feat(lazer/sui): readme, cleanup

Author: tejasbadadare

lazer/contracts/sui/README.md

@@ -0,0 +1,24 @@
+## Pyth Lazer Sui Contract
+
+`pyth_lazer` is a Sui module that allows consumers to easily parse and verify cryptographically signed price feed data from the Pyth Network's high-frequency Lazer protocol for use on-chain.
+
+This package is built using the Move language and Sui framework.
+
+### Build, test, deploy
+
+Install Sui CLI and build the project:
+
+```shell
+brew install sui
+sui move build
+```
+
+Run tests:
+
+```shell
+sui move test
+sui move test test_parse_and_verify_le_ecdsa_update # run a specific test
+```
+
+Deploy:
+TODO

lazer/contracts/sui/sources/pyth_lazer.move

@@ -8,15 +8,23 @@ use pyth_lazer::channel::Self;
 use sui::bcs;
 use sui::ecdsa_k1::secp256k1_ecrecover;
 
+const SECP256K1_SIG_LEN: u32 = 65;
 const UPDATE_MESSAGE_MAGIC: u32 = 1296547300;
 const PAYLOAD_MAGIC: u32 = 2479346549;
 
 
+// TODO:
+// initializer
+// administration -> admin cap, upgrade cap, governance?
+// storage module -> trusted signers, update fee?, treasury?
+// error handling
+// standalone verify signature function
+
 /// Parse the Lazer update message and validate the signature.
 ///
 /// The parsing logic is based on the Lazer rust protocol definition defined here:
 /// https://github.com/pyth-network/pyth-crosschain/tree/main/lazer/sdk/rust/protocol
-public fun parse_and_validate_update(update: vector<u8>): Update {
+public fun parse_and_verify_le_ecdsa_update(update: vector<u8>): Update {
     let mut cursor = bcs::new(update);
 
     let magic = cursor.peel_u32();
@@ -25,7 +33,7 @@ public fun parse_and_validate_update(update: vector<u8>): Update {
     let mut signature = vector::empty<u8>();
 
     let mut sig_i = 0;
-    while (sig_i < 65) {
+    while (sig_i < SECP256K1_SIG_LEN) {
         signature.push_back(cursor.peel_u8());
         sig_i = sig_i + 1;
     };
@@ -40,6 +48,7 @@ public fun parse_and_validate_update(update: vector<u8>): Update {
     let pubkey = secp256k1_ecrecover(&signature, &payload, 0);
 
     // Lazer signer pubkey
+    // FIXME: validate against trusted signer set in storage
     assert!(pubkey == x"03a4380f01136eb2640f90c17e1e319e02bbafbeef2e6e67dc48af53f9827e155b", 0);
 
     let mut cursor = bcs::new(payload);
@@ -139,7 +148,7 @@ public fun parse_and_validate_update(update: vector<u8>): Update {
             } else {
                 // When we have an unknown property, we do not know its length, and therefore
                 // we cannot ignore it and parse the next properties.
-                abort 0
+                abort 0 // FIXME: return more granular error messages
             };
 
             properties_i = properties_i + 1;

lazer/contracts/sui/tests/pyth_lazer_tests.move

@@ -1,12 +1,12 @@
 #[test_only]
 module pyth_lazer::pyth_lazer_tests;
-use pyth_lazer::pyth_lazer::parse_and_validate_update;
+use pyth_lazer::pyth_lazer::parse_and_verify_le_ecdsa_update;
 use pyth_lazer::channel::new_fixed_rate_200ms;
 use pyth_lazer::i16::{Self};
 use pyth_lazer::i64::{Self};
 
 #[test]
-public fun test_parse_and_validate_update() {
+public fun test_parse_and_verify_le_ecdsa_update() {
     /*
     The test data is from the Lazer subscription:
     > Request
@@ -51,7 +51,7 @@ public fun test_parse_and_validate_update() {
     let hex_message =
         x"e4bd474daafa101a7cdc2f4af22f5735aa3278f7161ae15efa9eac3851ca437e322fde467c9475497e1297499344826fe1209f6de234dce35bdfab8bf6b073be12a07cb201930075d3c793c063467c0f3b0600030301000000060055a0e054c40a0000011f679842c40a0000021c94868bc40a000004f8ff0600070002000000060032521511590000000177ac04105900000002a33b71125900000004f8ff060007007000000006000038d1d42c43a60101000000000000000002000000000000000004f4ff060100e1f50500000000070100e07ecb0c3b0600";
 
-    let update = parse_and_validate_update(hex_message);
+    let update = parse_and_verify_le_ecdsa_update(hex_message);
 
     // If we reach this point, the function worked correctly
     // (no assertion failures in parse_and_validate_update)