solana/src/transaction.rs

//! The `transaction` crate provides functionality for creating log transactions.

use signature::{get_pubkey, verify_signature, PublicKey, Signature};
use ring::signature::Ed25519KeyPair;
use serde::Serialize;
use bincode::serialize;
use log::Sha256Hash;

#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
pub struct Transaction<T> {
    pub from: PublicKey,
    pub to: PublicKey,
    pub asset: T,
    pub last_id: Sha256Hash,
    pub sig: Signature,
}

impl<T: Serialize> Transaction<T> {
    pub fn new(
        from_keypair: &Ed25519KeyPair,
        to: PublicKey,
        asset: T,
        last_id: Sha256Hash,
    ) -> Self {
        let mut tr = Transaction {
            from: get_pubkey(&from_keypair),
            to,
            asset,
            last_id,
            sig: Signature::default(),
        };
        tr.sign(from_keypair);
        tr
    }

    fn get_sign_data(&self) -> Vec<u8> {
        serialize(&(&self.from, &self.to, &self.asset, &self.last_id)).unwrap()
    }

    pub fn sign(&mut self, keypair: &Ed25519KeyPair) {
        let sign_data = self.get_sign_data();
        self.sig = Signature::clone_from_slice(keypair.sign(&sign_data).as_ref());
    }

    pub fn verify(&self) -> bool {
        verify_signature(&self.from, &self.get_sign_data(), &self.sig)
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use bincode::{deserialize, serialize};
    use log::*;
    use signature::*;

    #[test]
    fn test_claim() {
        let keypair = generate_keypair();
        let asset = hash(b"hello, world");
        let zero = Sha256Hash::default();
        let tr0 = Transaction::new(&keypair, get_pubkey(&keypair), asset, zero);
        assert!(tr0.verify());
    }

    #[test]
    fn test_transfer() {
        let zero = Sha256Hash::default();
        let keypair0 = generate_keypair();
        let keypair1 = generate_keypair();
        let pubkey1 = get_pubkey(&keypair1);
        let asset = hash(b"hello, world");
        let tr0 = Transaction::new(&keypair0, pubkey1, asset, zero);
        assert!(tr0.verify());
    }

    #[test]
    fn test_serialize_claim() {
        let claim0 = Transaction {
            from: Default::default(),
            to: Default::default(),
            asset: 0u8,
            last_id: Default::default(),
            sig: Default::default(),
        };
        let buf = serialize(&claim0).unwrap();
        let claim1: Transaction<u8> = deserialize(&buf).unwrap();
        assert_eq!(claim1, claim0);
    }

    #[test]
    fn test_bad_event_signature() {
        let zero = Sha256Hash::default();
        let keypair = generate_keypair();
        let pubkey = get_pubkey(&keypair);
        let mut tr = Transaction::new(&keypair, pubkey, hash(b"hello, world"), zero);
        tr.sign(&keypair);
        tr.asset = hash(b"goodbye cruel world"); // <-- attack!
        assert!(!tr.verify());
    }

    #[test]
    fn test_hijack_attack() {
        let keypair0 = generate_keypair();
        let keypair1 = generate_keypair();
        let thief_keypair = generate_keypair();
        let pubkey1 = get_pubkey(&keypair1);
        let zero = Sha256Hash::default();
        let mut tr = Transaction::new(&keypair0, pubkey1, hash(b"hello, world"), zero);
        tr.sign(&keypair0);
        tr.to = get_pubkey(&thief_keypair); // <-- attack!
        assert!(!tr.verify());
    }
}
Give Transaction its own module 2018-03-06 11:18:17 -08:00			//! The `transaction` crate provides functionality for creating log transactions.

Add signature module Because things other than transactions can be signed. 2018-03-06 11:48:26 -08:00			`use signature::{get_pubkey, verify_signature, PublicKey, Signature};`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`use ring::signature::Ed25519KeyPair;`
			`use serde::Serialize;`
			`use bincode::serialize;`
			`use log::Sha256Hash;`

			`#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]`
			`pub struct Transaction<T> {`
			`pub from: PublicKey,`
			`pub to: PublicKey,`
data -> asset 'data' is too vague. 2018-03-06 13:37:08 -08:00			`pub asset: T,`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`pub last_id: Sha256Hash,`
			`pub sig: Signature,`
			`}`

