |
| `r` + count | ByteArray | serialized DataAuditResult struct |
*/
package reputation

79
reputation/reputation_contract.go
View file

@ -1,12 +1,14 @@
package reputation
import (
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/convert"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
const (
@ -16,44 +18,83 @@ const (
)
func _deploy(data interface{}, isUpdate bool) {
common.RmAndCheckNotaryDisabledKey(data, notaryDisabledKey)
ctx := storage.GetContext()
if isUpdate {
args := data.([]interface{})
common.CheckVersion(args[len(args)-1].(int))
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
args := data.(struct {
notaryDisabled bool
})
// initialize the way to collect signatures
storage.Put(ctx, notaryDisabledKey, args.notaryDisabled)
if args.notaryDisabled {
common.InitVote(ctx)
runtime.Log("reputation contract notary disabled")
}
runtime.Log("reputation contract initialized")
}
// Update method updates contract source code and manifest. It can be invoked
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
management.UpdateWithData(script, manifest, common.AppendVersion(data))
contract.Call(interop.Hash160(management.Hash), "update",
contract.All, script, manifest, common.AppendVersion(data))
runtime.Log("reputation contract updated")
}
// Put method saves DataAuditResult in contract storage. It can be invoked only by
// Inner Ring nodes. It does not require multisignature invocations.
// Put method saves DataAuditResult in contract storage. Can be invoked only by
// Inner Ring nodes. Does not require multi signature invocations.
//
// Epoch is the epoch number when DataAuditResult structure was generated.
// PeerID contains public keys of the Inner Ring node that has produced DataAuditResult.
// Value contains a stable marshaled structure of DataAuditResult.
// Epoch is an epoch number when DataAuditResult structure was generated.
// PeerID contains public keys of Inner Ring node that produced DataAuditResult.
// Value contains stable marshaled structure of DataAuditResult.
func Put(epoch int, peerID []byte, value []byte) {
ctx := storage.GetContext()
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
multiaddr := common.AlphabetAddress()
if !runtime.CheckWitness(multiaddr) {
var ( // for invocation collection without notary
alphabet []common.IRNode
nodeKey []byte
alphabetCall bool
)
if notaryDisabled {
alphabet = common.AlphabetNodes()
nodeKey = common.InnerRingInvoker(alphabet)
alphabetCall = len(nodeKey) != 0
} else {
multiaddr := common.AlphabetAddress()
alphabetCall = runtime.CheckWitness(multiaddr)
}
if !alphabetCall {
runtime.Notify("reputationPut", epoch, peerID, value)
return
}
id := storageID(epoch, peerID)
if notaryDisabled {
threshold := len(alphabet)*2/3 + 1
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
}
key := getReputationKey(reputationCountPrefix, id)
rawCnt := storage.Get(ctx, key)
cnt := 0
@ -68,15 +109,15 @@ func Put(epoch int, peerID []byte, value []byte) {
storage.Put(ctx, key, value)
}
// Get method returns a list of all stable marshaled DataAuditResult structures
// produced by the specified Inner Ring node during the specified epoch.
// Get method returns list of all stable marshaled DataAuditResult structures
// produced by specified Inner Ring node in specified epoch.
func Get(epoch int, peerID []byte) [][]byte {
id := storageID(epoch, peerID)
return GetByID(id)
}
// GetByID method returns a list of all stable marshaled DataAuditResult with
// the specified id. Use ListByEpoch method to obtain the id.
// GetByID method returns list of all stable marshaled DataAuditResult with
// specified id. Use ListByEpoch method to obtain id.
func GetByID(id []byte) [][]byte {
ctx := storage.GetReadOnlyContext()
@ -93,7 +134,7 @@ func getReputationKey(prefix byte, id []byte) []byte {
return append([]byte{prefix}, id...)
}
// ListByEpoch returns a list of IDs that may be used to get reputation data
// ListByEpoch returns list of IDs that may be used to get reputation data
// with GetByID method.
func ListByEpoch(epoch int) [][]byte {
ctx := storage.GetReadOnlyContext()
@ -110,7 +151,7 @@ func ListByEpoch(epoch int) [][]byte {
return result
}
// Version returns the version of the contract.
// Version returns version of the contract.
func Version() int {
return common.Version
}

23
subnet/config.yml Normal file
View file

@ -0,0 +1,23 @@
name: "NeoFS Subnet"
safemethods: ["version"]
permissions:
- methods: ["update"]
events:
- name: Put
parameters:
- name: id
type: ByteArray
- name: ownerKey
type: PublicKey
- name: info
type: ByteArray
- name: Delete
parameters:
- name: id
type: ByteArray
- name: RemoveNode
parameters:
- name: subnetID
type: ByteArray
- name: node
type: PublicKey

37
subnet/doc.go Normal file
View file

@ -0,0 +1,37 @@
/*
Subnet contract is a contract deployed in NeoFS side chain.
Subnet contract stores and manages NeoFS subnetwork states. It allows registering
and deleting subnetworks, limiting access to them and defining a list of the Storage
Nodes that can be included in them.
Contract notifications
Put notification. This notification is produced when new subnetwork is
registered by invoking Put method.
Put
- name: id
type: ByteArray
- name: ownerKey
type: PublicKey
- name: info
type: ByteArray
Delete notification. This notification is produced when some subnetwork is
deleted by invoking Delete method.
Delete
- name: id
type: ByteArray
RemoveNode notification. This notification is produced when some node is deleted
by invoking RemoveNode method.
RemoveNode
- name: subnetID
type: ByteArray
- name: node
type: PublicKey
*/
package subnet

