Merge pull request #168 from tendermint/feature/160-newseq

Middleware replay protection

Makefile

@@ -27,9 +27,9 @@ test_unit:
 
 test_cli: tests/cli/shunit2
 	# sudo apt-get install jq
-	@./tests/cli/basictx.sh
+	./tests/cli/basictx.sh
-	@./tests/cli/counter.sh
+	./tests/cli/counter.sh
-	@./tests/cli/restart.sh
+	./tests/cli/restart.sh
 	# @./tests/cli/ibc.sh
 
 test_tutorial: docs/guide/shunit2

app/app.go

@@ -15,6 +15,7 @@ import (
 	"github.com/tendermint/basecoin/modules/base"
 	"github.com/tendermint/basecoin/modules/coin"
 	"github.com/tendermint/basecoin/modules/fee"
+	"github.com/tendermint/basecoin/modules/nonce"
 	"github.com/tendermint/basecoin/stack"
 	sm "github.com/tendermint/basecoin/state"
 	"github.com/tendermint/basecoin/version"
@@ -62,6 +63,7 @@ func DefaultHandler(feeDenom string) basecoin.Handler {
 		stack.Recovery{},
 		auth.Signatures{},
 		base.Chain{},
+		nonce.ReplayCheck{},
 		fee.NewSimpleFeeMiddleware(coin.Coin{feeDenom, 0}, fee.Bank),
 	).Use(d)
 }

app/app_test.go

@@ -14,6 +14,7 @@ import (
 	"github.com/tendermint/basecoin/modules/base"
 	"github.com/tendermint/basecoin/modules/coin"
 	"github.com/tendermint/basecoin/modules/fee"
+	"github.com/tendermint/basecoin/modules/nonce"
 	"github.com/tendermint/basecoin/stack"
 	"github.com/tendermint/basecoin/state"
 	wire "github.com/tendermint/go-wire"
@@ -55,15 +56,17 @@ func (at *appTest) signTx(tx basecoin.Tx) basecoin.Tx {
 	return stx.Wrap()
 }
 
-func (at *appTest) getTx(coins coin.Coins) basecoin.Tx {
+func (at *appTest) getTx(coins coin.Coins, sequence uint32) basecoin.Tx {
 	tx := at.baseTx(coins)
+	tx = nonce.NewTx(sequence, []basecoin.Actor{at.acctIn.Actor()}, tx)
 	tx = base.NewChainTx(at.chainID, 0, tx)
 	return at.signTx(tx)
 }
 
-func (at *appTest) feeTx(coins coin.Coins, toll coin.Coin) basecoin.Tx {
+func (at *appTest) feeTx(coins coin.Coins, toll coin.Coin, sequence uint32) basecoin.Tx {
 	tx := at.baseTx(coins)
 	tx = fee.NewFee(tx, toll, at.acctIn.Actor())
+	tx = nonce.NewTx(sequence, []basecoin.Actor{at.acctIn.Actor()}, tx)
 	tx = base.NewChainTx(at.chainID, 0, tx)
 	return at.signTx(tx)
 }
@@ -210,22 +213,22 @@ func TestTx(t *testing.T) {
 	//Bad Balance
 	at.acctIn.Coins = coin.Coins{{"mycoin", 2}}
 	at.initAccount(at.acctIn)
-	res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), true)
+	res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), true)
 	assert.True(res.IsErr(), "ExecTx/Bad CheckTx: Expected error return from ExecTx, returned: %v", res)
-	res, diffIn, diffOut := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), false)
+	res, diffIn, diffOut := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), false)
 	assert.True(res.IsErr(), "ExecTx/Bad DeliverTx: Expected error return from ExecTx, returned: %v", res)
 	assert.True(diffIn.IsZero())
 	assert.True(diffOut.IsZero())
 
 	//Regular CheckTx
 	at.reset()
-	res, _, _ = at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), true)
+	res, _, _ = at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), true)
 	assert.True(res.IsOK(), "ExecTx/Good CheckTx: Expected OK return from ExecTx, Error: %v", res)
 
 	//Regular DeliverTx
 	at.reset()
 	amt := coin.Coins{{"mycoin", 3}}
-	res, diffIn, diffOut = at.exec(t, at.getTx(amt), false)
+	res, diffIn, diffOut = at.exec(t, at.getTx(amt, 1), false)
 	assert.True(res.IsOK(), "ExecTx/Good DeliverTx: Expected OK return from ExecTx, Error: %v", res)
 	assert.Equal(amt.Negative(), diffIn)
 	assert.Equal(amt, diffOut)
@@ -234,7 +237,7 @@ func TestTx(t *testing.T) {
 	at.reset()
 	amt = coin.Coins{{"mycoin", 4}}
 	toll := coin.Coin{"mycoin", 1}
-	res, diffIn, diffOut = at.exec(t, at.feeTx(amt, toll), false)
+	res, diffIn, diffOut = at.exec(t, at.feeTx(amt, toll, 1), false)
 	assert.True(res.IsOK(), "ExecTx/Good DeliverTx: Expected OK return from ExecTx, Error: %v", res)
 	payment := amt.Plus(coin.Coins{toll}).Negative()
 	assert.Equal(payment, diffIn)
@@ -246,7 +249,7 @@ func TestQuery(t *testing.T) {
 	assert := assert.New(t)
 	at := newAppTest(t)
 
-	res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}), false)
+	res, _, _ := at.exec(t, at.getTx(coin.Coins{{"mycoin", 5}}, 1), false)
 	assert.True(res.IsOK(), "Commit, DeliverTx: Expected OK return from DeliverTx, Error: %v", res)
 
 	resQueryPreCommit := at.app.Query(abci.RequestQuery{

cmd/basecli/commands/cmds.go

@@ -2,21 +2,25 @@ package commands
 
 import (
 	"encoding/hex"
+	"fmt"
 	"strings"
 
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 
-	"github.com/tendermint/basecoin"
 	"github.com/tendermint/light-client/commands"
 	txcmd "github.com/tendermint/light-client/commands/txs"
 	cmn "github.com/tendermint/tmlibs/common"
 
+	ctypes "github.com/tendermint/tendermint/rpc/core/types"
+
+	"github.com/tendermint/basecoin"
 	"github.com/tendermint/basecoin/modules/auth"
 	"github.com/tendermint/basecoin/modules/base"
 	"github.com/tendermint/basecoin/modules/coin"
 	"github.com/tendermint/basecoin/modules/fee"
+	"github.com/tendermint/basecoin/modules/nonce"
 )
 
