diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 90ea3ae66..5f88a429d 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -20,6 +20,7 @@ jobs: go-version: 1.20.1 - run: scripts/check-dependencies.bash validate-rust-git-rev-deps: + runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: stellar/actions/rust-check-git-rev-deps@main diff --git a/Cargo.lock b/Cargo.lock index 61da814c7..9a6a91a16 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1849,7 +1849,7 @@ dependencies = [ [[package]] name = "preflight" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "anyhow", "base64 0.21.3", @@ -2467,7 +2467,7 @@ dependencies = [ [[package]] name = "soroban-cli" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "assert_cmd", "assert_fs", @@ -2530,8 +2530,8 @@ dependencies = [ [[package]] name = "soroban-env-common" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "arbitrary", "crate-git-revision 0.0.6", @@ -2547,8 +2547,8 @@ dependencies = [ [[package]] name = "soroban-env-guest" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "soroban-env-common", "static_assertions", @@ -2556,8 +2556,8 @@ dependencies = [ [[package]] name = "soroban-env-host" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "backtrace", "ed25519-dalek 2.0.0", @@ -2579,8 +2579,8 @@ dependencies = [ [[package]] name = "soroban-env-macros" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "itertools", "proc-macro2", @@ -2593,12 +2593,12 @@ dependencies = [ [[package]] name = "soroban-hello" -version = "0.9.4" +version = "20.0.0-rc1" [[package]] name = "soroban-ledger-snapshot" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "serde", "serde_json", @@ -2609,8 +2609,8 @@ dependencies = [ [[package]] name = "soroban-native-sdk-macros" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "itertools", "proc-macro2", @@ -2620,8 +2620,8 @@ dependencies = [ [[package]] name = "soroban-sdk" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "arbitrary", "bytes-lit", @@ -2637,8 +2637,8 @@ dependencies = [ [[package]] name = "soroban-sdk-macros" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "crate-git-revision 0.0.6", "darling", @@ -2656,8 +2656,8 @@ dependencies = [ [[package]] name = "soroban-spec" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "base64 0.13.1", "stellar-xdr", @@ -2667,7 +2667,7 @@ dependencies = [ [[package]] name = "soroban-spec-json" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "pretty_assertions", "serde", @@ -2681,8 +2681,8 @@ dependencies = [ [[package]] name = "soroban-spec-rust" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "prettyplease", "proc-macro2", @@ -2696,7 +2696,7 @@ dependencies = [ [[package]] name = "soroban-spec-tools" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "base64 0.21.3", "ethnum", @@ -2714,7 +2714,7 @@ dependencies = [ [[package]] name = "soroban-spec-typescript" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "base64 0.21.3", "heck", @@ -2735,7 +2735,7 @@ dependencies = [ [[package]] name = "soroban-test" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "assert_cmd", "assert_fs", @@ -2758,8 +2758,8 @@ dependencies = [ [[package]] name = "soroban-wasmi" -version = "0.30.0-soroban" -source = "git+https://github.com/stellar/wasmi?rev=284c963ba080703061797e2a3cba0853edee0dd4#284c963ba080703061797e2a3cba0853edee0dd4" +version = "0.31.0-soroban1" +source = "git+https://github.com/stellar/wasmi?rev=7e63b4c9e08c4163f417d118d81f7ea34789d0be#7e63b4c9e08c4163f417d118d81f7ea34789d0be" dependencies = [ "smallvec", "spin 0.9.8", @@ -2817,8 +2817,8 @@ dependencies = [ [[package]] name = "stellar-xdr" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-stellar-xdr?rev=39904e09941046dab61e6e35fc89e31bf2dea1cd#39904e09941046dab61e6e35fc89e31bf2dea1cd" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-stellar-xdr?rev=d5ce0c9e7aa83461773a6e81662067f35d39e4c1#d5ce0c9e7aa83461773a6e81662067f35d39e4c1" dependencies = [ "arbitrary", "base64 0.13.1", @@ -2933,21 +2933,21 @@ checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" [[package]] name = "test_custom_types" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "soroban-sdk", ] [[package]] name = "test_hello_world" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "soroban-sdk", ] [[package]] name = "test_udt" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "soroban-sdk", ] @@ -3435,12 +3435,12 @@ dependencies = [ [[package]] name = "wasmi_arena" version = "0.4.0" -source = "git+https://github.com/stellar/wasmi?rev=284c963ba080703061797e2a3cba0853edee0dd4#284c963ba080703061797e2a3cba0853edee0dd4" +source = "git+https://github.com/stellar/wasmi?rev=7e63b4c9e08c4163f417d118d81f7ea34789d0be#7e63b4c9e08c4163f417d118d81f7ea34789d0be" [[package]] name = "wasmi_core" -version = "0.12.0" -source = "git+https://github.com/stellar/wasmi?rev=284c963ba080703061797e2a3cba0853edee0dd4#284c963ba080703061797e2a3cba0853edee0dd4" +version = "0.13.0" +source = "git+https://github.com/stellar/wasmi?rev=7e63b4c9e08c4163f417d118d81f7ea34789d0be#7e63b4c9e08c4163f417d118d81f7ea34789d0be" dependencies = [ "downcast-rs", "libm", diff --git a/Cargo.toml b/Cargo.toml index 7477a034a..5f93048c3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,55 +11,55 @@ default-members = ["cmd/soroban-cli", "cmd/crates/soroban-test"] exclude = ["cmd/crates/soroban-test/tests/fixtures/hello"] [workspace.package] -version = "0.9.4" +version = "20.0.0-rc1" [workspace.dependencies.soroban-env-host] -version = "0.0.17" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-env" -rev = "3d6c35d1308fc36a05d30d257756e42fc928b537" +rev = "f19ef13363a1e0cbff7b100c0599a1d63dea88a6" [workspace.dependencies.soroban-spec] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" # path = "../rs-soroban-sdk/soroban-spec" [workspace.dependencies.soroban-spec-rust] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" # path = "../rs-soroban-sdk/soroban-spec-rust" [workspace.dependencies.soroban-spec-json] -version = "0.9.4" +version = "20.0.0-rc1" path = "./cmd/crates/soroban-spec-json" [workspace.dependencies.soroban-spec-typescript] -version = "0.9.4" +version = "20.0.0-rc1" path = "./cmd/crates/soroban-spec-typescript" [workspace.dependencies.soroban-spec-tools] -version = "0.9.4" +version = "20.0.0-rc1" path = "./cmd/crates/soroban-spec-tools" [workspace.dependencies.soroban-sdk] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" [workspace.dependencies.soroban-ledger-snapshot] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" [workspace.dependencies.soroban-cli] -version = "0.9.4" +version = "20.0.0-rc1" path = "cmd/soroban-cli" [workspace.dependencies.stellar-xdr] -version = "0.0.17" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-stellar-xdr" -rev = "39904e09941046dab61e6e35fc89e31bf2dea1cd" +rev = "d5ce0c9e7aa83461773a6e81662067f35d39e4c1" default-features = false [workspace.dependencies] diff --git a/cmd/crates/soroban-spec-json/Cargo.toml b/cmd/crates/soroban-spec-json/Cargo.toml index 718f09f6c..164f6d779 100644 --- a/cmd/crates/soroban-spec-json/Cargo.toml +++ b/cmd/crates/soroban-spec-json/Cargo.toml @@ -20,7 +20,7 @@ sha2 = "0.9.9" [dependencies.stellar-xdr] workspace = true -features = ["next", "std", "serde"] +features = ["curr", "std", "serde"] [dev_dependencies] pretty_assertions = "1.2.1" diff --git a/cmd/crates/soroban-spec-tools/Cargo.toml b/cmd/crates/soroban-spec-tools/Cargo.toml index 8c5bd91f6..bed9d8e6b 100644 --- a/cmd/crates/soroban-spec-tools/Cargo.toml +++ b/cmd/crates/soroban-spec-tools/Cargo.toml @@ -19,7 +19,7 @@ crate-type = ["rlib"] [dependencies] soroban-spec = { workspace = true } stellar-strkey = { workspace = true } -stellar-xdr = { workspace = true, features = ["next", "std", "serde"] } +stellar-xdr = { workspace = true, features = ["curr", "std", "serde"] } serde_json = { workspace = true } itertools = { workspace = true } ethnum = { workspace = true } diff --git a/cmd/crates/soroban-spec-typescript/Cargo.toml b/cmd/crates/soroban-spec-typescript/Cargo.toml index 1f1ef38a9..87471e665 100644 --- a/cmd/crates/soroban-spec-typescript/Cargo.toml +++ b/cmd/crates/soroban-spec-typescript/Cargo.toml @@ -25,7 +25,7 @@ base64 = { workspace = true } [dependencies.stellar-xdr] workspace = true -features = ["next", "std", "serde", "base64"] +features = ["curr", "std", "serde", "base64"] [dev_dependencies] temp-dir = "0.1.11" diff --git a/cmd/crates/soroban-test/Cargo.toml b/cmd/crates/soroban-test/Cargo.toml index 97f29e110..c52e97397 100644 --- a/cmd/crates/soroban-test/Cargo.toml +++ b/cmd/crates/soroban-test/Cargo.toml @@ -6,7 +6,7 @@ repository = "https://github.com/stellar/soroban-test" authors = ["Stellar Development Foundation "] license = "Apache-2.0" readme = "README.md" -version = "0.9.4" +version = "20.0.0-rc1" edition = "2021" rust-version = "1.70" autobins = false diff --git a/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml b/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml index 1cec53266..5be71613e 100644 --- a/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml +++ b/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "soroban-hello" -version = "0.9.4" +version = "20.0.0-rc1" edition = "2021" publish = false diff --git a/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml b/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml index 72702297a..b4a10fb9c 100644 --- a/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml +++ b/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "test_custom_types" -version = "0.9.4" +version = "20.0.0-rc1" authors = ["Stellar Development Foundation "] license = "Apache-2.0" edition = "2021" diff --git a/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml b/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml index 82bb4488b..52b18c46a 100644 --- a/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml +++ b/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "test_hello_world" -version = "0.9.4" +version = "20.0.0-rc1" authors = ["Stellar Development Foundation "] license = "Apache-2.0" edition = "2021" diff --git a/cmd/soroban-cli/Cargo.toml b/cmd/soroban-cli/Cargo.toml index d62699f9b..41e5854bc 100644 --- a/cmd/soroban-cli/Cargo.toml +++ b/cmd/soroban-cli/Cargo.toml @@ -6,7 +6,7 @@ repository = "https://github.com/stellar/soroban-cli" authors = ["Stellar Development Foundation "] license = "Apache-2.0" readme = "README.md" -version = "0.9.4" +version = "20.0.0-rc1" edition = "2021" rust-version = "1.72" autobins = false diff --git a/cmd/soroban-cli/src/commands/version.rs b/cmd/soroban-cli/src/commands/version.rs index 21be0743a..e1c7204d7 100644 --- a/cmd/soroban-cli/src/commands/version.rs +++ b/cmd/soroban-cli/src/commands/version.rs @@ -28,21 +28,9 @@ pub fn long() -> String { format!("soroban-env interface version {}", meta::INTERFACE_VERSION), format!( "stellar-xdr {} ({}) -xdr next ({})", - xdr.pkg, xdr.rev, xdr.xdr_next, +xdr curr ({})", + xdr.pkg, xdr.rev, xdr.xdr_curr, ), ] .join("\n") } - -// Check that the XDR cannel in use is 'next' to ensure that the version output -// is not forgotten when we eventually update to using curr. This is a bit of a -// hack because of limits of what you can do in a constant context, but by being -// a constant context this is checked at compile time. -const _: () = { - #[allow(clippy::single_match)] - match soroban_env_host::VERSION.xdr.xdr.as_bytes() { - b"next" => (), - _ => panic!