Skip to content

limitauthchg patch - untested #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mschoenebeck wants to merge 3 commits into
base: master
Choose a base branch
from
Open

limitauthchg patch - untested #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9f33831
limitauthchg patch - untested
mschoenebeck Aug 9, 2023
6fd918b
fixed binary_extension
mschoenebeck Aug 9, 2023
41f8151
added wasmcfg action to system contract
mschoenebeck Sep 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions contracts/eosio.system/CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ add_contract(eosio.system eosio.system
${CMAKE_CURRENT_SOURCE_DIR}/src/producer_pay.cpp
${CMAKE_CURRENT_SOURCE_DIR}/src/rex.cpp
${CMAKE_CURRENT_SOURCE_DIR}/src/voting.cpp
${CMAKE_CURRENT_SOURCE_DIR}/src/limit_auth_changes.cpp
${CMAKE_CURRENT_SOURCE_DIR}/src/resource.cpp
)

Expand Down
54 changes: 40 additions & 14 deletions contracts/eosio.system/include/eosio.system/eosio.system.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -663,11 +663,11 @@ namespace eosiosystem {
*
* @param from - the account to delegate bandwidth from, that is, the account holding
* tokens to be staked,
* @param receiver - the account to delegate bandwith to, that is, the account to
* @param receiver - the account to delegate bandwidth to, that is, the account to
* whose resources staked tokens are added
* @param stake_net_quantity - tokens staked for NET bandwidth,
* @param stake_cpu_quantity - tokens staked for CPU bandwidth,
* @param transfer - if true, ownership of staked tokens is transfered to `receiver`.
* @param transfer - if true, ownership of staked tokens is transferred to `receiver`.
*
* @post All producers `from` account has voted for will have their votes updated immediately.
*/
Expand Down Expand Up @@ -707,9 +707,9 @@ namespace eosiosystem {
void withdraw( const name& owner, const asset& amount );

/**
* Buyrex action, buys REX in exchange for tokens taken out of user's REX fund by transfering
* Buyrex action, buys REX in exchange for tokens taken out of user's REX fund by transferring
* core tokens from user REX fund and converts them to REX stake. By buying REX, user is
* lending tokens in order to be rented as CPU or NET resourses.
* lending tokens in order to be rented as CPU or NET resources.
* Storage change is billed to 'from' account.
*
* @param from - owner account name,
Expand Down Expand Up @@ -813,7 +813,7 @@ namespace eosiosystem {
*
* @param from - loan creator account,
* @param loan_num - loan id,
* @param payment - tokens transfered from REX fund to loan fund.
* @param payment - tokens transferred from REX fund to loan fund.
*/
[[eosio::action]]
void fundcpuloan( const name& from, uint64_t loan_num, const asset& payment );
Expand All @@ -824,7 +824,7 @@ namespace eosiosystem {
*
* @param from - loan creator account,
* @param loan_num - loan id,
* @param payment - tokens transfered from REX fund to loan fund.
* @param payment - tokens transferred from REX fund to loan fund.
*/
[[eosio::action]]
void fundnetloan( const name& from, uint64_t loan_num, const asset& payment );
Expand All @@ -834,7 +834,7 @@ namespace eosiosystem {
*
* @param from - loan creator account,
* @param loan_num - loan id,
* @param amount - tokens transfered from CPU loan fund to REX fund.
* @param amount - tokens transferred from CPU loan fund to REX fund.
*/
[[eosio::action]]
void defcpuloan( const name& from, uint64_t loan_num, const asset& amount );
Expand All @@ -844,7 +844,7 @@ namespace eosiosystem {
*
* @param from - loan creator account,
* @param loan_num - loan id,
* @param amount - tokens transfered from NET loan fund to REX fund.
* @param amount - tokens transferred from NET loan fund to REX fund.
*/
[[eosio::action]]
void defnetloan( const name& from, uint64_t loan_num, const asset& amount );
Expand Down Expand Up @@ -913,7 +913,7 @@ namespace eosiosystem {
void closerex( const name& owner );