596
subnet/subnet_contract.go Normal file
View file

@ -0,0 +1,596 @@
package subnet
import (
"github.com/nspcc-dev/neo-go/pkg/interop"
"github.com/nspcc-dev/neo-go/pkg/interop/contract"
"github.com/nspcc-dev/neo-go/pkg/interop/iterator"
"github.com/nspcc-dev/neo-go/pkg/interop/native/management"
"github.com/nspcc-dev/neo-go/pkg/interop/runtime"
"github.com/nspcc-dev/neo-go/pkg/interop/storage"
"github.com/nspcc-dev/neofs-contract/common"
)
const (
// ErrInvalidSubnetID is thrown when subnet id is not a slice of 5 bytes.
ErrInvalidSubnetID = "invalid subnet ID"
// ErrInvalidGroupID is thrown when group id is not a slice of 5 bytes.
ErrInvalidGroupID = "invalid group ID"
// ErrInvalidOwner is thrown when owner has invalid format.
ErrInvalidOwner = "invalid owner"
// ErrInvalidAdmin is thrown when admin has invalid format.
ErrInvalidAdmin = "invalid administrator"
// ErrAlreadyExists is thrown when id already exists.
ErrAlreadyExists = "subnet id already exists"
// ErrNotExist is thrown when id doesn't exist.
ErrNotExist = "subnet id doesn't exist"
// ErrInvalidUser is thrown when user has invalid format.
ErrInvalidUser = "invalid user"
// ErrInvalidNode is thrown when node has invalid format.
ErrInvalidNode = "invalid node key"
// ErrNodeAdmNotExist is thrown when node admin is not found.
ErrNodeAdmNotExist = "node admin not found"
// ErrClientAdmNotExist is thrown when client admin is not found.
ErrClientAdmNotExist = "client admin not found"
// ErrNodeNotExist is thrown when node is not found.
ErrNodeNotExist = "node not found"
// ErrUserNotExist is thrown when user is not found.
ErrUserNotExist = "user not found"
// ErrAccessDenied is thrown when operation is denied for caller.
ErrAccessDenied = "access denied"
)
const (
nodeAdminPrefix = 'a'
infoPrefix = 'i'
clientAdminPrefix = 'm'
nodePrefix = 'n'
ownerPrefix = 'o'
userPrefix = 'u'
notaryDisabledKey = 'z'
)
const (
userIDSize = 27
subnetIDSize = 5
groupIDSize = 5
)
// _deploy function sets up initial list of inner ring public keys.
func _deploy(data interface{}, isUpdate bool) {
if isUpdate {
ctx := storage.GetContext()
storage.Delete(ctx, "ballots")
storage.Put(ctx, notaryDisabledKey, false)
return
}
args := data.(struct {
notaryDisabled bool
})
ctx := storage.GetContext()
storage.Put(ctx, []byte{notaryDisabledKey}, args.notaryDisabled)
}
// Update method updates contract source code and manifest. Can be invoked
// only by committee.
func Update(script []byte, manifest []byte, data interface{}) {
if !common.HasUpdateAccess() {
panic("only committee can update contract")
}
contract.Call(interop.Hash160(management.Hash), "update", contract.All, script, manifest, data)
runtime.Log("subnet contract updated")
}
// Put creates new subnet with the specified owner and info.
func Put(id []byte, ownerKey interop.PublicKey, info []byte) {
// V2 format
if len(id) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
if len(ownerKey) != interop.PublicKeyCompressedLen {
panic(ErrInvalidOwner)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, id...)
if storage.Get(ctx, stKey) != nil {
panic(ErrAlreadyExists)
}
notaryDisabled := storage.Get(ctx, notaryDisabledKey).(bool)
if notaryDisabled {
alphabet := common.AlphabetNodes()
nodeKey := common.InnerRingInvoker(alphabet)
if len(nodeKey) == 0 {
common.CheckWitness(ownerKey)
runtime.Notify("Put", id, ownerKey, info)
return
}
threshold := len(alphabet)*2/3 + 1
id := common.InvokeID([]interface{}{ownerKey, info}, []byte("put"))
n := common.Vote(ctx, id, nodeKey)
if n < threshold {
return
}
common.RemoveVotes(ctx, id)
} else {
common.CheckOwnerWitness(ownerKey)
multiaddr := common.AlphabetAddress()
common.CheckAlphabetWitness(multiaddr)
}
storage.Put(ctx, stKey, ownerKey)
stKey[0] = infoPrefix
storage.Put(ctx, stKey, info)
}
// Get returns info about subnet with the specified id.
func Get(id []byte) []byte {
// V2 format
if len(id) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
ctx := storage.GetReadOnlyContext()
key := append([]byte{infoPrefix}, id...)
raw := storage.Get(ctx, key)
if raw == nil {
panic(ErrNotExist)
}
return raw.([]byte)
}
// Delete deletes subnet with the specified id.
func Delete(id []byte) {
// V2 format
if len(id) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
ctx := storage.GetContext()
key := append([]byte{ownerPrefix}, id...)
raw := storage.Get(ctx, key)
if raw == nil {
return
}
owner := raw.([]byte)
common.CheckOwnerWitness(owner)
storage.Delete(ctx, key)
key[0] = infoPrefix
storage.Delete(ctx, key)
key[0] = nodeAdminPrefix
deleteByPrefix(ctx, key)
key[0] = nodePrefix
deleteByPrefix(ctx, key)
key[0] = clientAdminPrefix
deleteByPrefix(ctx, key)
key[0] = userPrefix
deleteByPrefix(ctx, key)
runtime.Notify("Delete", id)
}
// AddNodeAdmin adds new node administrator to the specified subnetwork.
func AddNodeAdmin(subnetID []byte, adminKey interop.PublicKey) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
if len(adminKey) != interop.PublicKeyCompressedLen {
panic(ErrInvalidAdmin)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
owner := rawOwner.([]byte)
common.CheckOwnerWitness(owner)
stKey[0] = nodeAdminPrefix
if keyInList(ctx, adminKey, stKey) {
return
}
putKeyInList(ctx, adminKey, stKey)
}
// RemoveNodeAdmin removes node administrator from the specified subnetwork.
// Must be called by subnet owner only.
func RemoveNodeAdmin(subnetID []byte, adminKey interop.PublicKey) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
if len(adminKey) != interop.PublicKeyCompressedLen {
panic(ErrInvalidAdmin)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
owner := rawOwner.([]byte)
common.CheckOwnerWitness(owner)
stKey[0] = nodeAdminPrefix
if !keyInList(ctx, adminKey, stKey) {
return
}
deleteKeyFromList(ctx, adminKey, stKey)
}
// AddNode adds node to the specified subnetwork.
// Must be called by subnet's owner or node administrator
// only.
func AddNode(subnetID []byte, node interop.PublicKey) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
if len(node) != interop.PublicKeyCompressedLen {
panic(ErrInvalidNode)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
stKey[0] = nodeAdminPrefix
owner := rawOwner.([]byte)
if !calledByOwnerOrAdmin(ctx, owner, stKey) {
panic(ErrAccessDenied)
}
stKey[0] = nodePrefix
if keyInList(ctx, node, stKey) {
return
}
putKeyInList(ctx, node, stKey)
}
// RemoveNode removes node from the specified subnetwork.
// Must be called by subnet's owner or node administrator
// only.
func RemoveNode(subnetID []byte, node interop.PublicKey) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
if len(node) != interop.PublicKeyCompressedLen {
panic(ErrInvalidNode)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
stKey[0] = nodeAdminPrefix
owner := rawOwner.([]byte)
if !calledByOwnerOrAdmin(ctx, owner, stKey) {
panic(ErrAccessDenied)
}
stKey[0] = nodePrefix
if !keyInList(ctx, node, stKey) {
return
}
storage.Delete(ctx, append(stKey, node...))
runtime.Notify("RemoveNode", subnetID, node)
}
// NodeAllowed checks if node is included in the
// specified subnet or not.
func NodeAllowed(subnetID []byte, node interop.PublicKey) bool {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
if len(node) != interop.PublicKeyCompressedLen {
panic(ErrInvalidNode)
}
ctx := storage.GetReadOnlyContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
stKey[0] = nodePrefix
return storage.Get(ctx, append(stKey, node...)) != nil
}
// AddClientAdmin adds new client administrator of the specified group in the specified subnetwork.
// Must be called by owner only.
func AddClientAdmin(subnetID []byte, groupID []byte, adminPublicKey interop.PublicKey) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
// V2 format
if len(groupID) != groupIDSize {
panic(ErrInvalidGroupID)
}
if len(adminPublicKey) != interop.PublicKeyCompressedLen {
panic(ErrInvalidAdmin)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
owner := rawOwner.([]byte)
common.CheckOwnerWitness(owner)
stKey[0] = clientAdminPrefix
stKey = append(stKey, groupID...)
if keyInList(ctx, adminPublicKey, stKey) {
return
}
putKeyInList(ctx, adminPublicKey, stKey)
}
// RemoveClientAdmin removes client administrator from the
// specified group in the specified subnetwork.
// Must be called by owner only.
func RemoveClientAdmin(subnetID []byte, groupID []byte, adminPublicKey interop.PublicKey) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
// V2 format
if len(groupID) != groupIDSize {
panic(ErrInvalidGroupID)
}
if len(adminPublicKey) != interop.PublicKeyCompressedLen {
panic(ErrInvalidAdmin)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
owner := rawOwner.([]byte)
common.CheckOwnerWitness(owner)
stKey[0] = clientAdminPrefix
stKey = append(stKey, groupID...)
if !keyInList(ctx, adminPublicKey, stKey) {
return
}
deleteKeyFromList(ctx, adminPublicKey, stKey)
}
// AddUser adds user to the specified subnetwork and group.
// Must be called by the owner or the group's admin only.
func AddUser(subnetID []byte, groupID []byte, userID []byte) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
// V2 format
if len(userID) != userIDSize {
panic(ErrInvalidUser)
}
// V2 format
if len(groupID) != groupIDSize {
panic(ErrInvalidGroupID)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
stKey[0] = clientAdminPrefix
stKey = append(stKey, groupID...)
owner := rawOwner.([]byte)
if !calledByOwnerOrAdmin(ctx, owner, stKey) {
panic(ErrAccessDenied)
}
stKey[0] = userPrefix
if keyInList(ctx, userID, stKey) {
return
}
putKeyInList(ctx, userID, stKey)
}
// RemoveUser removes user from the specified subnetwork and group.
// Must be called by the owner or the group's admin only.
func RemoveUser(subnetID []byte, groupID []byte, userID []byte) {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
// V2 format
if len(groupID) != groupIDSize {
panic(ErrInvalidGroupID)
}
// V2 format
if len(userID) != userIDSize {
panic(ErrInvalidUser)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
rawOwner := storage.Get(ctx, stKey)
if rawOwner == nil {
panic(ErrNotExist)
}
stKey[0] = clientAdminPrefix
stKey = append(stKey, groupID...)
owner := rawOwner.([]byte)
if !calledByOwnerOrAdmin(ctx, owner, stKey) {
panic(ErrAccessDenied)
}
stKey[0] = userPrefix
if !keyInList(ctx, userID, stKey) {
return
}
deleteKeyFromList(ctx, userID, stKey)
}
// UserAllowed returns bool that indicates if node is included in the
// specified subnet or not.
func UserAllowed(subnetID []byte, user []byte) bool {
// V2 format
if len(subnetID) != subnetIDSize {
panic(ErrInvalidSubnetID)
}
ctx := storage.GetContext()
stKey := append([]byte{ownerPrefix}, subnetID...)
if storage.Get(ctx, stKey) == nil {
panic(ErrNotExist)
}
stKey[0] = userPrefix
prefixLen := len(stKey) + groupIDSize
iter := storage.Find(ctx, stKey, storage.KeysOnly)
for iterator.Next(iter) {
key := iterator.Value(iter).([]byte)
if common.BytesEqual(user, key[prefixLen:]) {
return true
}
}
return false
}
// Version returns version of the contract.
func Version() int {
return common.Version
}
func keyInList(ctx storage.Context, searchedKey interop.PublicKey, prefix []byte) bool {
return storage.Get(ctx, append(prefix, searchedKey...)) != nil
}
func putKeyInList(ctx storage.Context, keyToPut interop.PublicKey, prefix []byte) {
storage.Put(ctx, append(prefix, keyToPut...), []byte{1})
}
func deleteKeyFromList(ctx storage.Context, keyToDelete interop.PublicKey, prefix []byte) {
storage.Delete(ctx, append(prefix, keyToDelete...))
}
func deleteByPrefix(ctx storage.Context, prefix []byte) {
iter := storage.Find(ctx, prefix, storage.KeysOnly)
for iterator.Next(iter) {
k := iterator.Value(iter).([]byte)
storage.Delete(ctx, k)
}
}
func calledByOwnerOrAdmin(ctx storage.Context, owner []byte, adminPrefix []byte) bool {
if runtime.CheckWitness(owner) {
return true
}
prefixLen := len(adminPrefix)
iter := storage.Find(ctx, adminPrefix, storage.KeysOnly)
for iterator.Next(iter) {
key := iterator.Value(iter).([]byte)
if runtime.CheckWitness(key[prefixLen:]) {
return true
}
}
return false
}

26
tests/alphabet_test.go
View file

@ -4,8 +4,6 @@ import (
"path"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"git.frostfs.info/TrueCloudLab/frostfs-contract/container"
"github.com/nspcc-dev/neo-go/pkg/core/native/nativenames"
"github.com/nspcc-dev/neo-go/pkg/core/native/noderoles"
"github.com/nspcc-dev/neo-go/pkg/neotest"
@ -13,11 +11,18 @@ import (
"github.com/nspcc-dev/neo-go/pkg/vm"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/nspcc-dev/neo-go/pkg/wallet"
"github.com/nspcc-dev/neofs-contract/common"
"github.com/nspcc-dev/neofs-contract/container"
"github.com/stretchr/testify/require"
)
const alphabetPath = "../alphabet"
// FIXME: delete after https://github.com/nspcc-dev/neo-go/issues/2297
const singleValidatorWIF = "KxyjQ8eUa4FHt3Gvioyt1Wz29cTUrE4eTqX3yFSk1YFCsPL8uNsY"
var committeeAcc, _ = wallet.NewAccountFromWIF(singleValidatorWIF)
func deployAlphabetContract(t *testing.T, e *neotest.Executor, addrNetmap, addrProxy util.Uint160, name string, index, total int64) util.Uint160 {
c := neotest.CompileFile(t, e.CommitteeHash, alphabetPath, path.Join(alphabetPath, "config.yml"))
@ -51,9 +56,7 @@ func newAlphabetInvoker(t *testing.T) (*neotest.Executor, *neotest.ContractInvok
deployProxyContract(t, e, ctrNetmap.Hash)
hash := deployAlphabetContract(t, e, ctrNetmap.Hash, ctrProxy.Hash, "Az", 0, 1)
alphabet := getAlphabetAcc(t, e)
setAlphabetRole(t, e, alphabet.PrivateKey().PublicKey().Bytes())
setAlphabetRole(t, e, committeeAcc.PrivateKey().PublicKey().Bytes())
return e, e.CommitteeInvoker(hash)
}
@ -63,9 +66,7 @@ func TestEmit(t *testing.T) {
const method = "emit"
alphabet := getAlphabetAcc(t, c.Executor)
cCommittee := c.WithSigners(neotest.NewSingleSigner(alphabet))
cCommittee := c.WithSigners(neotest.NewSingleSigner(committeeAcc))
cCommittee.InvokeFail(t, "no gas to emit", method)
transferNeoToContract(t, c)
@ -112,7 +113,7 @@ func TestVote(t *testing.T) {
c.Invoke(t, stackitem.Null{}, method, int64(0), []interface{}{newAlphabetPub})
// wait one block util
// a new committee is accepted
// new committee is accepted
c.AddNewBlock(t)
cNewAlphabet.Invoke(t, stackitem.Null{}, "emit")
@ -141,10 +142,3 @@ func setAlphabetRole(t *testing.T, e *neotest.Executor, new []byte) {
// set committee as NeoFSAlphabet
designInvoker.Invoke(t, stackitem.Null{}, "designateAsRole", int64(noderoles.NeoFSAlphabet), []interface{}{new})
}
func getAlphabetAcc(t *testing.T, e *neotest.Executor) *wallet.Account {
multi, ok := e.Committee.(neotest.MultiSigner)
require.True(t, ok)
return multi.Single(0).Account()
}