("xdr version channel needs updating"), - } -}; diff --git a/cmd/soroban-rpc/internal/jsonrpc.go b/cmd/soroban-rpc/internal/jsonrpc.go index b56c255c2..436c1f264 100644 --- a/cmd/soroban-rpc/internal/jsonrpc.go +++ b/cmd/soroban-rpc/internal/jsonrpc.go @@ -25,6 +25,11 @@ import ( "github.com/stellar/soroban-tools/cmd/soroban-rpc/internal/transactions" ) +// maxHTTPRequestSize defines the largest request size that the http handler +// would be willing to accept before dropping the request. The implementation +// uses the default MaxBytesHandler to limit the request size. +const maxHTTPRequestSize = 512 * 1024 // half a megabyte + // Handler is the HTTP handler which serves the Soroban JSON RPC responses type Handler struct { bridge jhttp.Bridge @@ -275,8 +280,7 @@ func NewJSONRPCHandler(cfg *config.Config, params HandlerParams) Handler { globalQueueRequestExecutionDurationLimitCounter, params.Logger) - // Limit request sizes to 10MB - handler = http.MaxBytesHandler(handler, 1024*1024*10) + handler = http.MaxBytesHandler(handler, maxHTTPRequestSize) corsMiddleware := cors.New(cors.Options{ AllowedOrigins: []string{"*"}, diff --git a/cmd/soroban-rpc/internal/methods/get_ledger_entries.go b/cmd/soroban-rpc/internal/methods/get_ledger_entries.go index b7474e323..8cb499a70 100644 --- a/cmd/soroban-rpc/internal/methods/get_ledger_entries.go +++ b/cmd/soroban-rpc/internal/methods/get_ledger_entries.go @@ -6,6 +6,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/support/log" "github.com/stellar/go/xdr" @@ -47,6 +48,14 @@ func NewGetLedgerEntriesHandler(logger *log.Entry, ledgerEntryReader db.LedgerEn var ledgerKeys []xdr.LedgerKey for i, requestKey := range request.Keys { var ledgerKey xdr.LedgerKey + if err := gxdr.ValidateLedgerKey(requestKey, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Infof("could not validate ledgerKey at index %d from getLedgerEntries request", i) + return GetLedgerEntriesResponse{}, &jrpc2.Error{ + Code: jrpc2.InvalidParams, + Message: fmt.Sprintf("cannot unmarshal key value %s at index %d", requestKey, i), + } + } if err := xdr.SafeUnmarshalBase64(requestKey, &ledgerKey); err != nil { logger.WithError(err).WithField("request", request). Infof("could not unmarshal requestKey %s at index %d from getLedgerEntries request", requestKey, i) diff --git a/cmd/soroban-rpc/internal/methods/get_ledger_entry.go b/cmd/soroban-rpc/internal/methods/get_ledger_entry.go index 4ab908a68..d7f219fea 100644 --- a/cmd/soroban-rpc/internal/methods/get_ledger_entry.go +++ b/cmd/soroban-rpc/internal/methods/get_ledger_entry.go @@ -6,6 +6,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/support/log" "github.com/stellar/go/xdr" @@ -27,19 +28,26 @@ type GetLedgerEntryResponse struct { LatestLedger int64 `json:"latestLedger,string"` } +var invalidLedgerKeyXdrError = &jrpc2.Error{ + Code: jrpc2.InvalidParams, + Message: "cannot unmarshal key value", +} + // NewGetLedgerEntryHandler returns a json rpc handler to retrieve the specified ledger entry from stellar core // Deprecated. use NewGetLedgerEntriesHandler instead. // TODO(https://github.com/stellar/soroban-tools/issues/374) remove after getLedgerEntries is deployed. func NewGetLedgerEntryHandler(logger *log.Entry, ledgerEntryReader db.LedgerEntryReader) jrpc2.Handler { return handler.New(func(ctx context.Context, request GetLedgerEntryRequest) (GetLedgerEntryResponse, error) { + if err := gxdr.ValidateLedgerKey(request.Key, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Info("could not validate ledgerKey from getLedgerEntry request") + return GetLedgerEntryResponse{}, invalidLedgerKeyXdrError + } var key xdr.LedgerKey if err := xdr.SafeUnmarshalBase64(request.Key, &key); err != nil { logger.WithError(err).WithField("request", request). Info("could not unmarshal ledgerKey from getLedgerEntry request") - return GetLedgerEntryResponse{}, &jrpc2.Error{ - Code: jrpc2.InvalidParams, - Message: "cannot unmarshal key value", - } + return GetLedgerEntryResponse{}, invalidLedgerKeyXdrError } tx, err := ledgerEntryReader.NewTx(ctx) diff --git a/cmd/soroban-rpc/internal/methods/send_transaction.go b/cmd/soroban-rpc/internal/methods/send_transaction.go index 1ec8dd53c..3651d7e68 100644 --- a/cmd/soroban-rpc/internal/methods/send_transaction.go +++ b/cmd/soroban-rpc/internal/methods/send_transaction.go @@ -6,6 +6,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/network" proto "github.com/stellar/go/protocols/stellarcore" "github.com/stellar/go/support/log" @@ -48,17 +49,24 @@ type LatestLedgerStore interface { GetLatestLedger() transactions.LedgerInfo } +var invalidTransactionXdrError = &jrpc2.Error{ + Code: jrpc2.InvalidParams, + Message: "invalid_xdr", +} + // NewSendTransactionHandler returns a submit transaction json rpc handler func NewSendTransactionHandler(daemon interfaces.Daemon, logger *log.Entry, store LatestLedgerStore, passphrase string) jrpc2.Handler { submitter := daemon.CoreClient() return handler.New(func(ctx context.Context, request SendTransactionRequest) (SendTransactionResponse, error) { + if err := gxdr.ValidateTransactionEnvelope(request.Transaction, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Info("could not validate send transaction envelope") + return SendTransactionResponse{}, invalidTransactionXdrError + } var envelope xdr.TransactionEnvelope err := xdr.SafeUnmarshalBase64(request.Transaction, &envelope) if err != nil { - return SendTransactionResponse{}, &jrpc2.Error{ - Code: jrpc2.InvalidParams, - Message: "invalid_xdr", - } + return SendTransactionResponse{}, invalidTransactionXdrError } var hash [32]byte diff --git a/cmd/soroban-rpc/internal/methods/simulate_transaction.go b/cmd/soroban-rpc/internal/methods/simulate_transaction.go index f19b3af95..7d3d0a7c9 100644 --- a/cmd/soroban-rpc/internal/methods/simulate_transaction.go +++ b/cmd/soroban-rpc/internal/methods/simulate_transaction.go @@ -7,6 +7,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/support/log" "github.com/stellar/go/xdr" @@ -53,6 +54,13 @@ type PreflightGetter interface { func NewSimulateTransactionHandler(logger *log.Entry, ledgerEntryReader db.LedgerEntryReader, ledgerReader db.LedgerReader, getter PreflightGetter) jrpc2.Handler { return handler.New(func(ctx context.Context, request SimulateTransactionRequest) SimulateTransactionResponse { + if err := gxdr.ValidateTransactionEnvelope(request.Transaction, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Info("could not validate simulate transaction envelope") + return SimulateTransactionResponse{ + Error: "Could not unmarshal transaction", + } + } var txEnvelope xdr.TransactionEnvelope if err := xdr.SafeUnmarshalBase64(request.Transaction, &txEnvelope); err != nil { logger.WithError(err).WithField("request", request). diff --git a/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go b/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go index d8154b3db..74e6dce30 100644 --- a/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go +++ b/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go @@ -83,11 +83,12 @@ func TestGetLedgerEntriesSucceeds(t *testing.T) { kp := keypair.Root(StandaloneNetworkPassphrase) account := txnbuild.NewSimpleAccount(kp.Address(), 0) + contractBinary := getHelloWorldContract(t) params := preflightTransactionParams(t, client, txnbuild.TransactionParams{ SourceAccount: &account, IncrementSequenceNum: true, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(account.AccountID, testContract), + createInstallContractCodeOperation(account.AccountID, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Preconditions: txnbuild.Preconditions{ @@ -110,7 +111,7 @@ func TestGetLedgerEntriesSucceeds(t *testing.T) { txStatusResponse := getTransaction(t, client, sendTxResponse.Hash) require.Equal(t, methods.TransactionStatusSuccess, txStatusResponse.Status) - contractHash := sha256.Sum256(testContract) + contractHash := sha256.Sum256(contractBinary) contractKeyB64, err := xdr.MarshalBase64(xdr.LedgerKey{ Type: xdr.LedgerEntryTypeContractCode, ContractCode: &xdr.LedgerKeyContractCode{ @@ -153,6 +154,6 @@ func TestGetLedgerEntriesSucceeds(t *testing.T) { var firstEntry xdr.LedgerEntryData require.NoError(t, xdr.SafeUnmarshalBase64(result.Entries[0].XDR, &firstEntry)) - require.Equal(t, testContract, firstEntry.MustContractCode().Code) + require.Equal(t, contractBinary, firstEntry.MustContractCode().Code) require.Equal(t, contractKeyB64, result.Entries[0].Key) } diff --git a/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go b/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go index 4b8e17572..f30af115f 100644 --- a/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go +++ b/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go @@ -75,11 +75,12 @@ func TestGetLedgerEntrySucceeds(t *testing.T) { kp := keypair.Root(StandaloneNetworkPassphrase) account := txnbuild.NewSimpleAccount(kp.Address(), 0) + contractBinary := getHelloWorldContract(t) params := preflightTransactionParams(t, client, txnbuild.TransactionParams{ SourceAccount: &account, IncrementSequenceNum: true, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(account.AccountID, testContract), + createInstallContractCodeOperation(account.AccountID, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Preconditions: txnbuild.Preconditions{ @@ -91,7 +92,7 @@ func TestGetLedgerEntrySucceeds(t *testing.T) { sendSuccessfulTransaction(t, client, kp, tx) - contractHash := sha256.Sum256(testContract) + contractHash := sha256.Sum256(contractBinary) keyB64, err := xdr.MarshalBase64(xdr.LedgerKey{ Type: xdr.LedgerEntryTypeContractCode, ContractCode: &xdr.LedgerKeyContractCode{ @@ -110,5 +111,5 @@ func TestGetLedgerEntrySucceeds(t *testing.T) { assert.GreaterOrEqual(t, result.LatestLedger, result.LastModifiedLedger) var entry xdr.LedgerEntryData assert.NoError(t, xdr.SafeUnmarshalBase64(result.XDR, &entry)) - assert.Equal(t, testContract, entry.MustContractCode().Code) + assert.Equal(t, contractBinary, entry.MustContractCode().Code) } diff --git a/cmd/soroban-rpc/internal/test/simulate_transaction_test.go b/cmd/soroban-rpc/internal/test/simulate_transaction_test.go index e2df22533..ecf57fad8 100644 --- a/cmd/soroban-rpc/internal/test/simulate_transaction_test.go +++ b/cmd/soroban-rpc/internal/test/simulate_transaction_test.go @@ -23,14 +23,7 @@ import ( ) var ( - testContract = []byte("a contract") - testSalt = sha256.Sum256([]byte("a1")) - testContractId = []byte{ - 16, 98, 83, 23, 8, 235, 211, 5, - 62, 173, 70, 33, 7, 31, 219, 59, - 180, 75, 106, 249, 139, 196, 156, 192, - 113, 17, 184, 51, 142, 142, 94, 40, - } + testSalt = sha256.Sum256([]byte("a1")) ) func getHelloWorldContract(t *testing.T) []byte { @@ -202,6 +195,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { client := jrpc2.NewClient(ch, nil) sourceAccount := keypair.Root(StandaloneNetworkPassphrase).Address() + contractBinary := getHelloWorldContract(t) params := txnbuild.TransactionParams{ SourceAccount: &txnbuild.SimpleAccount{ AccountID: sourceAccount, @@ -209,7 +203,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { }, IncrementSequenceNum: false, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(sourceAccount, testContract), + createInstallContractCodeOperation(sourceAccount, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Memo: nil, @@ -219,11 +213,9 @@ func TestSimulateTransactionSucceeds(t *testing.T) { } result := simulateTransactionFromTxParams(t, client, params) - testContractIdBytes := xdr.ScBytes(testContractId) - expectedXdr := xdr.ScVal{ - Type: xdr.ScValTypeScvBytes, - Bytes: &testContractIdBytes, - } + contractHash := sha256.Sum256(contractBinary) + contractHashBytes := xdr.ScBytes(contractHash[:]) + expectedXdr := xdr.ScVal{Type: xdr.ScValTypeScvBytes, Bytes: &contractHashBytes} assert.Greater(t, result.LatestLedger, int64(0)) assert.Greater(t, result.Cost.CPUInstructions, uint64(0)) assert.Greater(t, result.Cost.MemoryBytes, uint64(0)) @@ -235,14 +227,14 @@ func TestSimulateTransactionSucceeds(t *testing.T) { { Type: xdr.LedgerEntryTypeContractCode, ContractCode: &xdr.LedgerKeyContractCode{ - Hash: xdr.Hash(testContractId), + Hash: xdr.Hash(contractHash), }, }, }, }, - Instructions: 79653, + Instructions: 4961700, ReadBytes: 48, - WriteBytes: 64, + WriteBytes: 5468, }, RefundableFee: 20056, } @@ -261,7 +253,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { assert.Equal(t, expectedXdr, resultXdr) // test operation which does not have a source account - withoutSourceAccountOp := createInstallContractCodeOperation("", testContract) + withoutSourceAccountOp := createInstallContractCodeOperation("", contractBinary) params = txnbuild.TransactionParams{ SourceAccount: &txnbuild.SimpleAccount{ AccountID: sourceAccount, @@ -290,7 +282,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { }, IncrementSequenceNum: false, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(sourceAccount, testContract), + createInstallContractCodeOperation(sourceAccount, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Memo: nil, @@ -597,6 +589,7 @@ func TestSimulateTransactionMultipleOperations(t *testing.T) { client := jrpc2.NewClient(ch, nil) sourceAccount := keypair.Root(StandaloneNetworkPassphrase).Address() + contractBinary := getHelloWorldContract(t) params := txnbuild.TransactionParams{ SourceAccount: &txnbuild.SimpleAccount{ AccountID: keypair.Root(StandaloneNetworkPassphrase).Address(), @@ -604,8 +597,8 @@ func TestSimulateTransactionMultipleOperations(t *testing.T) { }, IncrementSequenceNum: false, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(sourceAccount, testContract), - createCreateContractOperation(t, sourceAccount, testContract, StandaloneNetworkPassphrase), + createInstallContractCodeOperation(sourceAccount, contractBinary), + createCreateContractOperation(t, sourceAccount, contractBinary, StandaloneNetworkPassphrase), }, BaseFee: txnbuild.MinBaseFee, Memo: nil, diff --git a/cmd/soroban-rpc/internal/test/transaction_test.go b/cmd/soroban-rpc/internal/test/transaction_test.go index 14e7318bb..b53c8f25b 100644 --- a/cmd/soroban-rpc/internal/test/transaction_test.go +++ b/cmd/soroban-rpc/internal/test/transaction_test.go @@ -2,6 +2,7 @@ package test import ( "context" + "crypto/sha256" "fmt" "testing" "time" @@ -54,11 +55,12 @@ func TestSendTransactionSucceedsWithResults(t *testing.T) { address := kp.Address() account := txnbuild.NewSimpleAccount(address, 0) + contractBinary := getHelloWorldContract(t) params := preflightTransactionParams(t, client, txnbuild.TransactionParams{ SourceAccount: &account, IncrementSequenceNum: true, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(account.AccountID, testContract), + createInstallContractCodeOperation(account.AccountID, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Preconditions: txnbuild.Preconditions{ @@ -77,8 +79,9 @@ func TestSendTransactionSucceedsWithResults(t *testing.T) { invokeHostFunctionResult, ok := opResults[0].MustTr().GetInvokeHostFunctionResult() assert.True(t, ok) assert.Equal(t, invokeHostFunctionResult.Code, xdr.InvokeHostFunctionResultCodeInvokeHostFunctionSuccess) - contractIDBytes := xdr.ScBytes(testContractId) - expectedScVal := xdr.ScVal{Type: xdr.ScValTypeScvBytes, Bytes: &contractIDBytes} + contractHash := sha256.Sum256(contractBinary) + contractHashBytes := xdr.ScBytes(contractHash[:]) + expectedScVal := xdr.ScVal{Type: xdr.ScValTypeScvBytes, Bytes: &contractHashBytes} var transactionMeta xdr.TransactionMeta assert.NoError(t, xdr.SafeUnmarshalBase64(response.ResultMetaXdr, &transactionMeta)) assert.True(t, expectedScVal.Equals(transactionMeta.V3.SorobanMeta.ReturnValue)) @@ -158,7 +161,7 @@ func TestSendTransactionFailedInLedger(t *testing.T) { address := kp.Address() account := txnbuild.NewSimpleAccount(address, 0) - op := createInstallContractCodeOperation(account.AccountID, testContract) + op := createInstallContractCodeOperation(account.AccountID, getHelloWorldContract(t)) // without the presources the tx will fail op.Ext = xdr.TransactionExt{ V: 1, diff --git a/cmd/soroban-rpc/lib/preflight/Cargo.toml b/cmd/soroban-rpc/lib/preflight/Cargo.toml index c1e19cda9..0e70d5881 100644 --- a/cmd/soroban-rpc/lib/preflight/Cargo.toml +++ b/cmd/soroban-rpc/lib/preflight/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "preflight" -version = "0.9.4" +version = "20.0.0-rc1" publish = false [lib] diff --git a/go.mod b/go.mod index 6cee54593..fe3964128 100644 --- a/go.mod +++ b/go.mod @@ -16,12 +16,14 @@ require ( github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.7.0 github.com/spf13/pflag v1.0.5 - github.com/stellar/go v0.0.0-20230912144159-176a6f499a49 + github.com/stellar/go v0.0.0-20230913112642-b19a4ceec268 github.com/stretchr/testify v1.8.4 golang.org/x/mod v0.12.0 gotest.tools/v3 v3.5.0 ) +require github.com/xdrpp/goxdr v0.1.1 // indirect + require ( github.com/BurntSushi/toml v0.3.1 // indirect github.com/Microsoft/go-winio v0.4.16 // indirect diff --git a/go.sum b/go.sum index 238b122d8..cd64f6830 100644 --- a/go.sum +++ b/go.sum @@ -189,8 +189,8 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.3.2 h1:VUFqw5KcqRf7i70GOzW7N+Q7+gxVBkSSqiXB12+JQ4M= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/stellar/go v0.0.0-20230912144159-176a6f499a49 h1:7Tp/Kt+wHsaWHTEOfbMDhbvKhPCjyqG7typ2CUFLHdk= -github.com/stellar/go v0.0.0-20230912144159-176a6f499a49/go.mod h1:5/qoLl0pexA5OPi0BZvDsOc3532CJlHuRg1dnBxbsGg= +github.com/stellar/go v0.0.0-20230913112642-b19a4ceec268 h1:mmweoXJEkZKyoUkvL+nS1ecwlHclHxGGZmhUsCnZpuE= +github.com/stellar/go v0.0.0-20230913112642-b19a4ceec268/go.mod h1:5/qoLl0pexA5OPi0BZvDsOc3532CJlHuRg1dnBxbsGg= github.com/stellar/go-xdr v0.0.0-20211103144802-8017fc4bdfee h1:fbVs0xmXpBvVS4GBeiRmAE3Le70ofAqFMch1GTiq/e8= github.com/stellar/go-xdr v0.0.0-20211103144802-8017fc4bdfee/go.mod h1:yoxyU/M8nl9LKeWIoBrbDPQ7Cy+4jxRcWcOayZ4BMps= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -211,6 +211,7 @@ github.com/valyala/fasthttp v1.34.0 h1:d3AAQJ2DRcxJYHm7OXNXtXt2as1vMDfxeIcFvhmGG github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xdrpp/goxdr v0.1.1 h1:E1B2c6E8eYhOVyd7yEpOyopzTPirUeF6mVOfXfGyJyc= +github.com/xdrpp/goxdr v0.1.1/go.mod h1:dXo1scL/l6s7iME1gxHWo2XCppbHEKZS7m/KyYWkNzA= github.com/xeipuuv/gojsonpointer v0.0.0-20151027082146-e0fe6f683076 h1:KM4T3G70MiR+JtqplcYkNVoNz7pDwYaBxWBXQK804So= github.com/xeipuuv/gojsonreference v0.0.0-20150808065054-e02fc20de94c h1:XZWnr3bsDQWAZg4Ne+cPoXRPILrNlPNQfxBuwLl43is= github.com/xeipuuv/gojsonschema v0.0.0-20161231055540-f06f290571ce h1:cVSRGH8cOveJNwFEEZLXtB+XMnRqKLjUP6V/ZFYQCXI= diff --git a/scripts/check-dependencies.bash b/scripts/check-dependencies.bash index 027a29669..63a863836 100755 --- a/scripts/check-dependencies.bash +++ b/scripts/check-dependencies.bash @@ -33,7 +33,7 @@ STELLAR_XDR_REVISION_FROM_RUST="" if CARGO_OUTPUT=$(cargo tree --depth 0 -p stellar-xdr 2>&1); then RS_STELLAR_XDR_REVISION=$(echo $CARGO_OUTPUT | head -n 1 | $SED "$CARGO_PACKAGE_REVISION_EXTRACT_SED_COMMAND") - STELLAR_XDR_REVISION_FROM_RUST=$($CURL https://raw.githubusercontent.com/stellar/rs-stellar-xdr/${RS_STELLAR_XDR_REVISION}/xdr/next-version) + STELLAR_XDR_REVISION_FROM_RUST=$($CURL https://raw.githubusercontent.com/stellar/rs-stellar-xdr/${RS_STELLAR_XDR_REVISION}/xdr/curr-version) else echo "The project depends on multiple versions of the Rust rs-stellar-xdr library" echo "Make sure a single version of stellar-xdr is used"