/**
* Undelegate bandwitdh action, decreases the total tokens delegated by `from` to `receiver` and/or
* Undelegate bandwidth action, decreases the total tokens delegated by `from` to `receiver` and/or
* frees the memory associated with the delegation if there is nothing
* left to delegate.
* This will cause an immediate reduction in net/cpu bandwidth of the
Expand All @@ -927,7 +927,7 @@ namespace eosiosystem {
*
* @param from - the account to undelegate bandwidth from, that is,
* the account whose tokens will be unstaked,
* @param receiver - the account to undelegate bandwith to, that is,
* @param receiver - the account to undelegate bandwidth to, that is,
* the account to whose benefit tokens have been staked,
* @param unstake_net_quantity - tokens to be unstaked from NET bandwidth,
* @param unstake_cpu_quantity - tokens to be unstaked from CPU bandwidth,
Expand All @@ -950,7 +950,7 @@ namespace eosiosystem {
*
* @param payer - the ram buyer,
* @param receiver - the ram receiver,
* @param quant - the quntity of tokens to buy ram with.
* @param quant - the quantity of tokens to buy ram with.
*/
[[eosio::action]]
void buyram( const name& payer, const name& receiver, const asset& quant );
Expand All @@ -961,7 +961,7 @@ namespace eosiosystem {
*
* @param payer - the ram buyer,
* @param receiver - the ram receiver,
* @param bytes - the quntity of ram to buy specified in bytes.
* @param bytes - the quantity of ram to buy specified in bytes.
*/
[[eosio::action]]
void buyrambytes( const name& payer, const name& receiver, uint32_t bytes );
Expand Down Expand Up @@ -1078,7 +1078,7 @@ namespace eosiosystem {
* update the proxy's weight.
* Storage change is billed to `proxy`.
*
* @param rpoxy - the account registering as voter proxy (or unregistering),
* @param proxy - the account registering as voter proxy (or unregistering),
* @param isproxy - if true, proxy is registered; if false, proxy is unregistered.
*
* @pre Proxy must have something staked (existing row in voters table)
Expand All @@ -1095,6 +1095,14 @@ namespace eosiosystem {
[[eosio::action]]
void setparams( const eosio::blockchain_parameters& params );

/**
* Sets the WebAssembly limits. Valid parameters are "low",
* "default" (equivalent to low), and "high". A value of "high"
* allows larger contracts to be deployed.
*/
[[eosio::action]]
void wasmcfg( const name& settings );

/**
* Claim rewards action, claims block producing and vote rewards.
* @param owner - producer account claiming per-block and per-vote rewards.
Expand Down Expand Up @@ -1189,6 +1197,24 @@ namespace eosiosystem {
void set_total(uint64_t total_cpu_us, uint64_t total_net_words, time_point_sec period_start);
void issue_inflation(time_point_sec period_start);

/**
* limitauthchg opts into or out of restrictions on updateauth, deleteauth, linkauth, and unlinkauth.
*
* If either allow_perms or disallow_perms is non-empty, then opts into restrictions. If
* allow_perms is non-empty, then the authorized_by argument of the restricted actions must be in
* the vector, or the actions will abort. If disallow_perms is non-empty, then the authorized_by
* argument of the restricted actions must not be in the vector, or the actions will abort.
*
* If both allow_perms and disallow_perms are empty, then opts out of the restrictions. limitauthchg
* aborts if both allow_perms and disallow_perms are non-empty.
*
* @param account - account to change
* @param allow_perms - permissions which may use the restricted actions
* @param disallow_perms - permissions which may not use the restricted actions
*/
[[eosio::action]]
void limitauthchg( const name& account, const std::vector<name>& allow_perms, const std::vector<name>& disallow_perms );

using init_action = eosio::action_wrapper<"init"_n, &system_contract::init>;
using setacctram_action = eosio::action_wrapper<"setacctram"_n, &system_contract::setacctram>;
using setacctnet_action = eosio::action_wrapper<"setacctnet"_n, &system_contract::setacctnet>;
Expand Down Expand Up @@ -1244,7 +1270,7 @@ namespace eosiosystem {
check(itr != rm.end(), "system contract must first be initialized");
return itr->quote.balance.symbol;
}

