feat: update with-nft to support list of identifiers

obycode · obycode · commit 771262c74202 · 2025-09-22T12:10:10.000-04:00
diff --git a/clarity-types/src/errors/analysis.rs b/clarity-types/src/errors/analysis.rs
@@ -314,6 +314,8 @@ pub enum CheckErrors {
     ExpectedAllowanceExpr(String),
     WithAllAllowanceNotAllowed,
     WithAllAllowanceNotAlone,
+    WithNftExpectedListOfIdentifiers,
+    MaxIdentifierLengthExceeded(u32),
 }
 
 #[derive(Debug, PartialEq)]
@@ -617,6 +619,8 @@ impl DiagnosableError for CheckErrors {
             CheckErrors::ExpectedAllowanceExpr(got_name) => format!("expected an allowance expression, got: {got_name}"),
             CheckErrors::WithAllAllowanceNotAllowed => "with-all-assets-unsafe is not allowed here, only in the allowance list for `as-contract?`".into(),
             CheckErrors::WithAllAllowanceNotAlone => "with-all-assets-unsafe must not be used along with other allowances".into(),
+            CheckErrors::WithNftExpectedListOfIdentifiers => "with-nft allowance must include a list of asset identifiers".into(),
+            CheckErrors::MaxIdentifierLengthExceeded(max_len) => format!("with-nft allowance identifiers list must not exceed 128 elements, got {max_len}"),
         }
     }
 
diff --git a/clarity/src/vm/analysis/type_checker/v2_1/natives/post_conditions.rs b/clarity/src/vm/analysis/type_checker/v2_1/natives/post_conditions.rs
@@ -17,7 +17,7 @@ use clarity_types::errors::analysis::{check_argument_count, check_arguments_at_l
 use clarity_types::errors::{CheckError, CheckErrors};
 use clarity_types::representations::SymbolicExpression;
 use clarity_types::types::signatures::ASCII_128;
-use clarity_types::types::TypeSignature;
+use clarity_types::types::{SequenceSubtype, TypeSignature};
 
 use crate::vm::analysis::type_checker::contexts::TypingContext;
 use crate::vm::analysis::type_checker::v2_1::TypeChecker;
@@ -202,7 +202,15 @@ fn check_allowance_with_nft(
 
     checker.type_check_expects(&args[0], context, &TypeSignature::PrincipalType)?;
     checker.type_check_expects(&args[1], context, &ASCII_128)?;
-    // Asset ID can be any type
+
+    // Asset identifiers must be a Clarity list with any type of elements
+    let id_list_ty = checker.type_check(&args[2], context)?;
+    let TypeSignature::SequenceType(SequenceSubtype::ListType(list_data)) = id_list_ty else {
+        return Err(CheckErrors::WithNftExpectedListOfIdentifiers.into());
+    };
+    if list_data.get_max_len() > 128 {
+        return Err(CheckErrors::MaxIdentifierLengthExceeded(list_data.get_max_len()).into());
+    }
 
