diff --git a/Makefile b/Makefile index 143395559..84c4e11f4 100644 --- a/Makefile +++ b/Makefile @@ -27,9 +27,9 @@ test_unit: test_cli: tests/cli/shunit2 # sudo apt-get install jq - @./tests/cli/basictx.sh - @./tests/cli/counter.sh - @./tests/cli/restart.sh + ./tests/cli/basictx.sh + ./tests/cli/counter.sh + ./tests/cli/restart.sh # @./tests/cli/ibc.sh test_tutorial: docs/guide/shunit2 diff --git a/app/app.go b/app/app.go index 836e8c66f..bdcdbbbd8 100644 --- a/app/app.go +++ b/app/app.go @@ -15,6 +15,7 @@ import ( "github.com/tendermint/basecoin/modules/base" "github.com/tendermint/basecoin/modules/coin" "github.com/tendermint/basecoin/modules/fee" + "github.com/tendermint/basecoin/modules/nonce" "github.com/tendermint/basecoin/stack" sm "github.com/tendermint/basecoin/state" "github.com/tendermint/basecoin/version" @@ -62,6 +63,7 @@ func DefaultHandler(feeDenom string) basecoin.Handler { stack.Recovery{}, auth.Signatures{}, base.Chain{}, + nonce.ReplayCheck{}, fee.NewSimpleFeeMiddleware(coin.Coin{feeDenom, 0}, fee.Bank), ).Use(d) } diff --git a/app/app_test.go b/app/app_test.go index cbb446bb0..2342bf241 100644 --- a/app/app_test.go +++ b/app/app_test.go @@ -14,6 +14,7 @@ import ( "github.com/tendermint/basecoin/modules/base" "github.com/tendermint/basecoin/modules/coin" "github.com/tendermint/basecoin/modules/fee" + "github.com/tendermint/basecoin/modules/nonce" "github.com/tendermint/basecoin/stack" "github.com/tendermint/basecoin/state" wire "github.com/tendermint/go-wire" @@ -55,15 +56,17 @@ func (at *appTest) signTx(tx basecoin.Tx) basecoin.Tx { return stx.Wrap() } -func (at *appTest) getTx(coins coin.Coins) basecoin.Tx { +func (at *appTest) getTx(coins coin.Coins, sequence uint32) basecoin.Tx { tx := at.baseTx(coins) + tx = nonce.NewTx(sequence, []basecoin.Actor{at.acctIn.Actor()}, tx) tx = base.NewChainTx(at.chainID, 0, tx) return at.signTx(tx) } -func (at *appTest) feeTx(coins coin.Coins, toll coin.Coin) basecoin.Tx { +func (at *appTest) feeTx(coins coin.Coins, toll coin.Coin, sequence uint32) basecoin.Tx { tx := at.baseTx(coins) tx = fee.NewFee(tx, toll, at.acctIn.Actor()) + tx = nonce.NewTx(sequence, []basecoin.Actor{at.acctIn.Actor()}, tx) tx = base.NewChainTx(at.chainID, 0, tx) return at.signTx(tx) } @@ -210,22 +213,22 @@ func TestTx(t *testing.T) { //Bad Balance at.acctIn.Coins = coin.Coins{{"mycoin", 2}} at.initAccount(at.acctIn) - res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), true) + res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), true) assert.True(res.IsErr(), "ExecTx/Bad CheckTx: Expected error return from ExecTx, returned: %v", res) - res, diffIn, diffOut := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), false) + res, diffIn, diffOut := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), false) assert.True(res.IsErr(), "ExecTx/Bad DeliverTx: Expected error return from ExecTx, returned: %v", res) assert.True(diffIn.IsZero()) assert.True(diffOut.IsZero()) //Regular CheckTx at.reset() - res, _, _ = at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), true) + res, _, _ = at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), true) assert.True(res.IsOK(), "ExecTx/Good CheckTx: Expected OK return from ExecTx, Error: %v", res) //Regular DeliverTx at.reset() amt := coin.Coins{{"mycoin", 3}} - res, diffIn, diffOut = at.exec(t, at.getTx(amt), false) + res, diffIn, diffOut = at.exec(t, at.getTx(amt, 1), false) assert.True(res.IsOK(), "ExecTx/Good DeliverTx: Expected OK return from ExecTx, Error: %v", res) assert.Equal(amt.Negative(), diffIn) assert.Equal(amt, diffOut) @@ -234,7 +237,7 @@ func TestTx(t *testing.T) { at.reset() amt = coin.Coins{{"mycoin", 4}} toll := coin.Coin{"mycoin", 1} - res, diffIn, diffOut = at.exec(t, at.feeTx(amt, toll), false) + res, diffIn, diffOut = at.exec(t, at.feeTx(amt, toll, 1), false) assert.True(res.IsOK(), "ExecTx/Good DeliverTx: Expected OK return from ExecTx, Error: %v", res) payment := amt.Plus(coin.Coins{toll}).Negative() assert.Equal(payment, diffIn) @@ -246,7 +249,7 @@ func TestQuery(t *testing.T) { assert := assert.New(t) at := newAppTest(t) - res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), false) + res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), false) assert.True(res.IsOK(), "Commit, DeliverTx: Expected OK return from DeliverTx, Error: %v", res) resQueryPreCommit := at.app.Query(abci.RequestQuery{ diff --git a/cmd/basecli/commands/cmds.go b/cmd/basecli/commands/cmds.go index 631c371d6..3732f38fc 100644 --- a/cmd/basecli/commands/cmds.go +++ b/cmd/basecli/commands/cmds.go @@ -2,21 +2,25 @@ package commands import ( "encoding/hex" + "fmt" "strings" "github.com/pkg/errors" "github.com/spf13/cobra" "github.com/spf13/viper" - "github.com/tendermint/basecoin" "github.com/tendermint/light-client/commands" txcmd "github.com/tendermint/light-client/commands/txs" cmn "github.com/tendermint/tmlibs/common" + ctypes "github.com/tendermint/tendermint/rpc/core/types" + + "github.com/tendermint/basecoin" "github.com/tendermint/basecoin/modules/auth" "github.com/tendermint/basecoin/modules/base" "github.com/tendermint/basecoin/modules/coin" "github.com/tendermint/basecoin/modules/fee" + "github.com/tendermint/basecoin/modules/nonce" ) //------------------------- @@ -49,7 +53,7 @@ func init() { flags.Int(FlagSequence, -1, "Sequence number for this transaction") } -// runDemo is an example of how