2017-07-13 10:22:05 -07:00
|
|
|
package ibc
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/tendermint/basecoin"
|
|
|
|
"github.com/tendermint/basecoin/stack"
|
|
|
|
"github.com/tendermint/basecoin/state"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Middleware allows us to verify the IBC proof on a packet and
|
|
|
|
// and if valid, attach this permission to the wrapped packet
|
|
|
|
type Middleware struct {
|
2017-07-30 14:26:25 -07:00
|
|
|
stack.PassInitState
|
|
|
|
stack.PassInitValidate
|
2017-07-13 10:22:05 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
var _ stack.Middleware = Middleware{}
|
|
|
|
|
|
|
|
// NewMiddleware creates a role-checking middleware
|
|
|
|
func NewMiddleware() Middleware {
|
|
|
|
return Middleware{}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Name - return name space
|
|
|
|
func (Middleware) Name() string {
|
|
|
|
return NameIBC
|
|
|
|
}
|
|
|
|
|
|
|
|
// CheckTx verifies the named chain and height is present, and verifies
|
|
|
|
// the merkle proof in the packet
|
2017-07-30 08:45:08 -07:00
|
|
|
func (m Middleware) CheckTx(ctx basecoin.Context, store state.SimpleDB, tx basecoin.Tx, next basecoin.Checker) (res basecoin.CheckResult, err error) {
|
2017-07-17 12:52:02 -07:00
|
|
|
// if it is not a PostPacket, just let it go through
|
|
|
|
post, ok := tx.Unwrap().(PostPacketTx)
|
|
|
|
if !ok {
|
|
|
|
return next.CheckTx(ctx, store, tx)
|
|
|
|
}
|
|
|
|
|
|
|
|
// parse this packet and get the ibc-enhanced tx and context
|
|
|
|
ictx, itx, err := m.verifyPost(ctx, store, post)
|
|
|
|
if err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
return next.CheckTx(ictx, store, itx)
|
2017-07-13 10:22:05 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// DeliverTx verifies the named chain and height is present, and verifies
|
|
|
|
// the merkle proof in the packet
|
2017-07-30 08:45:08 -07:00
|
|
|
func (m Middleware) DeliverTx(ctx basecoin.Context, store state.SimpleDB, tx basecoin.Tx, next basecoin.Deliver) (res basecoin.DeliverResult, err error) {
|
2017-07-17 12:52:02 -07:00
|
|
|
// if it is not a PostPacket, just let it go through
|
|
|
|
post, ok := tx.Unwrap().(PostPacketTx)
|
|
|
|
if !ok {
|
|
|
|
return next.DeliverTx(ctx, store, tx)
|
|
|
|
}
|
|
|
|
|
|
|
|
// parse this packet and get the ibc-enhanced tx and context
|
|
|
|
ictx, itx, err := m.verifyPost(ctx, store, post)
|
|
|
|
if err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
return next.DeliverTx(ictx, store, itx)
|
|
|
|
}
|
|
|
|
|
|
|
|
// verifyPost accepts a message bound for this chain...
|
|
|
|
// TODO: think about relay
|
2017-07-21 10:53:52 -07:00
|
|
|
func (m Middleware) verifyPost(ctx basecoin.Context, store state.SimpleDB,
|
2017-07-17 12:52:02 -07:00
|
|
|
tx PostPacketTx) (ictx basecoin.Context, itx basecoin.Tx, err error) {
|
|
|
|
|
|
|
|
// make sure the chain is registered
|
|
|
|
from := tx.FromChainID
|
|
|
|
if !NewChainSet(store).Exists([]byte(from)) {
|
2017-07-18 05:27:53 -07:00
|
|
|
return ictx, itx, ErrNotRegistered(from)
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: how to deal with routing/relaying???
|
|
|
|
packet := tx.Packet
|
|
|
|
if packet.DestChain != ctx.ChainID() {
|
|
|
|
return ictx, itx, ErrWrongDestChain(packet.DestChain)
|
|
|
|
}
|
|
|
|
|
|
|
|
// verify packet.Permissions all come from the other chain
|
|
|
|
if !packet.Permissions.AllHaveChain(tx.FromChainID) {
|
|
|
|
return ictx, itx, ErrCannotSetPermission()
|
2017-07-17 12:52:02 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// make sure this sequence number is the next in the list
|
|
|
|
q := InputQueue(store, from)
|
2017-07-18 05:27:53 -07:00
|
|
|
tail := q.Tail()
|
|
|
|
if packet.Sequence < tail {
|
|
|
|
return ictx, itx, ErrPacketAlreadyExists()
|
|
|
|
}
|
|
|
|
if packet.Sequence > tail {
|
|
|
|
return ictx, itx, ErrPacketOutOfOrder(tail)
|
2017-07-17 12:52:02 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// look up the referenced header
|
|
|
|
space := stack.PrefixedStore(from, store)
|
|
|
|
provider := newDBProvider(space)
|
2017-07-18 05:27:53 -07:00
|
|
|
seed, err := provider.GetExactHeight(int(tx.FromChainHeight))
|
2017-07-17 12:52:02 -07:00
|
|
|
if err != nil {
|
|
|
|
return ictx, itx, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// verify the merkle hash....
|
|
|
|
root := seed.Header.AppHash
|
2017-07-18 05:27:53 -07:00
|
|
|
pBytes := packet.Bytes()
|
2017-08-04 11:02:23 -07:00
|
|
|
err = tx.Proof.Verify(tx.Key, pBytes, root)
|
|
|
|
if err != nil {
|
|
|
|
return ictx, itx, ErrInvalidProofWithReason(err)
|
2017-07-18 05:27:53 -07:00
|
|
|
}
|
2017-07-17 12:52:02 -07:00
|
|
|
|
|
|
|
// add to input queue
|
2017-07-18 05:27:53 -07:00
|
|
|
q.Push(pBytes)
|
2017-07-17 12:52:02 -07:00
|
|
|
|
|
|
|
// return the wrapped tx along with the extra permissions
|
2017-07-19 11:11:51 -07:00
|
|
|
ictx = ctx.WithPermissions(packet.Permissions...)
|
2017-07-17 12:52:02 -07:00
|
|
|
itx = packet.Tx
|
|
|
|
return
|
2017-07-13 10:22:05 -07:00
|
|
|
}
|