Merge pull request cardano-foundation#240 from cardano-foundation/fix/ID-501-token-dust

chore: implemented Dust protection for all minting scripts except min…

Author: fabianbormann

README.md

@@ -284,6 +284,12 @@ cd /root && ./bin/rly start demo --processor legacy
 
 After seeing something like `/ibc.core.channel.v1.MsgTimeout`, recheck you current balance, notice that your token will be return back.
 
+## Additional Resources
+
+- [ELI5: What is IBC?](https://medium.com/the-interchain-foundation/eli5-what-is-ibc-def44d7b5b4c)
+- [IBC-Go Documentation](https://ibc.cosmos.network/v8/)
+- [ICS 20: The Transfer Module](https://ibc.cosmos.network/v8/apps/transfer/overview/)
+
 ## 🫂 Kudos to the Developers in the Cardano Ecosystem
 
 This project stands on the shoulders of some incredible frameworks and tools developed by the Cardano community. Huge thanks to the developers behind these services—projects like this wouldn’t be possible without their hard work and innovation:

cardano/gateway/.env.example

@@ -12,6 +12,7 @@ OGMIOS_ENDPOINT=http://127.0.0.1:1337
 CARDANO_CHAIN_HOST=127.0.0.1
 CARDANO_CHAIN_PORT=3001
 CARDANO_NETWORK_MAGIC=42
+
 CARDANO_EPOCH_NONCE_GENESIS="3c1195a3fb825b2d2a6ba4e67008288ab7933a6db263a28eb9fd19b3ca05212f"
 
 HANDLER_JSON_PATH=/usr/src/app/cardano/offchain/deployments/handler.json

cardano/onchain/lib/ibc/auth.ak

@@ -1,7 +1,8 @@
 use aiken/collection/dict
+use aiken/collection/list
 use aiken/crypto
 use aiken/primitive/bytearray
-use cardano/assets.{AssetName, PolicyId, Value, quantity_of, tokens}
+use cardano/assets.{AssetName, PolicyId, Value, quantity_of, tokens, zero}
 use cardano/transaction.{Output}
 
 pub type AuthToken {
@@ -13,6 +14,23 @@ pub fn contain_auth_token(output: Output, token: AuthToken) -> Bool {
   quantity_of(output.value, token.policy_id, token.name) == 1
 }
 
+pub fn contains_only_auth_tokens(
+  output: Output,
+  tokens: List<AuthToken>,
+) -> Bool {
+  trace @"output": output
+  trace @"tokens": tokens
+  let expected_value =
+    list.foldl(
+      tokens,
+      zero,
+      fn(token, acc) {
+        assets.from_asset(token.policy_id, token.name, 1) |> assets.merge(acc)
+      },
+    )
+  assets.without_lovelace(output.value) == expected_value
+}
+
 pub fn mint_auth_token(mint: Value, token: AuthToken) -> Bool {
   let minted_tokens = mint |> tokens(token.policy_id)
 

cardano/onchain/lib/ibc/auth.test.ak

@@ -224,3 +224,55 @@ test mint_auth_token_fail() fail {
 
   auth.mint_auth_token(mint, token)
 }
+
+test test_contains_only_auth_tokens() {
+  let hash_sample =
+    #"a4a054a554354a85a54a054a554354a854a054a554a054a554a054a554a054a5"
+
+  let auth_token_policy_id = #"786a02f742015903c6c6fd852552d272912f4740e1584761"
+  let auth_token_asset_name = "handler"
+
+  let dust_token_policy_id = #"22ebf077c0b2f5ac5a646f8ecacc66653dd9da77e75cbf67"
+  let dust_token_asset_name = "dust"
+
+  let auth_token =
+    AuthToken { policy_id: auth_token_policy_id, name: auth_token_asset_name }
+  let valid_output =
+    Output {
+      address: from_script(hash_sample),
+      value: assets.from_lovelace(3_000_000)
+        |> add(auth_token.policy_id, auth_token.name, 1),
+      datum: NoDatum,
+      reference_script: None,
+    }
+  let invalid_output_missing =
+    Output {
+      address: from_script(hash_sample),
+      value: assets.from_lovelace(3_000_000),
+      datum: NoDatum,
+      reference_script: None,
+    }
+  let invalid_output_dust =
+    Output {
+      address: from_script(hash_sample),
+      value: assets.from_lovelace(3_000_000)
+        |> add(auth_token.policy_id, auth_token.name, 1)
+        |> add(dust_token_policy_id, dust_token_asset_name, 1),
+      datum: NoDatum,
+      reference_script: None,
+    }
+
+  let test_cases: List<(Output, List<AuthToken>, Bool)> =
+    [
+      (valid_output, [auth_token], True),
+      (invalid_output_missing, [auth_token], False),
+      (invalid_output_dust, [auth_token], False),
+    ]
+
+  test_cases
+    |> list.all(
+        fn(case) {
+          auth.contains_only_auth_tokens(case.1st, case.2nd) == case.3rd
+        },
+      )
+}

cardano/onchain/lib/ibc/utils/validator_utils.ak

@@ -217,6 +217,15 @@ pub fn validate_mint(
   }
 }
 
+pub fn find_matching_output(
+  spent_output: Output,
+  outputs: List<Output>,
+) -> Output {
+  expect [updated_output] =
+    list.filter(outputs, fn(output) { output.address == spent_output.address })
+  updated_output
+}
+
 pub fn validate_token_remain(
   spent_output: Output,
   outputs: List<Output>,

cardano/onchain/validators/minting_channel.ak

@@ -152,11 +152,11 @@ validator mint_channel(
           )
         expect Callback(ibc_module_callback) = ibc_module_redeemer
         and {
-          valid_feature,
-          is_status_active,
-          is_channel_open,
-          auth.contain_auth_token(channel_output, channel_token),
-          ibc_module_callback == OnChanOpenInit { channel_id },
+          valid_feature?,
+          is_status_active?,
+          is_channel_open?,
+          auth.contains_only_auth_tokens(channel_output, [channel_token])?,
+          (ibc_module_callback == OnChanOpenInit { channel_id })?,
         }
       }
 