Move verify into methods A little overly-coupled to Serialize, but makes the code a lot tighter 2018-03-06 11:26:39 -08:00			`impl<T: Serialize> Transaction<T> {`
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`pub fn new(`
			`from_keypair: &Ed25519KeyPair,`
			`to: PublicKey,`
			`asset: T,`
			`last_id: Sha256Hash,`
			`) -> Self {`
			`let mut tr = Transaction {`
			`from: get_pubkey(&from_keypair),`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`to,`
data -> asset 'data' is too vague. 2018-03-06 13:37:08 -08:00			`asset,`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`last_id,`
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`sig: Signature::default(),`
			`};`
			`tr.sign(from_keypair);`
			`tr`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`}`
Move verify into methods A little overly-coupled to Serialize, but makes the code a lot tighter 2018-03-06 11:26:39 -08:00
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`fn get_sign_data(&self) -> Vec<u8> {`
			`serialize(&(&self.from, &self.to, &self.asset, &self.last_id)).unwrap()`
Move verify into methods A little overly-coupled to Serialize, but makes the code a lot tighter 2018-03-06 11:26:39 -08:00			`}`
Give Transaction its own module 2018-03-06 11:18:17 -08:00
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`pub fn sign(&mut self, keypair: &Ed25519KeyPair) {`
			`let sign_data = self.get_sign_data();`
			`self.sig = Signature::clone_from_slice(keypair.sign(&sign_data).as_ref());`
			`}`
Give Transaction its own module 2018-03-06 11:18:17 -08:00
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`pub fn verify(&self) -> bool {`
			`verify_signature(&self.from, &self.get_sign_data(), &self.sig)`
			`}`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`}`

			`#[cfg(test)]`
			`mod tests {`
			`use super::*;`
			`use bincode::{deserialize, serialize};`
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`use log::*;`
			`use signature::*;`

			`#[test]`
			`fn test_claim() {`
			`let keypair = generate_keypair();`
			`let asset = hash(b"hello, world");`
			`let zero = Sha256Hash::default();`
			`let tr0 = Transaction::new(&keypair, get_pubkey(&keypair), asset, zero);`
			`assert!(tr0.verify());`
			`}`

			`#[test]`
			`fn test_transfer() {`
			`let zero = Sha256Hash::default();`
			`let keypair0 = generate_keypair();`
			`let keypair1 = generate_keypair();`
			`let pubkey1 = get_pubkey(&keypair1);`
			`let asset = hash(b"hello, world");`
			`let tr0 = Transaction::new(&keypair0, pubkey1, asset, zero);`
			`assert!(tr0.verify());`
			`}`
Give Transaction its own module 2018-03-06 11:18:17 -08:00
			`#[test]`
			`fn test_serialize_claim() {`
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00			`let claim0 = Transaction {`
			`from: Default::default(),`
			`to: Default::default(),`
			`asset: 0u8,`
			`last_id: Default::default(),`
			`sig: Default::default(),`
			`};`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`let buf = serialize(&claim0).unwrap();`
			`let claim1: Transaction<u8> = deserialize(&buf).unwrap();`
			`assert_eq!(claim1, claim0);`
			`}`
DRY up transaction signing Cleanup the big mess I copy-pasted myself into. 2018-03-06 15:34:14 -08:00
			`#[test]`
			`fn test_bad_event_signature() {`
			`let zero = Sha256Hash::default();`
			`let keypair = generate_keypair();`
			`let pubkey = get_pubkey(&keypair);`
			`let mut tr = Transaction::new(&keypair, pubkey, hash(b"hello, world"), zero);`
			`tr.sign(&keypair);`
			`tr.asset = hash(b"goodbye cruel world"); // <-- attack!`
			`assert!(!tr.verify());`
			`}`

			`#[test]`
			`fn test_hijack_attack() {`
			`let keypair0 = generate_keypair();`
			`let keypair1 = generate_keypair();`
			`let thief_keypair = generate_keypair();`
			`let pubkey1 = get_pubkey(&keypair1);`
			`let zero = Sha256Hash::default();`
			`let mut tr = Transaction::new(&keypair0, pubkey1, hash(b"hello, world"), zero);`
			`tr.sign(&keypair0);`
			`tr.to = get_pubkey(&thief_keypair); // <-- attack!`
			`assert!(!tr.verify());`
			`}`
Give Transaction its own module 2018-03-06 11:18:17 -08:00			`}`