to make a tx +// doSendTx is an example of how to make a tx func doSendTx(cmd *cobra.Command, args []string) error { // load data from json or flags var tx basecoin.Tx @@ -69,6 +73,10 @@ func doSendTx(cmd *cobra.Command, args []string) error { if err != nil { return err } + tx, err = WrapNonceTx(tx) + if err != nil { + return err + } tx, err = WrapChainTx(tx) if err != nil { return err @@ -82,11 +90,40 @@ func doSendTx(cmd *cobra.Command, args []string) error { if err != nil { return err } + if err = ValidateResult(bres); err != nil { + return err + } // Output result return txcmd.OutputTx(bres) } +// ValidateResult returns an appropriate error if the server rejected the +// tx in CheckTx or DeliverTx +func ValidateResult(res *ctypes.ResultBroadcastTxCommit) error { + if res.CheckTx.IsErr() { + return fmt.Errorf("CheckTx: (%d): %s", res.CheckTx.Code, res.CheckTx.Log) + } + if res.DeliverTx.IsErr() { + return fmt.Errorf("DeliverTx: (%d): %s", res.DeliverTx.Code, res.DeliverTx.Log) + } + return nil +} + +// WrapNonceTx grabs the sequence number from the flag and wraps +// the tx with this nonce. Grabs the permission from the signer, +// as we still only support single sig on the cli +func WrapNonceTx(tx basecoin.Tx) (res basecoin.Tx, err error) { + //add the nonce tx layer to the tx + seq := viper.GetInt(FlagSequence) + if seq < 0 { + return res, fmt.Errorf("sequence must be greater than 0") + } + signers := []basecoin.Actor{GetSignerAct()} + res = nonce.NewTx(uint32(seq), signers, tx) + return +} + // WrapFeeTx checks for FlagFee and if present wraps the tx with a // FeeTx of the given amount, paid by the signer func WrapFeeTx(tx basecoin.Tx) (res basecoin.Tx, err error) { @@ -99,7 +136,8 @@ func WrapFeeTx(tx basecoin.Tx) (res basecoin.Tx, err error) { if toll.IsZero() { return tx, nil } - return fee.NewFee(tx, toll, getSignerAddr()), nil + res = fee.NewFee(tx, toll, GetSignerAct()) + return } // WrapChainTx will wrap the tx with a ChainTx from the standard flags @@ -110,10 +148,12 @@ func WrapChainTx(tx basecoin.Tx) (res basecoin.Tx, err error) { return res, errors.New("No chain-id provided") } res = base.NewChainTx(chain, uint64(expires), tx) - return res, nil + return } -func getSignerAddr() (res basecoin.Actor) { +// GetSignerAct returns the address of the signer of the tx +// (as we still only support single sig) +func GetSignerAct() (res basecoin.Actor) { // this could be much cooler with multisig... signer := txcmd.GetSigner() if !signer.Empty() { @@ -138,7 +178,7 @@ func readSendTxFlags() (tx basecoin.Tx, err error) { // craft the inputs and outputs ins := []coin.TxInput{{ - Address: getSignerAddr(), + Address: GetSignerAct(), Coins: amountCoins, }} outs := []coin.TxOutput{{ diff --git a/cmd/basecli/commands/query.go b/cmd/basecli/commands/query.go index 3d5b4fb06..ce3fa338c 100644 --- a/cmd/basecli/commands/query.go +++ b/cmd/basecli/commands/query.go @@ -13,6 +13,7 @@ import ( "github.com/tendermint/basecoin/modules/auth" "github.com/tendermint/basecoin/modules/coin" + "github.com/tendermint/basecoin/modules/nonce" "github.com/tendermint/basecoin/stack" ) @@ -41,6 +42,37 @@ func doAccountQuery(cmd *cobra.Command, args []string) error { return proofcmd.OutputProof(acc, proof.BlockHeight()) } +// NonceQueryCmd - command to query an nonce account +var NonceQueryCmd = &cobra.Command{ + Use: "nonce [address]", + Short: "Get details of a nonce sequence number, with proof", + RunE: lcmd.RequireInit(doNonceQuery), +} + +func doNonceQuery(cmd *cobra.Command, args []string) error { + addr, err := proofcmd.ParseHexKey(args, "address") + if err != nil { + return err + } + + act := []basecoin.Actor{basecoin.NewActor( + auth.NameSigs, + addr, + )} + + key := stack.PrefixedKey(nonce.NameNonce, nonce.GetSeqKey(act)) + + var seq uint32 + proof, err := proofcmd.GetAndParseAppProof(key, &seq) + if lc.IsNoDataErr(err) { + return errors.Errorf("Sequence is empty for address %X ", addr) + } else if err != nil { + return err + } + + return proofcmd.OutputProof(seq, proof.BlockHeight()) +} + // BaseTxPresenter this decodes all basecoin tx type BaseTxPresenter struct { proofs.RawPresenter // this handles MakeKey as hex bytes diff --git a/cmd/basecli/main.go b/cmd/basecli/main.go index 4d96fc3f0..48dcf1dd5 100644 --- a/cmd/basecli/main.go +++ b/cmd/basecli/main.go @@ -39,6 +39,7 @@ func main() { proofs.TxCmd, proofs.KeyCmd, bcmd.AccountQueryCmd, + bcmd.NonceQueryCmd, ) // you will always want this for the base send command diff --git a/context.go b/context.go index d67fa0d9a..4da626ed3 100644 --- a/context.go +++ b/context.go @@ -2,6 +2,8 @@ package basecoin import ( "bytes" + "fmt" + "sort" wire "github.com/tendermint/go-wire" "github.com/tendermint/go-wire/data" @@ -19,6 +21,7 @@ type Actor struct { Address data.Bytes `json:"addr"` // arbitrary app-specific unique id } +// NewActor - create a new actor func NewActor(app string, addr []byte) Actor { return Actor{App: app, Address: addr} } @@ -35,6 +38,11 @@ func (a Actor) Equals(b Actor) bool { bytes.Equal(a.Address, b.Address) } +// Empty checks if the actor is not initialized +func (a Actor) Empty() bool { + return a.ChainID == "" && a.App == "" && len(a.Address) == 0 +} + // Context is an interface, so we can implement "secure" variants that // rely on private fields to control the actions type Context interface { @@ -48,3 +56,36 @@ type Context interface { ChainID() string BlockHeight() uint64 } + +//////////////////////////////// Sort Interface +// USAGE sort.Sort(ByAll()) + +func (a Actor) String() string { + return fmt.Sprintf("%x", a.Address) +} + +// ByAll implements sort.Interface for []Actor. +// It sorts be the ChainID, followed by the App, followed by the Address +type ByAll []Actor + +// Verify the sort interface at compile time +var _ sort.Interface = ByAll{} + +func (a ByAll) Len() int { return len(a) } +func (a ByAll) Swap(i, j int) { a[i], a[j] = a[j], a[i] } +func (a ByAll) Less(i, j int) bool { + + if a[i].ChainID < a[j].ChainID { + return true + } + if a[i].ChainID > a[j].ChainID { + return false + } + if a[i].App < a[j].App { + return true + } + if a[i].App > a[j].App { + return false + } + return bytes.Compare(a[i].Address, a[j].Address) == -1 +} diff --git a/docs/guide/counter/cmd/countercli/commands/counter.go b/docs/guide/counter/cmd/countercli/commands/counter.go index 9e420b008..68fb86700 100644 --- a/docs/guide/counter/cmd/countercli/commands/counter.go +++ b/docs/guide/counter/cmd/countercli/commands/counter.go @@ -60,6 +60,10 @@ func counterTx(cmd *cobra.Command, args []string) error { if err != nil { return err } + tx, err = bcmd.WrapNonceTx(tx) + if err != nil { + return err + } tx, err = bcmd.WrapChainTx(tx) if err != nil { return err @@ -72,6 +76,9 @@ func counterTx(cmd *cobra.Command, args []string) error { if err != nil { return err } + if err = bcmd.ValidateResult(bres); err != nil { + return err + } // Output result return txcmd.OutputTx(bres) @@ -83,6 +90,6 @@ func readCounterTxFlags() (tx basecoin.Tx, err error) { return tx, err } - tx = counter.NewTx(viper.GetBool(FlagValid), feeCoins, viper.GetInt(bcmd.FlagSequence)) + tx = counter.NewTx(viper.GetBool(FlagValid), feeCoins) return tx, nil } diff --git a/docs/guide/counter/plugins/counter/counter.go b/docs/guide/counter/plugins/counter/counter.go index b1a7b8608..df07195f4 100644 --- a/docs/guide/counter/plugins/counter/counter.go +++ b/docs/guide/counter/plugins/counter/counter.go @@ -12,6 +12,7 @@ import ( "github.com/tendermint/basecoin/modules/base" "github.com/tendermint/basecoin/modules/coin" "github.com/tendermint/basecoin/modules/fee" + "github.com/tendermint/basecoin/modules/nonce" "github.com/tendermint/basecoin/stack" "github.com/tendermint/basecoin/state" ) @@ -34,17 +35,15 @@ func init() { // Tx - struct for all counter transactions type Tx struct { - Valid bool `json:"valid"` - Fee coin.Coins `json:"fee"` - Sequence int `json:"sequence"` + Valid bool `json:"valid"` + Fee coin.Coins `json:"fee"` } // NewTx - return a new counter transaction struct wrapped as a basecoin transaction -func NewTx(valid bool, fee coin.Coins, sequence int) basecoin.Tx { +func NewTx(valid bool, fee coin.Coins) basecoin.Tx { return Tx{ - Valid: valid, - Fee: fee, - Sequence: sequence, + Valid: valid, + Fee: fee, }.Wrap() } @@ -103,6 +102,7 @@ func NewHandler(feeDenom string) basecoin.Handler { stack.Recovery{}, auth.Signatures{}, base.Chain{}, + nonce.ReplayCheck{}, fee.NewSimpleFeeMiddleware(coin.Coin{feeDenom, 0}, fee.Bank), ).Use(dispatcher) } diff --git a/docs/guide/counter/plugins/counter/counter_test.go b/docs/guide/counter/plugins/counter/counter_test.go index 60c5101fd..ff880c509 100644 --- a/docs/guide/counter/plugins/counter/counter_test.go +++ b/docs/guide/counter/plugins/counter/counter_test.go @@ -7,10 +7,12 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" abci "github.com/tendermint/abci/types" + "github.com/tendermint/basecoin" "github.com/tendermint/basecoin/app" "github.com/tendermint/basecoin/modules/auth" "github.com/tendermint/basecoin/modules/base" "github.com/tendermint/basecoin/modules/coin" + "github.com/tendermint/basecoin/modules/nonce" "github.com/tendermint/go-wire" eyescli "github.com/tendermint/merkleeyes/client" "github.com/tendermint/tmlibs/log" @@ -40,8 +42,9 @@ func TestCounterPlugin(t *testing.T) { require.Equal(t, "Success", log) // Deliver a CounterTx - DeliverCounterTx := func(valid bool, counterFee coin.Coins, inputSequence int) abci.Result { - tx := NewTx(valid, counterFee, inputSequence) + DeliverCounterTx := func(valid bool, counterFee coin.Coins, sequence uint32) abci.Result { + tx := NewTx(valid, counterFee) + tx = nonce.NewTx(sequence, []basecoin.Actor{acct.Actor()}, tx) tx = base.NewChainTx(chainID, 0, tx) stx := auth.NewSig(tx) auth.Sign(stx, acct.Key) @@ -49,19 +52,19 @@ func TestCounterPlugin(t *testing.T) { return bcApp.DeliverTx(txBytes) } - // Test a basic send, no fee (doesn't update sequence as no money spent) + // Test a basic send, no fee res := DeliverCounterTx(true, nil, 1) assert.True(res.IsOK(), res.String()) // Test an invalid send, no fee - res = DeliverCounterTx(false, nil, 1) + res = DeliverCounterTx(false, nil, 2) assert.True(res.IsErr(), res.String()) - // Test the fee (increments sequence) - res = DeliverCounterTx(true, coin.Coins{{"gold", 100}}, 1) + // Test an invalid send, with supported fee + res = DeliverCounterTx(true, coin.Coins{{"gold", 100}}, 2) assert.True(res.IsOK(), res.String()) // Test unsupported fee - res = DeliverCounterTx(true, coin.Coins{{"silver", 100}}, 2) + res = DeliverCounterTx(true, coin.Coins{{"silver", 100}}, 3) assert.True(res.IsErr(), res.String()) } diff --git a/errors/common.go b/errors/common.go index 81d786bee..1ef42177f 100644 --- a/errors/common.go +++ b/errors/common.go @@ -15,15 +15,23 @@ var ( errUnauthorized = fmt.Errorf("Unauthorized") errInvalidSignature = fmt.Errorf("Invalid Signature") errTooLarge = fmt.Errorf("Input size too large") + errNoSigners = fmt.Errorf("There are no signers") errMissingSignature = fmt.Errorf("Signature missing") errTooManySignatures = fmt.Errorf("Too many signatures") errNoChain = fmt.Errorf("No chain id provided") + errTxEmpty = fmt.Errorf("The provided Tx is empty") errWrongChain = fmt.Errorf("Wrong chain for tx") errUnknownTxType = fmt.Errorf("Tx type unknown") errInvalidFormat = fmt.Errorf("Invalid format") errUnknownModule = fmt.Errorf("Unknown module") errExpired = fmt.Errorf("Tx expired") errUnknownKey = fmt.Errorf("Unknown key") + + internalErr = abci.CodeType_InternalError + encodingErr = abci.CodeType_EncodingError + unauthorized = abci.CodeType_Unauthorized + unknownRequest = abci.CodeType_UnknownRequest + unknownAddress = abci.CodeType_BaseUnknownAddress ) // some crazy reflection to unwrap any generated struct. @@ -71,76 +79,84 @@ func IsUnknownKeyErr(err error) bool { } func ErrInternal(msg string) TMError { - return New(msg, abci.CodeType_InternalError) + return New(msg, internalErr) } // IsInternalErr matches any error that is not classified func IsInternalErr(err error) bool { - return HasErrorCode(err, abci.CodeType_InternalError) + return HasErrorCode(err, internalErr) } func ErrDecoding() TMError { - return WithCode(errDecoding, abci.CodeType_EncodingError) + return WithCode(errDecoding, encodingErr) } func IsDecodingErr(err error) bool { return IsSameError(errDecoding, err) } func ErrUnauthorized() TMError { - return WithCode(errUnauthorized, abci.CodeType_Unauthorized) + return WithCode(errUnauthorized, unauthorized) } // IsUnauthorizedErr is generic helper for any unauthorized errors, // also specific sub-types func IsUnauthorizedErr(err error) bool { - return HasErrorCode(err, abci.CodeType_Unauthorized) + return HasErrorCode(err, unauthorized) +} + +func ErrNoSigners() TMError { + return WithCode(errNoSigners, unauthorized) } func ErrMissingSignature() TMError { - return WithCode(errMissingSignature, abci.CodeType_Unauthorized) + return WithCode(errMissingSignature, unauthorized) } func IsMissingSignatureErr(err error) bool { return IsSameError(errMissingSignature, err) } func ErrTooManySignatures() TMError { - return WithCode(errTooManySignatures, abci.CodeType_Unauthorized) + return WithCode(errTooManySignatures, unauthorized) } func IsTooManySignaturesErr(err error) bool { return IsSameError(errTooManySignatures, err) } func ErrInvalidSignature() TMError { - return WithCode(errInvalidSignature, abci.CodeType_Unauthorized) + return WithCode(errInvalidSignature, unauthorized) } func IsInvalidSignatureErr(err error) bool { return IsSameError(errInvalidSignature, err) } func ErrNoChain() TMError { - return WithCode(errNoChain, abci.CodeType_Unauthorized) + return WithCode(errNoChain, unauthorized) } func IsNoChainErr(err error) bool { return IsSameError(errNoChain, err) } +func ErrTxEmpty() TMError { + return WithCode(errTxEmpty, unauthorized) +} + func ErrWrongChain(chain string) TMError { msg := errors.Wrap(errWrongChain, chain) - return WithCode(msg, abci.CodeType_Unauthorized) + return WithCode(msg, unauthorized) } func IsWrongChainErr(err error) bool { return IsSameError(errWrongChain, err) } func ErrTooLarge() TMError { - return WithCode(errTooLarge, abci.CodeType_EncodingError) + return WithCode(errTooLarge, encodingErr) } func IsTooLargeErr(err error) bool { return IsSameError(errTooLarge, err) } func ErrExpired() TMError { - return WithCode(errExpired, abci.CodeType_Unauthorized) + return WithCode(errExpired, unauthorized) } func IsExpiredErr(err error) bool { return IsSameError(errExpired, err) diff --git a/modules/coin/errors.go b/modules/coin/errors.go index bc3d7c5b7..d245354bf 100644 --- a/modules/coin/errors.go +++ b/modules/coin/errors.go @@ -60,13 +60,6 @@ func IsInvalidCoinsErr(err error) bool { return errors.IsSameError(errInvalidCoins, err) } -func ErrInvalidSequence() errors.TMError { - return errors.WithCode(errInvalidSequence, invalidInput) -} -func IsInvalidSequenceErr(err error) bool { - return errors.IsSameError(errInvalidSequence, err) -} - func ErrInsufficientFunds() errors.TMError { return errors.WithCode(errInsufficientFunds, invalidInput) } diff --git a/modules/nonce/errors.go b/modules/nonce/errors.go new file mode 100644 index 000000000..f88629b45 --- /dev/null +++ b/modules/nonce/errors.go @@ -0,0 +1,32 @@ +//nolint +package nonce + +import ( + "fmt" + + abci "github.com/tendermint/abci/types" + + "github.com/tendermint/basecoin/errors" +) + +var ( + errNoNonce = fmt.Errorf("Tx doesn't contain nonce") + errNotMember = fmt.Errorf("nonce contains non-permissioned member") + errZeroSequence = fmt.Errorf("Sequence number cannot be zero") + + unauthorized = abci.CodeType_Unauthorized +) + +func ErrBadNonce(got, expected uint32) errors.TMError { + return errors.WithCode(fmt.Errorf("Bad nonce sequence, got %d, expected %d", got, expected), unauthorized) +} + +func ErrNoNonce() errors.TMError { + return errors.WithCode(errNoNonce, unauthorized) +} +func ErrNotMember() errors.TMError { + return errors.WithCode(errNotMember, unauthorized) +} +func ErrZeroSequence() errors.TMError { + return errors.WithCode(errZeroSequence, unauthorized) +} diff --git