Newer
Older
// Copyright 2017-2018 Parity Technologies (UK) Ltd.
// This file is part of Substrate.
// Substrate is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Substrate is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Substrate. If not, see <http://www.gnu.org/licenses/>.
//! Module to process claims from Ethereum addresses.
use rstd::prelude::*;
use sr_io::{keccak_256, secp256k1_ecdsa_recover};
use srml_support::traits::Currency;
use system::ensure_none;
use codec::Encode;
#[cfg(feature = "std")]
use sr_primitives::traits::Zero;
use sr_primitives::traits::ValidateUnsigned;
use sr_primitives::transaction_validity::{TransactionLongevity, TransactionValidity};
type BalanceOf<T> = <<T as Trait>::Currency as Currency<<T as system::Trait>::AccountId>>::Balance;
/// The overarching event type.
type Event: From<Event<Self>> + Into<<Self as system::Trait>::Event>;
type Currency: Currency<Self::AccountId>;
// This is a bit of a workaround until codec supports [u8; 65] directly.
#[derive(Encode, Decode, Clone, PartialEq)]
#[cfg_attr(feature = "std", derive(Debug))]
pub struct EcdsaSignature([u8; 32], [u8; 32], i8);
impl EcdsaSignature {
pub fn to_blob(&self) -> [u8; 65] {
let mut r = [0u8; 65];
r[0..32].copy_from_slice(&self.0[..]);
r[32..64].copy_from_slice(&self.1[..]);
r[64] = self.2 as u8;
r
}
pub fn from_blob(blob: &[u8; 65]) -> Self {
let mut r = Self([0u8; 32], [0u8; 32], 0);
r.0[..].copy_from_slice(&blob[0..32]);
r.1[..].copy_from_slice(&blob[32..64]);
r.2 = blob[64] as i8;
r
}
}
A = <T as system::Trait>::AccountId
{
/// Someone claimed some DOTs.
Claimed(A, EthereumAddress, B),
}
);
decl_storage! {
// A macro for the Storage trait, and its implementation, for this module.
// This allows for type-safe usage of the Substrate storage database, so you can
// keep things around between blocks.
trait Store for Module<T: Trait> as Claims {
Claims get(claims) build(|config: &GenesisConfig<T>| {
config.claims.iter().map(|(a, b)| (a.clone(), b.clone())).collect::<Vec<_>>()
}): map EthereumAddress => Option<BalanceOf<T>>;
Total get(total) build(|config: &GenesisConfig<T>| {
config.claims.iter().fold(Zero::zero(), |acc: BalanceOf<T>, &(_, n)| acc + n)
}): BalanceOf<T>;
config(claims): Vec<(EthereumAddress, BalanceOf<T>)>;
// Constructs the message that Ethereum RPC's `personal_sign` and `eth_sign` would sign.
fn ethereum_signable_message(what: &[u8]) -> Vec<u8> {
let mut rev = Vec::new();
while l > 0 {
rev.push(b'0' + (l % 10) as u8);
l /= 10;
}
let mut v = b"\x19Ethereum Signed Message:\n".to_vec();
v.extend(rev.into_iter().rev());
v.extend_from_slice(&prefix[..]);
// Attempts to recover the Ethereum address from a message signature signed by using
// the Ethereum RPC's `personal_sign` and `eth_sign`.
fn eth_recover(s: &EcdsaSignature, what: &[u8]) -> Option<EthereumAddress> {
let msg = keccak_256(ðereum_signable_message(what));
res.copy_from_slice(&keccak_256(&secp256k1_ecdsa_recover(&s.to_blob(), &msg).ok()?[..])[12..]);
Some(res)
}
decl_module! {
pub struct Module<T: Trait> for enum Call where origin: T::Origin {
/// Deposit one of this module's events by using the default implementation.
fn deposit_event<T>() = default;
/// Make a claim.
fn claim(origin, dest: T::AccountId, ethereum_signature: EcdsaSignature) {
ensure_none(origin)?;
let signer = dest.using_encoded(|data| eth_recover(ðereum_signature, data))
.ok_or("Invalid Ethereum signature")?;
let balance_due = <Claims<T>>::take(&signer)
.ok_or("Ethereum address has no claim")?;
<Total<T>>::mutate(|t| if *t < balance_due {
panic!("Logic error: Pot less than the total of claims!")
