New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat!: authenticate personal accounts by ID #4411
base: main
Are you sure you want to change the base?
Conversation
Pull Request Test Coverage Report for Build 8595871540Details
💛 - Coveralls |
Updated, see this comparison. The changes are as follows:
Then, now rebasing |
c74f371
to
2d2463a
Compare
Some discussions are now outside the scope of this PR, so they will be folded once and tracked in #4426 |
05f1314
to
d08dfcb
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated according to this policy. Then, now rebasing
client/tests/integration/smartcontracts/executor_with_admin/src/lib.rs
Outdated
Show resolved
Hide resolved
2b8776d
to
2a397a7
Compare
103ffc4
to
f90e2ee
Compare
client_cli/pytests/common/consts.py
Outdated
@@ -15,11 +15,11 @@ class Stderr(Enum): | |||
Enum for standard error messages. | |||
""" | |||
|
|||
CANNOT_BE_EMPTY = "cannot be empty\n\nFor more information, try '--help'.\n" | |||
EMPTY = "mpty" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"mpty" was the intersection of various Empty error messages and was considered enough to identify the cause, but I revised the messages to contain "Empty"
6f39591
to
c321539
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Transfer": { | ||
"AssetDefinition": { | ||
"source_id": "ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4@genesis", | ||
"object": "rose#wonderland", | ||
"destination_id": "ed0120CE7FA46C9DCE7EA4B125E2E36BDB63EA33073E7590AC92816AE1E861B7048B03@wonderland" | ||
} | ||
} | ||
}, | ||
{ | ||
"Transfer": { | ||
"Domain": { | ||
"source_id": "genesis@genesis", | ||
"source_id": "ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4@genesis", | ||
"object": "wonderland", | ||
"destination_id": "alice@wonderland" | ||
"destination_id": "ed0120CE7FA46C9DCE7EA4B125E2E36BDB63EA33073E7590AC92816AE1E861B7048B03@wonderland" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here genesis.json
has a literal genesis public key, which means kagami genesis
requires some input of the genesis public key. That's why I made kagami genesis
read GENESIS_PUBLIC_KEY
environment variable
GENESIS_PUBLIC_KEY=ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 cargo run --release --bin kagami -- genesis --executor-path-in-genesis ./executor.wasm | diff - configs/swarm/genesis.json || { | ||
echo 'Please re-generate the default genesis with `GENESIS_PUBLIC_KEY=ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4 cargo run --release --bin kagami -- genesis --executor-path-in-genesis ./executor.wasm > configs/swarm/genesis.json`' | ||
echo 'The assumption here is that the authority of the default genesis transaction is `test_samples::SAMPLE_GENESIS_ACCOUNT_ID`' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As long as genesis.json
is not generated on demand but tracked in git, there is always the problem of which genesis public key should be specified. I've introduced an assumption that the authority of the default genesis transaction is test_samples::SAMPLE_GENESIS_ACCOUNT_ID
, which is consistent with the preset GENESIS_PUBLIC_KEY
in swarm, which is known to be obtained by kagami crypto --seed "Irohagenesis"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So SAMPLE_GENESIS_ACCOUNT_ID
is deeply involved with the default genesis, but its prefix is not DEFAULT but SAMPLE because it may be used elsewhere e.g. a synthetic genesis
if account_id == *iroha_genesis::GENESIS_ACCOUNT_ID { | ||
if *account_id.domain_id() == *iroha_genesis::GENESIS_DOMAIN_ID { | ||
return Err(InstructionExecutionError::InvariantViolation( | ||
"Not allowed to register `genesis@genesis` account".to_owned(), | ||
"Not allowed to register account in genesis domain".to_owned(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not genesis account but genesis domain of the registration target now causes transaction rejection
if *iroha_genesis::GENESIS_ACCOUNT_ID == *tx.authority() { | ||
if *iroha_genesis::GENESIS_DOMAIN_ID == *tx.authority().domain_id() { | ||
return Err(AcceptTransactionFail::UnexpectedGenesisAccountSignature); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not genesis account but genesis domain of the authority now causes transaction rejection
BREAKING CHANGE: - change `AccountId` from "name@domain" to "multihash@domain" - make account signatory single - make transaction signature single - remove query `FindAccountsByName` closes issue hyperledger#2085 Signed-off-by: Shunkichi Sato <49983831+s8sato@users.noreply.github.com>
Description
[feature] #2085: Authenticate personal accounts by ID
This is a milestone for the following commit. The inclusion of the public key in the ID allows the ID to match the verifying key of the signature. This makes it possible to authenticate transactions and queries with the ID alone.
api-changes
: single signatory account, single signature transactionapi-changes
: remove queryFindAccountsByName
config-changes
: client configaccount.id
changes toaccount.domain_id
test_samples
utility for tests[feature] #2085: Auto-register destination account on transferIncludes registration of the destination account in the transfer execution. The main use case is described in testauto_register_account::on_transfer::asset_numeric
Linked issue
transaction.signature
andtransaction.payload.authority
#4410Benefits
As long as you know the address (account ID), you can send without worrying whether the destination account is already registered on the chain.
However, the current design requires the sender to be authorized to register a new account within the domain. See #4411 (comment)
Drawbacks
name@domain
notation will be temporary lostChecklist
CONTRIBUTING.md