a/modules/nonce/replaycheck.go b/modules/nonce/replaycheck.go new file mode 100644 index 000000000..4494a2b10 --- /dev/null +++ b/modules/nonce/replaycheck.go @@ -0,0 +1,73 @@ +package nonce + +import ( + "github.com/tendermint/basecoin" + "github.com/tendermint/basecoin/stack" + "github.com/tendermint/basecoin/state" +) + +//nolint +const ( + NameNonce = "nonce" +) + +// ReplayCheck uses the sequence to check for replay attacks +type ReplayCheck struct { + stack.PassOption +} + +// Name of the module - fulfills Middleware interface +func (ReplayCheck) Name() string { + return NameNonce +} + +var _ stack.Middleware = ReplayCheck{} + +// CheckTx verifies tx is not being replayed - fulfills Middlware interface +func (r ReplayCheck) CheckTx(ctx basecoin.Context, store state.KVStore, + tx basecoin.Tx, next basecoin.Checker) (res basecoin.Result, err error) { + + stx, err := r.checkIncrementNonceTx(ctx, store, tx) + if err != nil { + return res, err + } + + return next.CheckTx(ctx, store, stx) +} + +// DeliverTx verifies tx is not being replayed - fulfills Middlware interface +// NOTE It is okay to modify the sequence before running the wrapped TX because if the +// wrapped Tx fails, the state changes are not applied +func (r ReplayCheck) DeliverTx(ctx basecoin.Context, store state.KVStore, + tx basecoin.Tx, next basecoin.Deliver) (res basecoin.Result, err error) { + + stx, err := r.checkIncrementNonceTx(ctx, store, tx) + if err != nil { + return res, err + } + + return next.DeliverTx(ctx, store, stx) +} + +// checkNonceTx varifies the nonce sequence, an increment sequence number +func (r ReplayCheck) checkIncrementNonceTx(ctx basecoin.Context, store state.KVStore, + tx basecoin.Tx) (basecoin.Tx, error) { + + // make sure it is a the nonce Tx (Tx from this package) + nonceTx, ok := tx.Unwrap().(Tx) + if !ok { + return tx, ErrNoNonce() + } + + err := nonceTx.ValidateBasic() + if err != nil { + return tx, err + } + + // check the nonce sequence number + err = nonceTx.CheckIncrementSeq(ctx, store) + if err != nil { + return tx, err + } + return nonceTx.Tx, nil +} diff --git a/modules/nonce/store.go b/modules/nonce/store.go new file mode 100644 index 000000000..ae10ccaf6 --- /dev/null +++ b/modules/nonce/store.go @@ -0,0 +1,30 @@ +package nonce + +import ( + "fmt" + + wire "github.com/tendermint/go-wire" + + "github.com/tendermint/basecoin/errors" + "github.com/tendermint/basecoin/state" +) + +func getSeq(store state.KVStore, key []byte) (seq uint32, err error) { + data := store.Get(key) + if len(data) == 0 { + //if the key is not stored, its a new key with a sequence of zero! + return 0, nil + } + err = wire.ReadBinaryBytes(data, &seq) + if err != nil { + msg := fmt.Sprintf("Error reading sequence for %X", key) + return seq, errors.ErrInternal(msg) + } + return seq, nil +} + +func setSeq(store state.KVStore, key []byte, seq uint32) error { + bin := wire.BinaryBytes(seq) + store.Set(key, bin) + return nil // real stores can return error... +} diff --git a/modules/nonce/tx.go b/modules/nonce/tx.go new file mode 100644 index 000000000..7a70878b2 --- /dev/null +++ b/modules/nonce/tx.go @@ -0,0 +1,112 @@ +/* +Package nonce - This module allows replay protection to be added to process stack. +This is achieved through the use of a sequence number for each unique set of signers. +Note that the sequence number for the single signing account "foo" will be unique +from the sequence number for a multi-sig account {"foo", "bar"} which would also be +unique from a different multi-sig account {"foo", "soup"} +*/ +package nonce + +import ( + "sort" + + "github.com/tendermint/basecoin" + "github.com/tendermint/basecoin/errors" + "github.com/tendermint/basecoin/state" +) + +// nolint +const ( + ByteNonce = 0x69 //TODO overhaul byte assign system don't make no sense! + TypeNonce = "nonce" +) + +func init() { + basecoin.TxMapper.RegisterImplementation(Tx{}, TypeNonce, ByteNonce) +} + +// Tx - Nonce transaction structure, contains list of signers and current sequence number +type Tx struct { + Sequence uint32 `json:"sequence"` + Signers []basecoin.Actor `json:"signers"` + Tx basecoin.Tx `json:"tx"` +} + +var _ basecoin.TxInner = &Tx{} + +// NewTx wraps the tx with a signable nonce +func NewTx(sequence uint32, signers []basecoin.Actor, tx basecoin.Tx) basecoin.Tx { + return (Tx{ + Sequence: sequence, + Signers: signers, + Tx: tx, + }).Wrap() +} + +//nolint +func (n Tx) Wrap() basecoin.Tx { + return basecoin.Tx{n} +} +func (n Tx) ValidateBasic() error { + switch { + case n.Tx.Empty(): + return errors.ErrTxEmpty() + case n.Sequence == 0: + return ErrZeroSequence() + case len(n.Signers) == 0: + return errors.ErrNoSigners() + } + return n.Tx.ValidateBasic() +} + +// CheckIncrementSeq - Check that the sequence number is one more than the state sequence number +// and further increment the sequence number +// NOTE It is okay to modify the sequence before running the wrapped TX because if the +// wrapped Tx fails, the state changes are not applied +func (n Tx) CheckIncrementSeq(ctx basecoin.Context, store state.KVStore) error { + + seqKey := n.getSeqKey() + + // check the current state + cur, err := getSeq(store, seqKey) + if err != nil { + return err + } + if n.Sequence != cur+1 { + return ErrBadNonce(n.Sequence, cur+1) + } + + // make sure they all signed + for _, s := range n.Signers { + if !ctx.HasPermission(s) { + return