339
tests/container_test.go
View file

@ -1,22 +1,18 @@
package tests
import (
"bytes"
"crypto/sha256"
"math/big"
"path"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"git.frostfs.info/TrueCloudLab/frostfs-contract/container"
"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
"github.com/mr-tron/base58"
"github.com/nspcc-dev/neo-go/pkg/core/interop/storage"
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
"github.com/nspcc-dev/neo-go/pkg/neotest"
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/stretchr/testify/require"
"github.com/nspcc-dev/neofs-contract/common"
"github.com/nspcc-dev/neofs-contract/container"
"github.com/nspcc-dev/neofs-contract/nns"
)
const containerPath = "../container"
@ -33,14 +29,14 @@ func deployContainerContract(t *testing.T, e *neotest.Executor, addrNetmap, addr
args[2] = addrBalance
args[3] = util.Uint160{} // not needed for now
args[4] = addrNNS
args[5] = "frostfs"
args[5] = "neofs"
c := neotest.CompileFile(t, e.CommitteeHash, containerPath, path.Join(containerPath, "config.yml"))
e.DeployContract(t, c, args)
return c.Hash
}
func newContainerInvoker(t *testing.T) (*neotest.ContractInvoker, *neotest.ContractInvoker, *neotest.ContractInvoker) {
func newContainerInvoker(t *testing.T) (*neotest.ContractInvoker, *neotest.ContractInvoker) {
e := newExecutor(t)
ctrNNS := neotest.CompileFile(t, e.CommitteeHash, nnsPath, path.Join(nnsPath, "config.yml"))
@ -54,16 +50,12 @@ func newContainerInvoker(t *testing.T) (*neotest.ContractInvoker, *neotest.Contr
container.AliasFeeKey, int64(containerAliasFee))
deployBalanceContract(t, e, ctrNetmap.Hash, ctrContainer.Hash)
deployContainerContract(t, e, ctrNetmap.Hash, ctrBalance.Hash, ctrNNS.Hash)
return e.CommitteeInvoker(ctrContainer.Hash), e.CommitteeInvoker(ctrBalance.Hash), e.CommitteeInvoker(ctrNetmap.Hash)
return e.CommitteeInvoker(ctrContainer.Hash), e.CommitteeInvoker(ctrBalance.Hash)
}
func setContainerOwner(c []byte, acc neotest.Signer) {
copy(c[6:], signerToOwner(acc))
}
func signerToOwner(acc neotest.Signer) []byte {
owner, _ := base58.Decode(address.Uint160ToString(acc.ScriptHash()))
return owner
copy(c[6:], owner)
}
type testContainer struct {
@ -85,88 +77,8 @@ func dummyContainer(owner neotest.Signer) testContainer {
}
}
func TestContainerCount(t *testing.T) {
c, cBal, _ := newContainerInvoker(t)
checkCount := func(t *testing.T, expected int64) {
s, err := c.TestInvoke(t, "count")
require.NoError(t, err)
bi := s.Pop().BigInt()
require.True(t, bi.IsInt64())
require.Equal(t, int64(expected), bi.Int64())
}
checkCount(t, 0)
acc1, cnt1 := addContainer(t, c, cBal)
checkCount(t, 1)
_, cnt2 := addContainer(t, c, cBal)
checkCount(t, 2)
// Same owner.
cnt3 := dummyContainer(acc1)
balanceMint(t, cBal, acc1, containerFee*1, []byte{})
c.Invoke(t, stackitem.Null{}, "put", cnt3.value, cnt3.sig, cnt3.pub, cnt3.token)
checkContainerList(t, c, [][]byte{cnt1.id[:], cnt2.id[:], cnt3.id[:]})
c.Invoke(t, stackitem.Null{}, "delete", cnt1.id[:], cnt1.sig, cnt1.pub, cnt1.token)
checkCount(t, 2)
checkContainerList(t, c, [][]byte{cnt2.id[:], cnt3.id[:]})
c.Invoke(t, stackitem.Null{}, "delete", cnt2.id[:], cnt2.sig, cnt2.pub, cnt2.token)
checkCount(t, 1)
checkContainerList(t, c, [][]byte{cnt3.id[:]})
c.Invoke(t, stackitem.Null{}, "delete", cnt3.id[:], cnt3.sig, cnt3.pub, cnt3.token)
checkCount(t, 0)
checkContainerList(t, c, [][]byte{})
}
func checkContainerList(t *testing.T, c *neotest.ContractInvoker, expected [][]byte) {
t.Run("check with `list`", func(t *testing.T) {
s, err := c.TestInvoke(t, "list", nil)
require.NoError(t, err)
require.Equal(t, 1, s.Len())
if len(expected) == 0 {
_, ok := s.Top().Item().(stackitem.Null)
require.True(t, ok)
return
}
arr, ok := s.Top().Value().([]stackitem.Item)
require.True(t, ok)
require.Equal(t, len(expected), len(arr))
actual := make([][]byte, 0, len(expected))
for i := range arr {
id, ok := arr[i].Value().([]byte)
require.True(t, ok)
actual = append(actual, id)
}
require.ElementsMatch(t, expected, actual)
})
t.Run("check with `containersOf`", func(t *testing.T) {
s, err := c.TestInvoke(t, "containersOf", nil)
require.NoError(t, err)
require.Equal(t, 1, s.Len())
iter, ok := s.Top().Value().(*storage.Iterator)
require.True(t, ok)
actual := make([][]byte, 0, len(expected))
for iter.Next() {
id, ok := iter.Value().Value().([]byte)
require.True(t, ok)
actual = append(actual, id)
}
require.ElementsMatch(t, expected, actual)
})
}
func TestContainerPut(t *testing.T) {
c, cBal, _ := newContainerInvoker(t)
c, cBal := newContainerInvoker(t)
acc := c.NewAccount(t)
cnt := dummyContainer(acc)
@ -199,14 +111,14 @@ func TestContainerPut(t *testing.T) {
stackitem.NewByteArray([]byte(base58.Encode(cnt.id[:]))),
})
cNNS := c.CommitteeInvoker(nnsHash)
cNNS.Invoke(t, expected, "resolve", "mycnt.frostfs", int64(nns.TXT))
cNNS.Invoke(t, expected, "resolve", "mycnt.neofs", int64(nns.TXT))
t.Run("name is already taken", func(t *testing.T) {
c.InvokeFail(t, "name is already taken", "putNamed", putArgs...)
})
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.pub, cnt.token)
cNNS.Invoke(t, stackitem.Null{}, "resolve", "mycnt.frostfs", int64(nns.TXT))
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.token)
cNNS.Invoke(t, stackitem.Null{}, "resolve", "mycnt.neofs", int64(nns.TXT))
t.Run("register in advance", func(t *testing.T) {
cnt.value[len(cnt.value)-1] = 10
@ -214,11 +126,11 @@ func TestContainerPut(t *testing.T) {
cNNS.Invoke(t, true, "register",
"cdn", c.CommitteeHash,
"whateveriwant@world.com", int64(0), int64(0), int64(100_000), int64(0))
"whateveriwant@world.com", int64(0), int64(0), int64(0), int64(0))
cNNS.Invoke(t, true, "register",
"domain.cdn", c.CommitteeHash,
"whateveriwant@world.com", int64(0), int64(0), int64(100_000), int64(0))
"whateveriwant@world.com", int64(0), int64(0), int64(0), int64(0))
balanceMint(t, cBal, acc, (containerFee+containerAliasFee)*1, []byte{})
@ -233,62 +145,38 @@ func TestContainerPut(t *testing.T) {
})
}
func addContainer(t *testing.T, c, cBal *neotest.ContractInvoker) (neotest.Signer, testContainer) {
func TestContainerDelete(t *testing.T) {
c, cBal := newContainerInvoker(t)
acc := c.NewAccount(t)
cnt := dummyContainer(acc)
balanceMint(t, cBal, acc, containerFee*1, []byte{})
c.Invoke(t, stackitem.Null{}, "put", cnt.value, cnt.sig, cnt.pub, cnt.token)
return acc, cnt
}
func TestContainerDelete(t *testing.T) {
c, cBal, cNm := newContainerInvoker(t)
acc, cnt := addContainer(t, c, cBal)
cAcc := c.WithSigners(acc)
cAcc.InvokeFail(t, common.ErrAlphabetWitnessFailed, "delete",
cnt.id[:], cnt.sig, cnt.pub, cnt.token)
cnt.id[:], cnt.sig, cnt.token)
newDelInfo := func(acc neotest.Signer, epoch int64) *stackitem.Struct {
return stackitem.NewStruct([]stackitem.Item{
stackitem.NewBuffer([]byte(signerToOwner(acc))),
stackitem.NewBigInteger(big.NewInt(epoch)),
})
}
c.InvokeFail(t, container.NotFoundError, "deletionInfo", cnt.id[:])
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.pub, cnt.token)
c.Invoke(t, newDelInfo(acc, 0), "deletionInfo", cnt.id[:])
t.Run("multi-epoch", func(t *testing.T) {
cNm.Invoke(t, stackitem.Null{}, "newEpoch", 1)
t.Run("epoch tick does not change deletion info", func(t *testing.T) {
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.pub, cnt.token)
c.Invoke(t, newDelInfo(acc, 0), "deletionInfo", cnt.id[:])
})
acc1, cnt1 := addContainer(t, c, cBal)
c.Invoke(t, stackitem.Null{}, "delete", cnt1.id[:], cnt1.sig, cnt1.pub, cnt1.token)
c.Invoke(t, newDelInfo(acc, 0), "deletionInfo", cnt.id[:])
c.Invoke(t, newDelInfo(acc1, 1), "deletionInfo", cnt1.id[:])
})
