SubmitIntent swap validation checks and state handling

jeffyanta · jeffyanta · commit 51ff086452b2 · 2025-11-25T11:59:02.000-05:00
diff --git a/pkg/code/data/internal.go b/pkg/code/data/internal.go
@@ -230,6 +230,7 @@ type DatabaseData interface {
 	// --------------------------------------------------------------------------------
 	SaveSwap(ctx context.Context, record *swap.Record) error
 	GetSwapById(ctx context.Context, id string) (*swap.Record, error)
+	GetSwapByFundingId(ctx context.Context, fundingId string) (*swap.Record, error)
 	GetAllSwapsByOwnerAndState(ctx context.Context, owner string, state swap.State) ([]*swap.Record, error)
 	GetAllSwapsByState(ctx context.Context, state swap.State, opts ...query.Option) ([]*swap.Record, error)
 
diff --git a/pkg/code/server/transaction/intent.go b/pkg/code/server/transaction/intent.go
@@ -594,6 +594,13 @@ func (s *transactionServer) SubmitIntent(streamer transactionpb.Transaction_Subm
 			return err
 		}
 
+		// Save additional state related to the intent
+		err = intentHandler.OnCommitToDB(ctx)
+		if err != nil {
+			log.WithError(err).Warn("failure executing intent db commit callback handler")
+			return err
+		}
+
 		// Save all actions
 		err = s.data.PutAllActions(ctx, actionRecords...)
 		if err != nil {
@@ -605,7 +612,7 @@ func (s *transactionServer) SubmitIntent(streamer transactionpb.Transaction_Subm
 		for _, actionHandler := range actionHandlers {
 			err = actionHandler.OnCommitToDB(ctx)
 			if err != nil {
-				log.WithError(err).Warn("failure executing action db save callback handler")
+				log.WithError(err).Warn("failure executing action db commit callback handler")
 				return err
 			}
 		}
diff --git a/pkg/code/server/transaction/intent_handler.go b/pkg/code/server/transaction/intent_handler.go
@@ -21,6 +21,7 @@ import (
 	"github.com/code-payments/code-server/pkg/code/data/account"
 	"github.com/code-payments/code-server/pkg/code/data/action"
 	"github.com/code-payments/code-server/pkg/code/data/intent"
+	"github.com/code-payments/code-server/pkg/code/data/swap"
 	"github.com/code-payments/code-server/pkg/code/data/timelock"
 	currency_lib "github.com/code-payments/code-server/pkg/currency"
 	"github.com/code-payments/code-server/pkg/solana"
@@ -62,6 +63,11 @@ type CreateIntentHandler interface {
 
 	// AllowCreation determines whether the new intent creation should be allowed.
 	AllowCreation(ctx context.Context, intentRecord *intent.Record, metadata *transactionpb.Metadata, actions []*transactionpb.Action) error
+
+	// OnCommitToDB is a callback when the intent is being committed to the DB
+	// within the scope of a DB transaction. Additional supporting DB records
+	// relevant to the intent should be saved here.
+	OnCommitToDB(ctx context.Context) error
 }
 
 type OpenAccountsIntentHandler struct {
@@ -221,7 +227,17 @@ func (h *OpenAccountsIntentHandler) AllowCreation(ctx context.Context, intentRec
 	// Part 4: Validate fee payments
 	//
 
-	return validateFeePayments(ctx, h.data, h.conf, intentRecord, simResult)
+	err = validateFeePayments(ctx, h.data, h.conf, intentRecord, simResult)
+	if err != nil {
+		return err
+	}
+
+	//
+	// Part 5: Validate reserved intent IDs
+	//
+
+	_, err = validateSwapFunding(ctx, h.data, intentRecord)
+	return err
 }
 
 func (h *OpenAccountsIntentHandler) validateActions(
@@ -331,13 +347,18 @@ func (h *OpenAccountsIntentHandler) validateActions(
 	return nil
 }
 
+func (h *OpenAccountsIntentHandler) OnCommitToDB(ctx context.Context) error {
+	return nil
+}
+
 type SendPublicPaymentIntentHandler struct {
 	conf          *conf
 	data          code_data.Provider
 	antispamGuard *antispam.Guard
 	amlGuard      *aml.Guard
 
 	cachedDestinationAccountInfoRecord *account.Record
+	cachedSwapRecord                   *swap.Record
 }
 
 func NewSendPublicPaymentIntentHandler(
@@ -574,7 +595,16 @@ func (h *SendPublicPaymentIntentHandler) AllowCreation(ctx context.Context, inte
 	}
 
