fix: require signature if any write in footprint

stellar · Nov 8, 2023 · 40238c9 · 40238c9
1 parent f528cc0
commit 40238c9
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 7 deletions.
diff --git a/cmd/soroban-cli/src/rpc/mod.rs b/cmd/soroban-cli/src/rpc/mod.rs
@@ -731,7 +731,7 @@ soroban config identity fund {address} --helper-url <url>"#
             .authorize(self, source_key, signers, seq_num, network_passphrase)
             .await?;
         authorized.log(log_events, log_resources)?;
-        if always_submit || authorized.requires_auth() {
+        if always_submit || !authorized.is_view() {
             let tx = authorized.sign(source_key, network_passphrase)?;
             self.send_transaction(&tx).await
         } else {

diff --git a/cmd/soroban-cli/src/rpc/txn.rs b/cmd/soroban-cli/src/rpc/txn.rs
@@ -2,12 +2,13 @@ use ed25519_dalek::Signer;
 use sha2::{Digest, Sha256};
 use soroban_env_host::xdr::{
     self, AccountId, DecoratedSignature, ExtensionPoint, Hash, HashIdPreimage,
-    HashIdPreimageSorobanAuthorization, InvokeHostFunctionOp, Memo, Operation, OperationBody,
-    Preconditions, PublicKey, ReadXdr, RestoreFootprintOp, ScAddress, ScMap, ScSymbol, ScVal,
-    Signature, SignatureHint, SorobanAddressCredentials, SorobanAuthorizationEntry,
-    SorobanAuthorizedFunction, SorobanCredentials, SorobanResources, SorobanTransactionData,
-    Transaction, TransactionEnvelope, TransactionExt, TransactionSignaturePayload,
-    TransactionSignaturePayloadTaggedTransaction, TransactionV1Envelope, Uint256, VecM, WriteXdr,
+    HashIdPreimageSorobanAuthorization, InvokeHostFunctionOp, LedgerFootprint, Memo, Operation,
+    OperationBody, Preconditions, PublicKey, ReadXdr, RestoreFootprintOp, ScAddress, ScMap,
+    ScSymbol, ScVal, Signature, SignatureHint, SorobanAddressCredentials,
+    SorobanAuthorizationEntry, SorobanAuthorizedFunction, SorobanCredentials, SorobanResources,
+    SorobanTransactionData, Transaction, TransactionEnvelope, TransactionExt,
+    TransactionSignaturePayload, TransactionSignaturePayloadTaggedTransaction,
+    TransactionV1Envelope, Uint256, VecM, WriteXdr,
 };
 
 use crate::rpc::{Client, Error, RestorePreamble, SimulateTransactionResponse};
@@ -166,6 +167,23 @@ impl Assembled {
     pub fn finish_simulation(self) -> Finished {
         Finished::simulated(self.sim_res)
     }
+
+    pub fn is_view(&self) -> bool {
+        if let TransactionExt::V1(SorobanTransactionData {
+            resources:
+                SorobanResources {
+                    footprint: LedgerFootprint { read_write, .. },
+                    ..
+                },
+            ..
+        }) = &self.txn.ext
+        {
+            if read_write.is_empty() {
+                return true;
+            }
+        };
+        !self.requires_auth()
+    }
 }
 
 // Apply the result of a simulateTransaction onto a transaction envelope, preparing it for