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.token)
t.Run("missing container", func(t *testing.T) {
id := cnt.id
id[0] ^= 0xFF
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.pub, cnt.token)
c.InvokeFail(t, container.NotFoundError, "deletionInfo", id[:])
c.Invoke(t, stackitem.Null{}, "delete", cnt.id[:], cnt.sig, cnt.token)
})
c.InvokeFail(t, container.NotFoundError, "get", cnt.id[:])
}
func TestContainerOwner(t *testing.T) {
c, cBal, _ := newContainerInvoker(t)
c, cBal := newContainerInvoker(t)
acc, cnt := addContainer(t, c, cBal)
acc := c.NewAccount(t)
cnt := dummyContainer(acc)
balanceMint(t, cBal, acc, containerFee*1, []byte{})
c.Invoke(t, stackitem.Null{}, "put", cnt.value, cnt.sig, cnt.pub, cnt.token)
t.Run("missing container", func(t *testing.T) {
id := cnt.id
@ -296,14 +184,19 @@ func TestContainerOwner(t *testing.T) {
c.InvokeFail(t, container.NotFoundError, "owner", id[:])
})
owner := signerToOwner(acc)
owner, _ := base58.Decode(address.Uint160ToString(acc.ScriptHash()))
c.Invoke(t, stackitem.NewBuffer(owner), "owner", cnt.id[:])
}
func TestContainerGet(t *testing.T) {
c, cBal, _ := newContainerInvoker(t)
c, cBal := newContainerInvoker(t)
_, cnt := addContainer(t, c, cBal)
acc := c.NewAccount(t)
cnt := dummyContainer(acc)
balanceMint(t, cBal, acc, containerFee*1, []byte{})
c.Invoke(t, stackitem.Null{}, "put", cnt.value, cnt.sig, cnt.pub, cnt.token)
t.Run("missing container", func(t *testing.T) {
id := cnt.id
@ -339,9 +232,13 @@ func dummyEACL(containerID [32]byte) eacl {
}
func TestContainerSetEACL(t *testing.T) {
c, cBal, _ := newContainerInvoker(t)
c, cBal := newContainerInvoker(t)
acc, cnt := addContainer(t, c, cBal)
acc := c.NewAccount(t)
cnt := dummyContainer(acc)
balanceMint(t, cBal, acc, containerFee*1, []byte{})
c.Invoke(t, stackitem.Null{}, "put", cnt.value, cnt.sig, cnt.pub, cnt.token)
t.Run("missing container", func(t *testing.T) {
id := cnt.id
@ -365,161 +262,3 @@ func TestContainerSetEACL(t *testing.T) {
})
c.Invoke(t, expected, "eACL", cnt.id[:])
}
func TestContainerSizeEstimation(t *testing.T) {
c, cBal, cNm := newContainerInvoker(t)
_, cnt := addContainer(t, c, cBal)
nodes := []testNodeInfo{
newStorageNode(t, c),
newStorageNode(t, c),
newStorageNode(t, c),
}
for i := range nodes {
cNm.WithSigners(nodes[i].signer).Invoke(t, stackitem.Null{}, "addPeer", nodes[i].raw)
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", nodes[i].raw)
}
// putContainerSize retrieves storage nodes from the previous snapshot,
// so epoch must be incremented twice.
cNm.Invoke(t, stackitem.Null{}, "newEpoch", int64(1))
cNm.Invoke(t, stackitem.Null{}, "newEpoch", int64(2))
t.Run("must be witnessed by key in the argument", func(t *testing.T) {
c.WithSigners(nodes[1].signer).InvokeFail(t, common.ErrWitnessFailed, "putContainerSize",
int64(2), cnt.id[:], int64(123), nodes[0].pub)
})
c.WithSigners(nodes[0].signer).Invoke(t, stackitem.Null{}, "putContainerSize",
int64(2), cnt.id[:], int64(123), nodes[0].pub)
estimations := []estimation{{nodes[0].pub, 123}}
checkEstimations(t, c, 2, cnt, estimations...)
c.WithSigners(nodes[1].signer).Invoke(t, stackitem.Null{}, "putContainerSize",
int64(2), cnt.id[:], int64(42), nodes[1].pub)
estimations = append(estimations, estimation{nodes[1].pub, int64(42)})
checkEstimations(t, c, 2, cnt, estimations...)
t.Run("add estimation for a different epoch", func(t *testing.T) {
c.WithSigners(nodes[2].signer).Invoke(t, stackitem.Null{}, "putContainerSize",
int64(1), cnt.id[:], int64(777), nodes[2].pub)
checkEstimations(t, c, 1, cnt, estimation{nodes[2].pub, 777})
checkEstimations(t, c, 2, cnt, estimations...)
})
c.WithSigners(nodes[2].signer).Invoke(t, stackitem.Null{}, "putContainerSize",
int64(3), cnt.id[:], int64(888), nodes[2].pub)
checkEstimations(t, c, 3, cnt, estimation{nodes[2].pub, 888})
// Remove old estimations.
for i := int64(1); i <= container.CleanupDelta; i++ {
cNm.Invoke(t, stackitem.Null{}, "newEpoch", 2+i)
checkEstimations(t, c, 2, cnt, estimations...)
checkEstimations(t, c, 3, cnt, estimation{nodes[2].pub, 888})
}
epoch := int64(2 + container.CleanupDelta + 1)
cNm.Invoke(t, stackitem.Null{}, "newEpoch", epoch)
checkEstimations(t, c, 2, cnt, estimations...) // not yet removed
checkEstimations(t, c, 3, cnt, estimation{nodes[2].pub, 888})
c.WithSigners(nodes[1].signer).Invoke(t, stackitem.Null{}, "putContainerSize",
epoch, cnt.id[:], int64(999), nodes[1].pub)
checkEstimations(t, c, 2, cnt, estimations[:1]...)
checkEstimations(t, c, epoch, cnt, estimation{nodes[1].pub, int64(999)})
// Estimation from node 0 should be cleaned during epoch tick.
for i := int64(1); i <= container.TotalCleanupDelta-container.CleanupDelta; i++ {
cNm.Invoke(t, stackitem.Null{}, "newEpoch", epoch+i)
}
checkEstimations(t, c, 2, cnt)
checkEstimations(t, c, epoch, cnt, estimation{nodes[1].pub, int64(999)})
}
type estimation struct {
from []byte
size int64
}
func checkEstimations(t *testing.T, c *neotest.ContractInvoker, epoch int64, cnt testContainer, estimations ...estimation) {
// Check that listed estimations match expected
listEstimations := getListEstimations(t, c, epoch, cnt)
requireEstimationsMatch(t, estimations, listEstimations)
// Check that iterated estimations match expected
iterEstimations := getIterEstimations(t, c, epoch)
requireEstimationsMatch(t, estimations, iterEstimations)
}
func getListEstimations(t *testing.T, c *neotest.ContractInvoker, epoch int64, cnt testContainer) []estimation {
s, err := c.TestInvoke(t, "listContainerSizes", epoch)
require.NoError(t, err)
var id []byte
// When there are no estimations, listContainerSizes can also return nothing.
item := s.Top().Item()
switch it := item.(type) {
case stackitem.Null:
require.Equal(t, stackitem.Null{}, it)
return make([]estimation, 0)
case *stackitem.Array:
id, err = it.Value().([]stackitem.Item)[0].TryBytes()
require.NoError(t, err)
default:
require.FailNow(t, "invalid return type for listContainerSizes")
}
s, err = c.TestInvoke(t, "getContainerSize", id)
require.NoError(t, err)
// Here and below we assume that all estimations in the contract are related to our container
sizes := s.Top().Array()
require.Equal(t, cnt.id[:], sizes[0].Value())
return convertStackToEstimations(sizes[1].Value().([]stackitem.Item))
}
func getIterEstimations(t *testing.T, c *neotest.ContractInvoker, epoch int64) []estimation {
iterStack, err := c.TestInvoke(t, "iterateContainerSizes", epoch)
require.NoError(t, err)
iter := iterStack.Pop().Value().(*storage.Iterator)
// Iterator contains pairs: key + estimation (as stack item), we extract estimations only
pairs := iteratorToArray(iter)
estimationItems := make([]stackitem.Item, len(pairs))
for i, pair := range pairs {
pairItems := pair.Value().([]stackitem.Item)
estimationItems[i] = pairItems[1]
}
return convertStackToEstimations(estimationItems)
}
func convertStackToEstimations(stackItems []stackitem.Item) []estimation {
estimations := make([]estimation, 0, len(stackItems))
for _, item := range stackItems {
value := item.Value().([]stackitem.Item)
from := value[0].Value().([]byte)
size := value[1].Value().(*big.Int)
estimation := estimation{from: from, size: size.Int64()}
estimations = append(estimations, estimation)
}
return estimations
}
func requireEstimationsMatch(t *testing.T, expected []estimation, actual []estimation) {
require.Equal(t, len(expected), len(actual))
for _, e := range expected {
found := false
for _, a := range actual {
if found = bytes.Equal(e.from, a.from); found {
require.Equal(t, e.size, a.size)
break
}
}
require.True(t, found, "expected estimation from %x to be present", e.from)
}
}

