Merge branch 'master' into next

Author: arajasek

actors/datacap/src/lib.rs

@@ -70,7 +70,7 @@ pub enum Method {
     DestroyExported = frc42_dispatch::method_hash!("Destroy"),
     NameExported = frc42_dispatch::method_hash!("Name"),
     SymbolExported = frc42_dispatch::method_hash!("Symbol"),
-    GranularityExported = frc42_dispatch::method_hash!("GranularityExported"),
+    GranularityExported = frc42_dispatch::method_hash!("Granularity"),
     TotalSupplyExported = frc42_dispatch::method_hash!("TotalSupply"),
     BalanceExported = frc42_dispatch::method_hash!("Balance"),
     TransferExported = frc42_dispatch::method_hash!("Transfer"),

actors/evm/precompile-testdata/README.md

@@ -0,0 +1,3 @@
+# EVM Precompile Test Data
+
+These data files come from [go-ethereum](https://github.com/ethereum/go-ethereum/tree/master/core/vm/testdata/precompiles) and are therefore licensed under the LGPLv3. However, they're not included in published crates (they're excluded by cargo) or build artifacts. They're only loaded at runtime by a few unit tests, and therefore trivially meet the requirements of the LGPL.

actors/evm/src/interpreter/precompiles/evm.rs

@@ -1,14 +1,11 @@
 use std::ops::Range;
 
-use fil_actors_evm_shared::uints::{
-    byteorder::{ByteOrder, LE},
-    U256,
-};
+use fil_actors_evm_shared::uints::byteorder::{ByteOrder, LE};
+use fil_actors_evm_shared::uints::U256;
+
 use fil_actors_runtime::runtime::Runtime;
-use fvm_shared::crypto::{
-    hash::SupportedHashes,
-    signature::{SECP_SIG_LEN, SECP_SIG_MESSAGE_HASH_SIZE},
-};
+use fvm_shared::crypto::hash::SupportedHashes;
+use fvm_shared::crypto::signature::{SECP_SIG_LEN, SECP_SIG_MESSAGE_HASH_SIZE};
 use num_traits::{One, Zero};
 use substrate_bn::{pairing_batch, AffineG1, AffineG2, Fq, Fq2, Fr, Group, Gt, G1, G2};
 

actors/evm/src/interpreter/system.rs

@@ -8,25 +8,21 @@ use fvm_ipld_blockstore::Block;
 use fvm_ipld_encoding::ipld_block::IpldBlock;
 use fvm_ipld_encoding::CborStore;
 use fvm_ipld_kamt::HashedKey;
-use fvm_shared::{
-    address::{Address, Payload},
-    crypto::hash::SupportedHashes,
-    econ::TokenAmount,
-    error::{ErrorNumber, ExitCode},
-    sys::SendFlags,
-    MethodNum, Response, IPLD_RAW, METHOD_SEND,
-};
+use fvm_shared::address::{Address, Payload};
+use fvm_shared::crypto::hash::SupportedHashes;
+use fvm_shared::econ::TokenAmount;
+use fvm_shared::error::{ErrorNumber, ExitCode};
+use fvm_shared::sys::SendFlags;
+use fvm_shared::{MethodNum, Response, IPLD_RAW, METHOD_SEND};
 use multihash::Code;
 
 use crate::state::{State, Tombstone};
 use crate::BytecodeHash;
 
-use {
-    cid::Cid,
-    fil_actors_runtime::{runtime::Runtime, ActorError},
-    fvm_ipld_blockstore::Blockstore,
-    fvm_ipld_kamt::{AsHashedKey, Config as KamtConfig, Kamt},
-};
+use cid::Cid;
+use fil_actors_runtime::{runtime::Runtime, ActorError};
+use fvm_ipld_blockstore::Blockstore;
+use fvm_ipld_kamt::{AsHashedKey, Config as KamtConfig, Kamt};
 