 	//
-	// Part 7: Validate the individual actions
+	// Part 7: Validate reserved intent IDs
+	//
+
+	h.cachedSwapRecord, err = validateSwapFunding(ctx, h.data, intentRecord)
+	if err != nil {
+		return err
+	}
+
+	//
+	// Part 8: Validate the individual actions
 	//
 
 	return h.validateActions(
@@ -719,27 +749,12 @@ func (h *SendPublicPaymentIntentHandler) validateActions(
 					return NewIntentValidationErrorf("destination is not the ata for %s", destinationOwner.PublicKey().ToBase58())
 				}
 
-				vmSwapPdaTimelockRecord, err := h.data.GetTimelockBySwapPda(ctx, destinationOwner.PublicKey().ToBase58())
+				_, err = h.data.GetTimelockBySwapPda(ctx, destinationOwner.PublicKey().ToBase58())
 				if err == nil {
 					isVmSwapPda = true
 				} else if err != timelock.ErrTimelockNotFound {
 					return err
 				}
-
-				if isVmSwapPda {
-					accountInfoRecord, err := h.data.GetAccountInfoByTokenAddress(ctx, vmSwapPdaTimelockRecord.VaultAddress)
-					if err != nil {
-						return err
-					}
-
-					if accountInfoRecord.OwnerAccount != initiatorOwnerAccount.PublicKey().ToBase58() {
-						return NewIntentDeniedError("can only send to your own vm swap pda")
-					}
-
-					if accountInfoRecord.MintAccount != intentMint.PublicKey().ToBase58() {
-						return NewIntentValidationError("vm swap pda is for a different mint")
-					}
-				}
 			}
 
 			// Technically we should always enforce a fee payment, but these checks are only
@@ -876,6 +891,15 @@ func (h *SendPublicPaymentIntentHandler) validateActions(
 	return nil
 }
 
+func (h *SendPublicPaymentIntentHandler) OnCommitToDB(ctx context.Context) error {
+	if h.cachedSwapRecord != nil {
+		h.cachedSwapRecord.State = swap.StateFunding
+		return h.data.SaveSwap(ctx, h.cachedSwapRecord)
+	}
+
+	return nil
+}
+
 type ReceivePaymentsPubliclyIntentHandler struct {
 	conf          *conf
 	data          code_data.Provider
@@ -1087,7 +1111,16 @@ func (h *ReceivePaymentsPubliclyIntentHandler) AllowCreation(ctx context.Context
 	}
 
 	//
-	// Part 7: Validate the individual actions
+	// Part 7: Validate reserved intent IDs
+	//
+
+	_, err = validateSwapFunding(ctx, h.data, intentRecord)
+	if err != nil {
+		return err
+	}
+
+	//
+	// Part 8: Validate the individual actions
 	//
 
 	return h.validateActions(
@@ -1194,6 +1227,10 @@ func (h *ReceivePaymentsPubliclyIntentHandler) validateActions(
 	return validateMoneyMovementActionUserAccounts(ctx, h.data, intent.ReceivePaymentsPublicly, initiatorAccountsByVault, actions)
 }
 
+func (h *ReceivePaymentsPubliclyIntentHandler) OnCommitToDB(ctx context.Context) error {
+	return nil
+}
+
 type PublicDistributionIntentHandler struct {
 	conf          *conf
 	data          code_data.Provider
@@ -1392,7 +1429,16 @@ func (h *PublicDistributionIntentHandler) AllowCreation(ctx context.Context, int
 	}
 
 	//
-	// Part 5: Validate actions
+	// Part 5: Validate reserved intent IDs
+	//
+
+	_, err = validateSwapFunding(ctx, h.data, intentRecord)
+	if err != nil {
+		return err
+	}
+
+	//
+	// Part 6: Validate actions
 	//
 
 	return h.validateActions(typedMetadata, actions, simResult)
@@ -1525,6 +1571,10 @@ func (h *PublicDistributionIntentHandler) validateActions(
 	return nil
 }
 
