grassrootseconomics/cic-custodial
8
0
Fork 0
mirror of https://github.com/grassrootseconomics/cic-custodial.git synced 2026-05-28 13:57:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: add transfer authorization (#100)

Browse Source 
* wip: add transfer auithorization

* feat: update transferAuthPayload

* switch to MAX_INT for value and use revoke flag
* tranfer handler: fix nonce rollback on EOA account

* feat: switch to session based session transfer auth

* Demurrage contracts require setting the approval value to 0 before updating the value after the initial limit is set
* This implementation auto-revokes every 15 min after arequest is created. Subsequent requests will fail untill the value is set back to 0

* feat: settable approve session timeout
This commit is contained in:
Mohamed Sohail
2023-07-10 14:32:05 +08:00
committed by GitHub
parent 98ff897049
commit 9e1d62a014
19 changed files with 490 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/tasker/task/account_refill_gas.go
View File

@@ -17,10 +17,6 @@ import (
"github.com/hibiken/asynq"
)
const (
gasGiveToLimit = 250000
)
func AccountRefillGasProcessor(cu *custodial.Custodial) func(context.Context, *asynq.Task) error {
return func(ctx context.Context, t *asynq.Task) error {
var (

7
internal/tasker/task/sign_transfer.go
View File

@@ -60,13 +60,16 @@ func SignTransfer(cu *custodial.Custodial) func(context.Context, *asynq.Task) er
}
defer func() {
if err != nil {
if nErr := cu.Noncestore.Return(ctx, cu.SystemPublicKey); nErr != nil {
if nErr := cu.Noncestore.Return(ctx, payload.From); nErr != nil {
err = nErr
}
}
}()
input, err := cu.Abis[custodial.Transfer].EncodeArgs(celoutils.HexToAddress(payload.To), new(big.Int).SetUint64(payload.Amount))
input, err := cu.Abis[custodial.Transfer].EncodeArgs(
celoutils.HexToAddress(payload.To),
new(big.Int).SetUint64(payload.Amount),
)
if err != nil {
return err
}

196
internal/tasker/task/sign_transfer_auth.go Normal file
View File

@@ -0,0 +1,196 @@
package task
import (
"context"
"encoding/json"
"math/big"
"github.com/bsm/redislock"
"github.com/celo-org/celo-blockchain/common/hexutil"
"github.com/grassrootseconomics/celoutils"
"github.com/grassrootseconomics/cic-custodial/internal/custodial"
"github.com/grassrootseconomics/cic-custodial/internal/store"
"github.com/grassrootseconomics/cic-custodial/internal/tasker"
"github.com/grassrootseconomics/cic-custodial/pkg/enum"
"github.com/grassrootseconomics/w3-celo-patch/module/eth"
"github.com/hibiken/asynq"
)
type TransferAuthPayload struct {
Amount uint64 `json:"amount"`
Authorizer string `json:"authorizer"`
AuthorizedAddress string `json:"authorizedAddress"`
TrackingId string `json:"trackingId"`
VoucherAddress string `json:"voucherAddress"`
}
func SignTransferAuthorizationProcessor(cu *custodial.Custodial) func(context.Context, *asynq.Task) error {
return func(ctx context.Context, t *asynq.Task) error {
var (
err error
networkBalance big.Int
payload TransferAuthPayload
)
if err := json.Unmarshal(t.Payload(), &payload); err != nil {
return err
}
lock, err := cu.LockProvider.Obtain(
ctx,
lockPrefix+payload.Authorizer,
lockTimeout,
&redislock.Options{
RetryStrategy: lockRetry(),
},
)
if err != nil {
return err
}
defer lock.Release(ctx)
key, err := cu.Store.LoadPrivateKey(ctx, payload.Authorizer)
if err != nil {
return err
}
nonce, err := cu.Noncestore.Acquire(ctx, payload.Authorizer)
if err != nil {
return err
}
defer func() {
if err != nil {
if nErr := cu.Noncestore.Return(ctx, payload.Authorizer); nErr != nil {
err = nErr
}
}
}()
input, err := cu.Abis[custodial.Approve].EncodeArgs(
celoutils.HexToAddress(payload.AuthorizedAddress),
new(big.Int).SetUint64(payload.Amount),
)
if err != nil {
return err
}
builtTx, err := cu.CeloProvider.SignContractExecutionTx(
key,
celoutils.ContractExecutionTxOpts{
ContractAddress: celoutils.HexToAddress(payload.VoucherAddress),
InputData: input,
GasFeeCap: celoutils.SafeGasFeeCap,
GasTipCap: celoutils.SafeGasTipCap,
GasLimit: uint64(celoutils.SafeGasLimit),
Nonce: nonce,
},
)
if err != nil {
return err
}
rawTx, err := builtTx.MarshalBinary()
if err != nil {
return err
}
id, err := cu.Store.CreateOtx(ctx, store.Otx{
TrackingId: payload.TrackingId,
Type: enum.TRANSFER_AUTH,
RawTx: hexutil.Encode(rawTx),
TxHash: builtTx.Hash().Hex(),
From: cu.SystemPublicKey,
Data: hexutil.Encode(builtTx.Data()),
GasPrice: builtTx.GasPrice(),
GasLimit: builtTx.Gas(),
TransferValue: 0,
Nonce: builtTx.Nonce(),
})
if err != nil {
return err
}
if err := cu.CeloProvider.Client.CallCtx(
ctx,
eth.Balance(celoutils.HexToAddress(payload.Authorizer), nil).Returns(&networkBalance),
); err != nil {
return err
}
disptachJobPayload, err := json.Marshal(TxPayload{
OtxId: id,
Tx: builtTx,
})
if err != nil {
return err
}
_, err = cu.TaskerClient.CreateTask(
ctx,
tasker.DispatchTxTask,
tasker.HighPriority,
&tasker.Task{
Payload: disptachJobPayload,
},
)
if err != nil {
return err
}
// Auto-revoke every session (15 min)
// Check if already a revoke request
if payload.Amount > 0 {
taskPayload, err := json.Marshal(TransferAuthPayload{
TrackingId: payload.TrackingId,
Amount: 0,
Authorizer: payload.Authorizer,
AuthorizedAddress: payload.AuthorizedAddress,
VoucherAddress: payload.VoucherAddress,
})
if err != nil {
return err
}
_, err = cu.TaskerClient.CreateTask(
ctx,
tasker.SignTransferTaskAuth,
tasker.DefaultPriority,
&tasker.Task{
Payload: taskPayload,
},
asynq.ProcessIn(cu.ApprovalTimeout),
)
if err != nil {
return err
}
}
gasRefillPayload, err := json.Marshal(AccountPayload{
PublicKey: payload.Authorizer,
TrackingId: payload.TrackingId,
})
if err != nil {
return err
}
if !balanceCheck(networkBalance) {
if err := cu.Store.GasLock(ctx, payload.Authorizer); err != nil {
return err
}
_, err = cu.TaskerClient.CreateTask(
ctx,
tasker.AccountRefillGasTask,
tasker.DefaultPriority,
&tasker.Task{
Payload: gasRefillPayload,
},
)
if err != nil {
return err
}
}
return nil
}
}