 //-------------------------
@@ -49,7 +53,7 @@ func init() {
 	flags.Int(FlagSequence, -1, "Sequence number for this transaction")
 }
 
-// runDemo is an example of how to make a tx
+// doSendTx is an example of how to make a tx
 func doSendTx(cmd *cobra.Command, args []string) error {
 	// load data from json or flags
 	var tx basecoin.Tx
@@ -69,6 +73,10 @@ func doSendTx(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+	tx, err = WrapNonceTx(tx)
+	if err != nil {
+		return err
+	}
 	tx, err = WrapChainTx(tx)
 	if err != nil {
 		return err
@@ -82,11 +90,40 @@ func doSendTx(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+	if err = ValidateResult(bres); err != nil {
+		return err
+	}
 
 	// Output result
 	return txcmd.OutputTx(bres)
 }
 
+// ValidateResult returns an appropriate error if the server rejected the
+// tx in CheckTx or DeliverTx
+func ValidateResult(res *ctypes.ResultBroadcastTxCommit) error {
+	if res.CheckTx.IsErr() {
+		return fmt.Errorf("CheckTx: (%d): %s", res.CheckTx.Code, res.CheckTx.Log)
+	}
+	if res.DeliverTx.IsErr() {
+		return fmt.Errorf("DeliverTx: (%d): %s", res.DeliverTx.Code, res.DeliverTx.Log)
+	}
+	return nil
+}
+
+// WrapNonceTx grabs the sequence number from the flag and wraps
+// the tx with this nonce.  Grabs the permission from the signer,
+// as we still only support single sig on the cli
+func WrapNonceTx(tx basecoin.Tx) (res basecoin.Tx, err error) {
+	//add the nonce tx layer to the tx
+	seq := viper.GetInt(FlagSequence)
+	if seq < 0 {
+		return res, fmt.Errorf("sequence must be greater than 0")
+	}
+	signers := []basecoin.Actor{GetSignerAct()}
+	res = nonce.NewTx(uint32(seq), signers, tx)
+	return
+}
+
 // WrapFeeTx checks for FlagFee and if present wraps the tx with a
 // FeeTx of the given amount, paid by the signer
 func WrapFeeTx(tx basecoin.Tx) (res basecoin.Tx, err error) {
@@ -99,7 +136,8 @@ func WrapFeeTx(tx basecoin.Tx) (res basecoin.Tx, err error) {
 	if toll.IsZero() {
 		return tx, nil
 	}
-	return fee.NewFee(tx, toll, getSignerAddr()), nil
+	res = fee.NewFee(tx, toll, GetSignerAct())
+	return
 }
 
 // WrapChainTx will wrap the tx with a ChainTx from the standard flags
@@ -110,10 +148,12 @@ func WrapChainTx(tx basecoin.Tx) (res basecoin.Tx, err error) {
 		return res, errors.New("No chain-id provided")
 	}
 	res = base.NewChainTx(chain, uint64(expires), tx)
-	return res, nil
+	return
 }
 
-func getSignerAddr() (res basecoin.Actor) {
+// GetSignerAct returns the address of the signer of the tx
+// (as we still only support single sig)
+func GetSignerAct() (res basecoin.Actor) {
 	// this could be much cooler with multisig...
 	signer := txcmd.GetSigner()
 	if !signer.Empty() {
@@ -138,7 +178,7 @@ func readSendTxFlags() (tx basecoin.Tx, err error) {
 
 	// craft the inputs and outputs
 	ins := []coin.TxInput{{
-		Address: getSignerAddr(),
+		Address: GetSignerAct(),
 		Coins:   amountCoins,
 	}}
 	outs := []coin.TxOutput{{

cmd/basecli/commands/query.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/tendermint/basecoin/modules/auth"
 	"github.com/tendermint/basecoin/modules/coin"
+	"github.com/tendermint/basecoin/modules/nonce"
 	"github.com/tendermint/basecoin/stack"
 )
 
@@ -41,6 +42,37 @@ func doAccountQuery(cmd *cobra.Command, args []string) error {
 	return proofcmd.OutputProof(acc, proof.BlockHeight())
 }
 
+// NonceQueryCmd - command to query an nonce account
+var NonceQueryCmd = &cobra.Command{
+	Use:   "nonce [address]",
+	Short: "Get details of a nonce sequence number, with proof",
+	RunE:  lcmd.RequireInit(doNonceQuery),
+}
+
+func doNonceQuery(cmd *cobra.Command, args []string) error {
+	addr, err := proofcmd.ParseHexKey(args, "address")
+	if err != nil {
+		return err
+	}
+
+	act := []basecoin.Actor{basecoin.NewActor(
+		auth.NameSigs,
+		addr,
+	)}
+
+	key := stack.PrefixedKey(nonce.NameNonce, nonce.GetSeqKey(act))
+
+	var seq uint32
+	proof, err := proofcmd.GetAndParseAppProof(key, &seq)
+	if lc.IsNoDataErr(err) {
+		return errors.Errorf("Sequence is empty for address %X ", addr)
+	} else if err != nil {
+		return err
+	}
+
+	return proofcmd.OutputProof(seq, proof.BlockHeight())
+}
+
 // BaseTxPresenter this decodes all basecoin tx
 type BaseTxPresenter struct {
 	proofs.RawPresenter // this handles MakeKey as hex bytes

cmd/basecli/main.go

@@ -39,6 +39,7 @@ func main() {
 		proofs.TxCmd,
 		proofs.KeyCmd,
 		bcmd.AccountQueryCmd,
+		bcmd.NonceQueryCmd,
 	)
 
 	// you will always want this for the base send command

context.go

@@ -2,6 +2,8 @@ package basecoin
 
 import (
 	"bytes"
+	"fmt"
+	"sort"
 
 	wire "github.com/tendermint/go-wire"
 	"github.com/tendermint/go-wire/data"
@@ -19,6 +21,7 @@ type Actor struct {
 	Address data.Bytes `json:"addr"`  // arbitrary app-specific unique id
 }
 
+// NewActor - create a new actor
 func NewActor(app string, addr []byte) Actor {
 	return Actor{App: app, Address: addr}
 }
@@ -35,6 +38,11 @@ func (a Actor) Equals(b Actor) bool {
 		bytes.Equal(a.Address, b.Address)
 }
 
