-
Notifications
You must be signed in to change notification settings - Fork 172
Expand file tree
/
Copy pathauthorization.rs
More file actions
104 lines (92 loc) · 3.66 KB
/
authorization.rs
File metadata and controls
104 lines (92 loc) · 3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
//! This module defines abstractions and workflows around authenticating and authorizing
//! transactions within a rollup.
use borsh::{BorshDeserialize, BorshSerialize};
use schemars::JsonSchema;
use serde::{Deserialize, Serialize};
use sov_rollup_interface::crypto::CredentialId;
use sov_rollup_interface::da::DaSpec;
use sov_rollup_interface::stf::ExecutionContext;
use sov_rollup_interface::{Bytes, TxHash};
use sov_universal_wallet::UniversalWallet;
use crate::transaction::Credentials;
use crate::{Context, SequencerType, Spec, StateAccessor, TimeStateAccessor};
/// Authorizes transactions to be executed.
pub trait TransactionAuthorizer<S: Spec> {
/// Resolves the [`Context`] for a transaction.
fn resolve_context(
&mut self,
auth_data: &AuthorizationData<S>,
sequencer: &<<S as Spec>::Da as DaSpec>::Address,
sequencer_rollup_address: S::Address,
state: &mut impl StateAccessor,
sequencing_data: Option<Bytes>,
execution_context: ExecutionContext,
sequencer_type: SequencerType,
) -> anyhow::Result<Context<S>>;
/// Resolves the context for an unregistered transaction.
fn resolve_unregistered_context(
&mut self,
auth_data: &AuthorizationData<S>,
sequencer: &<<S as Spec>::Da as DaSpec>::Address,
state: &mut impl StateAccessor,
execution_context: ExecutionContext,
) -> anyhow::Result<Context<S>>;
/// Prevents duplicate transactions from running.
fn check_uniqueness(
&self,
auth_data: &AuthorizationData<S>,
context: &Context<S>,
execution_context: &ExecutionContext,
state: &mut impl TimeStateAccessor,
) -> anyhow::Result<()>;
/// Marks a transaction as having been executed, preventing it from executing again.
fn mark_tx_attempted(
&mut self,
auth_data: &AuthorizationData<S>,
sequencer: &<<S as Spec>::Da as DaSpec>::Address,
state: &mut impl TimeStateAccessor,
) -> anyhow::Result<()>;
}
/// The different types of data that can be used to verify transaction uniqueness
#[derive(
Copy,
Clone,
Debug,
PartialEq,
Eq,
Serialize,
Deserialize,
BorshSerialize,
BorshDeserialize,
UniversalWallet,
JsonSchema,
)]
#[serde(rename_all = "snake_case")]
pub enum UniquenessData {
/// Nonce-based uniqueness: an account's transactions must have a unique and consecutive nonces
Nonce(u64),
/// Generation-based uniqueness: the last `PAST_TRANSACTION_GENERATION` generations are cached.
/// Transactions older than this buffer are invalid, transactions falling within it or with a
/// higher generation are valid but must have a unique hash within their generation
Generation(u64),
/// Timestamp-based uniqueness: a transaction expires at the point given in microseconds of
/// OracleTime.
Timestamp(u64),
/// Timestamp-based uniqueness: a transaction expires at the point given in microseconds of
/// OracleTime but it also updates the nonce so that older transactions get invalidated.
TimestampNonce(u64),
}
/// Data required to authorize a sov-transaction.
pub struct AuthorizationData<S: Spec> {
/// The nonce of the transaction.
pub uniqueness: UniquenessData,
/// The hash of the transaction.
pub tx_hash: TxHash,
/// Credential identifier used to retrieve relevant rollup address.
pub credential_id: CredentialId,
/// Holds the original credentials to authenticate the transaction and
/// provides information about which `Authenticator` was used to authenticate the transaction.
pub credentials: Credentials,
/// The default address.
pub default_address: S::Address,
}