30
tests/frostfs_test.go → tests/neofs_test.go
View file

@ -6,7 +6,6 @@ import (
"sort"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-contract/frostfs"
"github.com/nspcc-dev/neo-go/pkg/core/native/nativenames"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/nspcc-dev/neo-go/pkg/neotest"
@ -15,12 +14,13 @@ import (
"github.com/nspcc-dev/neo-go/pkg/vm"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/nspcc-dev/neo-go/pkg/wallet"
"github.com/nspcc-dev/neofs-contract/neofs"
"github.com/stretchr/testify/require"
)
const frostfsPath = "../frostfs"
const neofsPath = "../neofs"
func deployFrostFSContract(t *testing.T, e *neotest.Executor, addrProc util.Uint160,
func deployNeoFSContract(t *testing.T, e *neotest.Executor, addrProc util.Uint160,
pubs keys.PublicKeys, config ...interface{}) util.Uint160 {
args := make([]interface{}, 5)
args[0] = false
@ -33,12 +33,12 @@ func deployFrostFSContract(t *testing.T, e *neotest.Executor, addrProc util.Uint
args[2] = arr
args[3] = append([]interface{}{}, config...)
c := neotest.CompileFile(t, e.CommitteeHash, frostfsPath, path.Join(frostfsPath, "config.yml"))
c := neotest.CompileFile(t, e.CommitteeHash, neofsPath, path.Join(neofsPath, "config.yml"))
e.DeployContract(t, c, args)
return c.Hash
}
func newFrostFSInvoker(t *testing.T, n int, config ...interface{}) (*neotest.ContractInvoker, neotest.Signer, keys.PublicKeys) {
func newNeoFSInvoker(t *testing.T, n int, config ...interface{}) (*neotest.ContractInvoker, neotest.Signer, keys.PublicKeys) {
e := newExecutor(t)
accounts := make([]*wallet.Account, n)
@ -66,7 +66,7 @@ func newFrostFSInvoker(t *testing.T, n int, config ...interface{}) (*neotest.Con
}
alphabet := neotest.NewMultiSigner(accounts...)
h := deployFrostFSContract(t, e, util.Uint160{}, pubs, config...)
h := deployNeoFSContract(t, e, util.Uint160{}, pubs, config...)
gasHash, err := e.Chain.GetNativeContractScriptHash(nativenames.Gas)
require.NoError(t, err)
@ -79,8 +79,22 @@ func newFrostFSInvoker(t *testing.T, n int, config ...interface{}) (*neotest.Con
return e.CommitteeInvoker(h).WithSigners(alphabet), alphabet, pubs
}
func TestFrostFS_InnerRingCandidate(t *testing.T) {
e, _, _ := newFrostFSInvoker(t, 4, frostfs.CandidateFeeConfigKey, int64(10))
func TestNeoFS_AlphabetList(t *testing.T) {
const alphabetSize = 4
e, _, pubs := newNeoFSInvoker(t, alphabetSize)
arr := make([]stackitem.Item, len(pubs))
for i := range arr {
arr[i] = stackitem.NewStruct([]stackitem.Item{
stackitem.NewByteArray(pubs[i].Bytes()),
})
}
e.Invoke(t, stackitem.NewArray(arr), "alphabetList")
}
func TestNeoFS_InnerRingCandidate(t *testing.T) {
e, _, _ := newNeoFSInvoker(t, 4, neofs.CandidateFeeConfigKey, int64(10))
const candidateCount = 3

20
tests/frostfsid_test.go → tests/neofsid_test.go
View file

@ -6,28 +6,30 @@ import (
"sort"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-contract/container"
"github.com/mr-tron/base58"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
"github.com/nspcc-dev/neo-go/pkg/neotest"
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/nspcc-dev/neofs-contract/container"
"github.com/stretchr/testify/require"
)
const frostfsidPath = "../frostfsid"
const neofsidPath = "../neofsid"
func deployFrostFSIDContract(t *testing.T, e *neotest.Executor, addrNetmap, addrContainer util.Uint160) util.Uint160 {
func deployNeoFSIDContract(t *testing.T, e *neotest.Executor, addrNetmap, addrContainer util.Uint160) util.Uint160 {
args := make([]interface{}, 5)
args[0] = false
args[1] = addrNetmap
args[2] = addrContainer
c := neotest.CompileFile(t, e.CommitteeHash, frostfsidPath, path.Join(frostfsidPath, "config.yml"))
c := neotest.CompileFile(t, e.CommitteeHash, neofsidPath, path.Join(neofsidPath, "config.yml"))
e.DeployContract(t, c, args)
return c.Hash
}
func newFrostFSIDInvoker(t *testing.T) *neotest.ContractInvoker {
func newNeoFSIDInvoker(t *testing.T) *neotest.ContractInvoker {
e := newExecutor(t)
ctrNNS := neotest.CompileFile(t, e.CommitteeHash, nnsPath, path.Join(nnsPath, "config.yml"))
@ -41,12 +43,12 @@ func newFrostFSIDInvoker(t *testing.T) *neotest.ContractInvoker {
container.AliasFeeKey, int64(containerAliasFee))
deployBalanceContract(t, e, ctrNetmap.Hash, ctrContainer.Hash)
deployContainerContract(t, e, ctrNetmap.Hash, ctrBalance.Hash, ctrNNS.Hash)
h := deployFrostFSIDContract(t, e, ctrNetmap.Hash, ctrContainer.Hash)
h := deployNeoFSIDContract(t, e, ctrNetmap.Hash, ctrContainer.Hash)
return e.CommitteeInvoker(h)
}
func TestFrostFSID_AddKey(t *testing.T) {
e := newFrostFSIDInvoker(t)
func TestNeoFSID_AddKey(t *testing.T) {
e := newNeoFSIDInvoker(t)
pubs := make([][]byte, 6)
for i := range pubs {
@ -55,7 +57,7 @@ func TestFrostFSID_AddKey(t *testing.T) {
pubs[i] = p.PublicKey().Bytes()
}
acc := e.NewAccount(t)
owner := signerToOwner(acc)
owner, _ := base58.Decode(address.Uint160ToString(acc.ScriptHash()))
e.Invoke(t, stackitem.Null{}, "addKey", owner,
[]interface{}{pubs[0], pubs[1]})