+// Empty checks if the actor is not initialized
+func (a Actor) Empty() bool {
+	return a.ChainID == "" && a.App == "" && len(a.Address) == 0
+}
+
 // Context is an interface, so we can implement "secure" variants that
 // rely on private fields to control the actions
 type Context interface {
@@ -48,3 +56,36 @@ type Context interface {
 	ChainID() string
 	BlockHeight() uint64
 }
+
+//////////////////////////////// Sort Interface
+// USAGE sort.Sort(ByAll(<actor instance>))
+
+func (a Actor) String() string {
+	return fmt.Sprintf("%x", a.Address)
+}
+
+// ByAll implements sort.Interface for []Actor.
+// It sorts be the ChainID, followed by the App, followed by the Address
+type ByAll []Actor
+
+// Verify the sort interface at compile time
+var _ sort.Interface = ByAll{}
+
+func (a ByAll) Len() int      { return len(a) }
+func (a ByAll) Swap(i, j int) { a[i], a[j] = a[j], a[i] }
+func (a ByAll) Less(i, j int) bool {
+
+	if a[i].ChainID < a[j].ChainID {
+		return true
+	}
+	if a[i].ChainID > a[j].ChainID {
+		return false
+	}
+	if a[i].App < a[j].App {
+		return true
+	}
+	if a[i].App > a[j].App {
+		return false
+	}
+	return bytes.Compare(a[i].Address, a[j].Address) == -1
+}

docs/guide/counter/cmd/countercli/commands/counter.go

@@ -60,6 +60,10 @@ func counterTx(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+	tx, err = bcmd.WrapNonceTx(tx)
+	if err != nil {
+		return err
+	}
 	tx, err = bcmd.WrapChainTx(tx)
 	if err != nil {
 		return err
@@ -72,6 +76,9 @@ func counterTx(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+	if err = bcmd.ValidateResult(bres); err != nil {
+		return err
+	}
 
 	// Output result
 	return txcmd.OutputTx(bres)
@@ -83,6 +90,6 @@ func readCounterTxFlags() (tx basecoin.Tx, err error) {
 		return tx, err
 	}
 
-	tx = counter.NewTx(viper.GetBool(FlagValid), feeCoins, viper.GetInt(bcmd.FlagSequence))
+	tx = counter.NewTx(viper.GetBool(FlagValid), feeCoins)
 	return tx, nil
 }

docs/guide/counter/plugins/counter/counter.go

@@ -12,6 +12,7 @@ import (
 	"github.com/tendermint/basecoin/modules/base"
 	"github.com/tendermint/basecoin/modules/coin"
 	"github.com/tendermint/basecoin/modules/fee"
+	"github.com/tendermint/basecoin/modules/nonce"
 	"github.com/tendermint/basecoin/stack"
 	"github.com/tendermint/basecoin/state"
 )
@@ -34,17 +35,15 @@ func init() {
 
 // Tx - struct for all counter transactions
 type Tx struct {
-	Valid    bool       `json:"valid"`
+	Valid bool       `json:"valid"`
-	Fee      coin.Coins `json:"fee"`
+	Fee   coin.Coins `json:"fee"`
-	Sequence int        `json:"sequence"`
 }
 
 // NewTx - return a new counter transaction struct wrapped as a basecoin transaction
-func NewTx(valid bool, fee coin.Coins, sequence int) basecoin.Tx {
+func NewTx(valid bool, fee coin.Coins) basecoin.Tx {
 	return Tx{
-		Valid:    valid,
+		Valid: valid,
-		Fee:      fee,
+		Fee:   fee,
-		Sequence: sequence,
 	}.Wrap()
 }
 
@@ -103,6 +102,7 @@ func NewHandler(feeDenom string) basecoin.Handler {
 		stack.Recovery{},
 		auth.Signatures{},
 		base.Chain{},
+		nonce.ReplayCheck{},
 		fee.NewSimpleFeeMiddleware(coin.Coin{feeDenom, 0}, fee.Bank),
 	).Use(dispatcher)
 }

docs/guide/counter/plugins/counter/counter_test.go

@@ -7,10 +7,12 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	abci "github.com/tendermint/abci/types"
+	"github.com/tendermint/basecoin"
 	"github.com/tendermint/basecoin/app"
 	"github.com/tendermint/basecoin/modules/auth"
 	"github.com/tendermint/basecoin/modules/base"
 	"github.com/tendermint/basecoin/modules/coin"
+	"github.com/tendermint/basecoin/modules/nonce"
 	"github.com/tendermint/go-wire"
 	eyescli "github.com/tendermint/merkleeyes/client"
 	"github.com/tendermint/tmlibs/log"
@@ -40,8 +42,9 @@ func TestCounterPlugin(t *testing.T) {
 	require.Equal(t, "Success", log)
 
 	// Deliver a CounterTx
-	DeliverCounterTx := func(valid bool, counterFee coin.Coins, inputSequence int) abci.Result {
+	DeliverCounterTx := func(valid bool, counterFee coin.Coins, sequence uint32) abci.Result {
-		tx := NewTx(valid, counterFee, inputSequence)
+		tx := NewTx(valid, counterFee)
+		tx = nonce.NewTx(sequence, []basecoin.Actor{acct.Actor()}, tx)
 		tx = base.NewChainTx(chainID, 0, tx)
 		stx := auth.NewSig(tx)
 		auth.Sign(stx, acct.Key)
@@ -49,19 +52,19 @@ func TestCounterPlugin(t *testing.T) {
 		return bcApp.DeliverTx(txBytes)
 	}
 
-	// Test a basic send, no fee (doesn't update sequence as no money spent)
+	// Test a basic send, no fee
 	res := DeliverCounterTx(true, nil, 1)
 	assert.True(res.IsOK(), res.String())
 
 	// Test an invalid send, no fee
-	res = DeliverCounterTx(false, nil, 1)
+	res = DeliverCounterTx(false, nil, 2)
 	assert.True(res.IsErr(), res.String())
 
-	// Test the fee (increments sequence)
+	// Test an invalid send, with supported fee
-	res = DeliverCounterTx(true, coin.Coins{{"gold", 100}}, 1)
+	res = DeliverCounterTx(true, coin.Coins{{"gold", 100}}, 2)
 	assert.True(res.IsOK(), res.String())
 
