Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Account based eacl targets #592

Merged
merged 3 commits into from
Aug 7, 2024
Merged

Conversation

smallhive
Copy link
Contributor

Copy link
Contributor

@cthulhu-rider cthulhu-rider left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

correct under the hood, but i propose to extend/change API

eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
Copy link
Member

@carpawell carpawell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not API repo changes first?

@cthulhu-rider
Copy link
Contributor

Why not API repo changes first?

there will be one comment in docs, no binary protocol changes. But we wanna review the concept in practice. In total, yes, we'll have to merge this and API simultaneously @smallhive

Copy link

codecov bot commented Jul 5, 2024

Codecov Report

Attention: Patch coverage is 91.89189% with 3 lines in your changes missing coverage. Please review.

Project coverage is 53.69%. Comparing base (0f82848) to head (c30d691).
Report is 1 commits behind head on master.

Files Patch % Lines
user/id.go 0.00% 2 Missing ⚠️
eacl/target.go 95.45% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##           master     #592      +/-   ##
==========================================
+ Coverage   53.62%   53.69%   +0.06%     
==========================================
  Files         164      164              
  Lines       19078    19113      +35     
==========================================
+ Hits        10231    10262      +31     
- Misses       8443     8447       +4     
  Partials      404      404              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

user/id.go Outdated Show resolved Hide resolved
user/id.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/validator.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
@smallhive
Copy link
Contributor Author

Updated to user.ID account meaning with 25 byte length

eacl/validator.go Outdated Show resolved Hide resolved
eacl/validator.go Outdated Show resolved Hide resolved
eacl/validator_test.go Outdated Show resolved Hide resolved
user/id_test.go Outdated Show resolved Hide resolved
user/id.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Show resolved Hide resolved
eacl/types.go Outdated Show resolved Hide resolved
eacl/types.go Outdated Show resolved Hide resolved
@carpawell
Copy link
Member

Why not API repo changes first?

But still.

eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated
// SetAccounts sets list of accounts to identify target subject.
//
// Each element of the accounts parameter is a slice of bytes of [user.ID].
func (t *Target) SetAccounts(accounts [][]byte) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not just user.ID then? it is even documented like this

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SetBinaryKeys is deprecated now and changing SetAccounts signature eliminates possibility to pass public keys

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do not see problems or do not understand. if we do not want users to use SetBinaryKeys why we want them to be able to pass keys via SetAccounts (a func that is even documented to be used with user.ID slices only)?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i bet the reason is that we cannot keep getter and setter symmetry while having Set([]user.ID). Field is [][]byte anyway, so it's pretty normal to accept/return value of this type. At the same time, we may provide functional helpers for those who desires to set []user.ID (#592 (comment))

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Field is [][]byte anyway

the field should be kept as long as we have such eALCs set in public networks. but new eACLs should be filled with SetAccounts and no keys should be accepted. at least that is how i see it

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

new eACLs should be filled with SetAccounts and no keys should be accepted

it's questionable which ones are new. For example, if i need to add one rule to my existing table w/o touching previously set records - i dont expect the system to deny such table. It worked with N records, i expect it to work with N+1 ones. Yeah, i can refill they whole table, but this is inconvenient for me being a client

the field should be kept as long as we have such eALCs set in public networks

weve been through this before - its impossible to track this in general. We need to clearly define the moment after which support will be cut. This should be either a system timestamp or next major protocol version

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why we deprecate if we gonna support it? to me, that should work this way: 0.43.0 release (node and ir) supports both ways, 0.44.0 supports only accounts. "supports" means accepting new tables, old ones should always work until we understand there are no such tables in the contract

anyway, what is your understanding of public keys deprecation? how long are we gonna support it? till 1.0.0 SDK release? what definition will it have? SetAccounts(accounts [][]byte) too?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Keys will be supported for as long as needed.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As for the method interface --- I'd really love to see more specific type here. It can be done symmetrically, the only problem is keys in existing eacls. Keys can be converted into standard accounts, but that can be misleading. We can treat them as separate entities though. We already have Role concept in the Target that is independent of Keys. So we can also have Accounts that are independent of them, you get keys (size-checked!) in BinaryKeys() and you get accounts from Accounts(), they can technically be mixed in the same eacl rule.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

all cases can be supported by functions around the most generic methods accepting/returning [][]byte, so currently proposed approach is the most preferable to me cuz it is the closest to the protocol

eacl/target.go Show resolved Hide resolved
eacl/types.go Show resolved Hide resolved
user/id.go Outdated Show resolved Hide resolved
eacl/target.go Outdated
// SetAccounts sets list of accounts to identify target subject.
//
// Each element of the accounts parameter is a slice of bytes of [user.ID].
func (t *Target) SetAccounts(accounts [][]byte) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As for the method interface --- I'd really love to see more specific type here. It can be done symmetrically, the only problem is keys in existing eacls. Keys can be converted into standard accounts, but that can be misleading. We can treat them as separate entities though. We already have Role concept in the Target that is independent of Keys. So we can also have Accounts that are independent of them, you get keys (size-checked!) in BinaryKeys() and you get accounts from Accounts(), they can technically be mixed in the same eacl rule.

user/id.go Outdated
@@ -82,6 +82,11 @@ func (x ID) WriteToV2(m *refs.OwnerID) {
// Deprecated: use [NewFromScriptHash] instead.
func (x *ID) SetScriptHash(scriptHash util.Uint160) { *x = NewFromScriptHash(scriptHash) }

// GetScriptHash gets scripthash from user ID.
func (x ID) GetScriptHash() util.Uint160 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can just be ScriptHash(), no need to Get.

eacl/target.go Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
@@ -45,7 +47,26 @@ func (t Target) CopyTo(dst *Target) {
//
// The value returned shares memory with the structure itself, so changing it can lead to data corruption.
// Make a copy if you need to change it.
// Deprecated: use [Target.Accounts] instead.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sounds a little strange to me: if i am using binary keys, using Accounts does not solve my "deprication-message-from-linter" problem; can be like "using raw binary keys is not encouraged and will be dropped eventually, use Accoun-based targets instead". however, it is a minor problem

eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/target.go Outdated Show resolved Hide resolved
eacl/types.go Outdated Show resolved Hide resolved
Refs #483.

Signed-off-by: Evgenii Baidakov <[email protected]>
This is just a helper for scripthash extraction from user.ID. We can create user.ID from scripthash but don't have the option to do it vice versa.

Signed-off-by: Evgenii Baidakov <[email protected]>
Signed-off-by: Evgenii Baidakov <[email protected]>
@roman-khimov roman-khimov merged commit 3528eb5 into master Aug 7, 2024
12 checks passed
@roman-khimov roman-khimov deleted the account-based-eacl-targets branch August 7, 2024 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants