diff --git a/bcs/contract/evm/abi/abi.go b/bcs/contract/evm/abi/abi.go index e89aa512f..5bacbb072 100644 --- a/bcs/contract/evm/abi/abi.go +++ b/bcs/contract/evm/abi/abi.go @@ -11,8 +11,8 @@ type ABI struct { spec *abi.Spec } -func LoadFile(fpath string) (*ABI, error) { - spec, err := abi.LoadPath(fpath) +func LoadFile(path string) (*ABI, error) { + spec, err := abi.LoadPath(path) if err != nil { return nil, err } @@ -33,6 +33,7 @@ func newABI(spec *abi.Spec) *ABI { } } +// Encode ABI encodes a function call func (a *ABI) Encode(methodName string, args map[string]interface{}) ([]byte, error) { if methodName == "" { if a.spec.Constructor != nil { @@ -47,6 +48,7 @@ func (a *ABI) Encode(methodName string, args map[string]interface{}) ([]byte, er return a.encodeMethod(method, args) } +// encodeMethod ABI encodes a function call func (a *ABI) encodeMethod(method *abi.FunctionSpec, args map[string]interface{}) ([]byte, error) { var inputs []interface{} for _, input := range method.Inputs { diff --git a/bcs/contract/evm/address.go b/bcs/contract/evm/address.go index 4e3931755..19e14d6a4 100644 --- a/bcs/contract/evm/address.go +++ b/bcs/contract/evm/address.go @@ -16,8 +16,8 @@ import ( const ( evmAddressFiller = "-" - contractNamePrefixs = "1111" - contractAccountPrefixs = "1112" + contractNamePrefix = "1111" + contractAccountPrefix = "1112" xchainAddrType = "xchain" contractNameType = "contract-name" @@ -63,7 +63,7 @@ func ContractNameToEVMAddress(contractName string) (crypto.Address, error) { prefixStr += evmAddressFiller } contractName = prefixStr + contractName - contractName = contractNamePrefixs + contractName + contractName = contractNamePrefix + contractName return crypto.AddressFromBytes([]byte(contractName)) } @@ -81,7 +81,7 @@ func EVMAddressToContractName(evmAddr crypto.Address) (string, error) { // transfer contract account to evm address func ContractAccountToEVMAddress(contractAccount string) (crypto.Address, error) { contractAccountValid := contractAccount[2:18] - contractAccountValid = contractAccountPrefixs + contractAccountValid + contractAccountValid = contractAccountPrefix + contractAccountValid return crypto.AddressFromBytes([]byte(contractAccountValid)) } @@ -128,7 +128,7 @@ func DetermineContractNameFromEVM(evmAddr crypto.Address) (string, error) { evmAddrWithPrefix := evmAddr.Bytes() evmAddrStrWithPrefix := string(evmAddrWithPrefix) - if evmAddrStrWithPrefix[0:4] != contractNamePrefixs { + if evmAddrStrWithPrefix[0:4] != contractNamePrefix { return "", fmt.Errorf("not a valid contract name from evm") } else { addr, err = EVMAddressToContractName(evmAddr) @@ -148,11 +148,11 @@ func DetermineEVMAddress(evmAddr crypto.Address) (string, string, error) { var addr, addrType string var err error - if evmAddrStrWithPrefix[0:4] == contractAccountPrefixs { + if evmAddrStrWithPrefix[0:4] == contractAccountPrefix { // 此时 addr 不包括前缀和后缀! addr, err = EVMAddressToContractAccountWithoutPrefixAndSuffix(evmAddr) addrType = contractAccountType - } else if evmAddrStrWithPrefix[0:4] == contractNamePrefixs { + } else if evmAddrStrWithPrefix[0:4] == contractNamePrefix { addr, err = EVMAddressToContractName(evmAddr) addrType = contractNameType } else { diff --git a/bcs/ledger/xledger/state/tx_verification.go b/bcs/ledger/xledger/state/tx_verification.go index 762adf830..6f37bf4ed 100644 --- a/bcs/ledger/xledger/state/tx_verification.go +++ b/bcs/ledger/xledger/state/tx_verification.go @@ -12,6 +12,8 @@ import ( "sync" "time" + "github.com/golang/protobuf/proto" + "github.com/xuperchain/xupercore/bcs/ledger/xledger/state/utxo" "github.com/xuperchain/xupercore/bcs/ledger/xledger/state/utxo/txhash" "github.com/xuperchain/xupercore/bcs/ledger/xledger/state/xmodel" @@ -24,8 +26,6 @@ import ( "github.com/xuperchain/xupercore/lib/crypto/client" "github.com/xuperchain/xupercore/lib/metrics" "github.com/xuperchain/xupercore/protos" - - "github.com/golang/protobuf/proto" ) // ImmediateVerifyTx verify tx Immediately @@ -272,8 +272,7 @@ func (t *State) verifySignatures(tx *pb.Transaction, digestHash []byte) (bool, m // verify authRequire for idx, authReq := range tx.AuthRequire { - splitRes := strings.Split(authReq, "/") - addr := splitRes[len(splitRes)-1] + addr := aclu.ExtractAkFromAuthRequire(authReq) signInfo := tx.AuthRequireSigns[idx] if _, has := verifiedAddr[addr]; has { continue @@ -295,8 +294,7 @@ func (t *State) verifyXuperSign(tx *pb.Transaction, digestHash []byte) (bool, ma addrList := make([]string, 0) addrList = append(addrList, tx.Initiator) for _, authReq := range tx.AuthRequire { - splitRes := strings.Split(authReq, "/") - addr := splitRes[len(splitRes)-1] + addr := aclu.ExtractAkFromAuthRequire(authReq) if uniqueAddrs[addr] { continue } diff --git a/kernel/permission/acl/ptree/ptree.go b/kernel/permission/acl/ptree/ptree.go index 264f1a8ad..cb00df058 100644 --- a/kernel/permission/acl/ptree/ptree.go +++ b/kernel/permission/acl/ptree/ptree.go @@ -54,14 +54,14 @@ func (pn *PermNode) FindChild(name string) *PermNode { } // BuildAccountPermTree build PermTree for account -func BuildAccountPermTree(aclMgr base.AclManager, account string, aksuri []string) (*PermNode, error) { +func BuildAccountPermTree(aclMgr base.AclManager, account string, akURIs []string) (*PermNode, error) { accountACL, err := aclMgr.GetAccountACL(account) if err != nil { return nil, err } root := NewPermNode(account, accountACL) - root, err = buildPermTree(root, aclMgr, aksuri, true) + root, err = buildPermTree(root, aclMgr, akURIs, true) if err != nil { return nil, err } diff --git a/kernel/permission/acl/utils/utils.go b/kernel/permission/acl/utils/utils.go index b97ee00de..6caaac76a 100644 --- a/kernel/permission/acl/utils/utils.go +++ b/kernel/permission/acl/utils/utils.go @@ -5,42 +5,37 @@ import ( "fmt" "strings" + "github.com/xuperchain/xupercore/kernel/permission/acl/base" "github.com/xuperchain/xupercore/kernel/permission/acl/ptree" "github.com/xuperchain/xupercore/kernel/permission/acl/rule" - crypto_client "github.com/xuperchain/xupercore/lib/crypto/client" + "github.com/xuperchain/xupercore/lib/crypto/client" pb "github.com/xuperchain/xupercore/protos" - - "github.com/xuperchain/xupercore/kernel/permission/acl/base" ) -func IdentifyAK(akuri string, sign *pb.SignatureInfo, msg []byte) (bool, error) { +func IdentifyAK(akURI string, sign *pb.SignatureInfo, msg []byte) (bool, error) { if sign == nil { return false, errors.New("sign is nil") } - akpath := SplitAccountURI(akuri) - if len(akpath) < 1 { - return false, errors.New("Invalid address") - } - ak := akpath[len(akpath)-1] + ak := ExtractAddrFromAkURI(akURI) return VerifySign(ak, sign, msg) } -func IdentifyAccount(aclMgr base.AclManager, account string, aksuri []string) (bool, error) { +func IdentifyAccount(aclMgr base.AclManager, account string, akURIs []string) (bool, error) { // aks and signs could have zero length for permission rule Null if aclMgr == nil { return false, fmt.Errorf("Invalid Param, aclMgr=%v", aclMgr) } // build perm tree - pnode, err := ptree.BuildAccountPermTree(aclMgr, account, aksuri) + tree, err := ptree.BuildAccountPermTree(aclMgr, account, akURIs) if err != nil { return false, err } - return validatePermTree(pnode, true) + return validatePermTree(tree, true) } -func CheckContractMethodPerm(aclMgr base.AclManager, aksuri []string, +func CheckContractMethodPerm(aclMgr base.AclManager, akURIs []string, contractName, methodName string) (bool, error) { // aks and signs could have zero length for permission rule Null @@ -49,13 +44,13 @@ func CheckContractMethodPerm(aclMgr base.AclManager, aksuri []string, } // build perm tree - pnode, err := ptree.BuildMethodPermTree(aclMgr, contractName, methodName, aksuri) + tree, err := ptree.BuildMethodPermTree(aclMgr, contractName, methodName, akURIs) if err != nil { return false, err } // validate perm tree - return validatePermTree(pnode, false) + return validatePermTree(tree, false) } func validatePermTree(root *ptree.PermNode, isAccount bool) (bool, error) { @@ -118,32 +113,32 @@ func validatePermTree(root *ptree.PermNode, isAccount bool) (bool, error) { node.Status = ptree.Failed } } - return (root.Status == ptree.Success), nil -} - -func SplitAccountURI(akuri string) []string { - ids := strings.Split(akuri, "/") - return ids + return root.Status == ptree.Success, nil } -// GetAccountACL return account acl -func GetAccountACL(aclMgr base.AclManager, account string) (*pb.Acl, error) { - return aclMgr.GetAccountACL(account) +// ExtractAkFromAuthRequire extracts required AK from auth requirement +// return AK in `Account/AK` +func ExtractAkFromAuthRequire(authRequire string) string { + return ExtractAddrFromAkURI(authRequire) } -// GetContractMethodACL return contract method acl -func GetContractMethodACL(aclMgr base.AclManager, contractName, methodName string) (*pb.Acl, error) { - return aclMgr.GetContractMethodACL(contractName, methodName) +// ExtractAddrFromAkURI extracts target address from input +// for AK, return AK itself +// for Account, return Account itself +// for auth requirement `Account/AK`, return AK +func ExtractAddrFromAkURI(akURI string) string { + ids := strings.Split(akURI, "/") // len(ids) must be > 1, see strings.Split() + return ids[len(ids)-1] } func VerifySign(ak string, si *pb.SignatureInfo, data []byte) (bool, error) { - bytespk := []byte(si.PublicKey) - xcc, err := crypto_client.CreateCryptoClientFromJSONPublicKey(bytespk) + pk := []byte(si.PublicKey) + xcc, err := client.CreateCryptoClientFromJSONPublicKey(pk) if err != nil { return false, err } - ecdsaKey, err := xcc.GetEcdsaPublicKeyFromJsonStr(string(bytespk[:])) + ecdsaKey, err := xcc.GetEcdsaPublicKeyFromJsonStr(string(pk)) if err != nil { return false, err }