 	// Test unsupported fee
-	res = DeliverCounterTx(true, coin.Coins{{"silver", 100}}, 2)
+	res = DeliverCounterTx(true, coin.Coins{{"silver", 100}}, 3)
 	assert.True(res.IsErr(), res.String())
 }

errors/common.go

@@ -15,15 +15,23 @@ var (
 	errUnauthorized      = fmt.Errorf("Unauthorized")
 	errInvalidSignature  = fmt.Errorf("Invalid Signature")
 	errTooLarge          = fmt.Errorf("Input size too large")
+	errNoSigners         = fmt.Errorf("There are no signers")
 	errMissingSignature  = fmt.Errorf("Signature missing")
 	errTooManySignatures = fmt.Errorf("Too many signatures")
 	errNoChain           = fmt.Errorf("No chain id provided")
+	errTxEmpty           = fmt.Errorf("The provided Tx is empty")
 	errWrongChain        = fmt.Errorf("Wrong chain for tx")
 	errUnknownTxType     = fmt.Errorf("Tx type unknown")
 	errInvalidFormat     = fmt.Errorf("Invalid format")
 	errUnknownModule     = fmt.Errorf("Unknown module")
 	errExpired           = fmt.Errorf("Tx expired")
 	errUnknownKey        = fmt.Errorf("Unknown key")
+
+	internalErr    = abci.CodeType_InternalError
+	encodingErr    = abci.CodeType_EncodingError
+	unauthorized   = abci.CodeType_Unauthorized
+	unknownRequest = abci.CodeType_UnknownRequest
+	unknownAddress = abci.CodeType_BaseUnknownAddress
 )
 
 // some crazy reflection to unwrap any generated struct.
@@ -71,76 +79,84 @@ func IsUnknownKeyErr(err error) bool {
 }
 
 func ErrInternal(msg string) TMError {
-	return New(msg, abci.CodeType_InternalError)
+	return New(msg, internalErr)
 }
 
 // IsInternalErr matches any error that is not classified
 func IsInternalErr(err error) bool {
-	return HasErrorCode(err, abci.CodeType_InternalError)
+	return HasErrorCode(err, internalErr)
 }
 
 func ErrDecoding() TMError {
-	return WithCode(errDecoding, abci.CodeType_EncodingError)
+	return WithCode(errDecoding, encodingErr)
 }
 func IsDecodingErr(err error) bool {
 	return IsSameError(errDecoding, err)
 }
 
 func ErrUnauthorized() TMError {
-	return WithCode(errUnauthorized, abci.CodeType_Unauthorized)
+	return WithCode(errUnauthorized, unauthorized)
 }
 
 // IsUnauthorizedErr is generic helper for any unauthorized errors,
 // also specific sub-types
 func IsUnauthorizedErr(err error) bool {
-	return HasErrorCode(err, abci.CodeType_Unauthorized)
+	return HasErrorCode(err, unauthorized)
+}
+
+func ErrNoSigners() TMError {
+	return WithCode(errNoSigners, unauthorized)
 }
 
 func ErrMissingSignature() TMError {
-	return WithCode(errMissingSignature, abci.CodeType_Unauthorized)
+	return WithCode(errMissingSignature, unauthorized)
 }
 func IsMissingSignatureErr(err error) bool {
 	return IsSameError(errMissingSignature, err)
 }
 
 func ErrTooManySignatures() TMError {
-	return WithCode(errTooManySignatures, abci.CodeType_Unauthorized)
+	return WithCode(errTooManySignatures, unauthorized)
 }
 func IsTooManySignaturesErr(err error) bool {
 	return IsSameError(errTooManySignatures, err)
 }
 
 func ErrInvalidSignature() TMError {
-	return WithCode(errInvalidSignature, abci.CodeType_Unauthorized)
+	return WithCode(errInvalidSignature, unauthorized)
 }
 func IsInvalidSignatureErr(err error) bool {
 	return IsSameError(errInvalidSignature, err)
 }
 
 func ErrNoChain() TMError {
-	return WithCode(errNoChain, abci.CodeType_Unauthorized)
+	return WithCode(errNoChain, unauthorized)
 }
 func IsNoChainErr(err error) bool {
 	return IsSameError(errNoChain, err)
 }
 
+func ErrTxEmpty() TMError {
+	return WithCode(errTxEmpty, unauthorized)
+}
+
 func ErrWrongChain(chain string) TMError {
 	msg := errors.Wrap(errWrongChain, chain)
-	return WithCode(msg, abci.CodeType_Unauthorized)
+	return WithCode(msg, unauthorized)
 }
 func IsWrongChainErr(err error) bool {
 	return IsSameError(errWrongChain, err)
 }
 
 func ErrTooLarge() TMError {
-	return WithCode(errTooLarge, abci.CodeType_EncodingError)
+	return WithCode(errTooLarge, encodingErr)
 }
 func IsTooLargeErr(err error) bool {
 	return IsSameError(errTooLarge, err)
 }
 
 func ErrExpired() TMError {
-	return WithCode(errExpired, abci.CodeType_Unauthorized)
+	return WithCode(errExpired, unauthorized)
 }
 func IsExpiredErr(err error) bool {
 	return IsSameError(errExpired, err)

modules/coin/errors.go

@@ -60,13 +60,6 @@ func IsInvalidCoinsErr(err error) bool {
 	return errors.IsSameError(errInvalidCoins, err)
 }
 
-func ErrInvalidSequence() errors.TMError {
-	return errors.WithCode(errInvalidSequence, invalidInput)
-}
-func IsInvalidSequenceErr(err error) bool {
-	return errors.IsSameError(errInvalidSequence, err)
-}
-
 func ErrInsufficientFunds() errors.TMError {
 	return errors.WithCode(errInsufficientFunds, invalidInput)
 }

modules/nonce/errors.go

@@ -0,0 +1,32 @@
+//nolint
+package nonce
+
+import (
+	"fmt"
+
+	abci "github.com/tendermint/abci/types"
+
+	"github.com/tendermint/basecoin/errors"
+)
+
+var (
+	errNoNonce      = fmt.Errorf("Tx doesn't contain nonce")
+	errNotMember    = fmt.Errorf("nonce contains non-permissioned member")
+	errZeroSequence = fmt.Errorf("Sequence number cannot be zero")
+
+	unauthorized = abci.CodeType_Unauthorized
+)
+
+func ErrBadNonce(got, expected uint32) errors.TMError {
+	return errors.WithCode(fmt.Errorf("Bad nonce sequence, got %d, expected %d", got, expected), unauthorized)
+}
+
+func ErrNoNonce() errors.TMError {
+	return errors.WithCode(errNoNonce, unauthorized)
+}
+func ErrNotMember() errors.TMError {
+	return errors.WithCode(errNotMember, unauthorized)
+}
+func ErrZeroSequence() errors.TMError {
+	return errors.WithCode(errZeroSequence, unauthorized)
+}