} else {
*t -= balance_due
});
T::Currency::deposit_creating(&dest, balance_due);
// Let's deposit an event to let the outside world know this happened.
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
Self::deposit_event(RawEvent::Claimed(dest, signer, balance_due));
}
}
}
impl<T: Trait> ValidateUnsigned for Module<T> {
type Call = Call<T>;
fn validate_unsigned(call: &Self::Call) -> TransactionValidity {
// Note errors > 0 are from ApplyError
const INVALID_ETHEREUM_SIGNATURE: i8 = -10;
const SIGNER_HAS_NO_CLAIM: i8 = -20;
const INVALID_CALL: i8 = -30;
const PRIORITY: u64 = 100;
match call {
Call::claim(account, ethereum_signature) => {
let signer = account.using_encoded(|data| eth_recover(ðereum_signature, data));
let signer = if let Some(signer) = signer {
signer
} else {
return TransactionValidity::Invalid(INVALID_ETHEREUM_SIGNATURE);
};
if !<Claims<T>>::exists(&signer) {
return TransactionValidity::Invalid(SIGNER_HAS_NO_CLAIM);
}
TransactionValidity::Valid {
priority: PRIORITY,
requires: vec![],
provides: vec![],
longevity: TransactionLongevity::max_value(),
}
}
_ => TransactionValidity::Invalid(INVALID_CALL)
}
}
}
#[cfg(test)]
mod tests {
use secp256k1;
use tiny_keccak::keccak256;
use super::*;
use substrate_primitives::{H256, Blake2Hasher};
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
use codec::{Decode, Encode};
// The testing primitives are very useful for avoiding having to work with signatures
// or public keys. `u64` is used as the `AccountId` and no `Signature`s are requried.
use sr_primitives::{
BuildStorage, traits::{BlakeTwo256, IdentityLookup}, testing::{Digest, DigestItem, Header}
};
use balances;
impl_outer_origin! {
pub enum Origin for Test {}
}
// For testing the module, we construct most of a mock runtime. This means
// first constructing a configuration type (`Test`) which `impl`s each of the
// configuration traits of modules we want to use.
#[derive(Clone, Eq, PartialEq)]
pub struct Test;
impl system::Trait for Test {
type Origin = Origin;
type Index = u64;
type BlockNumber = u64;
type Hash = H256;
type Hashing = BlakeTwo256;
type Digest = Digest;
type AccountId = u64;
type Lookup = IdentityLookup<u64>;
type Header = Header;
type Event = ();
type Log = DigestItem;
}
impl balances::Trait for Test {
type Balance = u64;
type OnFreeBalanceZero = ();
type OnNewAccount = ();
type Event = ();
type TransactionPayment = ();
type DustRemoval = ();
type TransferPayment = ();
}
type Balances = balances::Module<Test>;
type Claims = Module<Test>;
fn alice_secret() -> secp256k1::SecretKey {
secp256k1::SecretKey::parse(&keccak256(b"Alice")).unwrap()
}
fn alice_public() -> secp256k1::PublicKey {
secp256k1::PublicKey::from_secret_key(&alice_secret())
}
fn alice_eth() -> EthereumAddress {
let mut res = EthereumAddress::default();
res.copy_from_slice(&keccak256(&alice_public().serialize()[1..65])[12..]);
res
}
fn alice_sig(what: &[u8]) -> EcdsaSignature {
let msg = keccak256(ðereum_signable_message(what));
let (sig, recovery_id) = secp256k1::sign(&secp256k1::Message::parse(&msg), &alice_secret()).unwrap();
let sig: ([u8; 32], [u8; 32]) = Decode::decode(&mut &sig.serialize()[..]).unwrap();
EcdsaSignature(sig.0, sig.1, recovery_id.serialize() as i8)
}
fn bob_secret() -> secp256k1::SecretKey {
secp256k1::SecretKey::parse(&keccak256(b"Bob")).unwrap()
}
fn bob_sig(what: &[u8]) -> EcdsaSignature {
let msg = keccak256(ðereum_signable_message(what));
let (sig, recovery_id) = secp256k1::sign(&secp256k1::Message::parse(&msg), &bob_secret()).unwrap();
let sig: ([u8; 32], [u8; 32]) = Decode::decode(&mut &sig.serialize()[..]).unwrap();
EcdsaSignature(sig.0, sig.1, recovery_id.serialize() as i8)
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
}
// This function basically just builds a genesis storage key/value store according to
// our desired mockup.