     Ok(false)
 }
diff --git a/clarity/src/vm/analysis/type_checker/v2_1/tests/post_conditions.rs b/clarity/src/vm/analysis/type_checker/v2_1/tests/post_conditions.rs
@@ -199,7 +199,7 @@ fn test_as_contract(#[case] version: ClarityVersion, #[case] _epoch: StacksEpoch
         ),
         // multiple allowances
         (
-            "(as-contract? ((with-stx u1000) (with-ft .token \"foo\" u5000) (with-nft .token \"foo\" 0x01) (with-stacking u1000)) true)",
+            "(as-contract? ((with-stx u1000) (with-ft .token \"foo\" u5000) (with-nft .token \"foo\" (list 0x01)) (with-stacking u1000)) true)",
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap()
         ),
         // multiple body expressions
@@ -551,47 +551,47 @@ fn test_with_nft_allowance(#[case] version: ClarityVersion, #[case] _epoch: Stac
     let good = [
         // basic usage with shortcut contract principal
         (
-            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" u1000)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" (list u1000))) true)"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // full literal principal
         (
-            r#"(restrict-assets? tx-sender ((with-ft 'SM3VDXK3WZZSA84XXFKAFAF15NNZX32CTSG82JFQ4.token "token-name" u1000)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-ft 'SM3VDXK3WZZSA84XXFKAFAF15NNZX32CTSG82JFQ4.token "token-name" (list u1000))) true)"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // variable principal
         (
-            r#"(let ((contract .token)) (restrict-assets? tx-sender ((with-nft contract "token-name" u1000)) true))"#,
+            r#"(let ((contract .token)) (restrict-assets? tx-sender ((with-nft contract "token-name" (list u1000))) true))"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // variable token name
         (
-            r#"(let ((name "token-name")) (restrict-assets? tx-sender ((with-nft .token name u1000)) true))"#,
+            r#"(let ((name "token-name")) (restrict-assets? tx-sender ((with-nft .token name (list u1000))) true))"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // "*" token name
         (
-            r#"(restrict-assets? tx-sender ((with-nft .token "*" u1000)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft .token "*" (list u1000))) true)"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // empty token name
         (
-            r#"(restrict-assets? tx-sender ((with-nft .token "" u1000)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft .token "" (list u1000))) true)"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // string asset-id
         (
-            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" "asset-123")) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" (list "asset-123"))) true)"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // buffer asset-id
         (
-            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" 0x0123456789)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" (list 0x0123456789))) true)"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
         // variable asset-id
         (
-            r#"(let ((asset-id u123)) (restrict-assets? tx-sender ((with-nft .token "token-name" asset-id)) true))"#,
+            r#"(let ((asset-id (list u123))) (restrict-assets? tx-sender ((with-nft .token "token-name" asset-id)) true))"#,
             TypeSignature::new_response(TypeSignature::BoolType, TypeSignature::IntType).unwrap(),
         ),
     ];
@@ -614,20 +614,20 @@ fn test_with_nft_allowance(#[case] version: ClarityVersion, #[case] _epoch: Stac
         ),
         // too many arguments
         (
-            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" u123 u456)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft .token "token-name" (list u123) (list u456))) true)"#,
             CheckErrors::IncorrectArgumentCount(3, 4),
         ),
         // wrong type for contract-id - uint instead of principal
         (
-            r#"(restrict-assets? tx-sender ((with-nft u123 "token-name" u456)) true)"#,
+            r#"(restrict-assets? tx-sender ((with-nft u123 "token-name" (list u456))) true)"#,
             CheckErrors::TypeError(
                 TypeSignature::PrincipalType.into(),
                 TypeSignature::UIntType.into(),
             ),
         ),
         // wrong type for token-name - uint instead of string
         (
-            "(restrict-assets? tx-sender ((with-nft .token u123 u456)) true)",
+            "(restrict-assets? tx-sender ((with-nft .token u123 (list u456))) true)",
             CheckErrors::TypeError(
                 TypeSignature::new_string_ascii(128).unwrap().into(),
                 TypeSignature::UIntType.into(),
diff --git a/clarity/src/vm/docs/mod.rs b/clarity/src/vm/docs/mod.rs
@@ -2673,12 +2673,12 @@ the contract. When `"*"` is used for the token name, the allowance applies to
 };
 
 const ALLOWANCE_WITH_NFT: SpecialAPI = SpecialAPI {
-    input_type: "principal (string-ascii 128) T",
-    snippet: "with-nft ${1:contract-id} ${2:asset-name} ${3:asset-identifier}",
+    input_type: "principal (string-ascii 128) (list 128 T)",
+    snippet: "with-nft ${1:contract-id} ${2:asset-name} ${3:asset-identifiers}",
     output_type: "Allowance",
-    signature: "(with-nft contract-id asset-name identifier)",
-    description: r#"Adds an outflow allowance for the non-fungible token
-identified by `identifier` defined in `contract-id` with name `token-name`
+    signature: "(with-nft contract-id asset-name identifiers)",
+    description: r#"Adds an outflow allowance for the non-fungible tokens
+identified by `identifiers` defined in `contract-id` with name `token-name`
 from the `asset-owner` of the enclosing `restrict-assets?` or `as-contract?`
 expression. `with-nft` is not allowed outside of `restrict-assets?` or
 `as-contract?` contexts. Note that `token-name` should match the name used in
@@ -2690,11 +2690,11 @@ the token name, the allowance applies to **all** NFTs defined in `contract-id`."
 (nft-mint? stackaroo u124 tx-sender)
 (nft-mint? stackaroo u125 tx-sender)
 (restrict-assets? tx-sender
-  ((with-nft current-contract "stackaroo" u123))
+  ((with-nft current-contract "stackaroo" (list u123)))
   (try! (nft-transfer? stackaroo u123 tx-sender 'SPAXYA5XS51713FDTQ8H94EJ4V579CXMTRNBZKSF))
 ) ;; Returns (ok true)
 (restrict-assets? tx-sender
-  ((with-nft current-contract "stackaroo" u125))
+  ((with-nft current-contract "stackaroo" (list u125)))
   (try! (nft-transfer? stackaroo u124 tx-sender 'SPAXYA5XS51713FDTQ8H94EJ4V579CXMTRNBZKSF))
 ) ;; Returns (err 0)
 "#,
diff --git a/clarity/src/vm/functions/post_conditions.rs b/clarity/src/vm/functions/post_conditions.rs
@@ -38,7 +38,7 @@ pub struct FtAllowance {
 
 pub struct NftAllowance {
     asset: AssetIdentifier,
-    asset_id: Value,
+    asset_ids: Vec<Value>,
 }
 
 pub struct StackingAllowance {
@@ -128,9 +128,10 @@ fn eval_allowance(
                 asset_name,
             };
 