modules/nonce/replaycheck.go

@@ -0,0 +1,73 @@
+package nonce
+
+import (
+	"github.com/tendermint/basecoin"
+	"github.com/tendermint/basecoin/stack"
+	"github.com/tendermint/basecoin/state"
+)
+
+//nolint
+const (
+	NameNonce = "nonce"
+)
+
+// ReplayCheck uses the sequence to check for replay attacks
+type ReplayCheck struct {
+	stack.PassOption
+}
+
+// Name of the module - fulfills Middleware interface
+func (ReplayCheck) Name() string {
+	return NameNonce
+}
+
+var _ stack.Middleware = ReplayCheck{}
+
+// CheckTx verifies tx is not being replayed - fulfills Middlware interface
+func (r ReplayCheck) CheckTx(ctx basecoin.Context, store state.KVStore,
+	tx basecoin.Tx, next basecoin.Checker) (res basecoin.Result, err error) {
+
+	stx, err := r.checkIncrementNonceTx(ctx, store, tx)
+	if err != nil {
+		return res, err
+	}
+
+	return next.CheckTx(ctx, store, stx)
+}
+
+// DeliverTx verifies tx is not being replayed - fulfills Middlware interface
+// NOTE It is okay to modify the sequence before running the wrapped TX because if the
+// wrapped Tx fails, the state changes are not applied
+func (r ReplayCheck) DeliverTx(ctx basecoin.Context, store state.KVStore,
+	tx basecoin.Tx, next basecoin.Deliver) (res basecoin.Result, err error) {
+
+	stx, err := r.checkIncrementNonceTx(ctx, store, tx)
+	if err != nil {
+		return res, err
+	}
+
+	return next.DeliverTx(ctx, store, stx)
+}
+
+// checkNonceTx varifies the nonce sequence, an increment sequence number
+func (r ReplayCheck) checkIncrementNonceTx(ctx basecoin.Context, store state.KVStore,
+	tx basecoin.Tx) (basecoin.Tx, error) {
+
+	// make sure it is a the nonce Tx (Tx from this package)
+	nonceTx, ok := tx.Unwrap().(Tx)
+	if !ok {
+		return tx, ErrNoNonce()
+	}
+
+	err := nonceTx.ValidateBasic()
+	if err != nil {
+		return tx, err
+	}
+
+	// check the nonce sequence number
+	err = nonceTx.CheckIncrementSeq(ctx, store)
+	if err != nil {
+		return tx, err
+	}
+	return nonceTx.Tx, nil
+}

modules/nonce/store.go

@@ -0,0 +1,30 @@
+package nonce
+
+import (
+	"fmt"
+
+	wire "github.com/tendermint/go-wire"
+
+	"github.com/tendermint/basecoin/errors"
+	"github.com/tendermint/basecoin/state"
+)
+
+func getSeq(store state.KVStore, key []byte) (seq uint32, err error) {
+	data := store.Get(key)
+	if len(data) == 0 {
+		//if the key is not stored, its a new key with a sequence of zero!
+		return 0, nil
+	}
+	err = wire.ReadBinaryBytes(data, &seq)
+	if err != nil {
+		msg := fmt.Sprintf("Error reading sequence for %X", key)
+		return seq, errors.ErrInternal(msg)
+	}
+	return seq, nil
+}
+
+func setSeq(store state.KVStore, key []byte, seq uint32) error {
+	bin := wire.BinaryBytes(seq)
+	store.Set(key, bin)
+	return nil // real stores can return error...
+}

modules/nonce/tx.go

@@ -0,0 +1,112 @@
+/*
+Package nonce - This module allows replay protection to be added to process stack.
+This is achieved through the use of a sequence number for each unique set of signers.
+Note that the sequence number for the single signing account "foo" will be unique
+from the sequence number for a multi-sig account {"foo", "bar"} which would also be
+unique from a different multi-sig account {"foo", "soup"}
+*/
+package nonce
+
+import (
+	"sort"
+
+	"github.com/tendermint/basecoin"
+	"github.com/tendermint/basecoin/errors"
+	"github.com/tendermint/basecoin/state"
+)
+
+// nolint
+const (
+	ByteNonce = 0x69 //TODO overhaul byte assign system don't make no sense!
+	TypeNonce = "nonce"
+)
+
+func init() {
+	basecoin.TxMapper.RegisterImplementation(Tx{}, TypeNonce, ByteNonce)
+}
+
+// Tx - Nonce transaction structure, contains list of signers and current sequence number
+type Tx struct {
+	Sequence uint32           `json:"sequence"`
+	Signers  []basecoin.Actor `json:"signers"`
+	Tx       basecoin.Tx      `json:"tx"`
+}
+
+var _ basecoin.TxInner = &Tx{}
+
+// NewTx wraps the tx with a signable nonce
+func NewTx(sequence uint32, signers []basecoin.Actor, tx basecoin.Tx) basecoin.Tx {
+	return (Tx{
+		Sequence: sequence,
+		Signers:  signers,
+		Tx:       tx,
+	}).Wrap()
+}
+
+//nolint
+func (n Tx) Wrap() basecoin.Tx {
+	return basecoin.Tx{n}
+}
+func (n Tx) ValidateBasic() error {
+	switch {
+	case n.Tx.Empty():
+		return errors.ErrTxEmpty()
+	case n.Sequence == 0:
+		return ErrZeroSequence()
+	case len(n.Signers) == 0:
+		return errors.ErrNoSigners()
+	}
+	return n.Tx.ValidateBasic()
+}
+
+// CheckIncrementSeq - Check that the sequence number is one more than the state sequence number
+// and further increment the sequence number
+// NOTE It is okay to modify the sequence before running the wrapped TX because if the
+// wrapped Tx fails, the state changes are not applied
+func (n Tx) CheckIncrementSeq(ctx basecoin.Context, store state.KVStore) error {
+
+	seqKey := n.getSeqKey()
+
+	// check the current state
+	cur, err := getSeq(store, seqKey)
+	if err != nil {
+		return err
+	}
+	if n.Sequence != cur+1 {
+		return ErrBadNonce(n.Sequence, cur+1)
+	}
+
+	// make sure they all signed
+	for _, s := range n.Signers {
+		if !ctx.HasPermission(s) {
+			return ErrNotMember()
+		}
+	}
+
+	// increment the sequence by 1
+	err = setSeq(store, seqKey, cur+1)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (n Tx) getSeqKey() (seqKey []byte) {
+	return GetSeqKey(n.Signers)
+}
+
+// GetSeqKey - Generate the sequence key as the concatenated list of signers, sorted by address.
+func GetSeqKey(signers []basecoin.Actor) (seqKey []byte) {
+
+	// First copy the list of signers to sort as sort is done in place
+	signers2sort := make([]basecoin.Actor, len(signers))
+	copy(signers2sort, signers)
+	sort.Sort(basecoin.ByAll(signers))
+
+	for _, signer := range signers {
+		seqKey = append(seqKey, signer.Bytes()...)
+	}
+
+	return
+}

