feat: switch to session based session transfer auth

* Demurrage contracts require setting the approval value to 0 before updating the value after the initial limit is set
* This implementation auto-revokes every 15 min after arequest is created. Subsequent requests will fail untill the value is set back to 0

internal/api/sign_transfer.go

@@ -31,7 +31,7 @@ func HandleSignTransfer(cu *custodial.Custodial) func(echo.Context) error {
 				From           string `json:"from" validate:"required,eth_addr_checksum"`
 				To             string `json:"to" validate:"required,eth_addr_checksum"`
 				VoucherAddress string `json:"voucherAddress" validate:"required,eth_addr_checksum"`
-				Amount         uint64 `json:"amount" validate:"required"`
+				Amount         uint64 `json:"amount" validate:"gt=0"`
 			}
 		)
 

internal/api/sign_transfer_auth.go

@@ -0,0 +1,107 @@
+package api
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/google/uuid"
+	"github.com/grassrootseconomics/cic-custodial/internal/custodial"
+	"github.com/grassrootseconomics/cic-custodial/internal/tasker"
+	"github.com/grassrootseconomics/cic-custodial/internal/tasker/task"
+	"github.com/labstack/echo/v4"
+)
+
+// Max 10k vouchers per approval session
+const approvalSafetyLimit = 10000 * 1000000
+
+// HandleSignTransferAuthorization godoc
+//
+//	@Summary		Sign and dispatch a transfer authorization (approve) request.
+//	@Description	Sign and dispatch a transfer authorization (approve) request.
+//	@Tags			network
+//	@Accept			json
+//	@Produce		json
+//	@Param			signTransferAuthorzationRequest	body		object{amount=uint64,authorizer=string,authorizedAddress=string,voucherAddress=string}	true	"Sign Transfer Authorization (approve) Request"
+//	@Success		200								{object}	OkResp
+//	@Failure		400								{object}	ErrResp
+//	@Failure		500								{object}	ErrResp
+//	@Router			/sign/transferAuth [post]
+func HandleSignTranserAuthorization(cu *custodial.Custodial) func(echo.Context) error {
+	return func(c echo.Context) error {
+		var (
+			req struct {
+				Amount            uint64 `json:"amount" validate:"gte=0"`
+				Authorizer        string `json:"authorizer" validate:"required,eth_addr_checksum"`
+				AuthorizedAddress string `json:"authorizedAddress" validate:"required,eth_addr_checksum"`
+				VoucherAddress    string `json:"voucherAddress" validate:"required,eth_addr_checksum"`
+			}
+		)
+
+		if err := c.Bind(&req); err != nil {
+			return NewBadRequestError(ErrInvalidJSON)
+		}
+
+		if err := c.Validate(req); err != nil {
+			return err
+		}
+
+		accountActive, gasLock, err := cu.Store.GetAccountStatus(c.Request().Context(), req.Authorizer)
+		if err != nil {
+			return err
+		}
+
+		if req.Amount > approvalSafetyLimit {
+			return c.JSON(http.StatusForbidden, ErrResp{
+				Ok:      false,
+				Message: "Approval amount per session exceeds 10k.",
+			})
+		}
+
+		if !accountActive {
+			return c.JSON(http.StatusForbidden, ErrResp{
+				Ok:      false,
+				Message: "Account pending activation. Try again later.",
+			})
+		}
+
+		if gasLock {
+			return c.JSON(http.StatusForbidden, ErrResp{
+				Ok:      false,
+				Message: "Gas lock. Gas balance unavailable. Try again later.",
+			})
+		}
+
+		trackingId := uuid.NewString()
+
+		taskPayload, err := json.Marshal(task.TransferAuthPayload{
+			TrackingId:        trackingId,
+			Amount:            req.Amount,
+			Authorizer:        req.Authorizer,
+			AuthorizedAddress: req.AuthorizedAddress,
+			VoucherAddress:    req.VoucherAddress,
+		})
+		if err != nil {
+			return err
+		}
+
+		_, err = cu.TaskerClient.CreateTask(
+			c.Request().Context(),
+			tasker.SignTransferTaskAuth,
+			tasker.DefaultPriority,
+			&tasker.Task{
+				Id:      trackingId,
+				Payload: taskPayload,
+			},
+		)
+		if err != nil {
+			return err
+		}
+
+		return c.JSON(http.StatusOK, OkResp{
+			Ok: true,
+			Result: H{
+				"trackingId": trackingId,
+			},
+		})
+	}
+}

internal/tasker/task/account_refill_gas.go

@@ -17,10 +17,6 @@ import (
 	"github.com/hibiken/asynq"
 )
 
-const (
-	gasGiveToLimit = 250000
-)
-
 func AccountRefillGasProcessor(cu *custodial.Custodial) func(context.Context, *asynq.Task) error {
 	return func(ctx context.Context, t *asynq.Task) error {
 		var (

internal/tasker/task/sign_transfer_auth.go

@@ -4,9 +4,9 @@ import (
 	"context"
 	"encoding/json"
 	"math/big"
+	"time"
 