-            let asset_id = eval(&rest[2], env, context)?;
+            let asset_id_list = eval(&rest[2], env, context)?;
+            let asset_ids = asset_id_list.expect_list()?;
 
-            Ok(Allowance::Nft(NftAllowance { asset, asset_id }))
+            Ok(Allowance::Nft(NftAllowance { asset, asset_ids }))
         }
         "with-stacking" => {
             if rest.len() != 1 {
@@ -325,7 +326,9 @@ fn check_allowances(
                 let (_, set) = nft_allowances
                     .entry(&nft.asset)
                     .or_insert_with(|| (i, HashSet::new()));
-                set.insert(nft.asset_id.serialize_to_hex()?);
+                for id in &nft.asset_ids {
+                    set.insert(id.serialize_to_hex()?);
+                }
             }
             Allowance::Stacking(stacking) => {
                 stacking_allowances.push((i, stacking.amount));
diff --git a/clarity/src/vm/tests/post_conditions.rs b/clarity/src/vm/tests/post_conditions.rs
@@ -105,7 +105,7 @@ fn test_as_contract_stx_all() {
 fn test_as_contract_stx_other_allowances() {
     let snippet = r#"
 (let ((recipient tx-sender))
-  (as-contract? ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" 123))
+  (as-contract? ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" (list 123)))
     (try! (stx-transfer? u50 tx-sender recipient))
   )
 )"#;
@@ -156,7 +156,7 @@ fn test_as_contract_stx_burn_all() {
 #[test]
 fn test_as_contract_stx_burn_other_allowances() {
     let snippet = r#"
-(as-contract? ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" 123))
+(as-contract? ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" (list 123)))
   (try! (stx-burn? u50 tx-sender))
 )"#;
     let expected = Value::error(Value::Int(-1)).unwrap();
@@ -280,7 +280,7 @@ fn test_restrict_assets_stx_all() {
 #[test]
 fn test_restrict_assets_stx_other_allowances() {
     let snippet = r#"
-(restrict-assets? tx-sender ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" 123))
+(restrict-assets? tx-sender ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" (list 123)))
   (try! (stx-transfer? u50 tx-sender 'SP000000000000000000002Q6VF78))
 )"#;
     let expected = Value::error(Value::Int(-1)).unwrap();
@@ -330,7 +330,7 @@ fn test_restrict_assets_stx_burn_all() {
 #[test]
 fn test_restrict_assets_stx_burn_other_allowances() {
     let snippet = r#"
-(restrict-assets? tx-sender ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" 123))
+(restrict-assets? tx-sender ((with-ft .token "stackaroo" u100) (with-nft .token "stackaroo" (list 123)))
   (try! (stx-burn? u50 tx-sender))
 )"#;
     let expected = Value::error(Value::Int(-1)).unwrap();

Original file line number	Diff line number	Diff line change
`@@ -314,6 +314,8 @@ pub enum CheckErrors {`
`314`	`314`	`ExpectedAllowanceExpr(String),`
`315`	`315`	`WithAllAllowanceNotAllowed,`
`316`	`316`	`WithAllAllowanceNotAlone,`
	`317`	`+ WithNftExpectedListOfIdentifiers,`
	`318`	`+ MaxIdentifierLengthExceeded(u32),`
`317`	`319`	`}`
`318`	`320`
`319`	`321`	`#[derive(Debug, PartialEq)]`
`@@ -617,6 +619,8 @@ impl DiagnosableError for CheckErrors {`
`617`	`619`	`CheckErrors::ExpectedAllowanceExpr(got_name) => format!("expected an allowance expression, got: {got_name}"),`
`618`	`620`	CheckErrors::WithAllAllowanceNotAllowed => "with-all-assets-unsafe is not allowed here, only in the allowance list for `as-contract?`".into(),
`619`	`621`	`CheckErrors::WithAllAllowanceNotAlone => "with-all-assets-unsafe must not be used along with other allowances".into(),`
	`622`	`+ CheckErrors::WithNftExpectedListOfIdentifiers => "with-nft allowance must include a list of asset identifiers".into(),`
	`623`	`+ CheckErrors::MaxIdentifierLengthExceeded(max_len) => format!("with-nft allowance identifiers list must not exceed 128 elements, got {max_len}"),`
`620`	`624`	`}`
`621`	`625`	`}`
`622`	`626`