modules/nonce/tx_test.go

@@ -0,0 +1,119 @@
+package nonce
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/tendermint/basecoin"
+	"github.com/tendermint/basecoin/stack"
+	"github.com/tendermint/basecoin/state"
+)
+
+func TestNonce(t *testing.T) {
+	assert := assert.New(t)
+	require := require.New(t)
+
+	// generic args here...
+	chainID := "my-chain"
+	chain2ID := "woohoo"
+
+	height := uint64(100)
+	ctx := stack.MockContext(chainID, height)
+	store := state.NewMemKVStore()
+
+	appName1 := "fooz"
+	appName2 := "foot"
+
+	//root actors for the tests
+	act1 := basecoin.Actor{ChainID: chainID, App: appName1, Address: []byte{1, 2, 3, 4}}
+	act2 := basecoin.Actor{ChainID: chainID, App: appName1, Address: []byte{1, 1, 1, 1}}
+	act3 := basecoin.Actor{ChainID: chainID, App: appName1, Address: []byte{3, 3, 3, 3}}
+	act1DiffChain := basecoin.Actor{ChainID: chain2ID, App: appName1, Address: []byte{1, 2, 3, 4}}
+	act2DiffChain := basecoin.Actor{ChainID: chain2ID, App: appName1, Address: []byte{1, 1, 1, 1}}
+	act3DiffChain := basecoin.Actor{ChainID: chain2ID, App: appName1, Address: []byte{3, 3, 3, 3}}
+	act1DiffApp := basecoin.Actor{ChainID: chainID, App: appName2, Address: []byte{1, 2, 3, 4}}
+	act2DiffApp := basecoin.Actor{ChainID: chainID, App: appName2, Address: []byte{1, 1, 1, 1}}
+	act3DiffApp := basecoin.Actor{ChainID: chainID, App: appName2, Address: []byte{3, 3, 3, 3}}
+
+	// let's construct some tests to make the table a bit less verbose
+	set0 := []basecoin.Actor{}
+	set1 := []basecoin.Actor{act1}
+	set2 := []basecoin.Actor{act2}
+	set12 := []basecoin.Actor{act1, act2}
+	set21 := []basecoin.Actor{act2, act1}
+	set123 := []basecoin.Actor{act1, act2, act3}
+	set321 := []basecoin.Actor{act3, act2, act1}
+
+	//some more test cases for different chains and apps for each actor
+	set123Chain2 := []basecoin.Actor{act1DiffChain, act2DiffChain, act3DiffChain}
+	set123App2 := []basecoin.Actor{act1DiffApp, act2DiffApp, act3DiffApp}
+	set123MixedChains := []basecoin.Actor{act1, act2DiffChain, act3}
+	set123MixedApps := []basecoin.Actor{act1, act2DiffApp, act3}
+
+	testList := []struct {
+		valid   bool
+		seq     uint32
+		actors  []basecoin.Actor
+		signers []basecoin.Actor
+	}{
+		// one signer
+		{false, 0, set1, set1},   // seq 0 is no good
+		{false, 1, set1, set0},   // sig is required
+		{true, 1, set1, set1},    // sig and seq are good
+		{true, 2, set1, set1},    // increments each time
+		{false, 777, set1, set1}, // seq is too high
+
+		// independent from second signer
+		{false, 1, set2, set1},  // sig must match
+		{true, 1, set2, set2},   // seq of set2 independent from set1
+		{true, 2, set2, set321}, // extra sigs don't change the situation
+
+		// multisig has same requirements
+		{false, 0, set12, set12}, // need valid sequence number
+		{false, 1, set12, set2},  // they all must sign
+		{true, 1, set12, set12},  // this is proper, independent of act1 and act2
+		{true, 2, set21, set21},  // order of actors doesn't matter
+		{false, 2, set12, set12}, // but can't repeat sequence
+		{true, 3, set12, set321}, // no effect from extra sigs
+
+		// triple sigs also work
+		{false, 2, set123, set123}, // must start with seq=1
+		{false, 1, set123, set12},  // all must sign
+		{true, 1, set123, set321},  // this works
+		{true, 2, set321, set321},  // other order is the same
+		{false, 2, set321, set321}, // no repetition
+
+		// signers with different chain-IDs and apps from actors
+		{false, 3, set123, set123Chain2},      // sign with different chain actors
+		{false, 3, set123, set123App2},        // sign with different app actors
+		{false, 3, set123, set123MixedChains}, // sign with mixed chain actor
+		{false, 3, set123, set123MixedApps},   // sign with mixed app actors
+
+		// signers from different chain-IDs and apps, working
+		{true, 1, set123Chain2, set123Chain2},
+		{true, 1, set123App2, set123App2},
+		{true, 1, set123MixedChains, set123MixedChains},
+		{true, 1, set123MixedApps, set123MixedApps},
+	}
+
+	raw := stack.NewRawTx([]byte{42})
+	for i, test := range testList {
+
+		// set the permissions
+		myCtx := ctx.WithPermissions(test.signers...)
+
+		tx := NewTx(test.seq, test.actors, raw)
+		nonceTx, ok := tx.Unwrap().(Tx)
+		require.True(ok)
+
+		err := nonceTx.CheckIncrementSeq(myCtx, store)
+		if test.valid {
+			assert.Nil(err, "%d: %+v", i, err)
+		} else {
+			assert.NotNil(err, "%d", i)
+		}
+	}
+
+}

tests/cli/basictx.sh

@@ -64,6 +64,21 @@ test02SendTxWithFee() {
 
     # Make sure tx is indexed
     checkSendFeeTx $HASH $TX_HEIGHT $SENDER "90" "10"
+
+    # assert replay protection
+    TX=$(echo qwertyuiop | ${CLIENT_EXE} tx send --amount=90mycoin --fee=10mycoin --sequence=2 --to=$RECV --name=$RICH 2>/dev/null)
+    assertFalse "replay: $TX" $?
+    checkAccount $SENDER "9007199254739900"
+    checkAccount $RECV "1082"
+
+    # make sure we can query the proper nonce
+    NONCE=$(${CLIENT_EXE} query nonce $SENDER)
+    if [ -n "$DEBUG" ]; then echo $NONCE; echo; fi
+    # TODO: note that cobra returns error code 0 on parse failure,
+    # so currently this check passes even if there is no nonce query command
+    if assertTrue "no nonce query" $?; then
+        assertEquals "line=${LINENO}, proper nonce" "2" $(echo $NONCE | jq .data)
+    fi
 }
 