 	"github.com/bsm/redislock"
-	"github.com/celo-org/celo-blockchain/accounts/abi"
 	"github.com/celo-org/celo-blockchain/common/hexutil"
 	"github.com/grassrootseconomics/celoutils"
 	"github.com/grassrootseconomics/cic-custodial/internal/custodial"
@@ -18,9 +18,9 @@ import (
 )
 
 type TransferAuthPayload struct {
-	AuthorizeFor      string `json:"authorizeFor"`
+	Amount            uint64 `json:"amount"`
+	Authorizer        string `json:"authorizer"`
 	AuthorizedAddress string `json:"authorizedAddress"`
-	Revoke            bool   `json:"revoke"`
 	TrackingId        string `json:"trackingId"`
 	VoucherAddress    string `json:"voucherAddress"`
 }
@@ -39,7 +39,7 @@ func SignTransferAuthorizationProcessor(cu *custodial.Custodial) func(context.Co
 
 		lock, err := cu.LockProvider.Obtain(
 			ctx,
-			lockPrefix+payload.AuthorizeFor,
+			lockPrefix+payload.Authorizer,
 			lockTimeout,
 			&redislock.Options{
 				RetryStrategy: lockRetry(),
@@ -50,31 +50,26 @@ func SignTransferAuthorizationProcessor(cu *custodial.Custodial) func(context.Co
 		}
 		defer lock.Release(ctx)
 
-		key, err := cu.Store.LoadPrivateKey(ctx, payload.AuthorizeFor)
+		key, err := cu.Store.LoadPrivateKey(ctx, payload.Authorizer)
 		if err != nil {
 			return err
 		}
 
-		nonce, err := cu.Noncestore.Acquire(ctx, payload.AuthorizeFor)
+		nonce, err := cu.Noncestore.Acquire(ctx, payload.Authorizer)
 		if err != nil {
 			return err
 		}
 		defer func() {
 			if err != nil {
-				if nErr := cu.Noncestore.Return(ctx, payload.AuthorizeFor); nErr != nil {
+				if nErr := cu.Noncestore.Return(ctx, payload.Authorizer); nErr != nil {
 					err = nErr
 				}
 			}
 		}()
 
-		authorizeAmount := big.NewInt(0).Sub(abi.MaxUint256, big.NewInt(1))
-		if payload.Revoke {
-			authorizeAmount = big.NewInt(0)
-		}
-
 		input, err := cu.Abis[custodial.Approve].EncodeArgs(
 			celoutils.HexToAddress(payload.AuthorizedAddress),
-			authorizeAmount,
+			new(big.Int).SetUint64(payload.Amount),
 		)
 		if err != nil {
 			return err
@@ -118,7 +113,7 @@ func SignTransferAuthorizationProcessor(cu *custodial.Custodial) func(context.Co
 
 		if err := cu.CeloProvider.Client.CallCtx(
 			ctx,
-			eth.Balance(celoutils.HexToAddress(payload.AuthorizeFor), nil).Returns(&networkBalance),
+			eth.Balance(celoutils.HexToAddress(payload.Authorizer), nil).Returns(&networkBalance),
 		); err != nil {
 			return err
 		}
@@ -143,8 +138,36 @@ func SignTransferAuthorizationProcessor(cu *custodial.Custodial) func(context.Co
 			return err
 		}
 
+		// Auto-revoke every session (15 min)
+		// Check if already a revoke request
+		if payload.Amount > 0 {
+			taskPayload, err := json.Marshal(TransferAuthPayload{
+				TrackingId:        payload.TrackingId,
+				Amount:            0,
+				Authorizer:        payload.Authorizer,
+				AuthorizedAddress: payload.AuthorizedAddress,
+				VoucherAddress:    payload.VoucherAddress,
+			})
+			if err != nil {
+				return err
+			}
+
+			_, err = cu.TaskerClient.CreateTask(
+				ctx,
+				tasker.SignTransferTaskAuth,
+				tasker.DefaultPriority,
+				&tasker.Task{
+					Payload: taskPayload,
+				},
+				asynq.ProcessIn(time.Minute*15),
+			)
+			if err != nil {
+				return err
+			}
+		}
+
 		gasRefillPayload, err := json.Marshal(AccountPayload{
-			PublicKey:  payload.AuthorizeFor,
+			PublicKey:  payload.Authorizer,
 			TrackingId: payload.TrackingId,
 		})
 		if err != nil {
@@ -152,7 +175,7 @@ func SignTransferAuthorizationProcessor(cu *custodial.Custodial) func(context.Co
 		}
 
 		if !balanceCheck(networkBalance) {
-			if err := cu.Store.GasLock(ctx, payload.AuthorizeFor); err != nil {
+			if err := cu.Store.GasLock(ctx, payload.Authorizer); err != nil {
 				return err
 			}
 

internal/tasker/types.go

@@ -18,6 +18,7 @@ const (
 	AccountRegisterTask  TaskName = "sys:register_account"
 	AccountRefillGasTask TaskName = "sys:refill_gas"
 	SignTransferTask     TaskName = "usr:sign_transfer"
+	SignTransferTaskAuth TaskName = "usr:sign_transfer_auth"
 	DispatchTxTask       TaskName = "rpc:dispatch"
 )