//defined in eosio.system.cpp
static eosio_global_state get_default_parameters();
static eosio_global_state4 get_default_inflation_parameters();
Expand Down
20 changes: 20 additions & 0 deletions contracts/eosio.system/include/eosio.system/limit_auth_changes.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#pragma once

#include <eosio/multi_index.hpp>

namespace eosiosystem {
using eosio::name;

struct [[eosio::table("limitauthchg"),eosio::contract("eosio.system")]] limit_auth_change {
uint8_t version = 0;
name account;
std::vector<name> allow_perms;
std::vector<name> disallow_perms;

uint64_t primary_key() const { return account.value; }

EOSLIB_SERIALIZE(limit_auth_change, (version)(account)(allow_perms)(disallow_perms))
};

typedef eosio::multi_index<"limitauthchg"_n, limit_auth_change> limit_auth_change_table;
} // namespace eosiosystem
101 changes: 82 additions & 19 deletions contracts/eosio.system/include/eosio.system/native.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#pragma once

#include <eosio/action.hpp>
#include <eosio/binary_extension.hpp>
#include <eosio/contract.hpp>
#include <eosio/crypto.hpp>
#include <eosio/fixed_bytes.hpp>
Expand Down Expand Up @@ -65,7 +66,7 @@ namespace eosiosystem {
* Blockchain authority.
*
* An authority is defined by:
* - a vector of key_weights (a key_weight is a public key plus a wieght),
* - a vector of key_weights (a key_weight is a public key plus a weight),
* - a vector of permission_level_weights, (a permission_level is an account name plus a permission name)
* - a vector of wait_weights (a wait_weight is defined by a number of seconds to wait and a weight)
* - a threshold value
Expand Down Expand Up @@ -121,6 +122,8 @@ namespace eosiosystem {
EOSLIB_SERIALIZE( abi_hash, (owner)(hash) )
};

void check_auth_change(name contract, name account, const eosio::binary_extension<name>& authorized_by);

// Method parameters commented out to prevent generation of code that parses input data.
/**
* The EOSIO core `native` contract that governs authorization and contracts' abi.
Expand Down Expand Up @@ -157,61 +160,121 @@ namespace eosiosystem {
ignore<authority> active);

/**
* Update authorization action updates pemission for an account.
* Update authorization action updates permission for an account.
*
* This contract enforces additional rules:
*
* 1. If authorized_by is present and not "", then the contract does a
* require_auth2(account, authorized_by).
* 2. If the account has opted into limitauthchg, then authorized_by
* must be present and not "".
* 3. If the account has opted into limitauthchg, and allow_perms is
* not empty, then authorized_by must be in the array.
* 4. If the account has opted into limitauthchg, and disallow_perms is
* not empty, then authorized_by must not be in the array.
*
* @param account - the account for which the permission is updated
* @param pemission - the permission name which is updated
* @param parem - the parent of the permission which is updated
* @param aut - the json describing the permission authorization
* @param permission - the permission name which is updated
* @param parent - the parent of the permission which is updated
* @param auth - the json describing the permission authorization
* @param authorized_by - the permission which is authorizing this change
*/
[[eosio::action]]
void updateauth( ignore<name> account,
ignore<name> permission,
ignore<name> parent,
ignore<authority> auth ) {}
void updateauth( name account,
name permission,
name parent,
authority auth,
eosio::binary_extension<name> authorized_by ) {
check_auth_change(get_self(), account, authorized_by);
}