ErrNotMember() + } + } + + // increment the sequence by 1 + err = setSeq(store, seqKey, cur+1) + if err != nil { + return err + } + + return nil +} + +func (n Tx) getSeqKey() (seqKey []byte) { + return GetSeqKey(n.Signers) +} + +// GetSeqKey - Generate the sequence key as the concatenated list of signers, sorted by address. +func GetSeqKey(signers []basecoin.Actor) (seqKey []byte) { + + // First copy the list of signers to sort as sort is done in place + signers2sort := make([]basecoin.Actor, len(signers)) + copy(signers2sort, signers) + sort.Sort(basecoin.ByAll(signers)) + + for _, signer := range signers { + seqKey = append(seqKey, signer.Bytes()...) + } + + return +} diff --git a/modules/nonce/tx_test.go b/modules/nonce/tx_test.go new file mode 100644 index 000000000..218686dee --- /dev/null +++ b/modules/nonce/tx_test.go @@ -0,0 +1,119 @@ +package nonce + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/tendermint/basecoin" + "github.com/tendermint/basecoin/stack" + "github.com/tendermint/basecoin/state" +) + +func TestNonce(t *testing.T) { + assert := assert.New(t) + require := require.New(t) + + // generic args here... + chainID := "my-chain" + chain2ID := "woohoo" + + height := uint64(100) + ctx := stack.MockContext(chainID, height) + store := state.NewMemKVStore() + + appName1 := "fooz" + appName2 := "foot" + + //root actors for the tests + act1 := basecoin.Actor{ChainID: chainID, App: appName1, Address: []byte{1, 2, 3, 4}} + act2 := basecoin.Actor{ChainID: chainID, App: appName1, Address: []byte{1, 1, 1, 1}} + act3 := basecoin.Actor{ChainID: chainID, App: appName1, Address: []byte{3, 3, 3, 3}} + act1DiffChain := basecoin.Actor{ChainID: chain2ID, App: appName1, Address: []byte{1, 2, 3, 4}} + act2DiffChain := basecoin.Actor{ChainID: chain2ID, App: appName1, Address: []byte{1, 1, 1, 1}} + act3DiffChain := basecoin.Actor{ChainID: chain2ID, App: appName1, Address: []byte{3, 3, 3, 3}} + act1DiffApp := basecoin.Actor{ChainID: chainID, App: appName2, Address: []byte{1, 2, 3, 4}} + act2DiffApp := basecoin.Actor{ChainID: chainID, App: appName2, Address: []byte{1, 1, 1, 1}} + act3DiffApp := basecoin.Actor{ChainID: chainID, App: appName2, Address: []byte{3, 3, 3, 3}} + + // let's construct some tests to make the table a bit less verbose + set0 := []basecoin.Actor{} + set1 := []basecoin.Actor{act1} + set2 := []basecoin.Actor{act2} + set12 := []basecoin.Actor{act1, act2} + set21 := []basecoin.Actor{act2, act1} + set123 := []basecoin.Actor{act1, act2, act3} + set321 := []basecoin.Actor{act3, act2, act1} + + //some more test cases for different chains and apps for each actor + set123Chain2 := []basecoin.Actor{act1DiffChain, act2DiffChain, act3DiffChain} + set123App2 := []basecoin.Actor{act1DiffApp, act2DiffApp, act3DiffApp} + set123MixedChains := []basecoin.Actor{act1, act2DiffChain, act3} + set123MixedApps := []basecoin.Actor{act1, act2DiffApp, act3} + + testList := []struct { + valid bool + seq uint32 + actors []basecoin.Actor + signers []basecoin.Actor + }{ + // one signer + {false, 0, set1, set1}, // seq 0 is no good + {false, 1, set1, set0}, // sig is required + {true, 1, set1, set1}, // sig and seq are good + {true, 2, set1, set1}, // increments each time + {false, 777, set1, set1}, // seq is too high + + // independent from second signer + {false, 1, set2, set1}, // sig must match + {true, 1, set2, set2}, // seq of set2 independent from set1 + {true, 2, set2, set321}, // extra sigs don't change the situation + + // multisig has same requirements + {false, 0, set12, set12}, // need valid sequence number + {false, 1, set12, set2}, // they all must sign + {true, 1, set12, set12}, // this is proper, independent of act1 and act2 + {true, 2, set21, set21}, // order of actors doesn't matter + {false, 2, set12, set12}, // but can't repeat sequence + {true, 3, set12, set321}, // no effect from extra sigs + + // triple sigs also work + {false, 2, set123, set123}, // must start with seq=1 + {false, 1, set123, set12}, // all must sign + {true, 1, set123, set321}, // this works + {true, 2, set321, set321}, // other order is the same + {false, 2, set321, set321}, // no repetition + + // signers with different chain-IDs and apps from actors + {false, 3, set123, set123Chain2}, // sign with different chain actors + {false, 3, set123, set123App2}, // sign with different app actors + {false, 3, set123, set123MixedChains}, // sign with mixed chain actor + {false, 3, set123, set123MixedApps}, // sign with mixed app actors + + // signers from different chain-IDs and apps, working + {true, 1, set123Chain2, set123Chain2}, + {true, 1, set123App2, set123App2}, + {true, 1, set123MixedChains, set123MixedChains}, + {true, 1, set123MixedApps, set123MixedApps}, + } + + raw := stack.NewRawTx([]byte{42}) + for i, test := range testList { + + // set the permissions + myCtx := ctx.WithPermissions(test.signers...) + + tx := NewTx(test.seq, test.actors, raw) + nonceTx, ok := tx.Unwrap().