 // The Solidity compiler creates contiguous array item keys.
 // To prevent the tree from going very deep we use extensions,

actors/evm/src/lib.rs

@@ -1,15 +1,21 @@
 use fil_actors_evm_shared::address::EthAddress;
 use fil_actors_evm_shared::uints::U256;
-use fil_actors_runtime::{actor_error, AsActorError, EAM_ACTOR_ADDR, INIT_ACTOR_ADDR};
+use fil_actors_runtime::{actor_error, ActorError, AsActorError, EAM_ACTOR_ADDR, INIT_ACTOR_ADDR};
 use fvm_ipld_blockstore::Blockstore;
 use fvm_ipld_encoding::ipld_block::IpldBlock;
-use fvm_ipld_encoding::{strict_bytes, BytesDe, BytesSer};
+use fvm_ipld_encoding::{BytesDe, BytesSer};
 use fvm_shared::address::Address;
 use fvm_shared::econ::TokenAmount;
 use fvm_shared::error::ExitCode;
 
 use crate::interpreter::Outcome;
+use crate::interpreter::{execute, Bytecode, ExecutionState, System};
 use crate::reader::ValueReader;
+use cid::Cid;
+use fil_actors_runtime::runtime::{ActorCode, Runtime};
+use fvm_shared::{MethodNum, METHOD_CONSTRUCTOR};
+use num_derive::FromPrimitive;
+use num_traits::FromPrimitive;
 
 pub use types::*;
 
@@ -20,19 +26,6 @@ pub(crate) mod reader;
 mod state;
 mod types;
 
-use {
-    crate::interpreter::{execute, Bytecode, ExecutionState, System},
-    cid::Cid,
-    fil_actors_runtime::{
-        runtime::{ActorCode, Runtime},
-        ActorError,
-    },
-    fvm_ipld_encoding::tuple::*,
-    fvm_shared::{MethodNum, METHOD_CONSTRUCTOR},
-    num_derive::FromPrimitive,
-    num_traits::FromPrimitive,
-};
-
 pub use state::*;
 
 #[cfg(feature = "fil-actor")]
@@ -465,22 +458,3 @@ impl ActorCode for EvmContractActor {
         }
     }
 }
-
-pub type ResurrectParams = ConstructorParams;
-
-#[derive(Serialize_tuple, Deserialize_tuple)]
-pub struct DelegateCallParams {
-    pub code: Cid,
-    /// The contract invocation parameters
-    #[serde(with = "strict_bytes")]
-    pub input: Vec<u8>,
-    /// The original caller's Eth address.
-    pub caller: EthAddress,
-    /// The value passed in the original call.
-    pub value: TokenAmount,
-}
-
-#[derive(Serialize_tuple, Deserialize_tuple)]
-pub struct GetStorageAtParams {
-    pub storage_key: U256,
-}

actors/evm/src/state.rs

@@ -3,13 +3,11 @@ use std::array::TryFromSliceError;
 use fil_actors_evm_shared::uints::U256;
 use fvm_shared::ActorID;
 
-use {
-    cid::Cid,
-    fvm_ipld_encoding::strict_bytes,
-    fvm_ipld_encoding::tuple::*,
-    serde::{Deserialize, Serialize},
-    serde_tuple::{Deserialize_tuple, Serialize_tuple},
-};
+use cid::Cid;
+use fvm_ipld_encoding::strict_bytes;
+use fvm_ipld_encoding::tuple::*;
+use serde::{Deserialize, Serialize};
+use serde_tuple::{Deserialize_tuple, Serialize_tuple};
 
 /// A tombstone indicating that the contract has been self-destructed.
 #[derive(Copy, Clone, Debug, Eq, PartialEq, Serialize_tuple, Deserialize_tuple)]
@@ -137,6 +135,7 @@ mod test {
     use fvm_ipld_encoding::{from_slice, to_vec, BytesDe};
 
     use crate::BytecodeHash;
+
     #[test]
     fn test_bytecode_hash_serde() {
         let encoded = to_vec(&BytecodeHash::EMPTY).unwrap();

actors/evm/src/types.rs

@@ -1,6 +1,10 @@
+use cid::Cid;
 use fil_actors_evm_shared::address::EthAddress;
+use fil_actors_evm_shared::uints::U256;
+use fvm_ipld_encoding::strict_bytes;
 use fvm_ipld_encoding::tuple::*;
 use fvm_ipld_encoding::RawBytes;
+use fvm_shared::econ::TokenAmount;
 
 #[derive(Serialize_tuple, Deserialize_tuple)]
 pub struct ConstructorParams {
@@ -9,3 +13,22 @@ pub struct ConstructorParams {
     /// The initcode that will construct the new EVM actor.
     pub initcode: RawBytes,
 }
+
+pub type ResurrectParams = ConstructorParams;
+
+#[derive(Serialize_tuple, Deserialize_tuple)]
+pub struct DelegateCallParams {
+    pub code: Cid,
+    /// The contract invocation parameters
+    #[serde(with = "strict_bytes")]
+    pub input: Vec<u8>,
+    /// The original caller's Eth address.
+    pub caller: EthAddress,
+    /// The value passed in the original call.
+    pub value: TokenAmount,
+}
+
+#[derive(Serialize_tuple, Deserialize_tuple)]
+pub struct GetStorageAtParams {
+    pub storage_key: U256,
+}

actors/market/src/lib.rs

@@ -37,6 +37,7 @@ use fil_actors_runtime::{
 };
 use fvm_ipld_encoding::ipld_block::IpldBlock;
 use fvm_ipld_encoding::{RawBytes, DAG_CBOR};
+use fvm_shared::sys::SendFlags;
 
 use crate::ext::verifreg::{AllocationID, AllocationRequest};
 
@@ -234,14 +235,31 @@ impl Actor {
             ));
         }
 
+        // Deals that passed `AuthenticateMessage` and other state-less checks.
+        let mut validity_index: Vec<bool> = Vec::with_capacity(params.deals.len());
+
         let baseline_power = request_current_baseline_power(rt)?;
         let (network_raw_power, _) = request_current_network_power(rt)?;
 
+        // We perform these checks before loading state since the call to `AuthenticateMessage` could recurse
+        for (di, deal) in params.deals.iter().enumerate() {
+            let valid = if let Err(e) = validate_deal(rt, deal, &network_raw_power, &baseline_power)
+            {
+                info!("invalid deal {}: {}", di, e);
+                false
+            } else {
+                true
+            };
+
+            validity_index.push(valid);
+        }
+
         struct ValidDeal {
             proposal: DealProposal,
             serialized_proposal: RawBytes,
             cid: Cid,
         }
+
         // Deals that passed validation.
         let mut valid_deals: Vec<ValidDeal> = Vec::with_capacity(params.deals.len());
         // CIDs of valid proposals.
@@ -260,8 +278,10 @@ impl Actor {
         let state: State = rt.state()?;
 
         for (di, mut deal) in params.deals.into_iter().enumerate() {
-            if let Err(e) = validate_deal(rt, &deal, &network_raw_power, &baseline_power) {
-                info!("invalid deal {}: {}", di, e);
+            if !*validity_index.get(di).context_code(
+                ExitCode::USR_ASSERTION_FAILED,
+                "validity index has incorrect length",
+            )? {
                 continue;
             }
 
@@ -355,7 +375,7 @@ impl Actor {
                 client_alloc_reqs
                     .entry(client_id)
                     .or_default()
-                    .push((pcid, alloc_request_for_deal(&deal, rt.policy(), curr_epoch)));
+                    .push((pcid, alloc_request_for_deal(&deal.proposal, rt.policy(), curr_epoch)));
             }
 
             total_provider_lockup = provider_lockup;
@@ -444,7 +464,9 @@ impl Actor {
             Ok(())
         })?;
 