/**
* Delete authorization action deletes the authorization for an account's permission.
*
* This contract enforces additional rules:
*
* 1. If authorized_by is present and not "", then the contract does a
* require_auth2(account, authorized_by).
* 2. If the account has opted into limitauthchg, then authorized_by
* must be present and not "".
* 3. If the account has opted into limitauthchg, and allow_perms is
* not empty, then authorized_by must be in the array.
* 4. If the account has opted into limitauthchg, and disallow_perms is
* not empty, then authorized_by must not be in the array.
*
* @param account - the account for which the permission authorization is deleted,
* @param permission - the permission name been deleted.
* @param authorized_by - the permission which is authorizing this change
*/
[[eosio::action]]
void deleteauth( ignore<name> account,
ignore<name> permission ) {}
void deleteauth( name account,
name permission,
eosio::binary_extension<name> authorized_by ) {
check_auth_change(get_self(), account, authorized_by);
}

/**
* Link authorization action assigns a specific action from a contract to a permission you have created. Five system
* actions can not be linked `updateauth`, `deleteauth`, `linkauth`, `unlinkauth`, and `canceldelay`.
* This is useful because when doing authorization checks, the EOSIO based blockchain starts with the
* action needed to be authorized (and the contract belonging to), and looks up which permission
* is needed to pass authorization validation. If a link is set, that permission is used for authoraization
* is needed to pass authorization validation. If a link is set, that permission is used for authorization
* validation otherwise then active is the default, with the exception of `eosio.any`.
* `eosio.any` is an implicit permission which exists on every account; you can link actions to `eosio.any`
* and that will make it so linked actions are accessible to any permissions defined for the account.
*
* This contract enforces additional rules:
*
* 1. If authorized_by is present and not "", then the contract does a
* require_auth2(account, authorized_by).
* 2. If the account has opted into limitauthchg, then authorized_by
* must be present and not "".
* 3. If the account has opted into limitauthchg, and allow_perms is
* not empty, then authorized_by must be in the array.
* 4. If the account has opted into limitauthchg, and disallow_perms is
* not empty, then authorized_by must not be in the array.
*
* @param account - the permission's owner to be linked and the payer of the RAM needed to store this link,
* @param code - the owner of the action to be linked,
* @param type - the action to be linked,
* @param requirement - the permission to be linked.
* @param authorized_by - the permission which is authorizing this change
*/
[[eosio::action]]
void linkauth( ignore<name> account,
ignore<name> code,
ignore<name> type,
ignore<name> requirement ) {}
void linkauth( name account,
name code,
name type,
name requirement,
eosio::binary_extension<name> authorized_by ) {
check_auth_change(get_self(), account, authorized_by);
}

/**
* Unlink authorization action it's doing the reverse of linkauth action, by unlinking the given action.
*
* This contract enforces additional rules:
*
* 1. If authorized_by is present and not "", then the contract does a
* require_auth2(account, authorized_by).
* 2. If the account has opted into limitauthchg, then authorized_by
* must be present and not "".
* 3. If the account has opted into limitauthchg, and allow_perms is
* not empty, then authorized_by must be in the array.
* 4. If the account has opted into limitauthchg, and disallow_perms is
* not empty, then authorized_by must not be in the array.
*
* @param account - the owner of the permission to be unlinked and the receiver of the freed RAM,
* @param code - the owner of the action to be unlinked,
* @param type - the action to be unlinked.
* @param authorized_by - the permission which is authorizing this change
*/
[[eosio::action]]
void unlinkauth( ignore<name> account,
ignore<name> code,
ignore<name> type ) {}
void unlinkauth( name account,
name code,
name type,
eosio::binary_extension<name> authorized_by ) {
check_auth_change(get_self(), account, authorized_by);
}

/**
* Cancel delay action cancels a deferred transaction.
Expand Down
Loading