364
tests/netmap_test.go
View file

@ -4,17 +4,15 @@ import (
"math/big"
"math/rand"
"path"
"strings"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"git.frostfs.info/TrueCloudLab/frostfs-contract/container"
"git.frostfs.info/TrueCloudLab/frostfs-contract/netmap"
"github.com/nspcc-dev/neo-go/pkg/encoding/bigint"
"github.com/nspcc-dev/neo-go/pkg/neotest"
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/vm"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/nspcc-dev/neofs-contract/common"
"github.com/nspcc-dev/neofs-contract/container"
"github.com/stretchr/testify/require"
)
@ -58,30 +56,13 @@ func TestDeploySetConfig(t *testing.T) {
"config", container.AliasFeeKey)
}
type testNodeInfo struct {
signer neotest.SingleSigner
pub []byte
raw []byte
state netmap.NodeState
}
func dummyNodeInfo(acc neotest.Signer) testNodeInfo {
func dummyNodeInfo(acc neotest.Signer) []byte {
ni := make([]byte, 66)
rand.Read(ni)
s := acc.(neotest.SingleSigner)
pub := s.Account().PrivateKey().PublicKey().Bytes()
pub, _ := vm.ParseSignatureContract(acc.Script())
copy(ni[2:], pub)
return testNodeInfo{
signer: s,
pub: pub,
raw: ni,
state: netmap.NodeStateOnline,
}
}
func newStorageNode(t *testing.T, c *neotest.ContractInvoker) testNodeInfo {
return dummyNodeInfo(c.NewAccount(t))
return ni
}
func TestAddPeer(t *testing.T) {
@ -93,322 +74,47 @@ func TestAddPeer(t *testing.T) {
acc1 := c.NewAccount(t)
cAcc1 := c.WithSigners(acc1)
cAcc1.InvokeFail(t, common.ErrWitnessFailed, "addPeer", dummyInfo.raw)
cAcc1.InvokeFail(t, common.ErrWitnessFailed, "addPeer", dummyInfo)
h := cAcc.Invoke(t, stackitem.Null{}, "addPeer", dummyInfo.raw)
h := cAcc.Invoke(t, stackitem.Null{}, "addPeer", dummyInfo)
aer := cAcc.CheckHalt(t, h)
require.Equal(t, 0, len(aer.Events))
require.Equal(t, 1, len(aer.Events))
require.Equal(t, "AddPeer", aer.Events[0].Name)
require.Equal(t, stackitem.NewArray([]stackitem.Item{stackitem.NewByteArray(dummyInfo)}),
aer.Events[0].Item)
dummyInfo.raw[0] ^= 0xFF
h = cAcc.Invoke(t, stackitem.Null{}, "addPeer", dummyInfo.raw)
dummyInfo[0] ^= 0xFF
h = cAcc.Invoke(t, stackitem.Null{}, "addPeer", dummyInfo)
aer = cAcc.CheckHalt(t, h)
require.Equal(t, 0, len(aer.Events))
require.Equal(t, 1, len(aer.Events))
require.Equal(t, "AddPeer", aer.Events[0].Name)
require.Equal(t, stackitem.NewArray([]stackitem.Item{stackitem.NewByteArray(dummyInfo)}),
aer.Events[0].Item)
c.InvokeFail(t, common.ErrWitnessFailed, "addPeer", dummyInfo.raw)
c.Invoke(t, stackitem.Null{}, "addPeerIR", dummyInfo.raw)
}
func TestNewEpoch(t *testing.T) {
rand.Seed(42)
const epochCount = netmap.DefaultSnapshotCount * 2
cNm := newNetmapInvoker(t)
nodes := make([][]testNodeInfo, epochCount)
for i := range nodes {
size := rand.Int()%5 + 1
arr := make([]testNodeInfo, size)
for j := 0; j < size; j++ {
arr[j] = newStorageNode(t, cNm)
}
nodes[i] = arr
}
for i := 0; i < epochCount; i++ {
for _, tn := range nodes[i] {
cNm.WithSigners(tn.signer).Invoke(t, stackitem.Null{}, "addPeer", tn.raw)
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", tn.raw)
}
if i > 0 {
// Remove random nodes from the previous netmap.
current := make([]testNodeInfo, 0, len(nodes[i])+len(nodes[i-1]))
current = append(current, nodes[i]...)
for j := range nodes[i-1] {
if rand.Int()%3 == 0 {
cNm.Invoke(t, stackitem.Null{}, "updateStateIR",
int64(netmap.NodeStateOffline), nodes[i-1][j].pub)
} else {
current = append(current, nodes[i-1][j])
}
}
nodes[i] = current
}
cNm.Invoke(t, stackitem.Null{}, "newEpoch", i+1)
t.Logf("Epoch: %d, Netmap()", i)
s, err := cNm.TestInvoke(t, "netmap")
require.NoError(t, err)
require.Equal(t, 1, s.Len())
checkSnapshot(t, s, nodes[i])
for j := 0; j <= i && j < netmap.DefaultSnapshotCount; j++ {
t.Logf("Epoch: %d, diff: %d", i, j)
checkSnapshotAt(t, j, cNm, nodes[i-j])
}
_, err = cNm.TestInvoke(t, "snapshot", netmap.DefaultSnapshotCount)
require.Error(t, err)
require.True(t, strings.Contains(err.Error(), "incorrect diff"))
_, err = cNm.TestInvoke(t, "snapshot", -1)
require.Error(t, err)
require.True(t, strings.Contains(err.Error(), "incorrect diff"))
}
}
func TestUpdateSnapshotCount(t *testing.T) {
rand.Seed(42)
require.True(t, netmap.DefaultSnapshotCount > 5) // sanity check, adjust tests if false.
prepare := func(t *testing.T, cNm *neotest.ContractInvoker, epochCount int) [][]testNodeInfo {
nodes := make([][]testNodeInfo, epochCount)
nodes[0] = []testNodeInfo{newStorageNode(t, cNm)}
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", nodes[0][0].raw)
cNm.Invoke(t, stackitem.Null{}, "newEpoch", 1)
for i := 1; i < len(nodes); i++ {
sn := newStorageNode(t, cNm)
nodes[i] = append(nodes[i-1], sn)
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", sn.raw)
cNm.Invoke(t, stackitem.Null{}, "newEpoch", i+1)
}
return nodes
}
t.Run("increase size, extend with nil", func(t *testing.T) {
// Before: S-old .. S
// After : S-old .. S nil nil ...
const epochCount = netmap.DefaultSnapshotCount / 2
cNm := newNetmapInvoker(t)
nodes := prepare(t, cNm, epochCount)
const newCount = netmap.DefaultSnapshotCount + 3
cNm.Invoke(t, stackitem.Null{}, "updateSnapshotCount", newCount)
s, err := cNm.TestInvoke(t, "netmap")
require.NoError(t, err)
require.Equal(t, 1, s.Len())
checkSnapshot(t, s, nodes[epochCount-1])
for i := 0; i < epochCount; i++ {
checkSnapshotAt(t, i, cNm, nodes[epochCount-i-1])
}
for i := epochCount; i < newCount; i++ {
checkSnapshotAt(t, i, cNm, nil)
}
_, err = cNm.TestInvoke(t, "snapshot", int64(newCount))
require.Error(t, err)
})
t.Run("increase size, copy old snapshots", func(t *testing.T) {
// Before: S-x .. S S-old ...
// After : S-x .. S nil nil S-old ...
const epochCount = netmap.DefaultSnapshotCount + netmap.DefaultSnapshotCount/2
cNm := newNetmapInvoker(t)
nodes := prepare(t, cNm, epochCount)
const newCount = netmap.DefaultSnapshotCount + 3
cNm.Invoke(t, stackitem.Null{}, "updateSnapshotCount", newCount)
s, err := cNm.TestInvoke(t, "netmap")
require.NoError(t, err)
require.Equal(t, 1, s.Len())
checkSnapshot(t, s, nodes[epochCount-1])
for i := 0; i < newCount-3; i++ {
checkSnapshotAt(t, i, cNm, nodes[epochCount-i-1])
}
for i := newCount - 3; i < newCount; i++ {
checkSnapshotAt(t, i, cNm, nil)
}
_, err = cNm.TestInvoke(t, "snapshot", int64(newCount))
require.Error(t, err)
})
t.Run("decrease size, small decrease", func(t *testing.T) {
// Before: S-x .. S S-old ... ...
// After : S-x .. S S-new ...
const epochCount = netmap.DefaultSnapshotCount + netmap.DefaultSnapshotCount/2
cNm := newNetmapInvoker(t)
nodes := prepare(t, cNm, epochCount)
const newCount = netmap.DefaultSnapshotCount/2 + 2
cNm.Invoke(t, stackitem.Null{}, "updateSnapshotCount", newCount)
s, err := cNm.TestInvoke(t, "netmap")
require.NoError(t, err)
require.Equal(t, 1, s.Len())
checkSnapshot(t, s, nodes[epochCount-1])
for i := 0; i < newCount; i++ {
checkSnapshotAt(t, i, cNm, nodes[epochCount-i-1])
}
_, err = cNm.TestInvoke(t, "snapshot", int64(newCount))
require.Error(t, err)
})
t.Run("decrease size, big decrease", func(t *testing.T) {
// Before: S-x ... ... S S-old ... ...
// After : S-new ... S
const epochCount = netmap.DefaultSnapshotCount + netmap.DefaultSnapshotCount/2
cNm := newNetmapInvoker(t)
nodes := prepare(t, cNm, epochCount)
const newCount = netmap.DefaultSnapshotCount/2 - 2
cNm.Invoke(t, stackitem.Null{}, "updateSnapshotCount", newCount)
s, err := cNm.TestInvoke(t, "netmap")
require.NoError(t, err)
require.Equal(t, 1, s.Len())
checkSnapshot(t, s, nodes[epochCount-1])
for i := 0; i < newCount; i++ {
checkSnapshotAt(t, i, cNm, nodes[epochCount-i-1])
}
_, err = cNm.TestInvoke(t, "snapshot", int64(newCount))
require.Error(t, err)
})
}
func checkSnapshotAt(t *testing.T, epoch int, cNm *neotest.ContractInvoker, nodes []testNodeInfo) {
s, err := cNm.TestInvoke(t, "snapshot", int64(epoch))
require.NoError(t, err)
require.Equal(t, 1, s.Len())
checkSnapshot(t, s, nodes)
}
func checkSnapshot(t *testing.T, s *vm.Stack, nodes []testNodeInfo) {
arr, ok := s.Pop().Value().([]stackitem.Item)
require.True(t, ok, "expected array")
require.Equal(t, len(nodes), len(arr), "expected %d nodes", len(nodes))
actual := make([]netmap.Node, len(nodes))
expected := make([]netmap.Node, len(nodes))
for i := range nodes {
n, ok := arr[i].Value().([]stackitem.Item)
require.True(t, ok, "expected node struct")
require.Equalf(t, 2, len(n), "expected %d field(s)", 2)
require.IsType(t, []byte{}, n[0].Value())
state, err := n[1].TryInteger()
require.NoError(t, err)
actual[i].BLOB = n[0].Value().([]byte)
actual[i].State = netmap.NodeState(state.Int64())
expected[i].BLOB = nodes[i].raw
expected[i].State = nodes[i].state
}
require.ElementsMatch(t, expected, actual, "snapshot is different")
}
func TestUpdateStateIR(t *testing.T) {
cNm := newNetmapInvoker(t)
acc := cNm.NewAccount(t)
pub := acc.(neotest.SingleSigner).Account().PrivateKey().PublicKey().Bytes()
t.Run("can't move online, need addPeerIR", func(t *testing.T) {
cNm.InvokeFail(t, "peer is missing", "updateStateIR", int64(netmap.NodeStateOnline), pub)
})
dummyInfo := dummyNodeInfo(acc)
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", dummyInfo.raw)
acc1 := cNm.NewAccount(t)
dummyInfo1 := dummyNodeInfo(acc1)
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", dummyInfo1.raw)
t.Run("must be signed by the alphabet", func(t *testing.T) {
cAcc := cNm.WithSigners(acc)
cAcc.InvokeFail(t, common.ErrAlphabetWitnessFailed, "updateStateIR", int64(netmap.NodeStateOffline), pub)
})
t.Run("invalid state", func(t *testing.T) {
cNm.InvokeFail(t, "unsupported state", "updateStateIR", int64(42), pub)
})
checkNetmapCandidates(t, cNm, 2)
// Move the first node offline.
cNm.Invoke(t, stackitem.Null{}, "updateStateIR", int64(netmap.NodeStateOffline), pub)
checkNetmapCandidates(t, cNm, 1)
checkState := func(expected netmap.NodeState) {
arr := checkNetmapCandidates(t, cNm, 1)
nn := arr[0].Value().([]stackitem.Item)
state, err := nn[1].TryInteger()
require.NoError(t, err)
require.Equal(t, int64(expected), state.Int64())
}
// Move the second node in the maintenance state.
pub1 := acc1.(neotest.SingleSigner).Account().PrivateKey().PublicKey().Bytes()
t.Run("maintenance -> add peer", func(t *testing.T) {
cNm.Invoke(t, stackitem.Null{}, "updateStateIR", int64(netmap.NodeStateMaintenance), pub1)
checkState(netmap.NodeStateMaintenance)
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", dummyInfo1.raw)
checkState(netmap.NodeStateOnline)
})
t.Run("maintenance -> online", func(t *testing.T) {
cNm.Invoke(t, stackitem.Null{}, "updateStateIR", int64(netmap.NodeStateMaintenance), pub1)
checkState(netmap.NodeStateMaintenance)
cNm.Invoke(t, stackitem.Null{}, "updateStateIR", int64(netmap.NodeStateOnline), pub1)
checkState(netmap.NodeStateOnline)
})
c.InvokeFail(t, common.ErrWitnessFailed, "addPeer", dummyInfo)
c.Invoke(t, stackitem.Null{}, "register", dummyInfo)
}
func TestUpdateState(t *testing.T) {
cNm := newNetmapInvoker(t)
e := newNetmapInvoker(t)
accs := []neotest.Signer{cNm.NewAccount(t), cNm.NewAccount(t)}
pubs := make([][]byte, len(accs))
for i := range accs {
dummyInfo := dummyNodeInfo(accs[i])
cNm.Invoke(t, stackitem.Null{}, "addPeerIR", dummyInfo.raw)
pubs[i] = accs[i].(neotest.SingleSigner).Account().PrivateKey().PublicKey().Bytes()
}
acc := e.NewAccount(t)
cAcc := e.WithSigners(acc)
cBoth := e.WithSigners(e.Committee, acc)
dummyInfo := dummyNodeInfo(acc)
cBoth.Invoke(t, stackitem.Null{}, "addPeer", dummyInfo)
pub, ok := vm.ParseSignatureContract(acc.Script())
require.True(t, ok)
t.Run("missing witness", func(t *testing.T) {
cAcc := cNm.WithSigners(accs[0])
cNm.InvokeFail(t, common.ErrWitnessFailed, "updateState", int64(2), pubs[0])
cAcc.InvokeFail(t, common.ErrAlphabetWitnessFailed, "updateState", int64(2), pubs[0])
cAcc.InvokeFail(t, common.ErrWitnessFailed, "updateState", int64(2), pubs[1])
cAcc.InvokeFail(t, common.ErrAlphabetWitnessFailed,
"updateState", int64(2), pub)
e.InvokeFail(t, common.ErrWitnessFailed,
"updateState", int64(2), pub)
})
checkNetmapCandidates(t, cNm, 2)
cBoth := cNm.WithSigners(accs[0], cNm.Committee)
cBoth.Invoke(t, stackitem.Null{}, "updateState", int64(2), pubs[0])
checkNetmapCandidates(t, cNm, 1)
t.Run("remove already removed node", func(t *testing.T) {
cBoth.Invoke(t, stackitem.Null{}, "updateState", int64(2), pubs[0])
checkNetmapCandidates(t, cNm, 1)
})
cBoth = cNm.WithSigners(accs[1], cNm.Committee)
cBoth.Invoke(t, stackitem.Null{}, "updateState", int64(2), pubs[1])
checkNetmapCandidates(t, cNm, 0)
}
func checkNetmapCandidates(t *testing.T, c *neotest.ContractInvoker, size int) []stackitem.Item {
s, err := c.TestInvoke(t, "netmapCandidates")
require.NoError(t, err)
require.Equal(t, 1, s.Len())
arr, ok := s.Pop().Value().([]stackitem.Item)
require.True(t, ok)
require.Equal(t, size, len(arr))
return arr
cBoth.Invoke(t, stackitem.Null{}, "updateState", int64(2), pub)
cAcc.Invoke(t, stackitem.NewArray([]stackitem.Item{}), "netmapCandidates")
}