-        // notify clients ignoring any errors
+        // notify clients, any failures cause the entire publish_storage_deals method to fail
+        // it's unsafe to ignore errors here, since that could be used to attack storage contract clients
+        // that might be unaware they're making storage deals
         for (i, valid_deal) in valid_deals.iter().enumerate() {
             _ = extract_send_result(rt.send_simple(
                 &valid_deal.proposal.client,
@@ -454,7 +476,10 @@ impl Actor {
                     deal_id: new_deal_ids[i],
                 })?,
                 TokenAmount::zero(),
-            ));
+            ))
+            .with_context_code(ExitCode::USR_ILLEGAL_ARGUMENT, || {
+                format!("failed to notify deal with proposal cid {}", valid_deal.cid)
+            })?;
         }
 
         Ok(PublishStorageDealsReturn { ids: new_deal_ids, valid_deals: valid_input_bf })
@@ -1083,21 +1108,21 @@ pub fn validate_and_return_deal_space<BS: Blockstore>(
 
 fn alloc_request_for_deal(
     // Deal proposal must have ID addresses
-    deal: &ClientDealProposal,
+    deal: &DealProposal,
     policy: &Policy,
     curr_epoch: ChainEpoch,
 ) -> ext::verifreg::AllocationRequest {
-    let alloc_term_min = deal.proposal.end_epoch - deal.proposal.start_epoch;
+    let alloc_term_min = deal.end_epoch - deal.start_epoch;
     let alloc_term_max = min(
         alloc_term_min + policy.market_default_allocation_term_buffer,
         policy.maximum_verified_allocation_term,
     );
     let alloc_expiration =
-        min(deal.proposal.start_epoch, curr_epoch + policy.maximum_verified_allocation_expiration);
+        min(deal.start_epoch, curr_epoch + policy.maximum_verified_allocation_expiration);
     ext::verifreg::AllocationRequest {
-        provider: deal.proposal.provider.id().unwrap(),
-        data: deal.proposal.piece_cid,
-        size: deal.proposal.piece_size,
+        provider: deal.provider.id().unwrap(),
+        data: deal.piece_cid,
+        size: deal.piece_size,
         term_min: alloc_term_min,
         term_max: alloc_term_max,
         expiration: alloc_expiration,
@@ -1293,14 +1318,16 @@ fn deal_proposal_is_internally_valid(
     // Generate unsigned bytes
     let proposal_bytes = serialize(&proposal.proposal, "deal proposal")?;
 
-    extract_send_result(rt.send_simple(
+    extract_send_result(rt.send(
         &proposal.proposal.client,
         ext::account::AUTHENTICATE_MESSAGE_METHOD,
         IpldBlock::serialize_cbor(&ext::account::AuthenticateMessageParams {
             signature: signature_bytes,
             message: proposal_bytes.to_vec(),
         })?,
         TokenAmount::zero(),
+        None,
+        SendFlags::READ_ONLY,
     ))
     .map_err(|e| e.wrap("proposal authentication failed"))?;
     Ok(())

actors/market/tests/cron_tick_timedout_deals.rs

@@ -16,6 +16,7 @@ use fvm_shared::METHOD_SEND;
 
 use fil_actor_market::ext::account::{AuthenticateMessageParams, AUTHENTICATE_MESSAGE_METHOD};
 use fvm_ipld_encoding::ipld_block::IpldBlock;
+use fvm_shared::sys::SendFlags;
 use num_traits::Zero;
 
 mod harness;
@@ -95,13 +96,16 @@ fn publishing_timed_out_deal_again_should_work_after_cron_tick_as_it_should_no_l
     })
     .unwrap();
 
-    rt.expect_send_simple(
+    rt.expect_send(
         deal_proposal2.client,
         AUTHENTICATE_MESSAGE_METHOD,
         auth_param,
         TokenAmount::zero(),
         None,
+        SendFlags::READ_ONLY,
+        None,
         ExitCode::OK,
+        None,
     );
 
     expect_abort(