(Tx) + require.True(ok) + + err := nonceTx.CheckIncrementSeq(myCtx, store) + if test.valid { + assert.Nil(err, "%d: %+v", i, err) + } else { + assert.NotNil(err, "%d", i) + } + } + +} diff --git a/tests/cli/basictx.sh b/tests/cli/basictx.sh index 0ecc4d971..009e1ddc0 100755 --- a/tests/cli/basictx.sh +++ b/tests/cli/basictx.sh @@ -64,6 +64,21 @@ test02SendTxWithFee() { # Make sure tx is indexed checkSendFeeTx $HASH $TX_HEIGHT $SENDER "90" "10" + + # assert replay protection + TX=$(echo qwertyuiop | ${CLIENT_EXE} tx send --amount=90mycoin --fee=10mycoin --sequence=2 --to=$RECV --name=$RICH 2>/dev/null) + assertFalse "replay: $TX" $? + checkAccount $SENDER "9007199254739900" + checkAccount $RECV "1082" + + # make sure we can query the proper nonce + NONCE=$(${CLIENT_EXE} query nonce $SENDER) + if [ -n "$DEBUG" ]; then echo $NONCE; echo; fi + # TODO: note that cobra returns error code 0 on parse failure, + # so currently this check passes even if there is no nonce query command + if assertTrue "no nonce query" $?; then + assertEquals "line=${LINENO}, proper nonce" "2" $(echo $NONCE | jq .data) + fi } diff --git a/tests/cli/common.sh b/tests/cli/common.sh index c361c1df8..b195184b4 100644 --- a/tests/cli/common.sh +++ b/tests/cli/common.sh @@ -46,7 +46,7 @@ quickTearDown() { prepareClient() { echo "Preparing client keys..." ${CLIENT_EXE} reset_all - assertTrue $? + assertTrue "line=${LINENO}, prepare client" $? for i in "${!ACCOUNTS[@]}"; do newKey ${ACCOUNTS[$i]} @@ -60,7 +60,7 @@ prepareClient() { initServer() { echo "Setting up genesis..." SERVE_DIR=$1/server - assertNotNull "no chain" $2 + assertNotNull "line=${LINENO}, no chain" $2 CHAIN=$2 SERVER_LOG=$1/${SERVER_EXE}.log @@ -100,26 +100,26 @@ initClient() { PORT=${2:-46657} # hard-code the expected validator hash ${CLIENT_EXE} init --chain-id=$1 --node=tcp://localhost:${PORT} --valhash=EB168E17E45BAEB194D4C79067FFECF345C64DE6 - assertTrue "initialized light-client" $? + assertTrue "line=${LINENO}, initialized light-client" $? } # XXX Ex Usage1: newKey $NAME # XXX Ex Usage2: newKey $NAME $PASSWORD # Desc: Generates key for given username and password newKey(){ - assertNotNull "keyname required" "$1" + assertNotNull "line=${LINENO}, keyname required" "$1" KEYPASS=${2:-qwertyuiop} (echo $KEYPASS; echo $KEYPASS) | ${CLIENT_EXE} keys new $1 >/dev/null 2>/dev/null - assertTrue "created $1" $? - assertTrue "$1 doesn't exist" "${CLIENT_EXE} keys get $1" + assertTrue "line=${LINENO}, created $1" $? + assertTrue "line=${LINENO}, $1 doesn't exist" "${CLIENT_EXE} keys get $1" } # XXX Ex Usage: getAddr $NAME # Desc: Gets the address for a key name getAddr() { - assertNotNull "keyname required" "$1" + assertNotNull "line=${LINENO}, keyname required" "$1" RAW=$(${CLIENT_EXE} keys get $1) - assertTrue "no key for $1" $? + assertTrue "line=${LINENO}, no key for $1" $? # print the addr echo $RAW | cut -d' ' -f2 } @@ -129,12 +129,12 @@ getAddr() { checkAccount() { # make sure sender goes down ACCT=$(${CLIENT_EXE} query account $1) - if ! assertTrue "account must exist" $?; then + if ! assertTrue "line=${LINENO}, account must exist" $?; then return 1 fi if [ -n "$DEBUG" ]; then echo $ACCT; echo; fi - assertEquals "proper money" "$2" $(echo $ACCT | jq .data.coins[0].amount) + assertEquals "line=${LINENO}, proper money" "$2" $(echo $ACCT | jq .data.coins[0].amount) return $? } @@ -143,8 +143,8 @@ checkAccount() { txSucceeded() { if (assertTrue "sent tx ($3): $2" $1); then TX=$2 - assertEquals "good check ($3): $TX" "0" $(echo $TX | jq .check_tx.code) - assertEquals "good deliver ($3): $TX" "0" $(echo $TX | jq .deliver_tx.code) + assertEquals "line=${LINENO}, good check ($3): $TX" "0" $(echo $TX | jq .check_tx.code) + assertEquals "line=${LINENO}, good deliver ($3): $TX" "0" $(echo $TX | jq .deliver_tx.code) else return 1 fi @@ -155,17 +155,19 @@ txSucceeded() { # and that the first input was from this sender for this amount checkSendTx() { TX=$(${CLIENT_EXE} query tx $1) - assertTrue "found tx" $? + assertTrue "line=${LINENO}, found tx" $? if [ -n "$DEBUG" ]; then echo $TX; echo; fi - assertEquals "proper height" $2 $(echo $TX | jq .height) - assertEquals "type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type) + assertEquals "line=${LINENO}, proper height" $2 $(echo $TX | jq .height) + assertEquals "line=${LINENO}, type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type) CTX=$(echo $TX | jq .data.data.tx) - assertEquals "type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type) - STX=$(echo $CTX | jq .data.tx) - assertEquals "type=coin/send" '"coin/send"' $(echo $STX | jq .type) - assertEquals "proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr) - assertEquals "proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount) + assertEquals "line=${LINENO}, type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type) + NTX=$(echo $CTX | jq .data.tx) + assertEquals "line=${LINENO}, type=nonce" '"nonce"' $(echo $NTX | jq .type) + STX=$(echo $NTX | jq .data.tx) + assertEquals "line=${LINENO}, type=coin/send" '"coin/send"' $(echo $STX | jq .type) + assertEquals "line=${LINENO}, proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr) + assertEquals "line=${LINENO}, proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount) return $? } @@ -178,17 +180,19 @@ checkSendFeeTx() { assertTrue "found tx" $? if [ -n "$DEBUG" ]; then echo $TX; echo; fi - assertEquals "proper height" $2 $(echo $TX | jq .height) - assertEquals "type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type) + assertEquals "line=${LINENO}, proper height" $2 $(echo $TX | jq .height) + assertEquals "line=${LINENO}, type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type) CTX=$(echo $TX | jq .data.data.tx) - assertEquals "type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type) - FTX=$(echo $CTX | jq .data.tx) - assertEquals "type=fee/tx" '"fee/tx"' $(echo $FTX | jq .type) - assertEquals "proper fee" "$5" $(echo $FTX | jq .data.fee.amount) + assertEquals "line=${LINENO}, type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type) + NTX=$(echo $CTX | jq .data.tx) + assertEquals "line=${LINENO}, type=nonce" '"nonce"' $(echo $NTX | jq .type) + FTX=$(echo $NTX | jq .data.tx) + assertEquals "line=${LINENO}, type=fee/tx" '"fee/tx"' $(echo $FTX | jq .type) + assertEquals "line=${LINENO}, proper fee" "$5" $(echo $FTX | jq .data.fee.amount) STX=$(echo $FTX | jq .data.tx) - assertEquals "type=coin/send" '"coin/send"' $(echo $STX | jq .type) - assertEquals "proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr) - assertEquals "proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount) + assertEquals "line=${LINENO}, type=coin/send" '"coin/send"' $(echo $STX | jq .type) + assertEquals "line=${LINENO}, proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr) + assertEquals "line=${LINENO}, proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount) return $? } diff --git a/tests/cli/counter.sh b/tests/cli/counter.sh index 30fb29ab4..f21c9066d 100755 --- a/tests/cli/counter.sh +++ b/tests/cli/counter.sh @@ -21,21 +21,21 @@ test00GetAccount() { SENDER=$(getAddr $RICH) RECV=$(getAddr $POOR) - assertFalse "requires arg" "${CLIENT_EXE} query account" + assertFalse "Line=${LINENO}, requires arg" "${CLIENT_EXE} query account" checkAccount $SENDER "9007199254740992" ACCT2=$(${CLIENT_EXE} query account $RECV 2>/dev/null) - assertFalse "has no genesis account" $? + assertFalse "Line=${LINENO}, has no genesis account" $? } test01SendTx() { SENDER=$(getAddr $RICH) RECV=$(getAddr $POOR) - assertFalse "missing dest" "${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 2>/dev/null" - assertFalse "bad password" "echo foo | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH 2>/dev/null" - TX=$(echo qwertyuiop | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH 2>/dev/null) + assertFalse "Line=${LINENO}, missing dest" "${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 2>/dev/null" + assertFalse "Line=${LINENO}, bad password" "echo foo | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH 2>/dev/null" + TX=$(echo qwertyuiop | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH) txSucceeded $? "$TX" "$RECV" HASH=$(echo $TX | jq .hash | tr -d \") TX_HEIGHT=$(echo $TX | jq .height) @@ -49,7 +49,7 @@ test01SendTx() { test02GetCounter() { COUNT=$(${CLIENT_EXE} query counter 2>/dev/null) - assertFalse "no default count" $? + assertFalse "Line=${LINENO}, no default count" $? } # checkCounter $COUNT $BALANCE @@ -57,15 +57,15 @@ test02GetCounter() { checkCounter() { # make sure sender goes down ACCT=$(${CLIENT_EXE} query counter) - if assertTrue "count is set" $?; then - assertEquals "proper count" "$1" $(echo $ACCT | jq .data.counter) - assertEquals "proper money" "$2" $(echo $ACCT | jq .data.total_fees[0].amount) + if assertTrue "Line=${LINENO}, count is set" $?; then + assertEquals "Line=${LINENO}, proper count" "$1" $(echo $ACCT | jq .data.counter) + assertEquals "Line=${LINENO}, proper money" "$2" $(echo $ACCT | jq .data.total_fees[0].amount) fi } test03AddCount() { SENDER=$(getAddr $RICH) - assertFalse "bad password" "echo hi | ${CLIENT_EXE} tx counter --countfee=100mycoin --sequence=2 --name=${RICH} 2>/dev/null" + assertFalse "Line=${LINENO}, bad password" "echo hi | ${CLIENT_EXE} tx counter --countfee=100mycoin --sequence=2 --name=${RICH} 2>/dev/null" TX=$(echo qwertyuiop | ${CLIENT_EXE} tx counter --countfee=10mycoin --sequence=2 --name=${RICH} --valid) txSucceeded $? "$TX" "counter" @@ -80,14 +80,16 @@ test03AddCount() { # make sure tx is indexed TX=$(${CLIENT_EXE} query tx $HASH --trace) - if assertTrue "found tx" $?; then - assertEquals "proper height" $TX_HEIGHT $(echo $TX | jq .height) - assertEquals "type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type) - CTX=$(echo $TX | jq .data.data.tx) - assertEquals "type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type) - CNTX=$(echo $CTX | jq .data.tx) - assertEquals "type=cntr/count" '"cntr/count"' $(echo $CNTX | jq .type) - assertEquals "proper fee" "10" $(echo $CNTX | jq .data.fee[0].amount) + if assertTrue "Line=${LINENO}, found tx" $?; then + assertEquals "Line=${LINENO}, proper height" $TX_HEIGHT $(echo $TX | jq .height) + assertEquals "Line=${LINENO}, type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type) + CTX=$(echo $TX | jq .data.data.tx) + assertEquals "Line=${LINENO}, type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type) + NTX=$(echo $CTX | jq .data.tx) + assertEquals "line=${LINENO}, type=nonce" '"nonce"' $(echo $NTX | jq .type) + CNTX=$(echo $NTX | jq .data.tx) + assertEquals "Line=${LINENO}, type=cntr/count" '"cntr/count"' $(echo $CNTX | jq .type) + assertEquals "Line=${LINENO}, proper fee" "10" $(echo $CNTX | jq .data.fee[0].amount) fi # test again with fees... @@ -99,6 +101,12 @@ test03AddCount() { # make sure the account was debited 11 checkAccount $SENDER "9007199254739979" + + # make sure we cannot replay the counter, no state change + TX=$(echo qwertyuiop | ${CLIENT_EXE} tx counter --countfee=10mycoin --sequence=2 --name=${RICH} --valid 2>/dev/null) + assertFalse "replay: $TX" $? + checkCounter "2" "17" + checkAccount $SENDER "9007199254739979" } # Load common then run these tests with shunit2!