 

tests/cli/common.sh

@@ -46,7 +46,7 @@ quickTearDown() {
 prepareClient() {
     echo "Preparing client keys..."
     ${CLIENT_EXE} reset_all
-    assertTrue $?
+    assertTrue "line=${LINENO}, prepare client" $?
 
     for i in "${!ACCOUNTS[@]}"; do
         newKey ${ACCOUNTS[$i]}
@@ -60,7 +60,7 @@ prepareClient() {
 initServer() {
     echo "Setting up genesis..."
     SERVE_DIR=$1/server
-    assertNotNull "no chain" $2
+    assertNotNull "line=${LINENO}, no chain" $2
     CHAIN=$2
     SERVER_LOG=$1/${SERVER_EXE}.log
 
@@ -100,26 +100,26 @@ initClient() {
     PORT=${2:-46657}
     # hard-code the expected validator hash
     ${CLIENT_EXE} init --chain-id=$1 --node=tcp://localhost:${PORT} --valhash=EB168E17E45BAEB194D4C79067FFECF345C64DE6
-    assertTrue "initialized light-client" $?
+    assertTrue "line=${LINENO}, initialized light-client" $?
 }
 
 # XXX Ex Usage1: newKey $NAME
 # XXX Ex Usage2: newKey $NAME $PASSWORD
 # Desc: Generates key for given username and password
 newKey(){
-    assertNotNull "keyname required" "$1"
+    assertNotNull "line=${LINENO}, keyname required" "$1"
     KEYPASS=${2:-qwertyuiop}
     (echo $KEYPASS; echo $KEYPASS) | ${CLIENT_EXE} keys new $1 >/dev/null 2>/dev/null
-    assertTrue "created $1" $?
+    assertTrue "line=${LINENO}, created $1" $?
-    assertTrue "$1 doesn't exist" "${CLIENT_EXE} keys get $1"
+    assertTrue "line=${LINENO}, $1 doesn't exist" "${CLIENT_EXE} keys get $1"
 }
 
 # XXX Ex Usage: getAddr $NAME
 # Desc: Gets the address for a key name
 getAddr() {
-    assertNotNull "keyname required" "$1"
+    assertNotNull "line=${LINENO}, keyname required" "$1"
     RAW=$(${CLIENT_EXE} keys get $1)
-    assertTrue "no key for $1" $?
+    assertTrue "line=${LINENO}, no key for $1" $?
     # print the addr
     echo $RAW | cut -d' ' -f2
 }
@@ -129,12 +129,12 @@ getAddr() {
 checkAccount() {
     # make sure sender goes down
     ACCT=$(${CLIENT_EXE} query account $1)
-    if ! assertTrue "account must exist" $?; then
+    if ! assertTrue "line=${LINENO}, account must exist" $?; then
         return 1
     fi
 
     if [ -n "$DEBUG" ]; then echo $ACCT; echo; fi
-    assertEquals "proper money" "$2" $(echo $ACCT | jq .data.coins[0].amount)
+    assertEquals "line=${LINENO}, proper money" "$2" $(echo $ACCT | jq .data.coins[0].amount)
     return $?
 }
 
@@ -143,8 +143,8 @@ checkAccount() {
 txSucceeded() {
     if (assertTrue "sent tx ($3): $2" $1); then
         TX=$2
-        assertEquals "good check ($3): $TX" "0" $(echo $TX | jq .check_tx.code)
+        assertEquals "line=${LINENO}, good check ($3): $TX" "0" $(echo $TX | jq .check_tx.code)
-        assertEquals "good deliver ($3): $TX" "0" $(echo $TX | jq .deliver_tx.code)
+        assertEquals "line=${LINENO}, good deliver ($3): $TX" "0" $(echo $TX | jq .deliver_tx.code)
     else
         return 1
     fi
@@ -155,17 +155,19 @@ txSucceeded() {
 #       and that the first input was from this sender for this amount
 checkSendTx() {
     TX=$(${CLIENT_EXE} query tx $1)
-    assertTrue "found tx" $?
+    assertTrue "line=${LINENO}, found tx" $?
     if [ -n "$DEBUG" ]; then echo $TX; echo; fi
 
-    assertEquals "proper height" $2 $(echo $TX | jq .height)
+    assertEquals "line=${LINENO}, proper height" $2 $(echo $TX | jq .height)
-    assertEquals "type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type)
+    assertEquals "line=${LINENO}, type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type)
     CTX=$(echo $TX | jq .data.data.tx)
-    assertEquals "type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type)
+    assertEquals "line=${LINENO}, type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type)
-    STX=$(echo $CTX | jq .data.tx)
+    NTX=$(echo $CTX | jq .data.tx)
-    assertEquals "type=coin/send" '"coin/send"' $(echo $STX | jq .type)
+    assertEquals "line=${LINENO}, type=nonce" '"nonce"' $(echo $NTX | jq .type)
-    assertEquals "proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr)
+    STX=$(echo $NTX | jq .data.tx)
-    assertEquals "proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount)
+    assertEquals "line=${LINENO}, type=coin/send" '"coin/send"' $(echo $STX | jq .type)
+    assertEquals "line=${LINENO}, proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr)
+    assertEquals "line=${LINENO}, proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount)
     return $?
 }
 
@@ -178,17 +180,19 @@ checkSendFeeTx() {
     assertTrue "found tx" $?
     if [ -n "$DEBUG" ]; then echo $TX; echo; fi
 