87
tests/nns_test.go
View file

@ -4,14 +4,13 @@ import (
"fmt"
"math/big"
"path"
"strings"
"testing"
"time"
"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
"github.com/nspcc-dev/neo-go/pkg/core/interop/storage"
"github.com/nspcc-dev/neo-go/pkg/neotest"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/nspcc-dev/neofs-contract/nns"
"github.com/stretchr/testify/require"
)
@ -26,11 +25,10 @@ func newNNSInvoker(t *testing.T, addRoot bool) *neotest.ContractInvoker {
c := e.CommitteeInvoker(ctr.Hash)
if addRoot {
// Set expiration big enough to pass all tests.
refresh, retry, expire, ttl := int64(101), int64(102), int64(msPerYear/1000*100), int64(104)
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
}
return c
}
@ -50,21 +48,21 @@ func TestNNSRegisterTLD(t *testing.T) {
c.InvokeFail(t, "invalid domain name format", "register",
"0com", c.CommitteeHash,
"email@frostfs.info", refresh, retry, expire, ttl)
"email@nspcc.ru", refresh, retry, expire, ttl)
acc := c.NewAccount(t)
cAcc := c.WithSigners(acc)
cAcc.InvokeFail(t, "not witnessed by committee", "register",
"com", acc.ScriptHash(),
"email@frostfs.info", refresh, retry, expire, ttl)
"email@nspcc.ru", refresh, retry, expire, ttl)
c.Invoke(t, true, "register",
"com", c.CommitteeHash,
"email@frostfs.info", refresh, retry, expire, ttl)
"email@nspcc.ru", refresh, retry, expire, ttl)
c.InvokeFail(t, "TLD already exists", "register",
"com", c.CommitteeHash,
"email@frostfs.info", refresh, retry, expire, ttl)
"email@nspcc.ru", refresh, retry, expire, ttl)
}
func TestNNSRegister(t *testing.T) {
@ -75,33 +73,33 @@ func TestNNSRegister(t *testing.T) {
c1 := c.WithSigners(c.Committee, accTop)
c1.Invoke(t, true, "register",
"com", accTop.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
acc := c.NewAccount(t)
c2 := c.WithSigners(c.Committee, acc)
c2.InvokeFail(t, "not witnessed by admin", "register",
"testdomain.com", acc.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c3 := c.WithSigners(accTop, acc)
t.Run("domain names with hyphen", func(t *testing.T) {
c3.InvokeFail(t, "invalid domain name format", "register",
"-testdomain.com", acc.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c3.InvokeFail(t, "invalid domain name format", "register",
"testdomain-.com", acc.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c3.Invoke(t, true, "register",
"test-domain.com", acc.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
})
c3.Invoke(t, true, "register",
"testdomain.com", acc.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
b := c.TopBlock(t)
expected := stackitem.NewArray([]stackitem.Item{stackitem.NewBuffer(
[]byte(fmt.Sprintf("testdomain.com myemail@frostfs.info %d %d %d %d %d",
[]byte(fmt.Sprintf("testdomain.com myemail@nspcc.ru %d %d %d %d %d",
b.Timestamp, refresh, retry, expire, ttl)))})
c.Invoke(t, expected, "getRecords", "testdomain.com", int64(nns.SOA))
@ -195,18 +193,18 @@ func TestNNSUpdateSOA(t *testing.T) {
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"testdomain.com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
refresh *= 2
retry *= 2
expire *= 2
ttl *= 2
c.Invoke(t, stackitem.Null{}, "updateSOA",
"testdomain.com", "newemail@frostfs.info", refresh, retry, expire, ttl)
"testdomain.com", "newemail@nspcc.ru", refresh, retry, expire, ttl)
b := c.TopBlock(t)
expected := stackitem.NewArray([]stackitem.Item{stackitem.NewBuffer(
[]byte(fmt.Sprintf("testdomain.com newemail@frostfs.info %d %d %d %d %d",
[]byte(fmt.Sprintf("testdomain.com newemail@nspcc.ru %d %d %d %d %d",
b.Timestamp, refresh, retry, expire, ttl)))})
c.Invoke(t, expected, "getRecords", "testdomain.com", int64(nns.SOA))
}
@ -217,13 +215,13 @@ func TestNNSGetAllRecords(t *testing.T) {
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"testdomain.com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c.Invoke(t, stackitem.Null{}, "addRecord", "testdomain.com", int64(nns.TXT), "first TXT record")
c.Invoke(t, stackitem.Null{}, "addRecord", "testdomain.com", int64(nns.A), "1.2.3.4")
b := c.TopBlock(t)
expSOA := fmt.Sprintf("testdomain.com myemail@frostfs.info %d %d %d %d %d",
expSOA := fmt.Sprintf("testdomain.com myemail@nspcc.ru %d %d %d %d %d",
b.Timestamp, refresh, retry, expire, ttl)
s, err := c.TestInvoke(t, "getAllRecords", "testdomain.com")
@ -254,36 +252,14 @@ func TestNNSGetAllRecords(t *testing.T) {
func TestExpiration(t *testing.T) {
c := newNNSInvoker(t, true)
refresh, retry, expire, ttl := int64(101), int64(102), int64(msPerYear/1000*10), int64(104)
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"testdomain.com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
checkProperties := func(t *testing.T, expiration uint64) {
expected := stackitem.NewMapWithValue([]stackitem.MapElement{
{Key: stackitem.Make("name"), Value: stackitem.Make("testdomain.com")},
{Key: stackitem.Make("expiration"), Value: stackitem.Make(expiration)}})
s, err := c.TestInvoke(t, "properties", "testdomain.com")
require.NoError(t, err)
require.Equal(t, expected.Value(), s.Top().Item().Value())
}
top := c.TopBlock(t)
expiration := top.Timestamp + uint64(expire*1000)
checkProperties(t, expiration)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
b := c.NewUnsignedBlock(t)
b.Timestamp = expiration - 2 // test invoke is done with +1 timestamp
b.Timestamp = c.TopBlock(t).Timestamp + uint64(msPerYear) - 1
require.NoError(t, c.Chain.AddBlock(c.SignBlock(b)))
checkProperties(t, expiration)
b = c.NewUnsignedBlock(t)
b.Timestamp = expiration - 1
require.NoError(t, c.Chain.AddBlock(c.SignBlock(b)))
_, err := c.TestInvoke(t, "properties", "testdomain.com")
require.Error(t, err)
require.True(t, strings.Contains(err.Error(), "name has expired"))
c.InvokeFail(t, "name has expired", "getAllRecords", "testdomain.com")
c.InvokeFail(t, "name has expired", "ownerOf", "testdomain.com")
@ -295,7 +271,7 @@ func TestNNSSetAdmin(t *testing.T) {
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"testdomain.com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
acc := c.NewAccount(t)
cAcc := c.WithSigners(acc)
@ -318,7 +294,7 @@ func TestNNSIsAvailable(t *testing.T) {
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c.Invoke(t, false, "isAvailable", "com")
c.Invoke(t, true, "isAvailable", "domain.com")
@ -327,7 +303,7 @@ func TestNNSIsAvailable(t *testing.T) {
c1 := c.WithSigners(c.Committee, acc)
c1.Invoke(t, true, "register",
"domain.com", acc.ScriptHash(),
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c.Invoke(t, false, "isAvailable", "domain.com")
}
@ -340,18 +316,17 @@ func TestNNSRenew(t *testing.T) {
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c1.Invoke(t, true, "register",
"testdomain.com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
const msPerYear = 365 * 24 * time.Hour / time.Millisecond
b := c.TopBlock(t)
ts := b.Timestamp + uint64(expire*1000) + uint64(msPerYear)
ts := b.Timestamp + 2*uint64(msPerYear)
cAcc := c.WithSigners(acc)
cAcc.InvokeFail(t, "not witnessed by admin", "renew", "testdomain.com")
c1.Invoke(t, ts, "renew", "testdomain.com")
cAcc.Invoke(t, ts, "renew", "testdomain.com")
expected := stackitem.NewMapWithValue([]stackitem.MapElement{
{Key: stackitem.Make("name"), Value: stackitem.Make("testdomain.com")},
{Key: stackitem.Make("expiration"), Value: stackitem.Make(ts)}})
{stackitem.Make("name"), stackitem.Make("testdomain.com")},
{stackitem.Make("expiration"), stackitem.Make(ts)}})
cAcc.Invoke(t, expected, "properties", "testdomain.com")
}
@ -361,7 +336,7 @@ func TestNNSResolve(t *testing.T) {
refresh, retry, expire, ttl := int64(101), int64(102), int64(103), int64(104)
c.Invoke(t, true, "register",
"test.com", c.CommitteeHash,
"myemail@frostfs.info", refresh, retry, expire, ttl)
"myemail@nspcc.ru", refresh, retry, expire, ttl)
c.Invoke(t, stackitem.Null{}, "addRecord",
"test.com", int64(nns.TXT), "expected result")

10
tests/processing_test.go
View file

@ -11,21 +11,21 @@ import (
const processingPath = "../processing"
func deployProcessingContract(t *testing.T, e *neotest.Executor, addrFrostFS util.Uint160) util.Uint160 {
func deployProcessingContract(t *testing.T, e *neotest.Executor, addrNeoFS util.Uint160) util.Uint160 {
c := neotest.CompileFile(t, e.CommitteeHash, processingPath, path.Join(processingPath, "config.yml"))
args := make([]interface{}, 1)
args[0] = addrFrostFS
args[0] = addrNeoFS
e.DeployContract(t, c, args)
return c.Hash
}
func newProcessingInvoker(t *testing.T) (*neotest.ContractInvoker, neotest.Signer) {
frostfsInvoker, irMultiAcc, _ := newFrostFSInvoker(t, 2)
hash := deployProcessingContract(t, frostfsInvoker.Executor, frostfsInvoker.Hash)
neofsInvoker, irMultiAcc, _ := newNeoFSInvoker(t, 2)
hash := deployProcessingContract(t, neofsInvoker.Executor, neofsInvoker.Hash)
return frostfsInvoker.CommitteeInvoker(hash), irMultiAcc
return neofsInvoker.CommitteeInvoker(hash), irMultiAcc
}
func TestVerify_Processing(t *testing.T) {