@@ -254,12 +254,12 @@ validator mint_channel(
           )
         expect Callback(ibc_module_callback) = ibc_module_redeemer
         and {
-          connection_datum.state.state == connection_state.Open,
-          is_channel_active,
-          auth.contain_auth_token(channel_output, channel_token),
-          is_channel_open,
-          valid_channel,
-          ibc_module_callback == OnChanOpenTry { channel_id },
+          (connection_datum.state.state == connection_state.Open)?,
+          is_channel_active?,
+          auth.contains_only_auth_tokens(channel_output, [channel_token])?,
+          is_channel_open?,
+          valid_channel?,
+          (ibc_module_callback == OnChanOpenTry { channel_id })?,
         }
       }
     }

cardano/onchain/validators/minting_client.ak

@@ -81,10 +81,10 @@ validator mint_client(spend_client_script_hash: Hash<Blake2b_224, Script>) {
       ) == Active
 
     and {
-      mint |> auth.mint_auth_token(client_token),
-      client_output |> auth.contain_auth_token(client_token),
-      valid_output_datum,
-      is_state_active,
+      (mint |> auth.mint_auth_token(client_token))?,
+      (client_output |> auth.contains_only_auth_tokens([client_token]))?,
+      valid_output_datum?,
+      is_state_active?,
     }
   }
 

cardano/onchain/validators/minting_connection.ak

@@ -109,12 +109,12 @@ validator mint_connection(
                 _,
               )
         and {
-          client_state_active,
-          auth.contain_auth_token(connection_output, connection_token),
+          client_state_active?,
+          auth.contains_only_auth_tokens(connection_output, [connection_token])?,
           connection_datum.is_conn_open_init_valid(
             connection_output_datum,
             connection_token,
-          ),
+          )?,
         }
       }
       ConnOpenTry {
@@ -184,9 +184,9 @@ validator mint_connection(
             verify_proof_policy_id,
           )
         and {
-          client_state_active,
-          auth.contain_auth_token(connection_output, connection_token),
-          is_open_connection,
+          client_state_active?,
+          auth.contains_only_auth_tokens(connection_output, [connection_token])?,
+          is_open_connection?,
         }
       }
     }

cardano/onchain/validators/minting_handler.ak

@@ -35,10 +35,10 @@ validator mint_handler(
 
     // handler utxo contains auth token
     and {
-      inputs |> list.any(fn(input) { input.output_reference == utxo_ref }),
-      mint |> auth.mint_auth_token(auth_token),
-      handler_output |> auth.contain_auth_token(auth_token),
-      valid_datum,
+      (inputs |> list.any(fn(input) { input.output_reference == utxo_ref }))?,
+      (mint |> auth.mint_auth_token(auth_token))?,
+      (handler_output |> auth.contains_only_auth_tokens([auth_token]))?,
+      valid_datum?,
     }
   }
 

cardano/onchain/validators/minting_port.ak

@@ -1,7 +1,8 @@
+use aiken/collection/dict
 use aiken/collection/list
 use aiken/collection/pairs
 use cardano/assets.{PolicyId}
-use cardano/transaction.{Input, NoDatum, Spend, Transaction}
+use cardano/transaction.{Input, NoDatum, Output, Spend, Transaction}
 use ibc/auth.{AuthToken}
 use ibc/core/ics_005/port_redeemer.{MintPortRedeemer}
 use ibc/core/ics_005/types/keys as port_keys
@@ -10,6 +11,19 @@ use ibc/core/ics_025_handler_interface/handler_redeemer.{
 }
 use ibc/utils/string as string_utils
 
+// Introduced to prevent high spending costs or potentially prevent tx from being executed.
+const max_number_of_ports = 10
+
+// Checks the max number of ports is not exceeded
+fn valid_number_of_ports(
+  module_output: Output,
+  port_minting_policy_id: PolicyId,
+) -> Bool {
+  let number_of_ports =
+    module_output.value |> assets.tokens(port_minting_policy_id) |> dict.size()
+  number_of_ports <= max_number_of_ports
+}
+
 validator mint_port {
   mint(
     redeemer: MintPortRedeemer,
@@ -47,9 +61,10 @@ validator mint_port {
     trace @"mint_port: transfer module output datum": module_output.datum
     expect NoDatum = module_output.datum
     and {
-      valid_handler_operator,
-      auth.mint_auth_token(mint, port_token),
-      module_output |> auth.contain_auth_token(port_token),
+      valid_handler_operator?,
+      auth.mint_auth_token(mint, port_token)?,
+      (module_output |> auth.contain_auth_token(port_token))?,
+      valid_number_of_ports(module_output, port_minting_policy_id)?,
     }
   }