+func (h *PublicDistributionIntentHandler) OnCommitToDB(ctx context.Context) error {
+	return nil
+}
+
 func validateAllUserAccountsManagedByCode(ctx context.Context, initiatorAccounts []*common.AccountRecords) error {
 	// Try to unlock *ANY* latest account, and you're done
 	for _, accountRecords := range initiatorAccounts {
@@ -1942,6 +1992,89 @@ func validateDistributedPool(ctx context.Context, data code_data.Provider, poolV
 	return nil
 }
 
+func validateSwapFunding(ctx context.Context, data code_data.Provider, intentRecord *intent.Record) (*swap.Record, error) {
+	swapRecord, err := data.GetSwapByFundingId(ctx, intentRecord.IntentId)
+	if err != nil && err != swap.ErrNotFound {
+		return nil, err
+	}
+	isIntentReservedForSwap := swapRecord != nil
+
+	if isIntentReservedForSwap && swapRecord.State != swap.StateCreated {
+		return nil, errors.Errorf("unexpected swap state: %s", swapRecord.State)
+	}
+
+	// Intent-specific validation for swaps
+	if isIntentReservedForSwap {
+		if intentRecord.IntentType != intent.SendPublicPayment {
+			return nil, NewIntentDeniedError("intent id reserved to fund swap")
+		}
+
+		if intentRecord.InitiatorOwnerAccount != swapRecord.Owner {
+			return nil, NewIntentDeniedError("not the owner of the swap")
+		}
+
+		if !intentRecord.SendPublicPaymentMetadata.IsWithdrawal {
+			return nil, NewIntentValidationError("swap funding must be an external withdrawal")
+		}
+
+		if len(intentRecord.SendPublicPaymentMetadata.DestinationOwnerAccount) == 0 {
+			return nil, NewIntentValidationError("destination owner must be a vm swap pda")
+		}
+
+		if intentRecord.MintAccount != swapRecord.FromMint {
+			return nil, NewIntentValidationErrorf("must fund swap with %s mint", swapRecord.FromMint)
+		}
+
+		if intentRecord.SendPublicPaymentMetadata.Quantity != swapRecord.Amount {
+			return nil, NewIntentValidationErrorf("must fund swap with %d quarks", swapRecord.Amount)
+		}
+	}
+	if !isIntentReservedForSwap && intentRecord.IntentType != intent.SendPublicPayment {
+		return nil, nil
+	}
+
+	// Account-specific validation for swaps
+	if len(intentRecord.SendPublicPaymentMetadata.DestinationOwnerAccount) > 0 {
+		destinationOwner, err := common.NewAccountFromPublicKeyString(intentRecord.SendPublicPaymentMetadata.DestinationOwnerAccount)
+		if err != nil {
+			return nil, err
+		}
+
+		var isVmSwapPda bool
+		vmSwapPdaTimelockRecord, err := data.GetTimelockBySwapPda(ctx, destinationOwner.PublicKey().ToBase58())
+		if err == nil {
+			isVmSwapPda = true
+		} else if err != timelock.ErrTimelockNotFound {
+			return nil, err
+		}
+
+		if isVmSwapPda {
+			if !isIntentReservedForSwap {
+				return nil, NewIntentDeniedError("intent id is not reserved for a swap")
+			}
+
+			accountInfoRecord, err := data.GetAccountInfoByTokenAddress(ctx, vmSwapPdaTimelockRecord.VaultAddress)
+			if err != nil {
+				return nil, err
+			}
+
+			if accountInfoRecord.OwnerAccount != intentRecord.InitiatorOwnerAccount {
+				return nil, NewIntentDeniedError("can only send to your own vm swap pda")
+			}
+
+			if accountInfoRecord.MintAccount != intentRecord.MintAccount {
+				return nil, NewIntentValidationError("vm swap pda is for a different mint")
+			}
+		}
+
+		if !isVmSwapPda && isIntentReservedForSwap {
+			return nil, NewIntentValidationError("destination owner must be a vm swap pda")
+		}
+	}
+
+	return swapRecord, nil
+}
+
 func validateTimelockUnlockStateDoesntExist(ctx context.Context, data code_data.Provider, openAction *transactionpb.OpenAccountAction) error {
 	mintAccount, err := common.GetBackwardsCompatMint(openAction.Mint)
 	if err != nil {