330
tests/subnet_test.go Normal file
View file

@ -0,0 +1,330 @@
package tests
import (
"encoding/binary"
"path"
"testing"
"github.com/nspcc-dev/neo-go/pkg/neotest"
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/vm"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
"github.com/nspcc-dev/neofs-contract/common"
"github.com/nspcc-dev/neofs-contract/subnet"
"github.com/stretchr/testify/require"
)
const subnetPath = "../subnet"
func deploySubnetContract(t *testing.T, e *neotest.Executor) util.Uint160 {
c := neotest.CompileFile(t, e.CommitteeHash, subnetPath, path.Join(subnetPath, "config.yml"))
args := []interface{}{false}
e.DeployContract(t, c, args)
return c.Hash
}
func newSubnetInvoker(t *testing.T) *neotest.ContractInvoker {
e := newExecutor(t)
h := deploySubnetContract(t, e)
return e.CommitteeInvoker(h)
}
func TestSubnet_Version(t *testing.T) {
e := newSubnetInvoker(t)
e.Invoke(t, common.Version, "version")
}
func TestSubnet_Put(t *testing.T) {
e := newSubnetInvoker(t)
acc := e.NewAccount(t)
pub, ok := vm.ParseSignatureContract(acc.Script())
require.True(t, ok)
id := make([]byte, 5)
binary.LittleEndian.PutUint32(id, 123)
info := randomBytes(10)
e.InvokeFail(t, common.ErrWitnessFailed, "put", id, pub, info)
cAcc := e.WithSigners(acc)
cAcc.InvokeFail(t, common.ErrAlphabetWitnessFailed, "put", id, pub, info)
cBoth := e.WithSigners(e.Committee, acc)
cBoth.InvokeFail(t, subnet.ErrInvalidSubnetID, "put", []byte{1, 2, 3}, pub, info)
cBoth.InvokeFail(t, subnet.ErrInvalidOwner, "put", id, pub[10:], info)
cBoth.Invoke(t, stackitem.Null{}, "put", id, pub, info)
cAcc.Invoke(t, stackitem.NewBuffer(info), "get", id)
cBoth.InvokeFail(t, subnet.ErrAlreadyExists, "put", id, pub, info)
}
func TestSubnet_Delete(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
e.InvokeFail(t, common.ErrWitnessFailed, "delete", id)
cAcc := e.WithSigners(owner)
cAcc.InvokeFail(t, subnet.ErrInvalidSubnetID, "delete", []byte{1, 1, 1, 1})
cAcc.Invoke(t, stackitem.Null{}, "delete", []byte{1, 1, 1, 1, 1})
cAcc.Invoke(t, stackitem.Null{}, "delete", id)
cAcc.InvokeFail(t, subnet.ErrNotExist, "get", id)
}
func TestSubnet_AddNodeAdmin(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
const method = "addNodeAdmin"
e.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, admPub)
e.InvokeFail(t, subnet.ErrInvalidAdmin, method, id, admPub[1:])
e.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, admPub)
cAdm := e.WithSigners(adm)
cAdm.InvokeFail(t, common.ErrOwnerWitnessFailed, method, id, admPub)
cOwner := e.WithSigners(owner)
cOwner.Invoke(t, stackitem.Null{}, method, id, admPub)
cOwner.Invoke(t, stackitem.Null{}, method, id, admPub)
}
func TestSubnet_RemoveNodeAdmin(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
const method = "removeNodeAdmin"
e.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, admPub)
e.InvokeFail(t, subnet.ErrInvalidAdmin, method, id, admPub[1:])
e.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, admPub)
cAdm := e.WithSigners(adm)
cAdm.InvokeFail(t, common.ErrOwnerWitnessFailed, method, id, admPub)
cOwner := e.WithSigners(owner)
cOwner.Invoke(t, stackitem.Null{}, method, id, admPub)
cOwner.Invoke(t, stackitem.Null{}, "addNodeAdmin", id, admPub)
cOwner.Invoke(t, stackitem.Null{}, method, id, admPub)
cOwner.Invoke(t, stackitem.Null{}, method, id, admPub)
}
func TestSubnet_AddNode(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
node := e.NewAccount(t)
nodePub, ok := vm.ParseSignatureContract(node.Script())
require.True(t, ok)
const method = "addNode"
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, nodePub)
cOwn.InvokeFail(t, subnet.ErrInvalidNode, method, id, nodePub[1:])
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, nodePub)
cOwn.Invoke(t, stackitem.Null{}, method, id, nodePub)
cOwn.Invoke(t, stackitem.Null{}, method, id, nodePub)
}
func TestSubnet_RemoveNode(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
node := e.NewAccount(t)
nodePub, ok := vm.ParseSignatureContract(node.Script())
require.True(t, ok)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
const method = "removeNode"
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, nodePub)
cOwn.InvokeFail(t, subnet.ErrInvalidNode, method, id, nodePub[1:])
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, nodePub)
cOwn.Invoke(t, stackitem.Null{}, method, id, nodePub)
cOwn.Invoke(t, stackitem.Null{}, "addNode", id, nodePub)
cOwn.Invoke(t, stackitem.Null{}, method, id, nodePub)
cAdm := cOwn.WithSigners(adm)
cOwn.Invoke(t, stackitem.Null{}, "addNodeAdmin", id, admPub)
cAdm.Invoke(t, stackitem.Null{}, method, id, nodePub)
}
func TestSubnet_NodeAllowed(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
node := e.NewAccount(t)
nodePub, ok := vm.ParseSignatureContract(node.Script())
require.True(t, ok)
const method = "nodeAllowed"
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, nodePub)
cOwn.InvokeFail(t, subnet.ErrInvalidNode, method, id, nodePub[1:])
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, nodePub)
cOwn.Invoke(t, stackitem.NewBool(false), method, id, nodePub)
cOwn.Invoke(t, stackitem.Null{}, "addNode", id, nodePub)
cOwn.Invoke(t, stackitem.NewBool(true), method, id, nodePub)
}
func TestSubnet_AddClientAdmin(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
const method = "addClientAdmin"
groupId := randomBytes(5)
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, groupId, admPub)
cOwn.InvokeFail(t, subnet.ErrInvalidAdmin, method, id, groupId, admPub[1:])
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, groupId, admPub)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, admPub)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, admPub)
}
func TestSubnet_RemoveClientAdmin(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
const method = "removeClientAdmin"
groupId := randomBytes(5)
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, groupId, admPub)
cOwn.InvokeFail(t, subnet.ErrInvalidAdmin, method, id, groupId, admPub[1:])
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, groupId, admPub)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, admPub)
cOwn.Invoke(t, stackitem.Null{}, "addClientAdmin", id, groupId, admPub)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, admPub)
}
func TestSubnet_AddUser(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
user := randomBytes(27)
groupId := randomBytes(5)
const method = "addUser"
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, groupId, user)
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, groupId, user)
cOwn.Invoke(t, stackitem.Null{}, "addClientAdmin", id, groupId, admPub)
cAdm := e.WithSigners(adm)
cAdm.Invoke(t, stackitem.Null{}, method, id, groupId, user)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, user)
}
func TestSubnet_RemoveUser(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
groupId := randomBytes(5)
user := randomBytes(27)
adm := e.NewAccount(t)
admPub, ok := vm.ParseSignatureContract(adm.Script())
require.True(t, ok)
const method = "removeUser"
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrInvalidSubnetID, method, []byte{0, 0, 0, 0}, groupId, user)
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, groupId, user)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, user)
cOwn.Invoke(t, stackitem.Null{}, "addUser", id, groupId, user)
cOwn.Invoke(t, stackitem.Null{}, method, id, groupId, user)
cAdm := cOwn.WithSigners(adm)
cOwn.Invoke(t, stackitem.Null{}, "addClientAdmin", id, groupId, admPub)
cAdm.Invoke(t, stackitem.Null{}, method, id, groupId, user)
}
func TestSubnet_UserAllowed(t *testing.T) {
e := newSubnetInvoker(t)
id, owner := createSubnet(t, e)
groupId := randomBytes(5)
user := randomBytes(27)
const method = "userAllowed"
cOwn := e.WithSigners(owner)
cOwn.InvokeFail(t, subnet.ErrNotExist, method, []byte{0, 0, 0, 0, 0}, user)
cOwn.Invoke(t, stackitem.NewBool(false), method, id, user)
cOwn.Invoke(t, stackitem.Null{}, "addUser", id, groupId, user)
cOwn.Invoke(t, stackitem.NewBool(true), method, id, user)
}
func createSubnet(t *testing.T, e *neotest.ContractInvoker) (id []byte, owner neotest.Signer) {
var (
ok bool
pub []byte
)
owner = e.NewAccount(t)
pub, ok = vm.ParseSignatureContract(owner.Script())
require.True(t, ok)
id = make([]byte, 5)
binary.LittleEndian.PutUint32(id, 123)
info := randomBytes(10)
cBoth := e.WithSigners(e.Committee, owner)
cBoth.Invoke(t, stackitem.Null{}, "put", id, pub, info)
return
}

10
tests/util.go
View file

@ -3,20 +3,10 @@ package tests
import (
"testing"
"github.com/nspcc-dev/neo-go/pkg/core/interop/storage"
"github.com/nspcc-dev/neo-go/pkg/neotest"
"github.com/nspcc-dev/neo-go/pkg/neotest/chain"
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
)
func iteratorToArray(iter *storage.Iterator) []stackitem.Item {
stackItems := make([]stackitem.Item, 0)
for iter.Next() {
stackItems = append(stackItems, iter.Value())
}
return stackItems
}
func newExecutor(t *testing.T) *neotest.Executor {
bc, acc := chain.NewSingle(t)
return neotest.NewExecutor(t, bc, acc, acc)

29
tests/version_test.go
View file

@ -1,29 +0,0 @@
package tests
import (
"os"
"strconv"
"strings"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-contract/common"
"github.com/stretchr/testify/require"
)
func TestVersion(t *testing.T) {
data, err := os.ReadFile("../VERSION")
require.NoError(t, err)
v := strings.TrimPrefix(string(data), "v")
parts := strings.Split(strings.TrimSpace(v), ".")
require.Len(t, parts, 3)
var ver [3]int
for i := range parts {
ver[i], err = strconv.Atoi(parts[i])
require.NoError(t, err)
}
require.Equal(t, common.Version, ver[0]*1_000_000+ver[1]*1_000+ver[2],
"version from common package is different from the one in VERSION file")
}