fn new_test_ext() -> sr_io::TestExternalities<Blake2Hasher> {
let mut t = system::GenesisConfig::<Test>::default().build_storage().unwrap().0;
// We use default for brevity, but you can configure as desired if needed.
t.extend(balances::GenesisConfig::<Test>::default().build_storage().unwrap().0);
t.extend(GenesisConfig::<Test>{
claims: vec![(alice_eth(), 100)],
}.build_storage().unwrap().0);
t.into()
}
#[test]
fn basic_setup_works() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(Claims::total(), 100);
assert_eq!(Claims::claims(&alice_eth()), Some(100));
assert_eq!(Claims::claims(&[0; 20]), None);
});
}
#[test]
fn claiming_works() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(Balances::free_balance(&42), 0);
assert_ok!(Claims::claim(Origin::NONE, 42, alice_sig(&42u64.encode())));
assert_eq!(Balances::free_balance(&42), 100);
});
}
#[test]
fn origin_signed_claiming_fail() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(Balances::free_balance(&42), 0);
assert_err!(Claims::claim(Origin::signed(42), 42, alice_sig(&42u64.encode())),
"bad origin: expected to be no origin");
});
}
#[test]
fn double_claiming_doesnt_work() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(Balances::free_balance(&42), 0);
assert_ok!(Claims::claim(Origin::NONE, 42, alice_sig(&42u64.encode())));
assert_noop!(Claims::claim(Origin::NONE, 42, alice_sig(&42u64.encode())), "Ethereum address has no claim");
});
}
#[test]
fn non_sender_sig_doesnt_work() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(Balances::free_balance(&42), 0);
assert_noop!(Claims::claim(Origin::NONE, 42, alice_sig(&69u64.encode())), "Ethereum address has no claim");
});
}
#[test]
fn non_claimant_doesnt_work() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(Balances::free_balance(&42), 0);
assert_noop!(Claims::claim(Origin::NONE, 42, bob_sig(&69u64.encode())), "Ethereum address has no claim");
});
}
#[test]
fn real_eth_sig_works() {
let sig = hex!["7505f2880114da51b3f5d535f8687953c0ab9af4ab81e592eaebebf53b728d2b6dfd9b5bcd70fee412b1f31360e7c2774009305cb84fc50c1d0ff8034dfa5fff1c"];
let sig = EcdsaSignature::from_blob(&sig);
let who = 42u64.encode();
let signer = eth_recover(&sig, &who).unwrap();
assert_eq!(signer, hex!["DF67EC7EAe23D2459694685257b6FC59d1BAA1FE"]);
}
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
#[test]
fn validate_unsigned_works() {
with_externalities(&mut new_test_ext(), || {
assert_eq!(
<Module<Test>>::validate_unsigned(&Call::claim(1, alice_sig(&1u64.encode()))),
TransactionValidity::Valid {
priority: 100,
requires: vec![],
provides: vec![],
longevity: TransactionLongevity::max_value(),
}
);
assert_eq!(
<Module<Test>>::validate_unsigned(&Call::claim(0, EcdsaSignature::from_blob(&[0; 65]))),
TransactionValidity::Invalid(-10)
);
assert_eq!(
<Module<Test>>::validate_unsigned(&Call::claim(1, bob_sig(&1u64.encode()))),
TransactionValidity::Invalid(-20)
);
assert_eq!(
<Module<Test>>::validate_unsigned(&Call::claim(0, bob_sig(&1u64.encode()))),
TransactionValidity::Invalid(-20)
);
});
}