-    assertEquals "proper height" $2 $(echo $TX | jq .height)
+    assertEquals "line=${LINENO}, proper height" $2 $(echo $TX | jq .height)
-    assertEquals "type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type)
+    assertEquals "line=${LINENO}, type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type)
     CTX=$(echo $TX | jq .data.data.tx)
-    assertEquals "type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type)
+    assertEquals "line=${LINENO}, type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type)
-    FTX=$(echo $CTX | jq .data.tx)
+    NTX=$(echo $CTX | jq .data.tx)
-    assertEquals "type=fee/tx" '"fee/tx"' $(echo $FTX | jq .type)
+    assertEquals "line=${LINENO}, type=nonce" '"nonce"' $(echo $NTX | jq .type)
-    assertEquals "proper fee" "$5" $(echo $FTX | jq .data.fee.amount)
+    FTX=$(echo $NTX | jq .data.tx)
+    assertEquals "line=${LINENO}, type=fee/tx" '"fee/tx"' $(echo $FTX | jq .type)
+    assertEquals "line=${LINENO}, proper fee" "$5" $(echo $FTX | jq .data.fee.amount)
     STX=$(echo $FTX | jq .data.tx)
-    assertEquals "type=coin/send" '"coin/send"' $(echo $STX | jq .type)
+    assertEquals "line=${LINENO}, type=coin/send" '"coin/send"' $(echo $STX | jq .type)
-    assertEquals "proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr)
+    assertEquals "line=${LINENO}, proper sender" "\"$3\"" $(echo $STX | jq .data.inputs[0].address.addr)
-    assertEquals "proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount)
+    assertEquals "line=${LINENO}, proper out amount" "$4" $(echo $STX | jq .data.outputs[0].coins[0].amount)
     return $?
 }
 

tests/cli/counter.sh

@@ -21,21 +21,21 @@ test00GetAccount() {
     SENDER=$(getAddr $RICH)
     RECV=$(getAddr $POOR)
 
-    assertFalse "requires arg" "${CLIENT_EXE} query account"
+    assertFalse "Line=${LINENO}, requires arg" "${CLIENT_EXE} query account"
 
     checkAccount $SENDER "9007199254740992"
 
     ACCT2=$(${CLIENT_EXE} query account $RECV 2>/dev/null)
-    assertFalse "has no genesis account" $?
+    assertFalse "Line=${LINENO}, has no genesis account" $?
 }
 
 test01SendTx() {
     SENDER=$(getAddr $RICH)
     RECV=$(getAddr $POOR)
 
-    assertFalse "missing dest" "${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 2>/dev/null"
+    assertFalse "Line=${LINENO}, missing dest" "${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 2>/dev/null"
-    assertFalse "bad password" "echo foo | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH 2>/dev/null"
+    assertFalse "Line=${LINENO}, bad password" "echo foo | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH 2>/dev/null"
-    TX=$(echo qwertyuiop | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH 2>/dev/null)
+    TX=$(echo qwertyuiop | ${CLIENT_EXE} tx send --amount=992mycoin --sequence=1 --to=$RECV --name=$RICH)
     txSucceeded $? "$TX" "$RECV"
     HASH=$(echo $TX | jq .hash | tr -d \")
     TX_HEIGHT=$(echo $TX | jq .height)
@@ -49,7 +49,7 @@ test01SendTx() {
 
 test02GetCounter() {
     COUNT=$(${CLIENT_EXE} query counter 2>/dev/null)
-    assertFalse "no default count" $?
+    assertFalse "Line=${LINENO}, no default count" $?
 }
 
 # checkCounter $COUNT $BALANCE
@@ -57,15 +57,15 @@ test02GetCounter() {
 checkCounter() {
     # make sure sender goes down
     ACCT=$(${CLIENT_EXE} query counter)
-    if assertTrue "count is set" $?; then
+    if assertTrue "Line=${LINENO}, count is set" $?; then
-      assertEquals "proper count" "$1" $(echo $ACCT | jq .data.counter)
+        assertEquals "Line=${LINENO}, proper count" "$1" $(echo $ACCT | jq .data.counter)
-      assertEquals "proper money" "$2" $(echo $ACCT | jq .data.total_fees[0].amount)
+        assertEquals "Line=${LINENO}, proper money" "$2" $(echo $ACCT | jq .data.total_fees[0].amount)
     fi
 }
 
 test03AddCount() {
     SENDER=$(getAddr $RICH)
-    assertFalse "bad password" "echo hi | ${CLIENT_EXE} tx counter --countfee=100mycoin --sequence=2 --name=${RICH} 2>/dev/null"
+    assertFalse "Line=${LINENO}, bad password" "echo hi | ${CLIENT_EXE} tx counter --countfee=100mycoin --sequence=2 --name=${RICH} 2>/dev/null"
 
     TX=$(echo qwertyuiop | ${CLIENT_EXE} tx counter --countfee=10mycoin --sequence=2 --name=${RICH} --valid)
     txSucceeded $? "$TX" "counter"
@@ -80,14 +80,16 @@ test03AddCount() {
 
     # make sure tx is indexed
     TX=$(${CLIENT_EXE} query tx $HASH --trace)
-    if assertTrue "found tx" $?; then
+    if assertTrue "Line=${LINENO}, found tx" $?; then
-      assertEquals "proper height" $TX_HEIGHT $(echo $TX | jq .height)
+        assertEquals "Line=${LINENO}, proper height" $TX_HEIGHT $(echo $TX | jq .height)
-      assertEquals "type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type)
+        assertEquals "Line=${LINENO}, type=sigs/one" '"sigs/one"' $(echo $TX | jq .data.type)
-      CTX=$(echo $TX | jq .data.data.tx)
+        CTX=$(echo $TX | jq .data.data.tx)
-      assertEquals "type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type)
+        assertEquals "Line=${LINENO}, type=chain/tx" '"chain/tx"' $(echo $CTX | jq .type)
-      CNTX=$(echo $CTX | jq .data.tx)
+        NTX=$(echo $CTX | jq .data.tx)
-      assertEquals "type=cntr/count" '"cntr/count"' $(echo $CNTX | jq .type)
+        assertEquals "line=${LINENO}, type=nonce" '"nonce"' $(echo $NTX | jq .type)
-      assertEquals "proper fee" "10" $(echo $CNTX | jq .data.fee[0].amount)
+        CNTX=$(echo $NTX | jq .data.tx)
+        assertEquals "Line=${LINENO}, type=cntr/count" '"cntr/count"' $(echo $CNTX | jq .type)
+        assertEquals "Line=${LINENO}, proper fee" "10" $(echo $CNTX | jq .data.fee[0].amount)
     fi
 
     # test again with fees...
@@ -99,6 +101,12 @@ test03AddCount() {
 
     # make sure the account was debited 11
     checkAccount $SENDER "9007199254739979"
+
+    # make sure we cannot replay the counter, no state change
+    TX=$(echo qwertyuiop | ${CLIENT_EXE} tx counter --countfee=10mycoin --sequence=2 --name=${RICH} --valid 2>/dev/null)
+    assertFalse "replay: $TX" $?
+    checkCounter "2" "17"
+    checkAccount $SENDER "9007199254739979"
 }
 
 # Load common then run these tests with shunit2!