Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add verify command #1306

Merged
merged 33 commits into from
Sep 1, 2023
Merged

Add verify command #1306

merged 33 commits into from
Sep 1, 2023

Conversation

SkymanOne
Copy link
Contributor

@SkymanOne SkymanOne commented Aug 29, 2023
edited
Loading

Supersedes #696

Adds a cargo contract verify <path to reference contract bundle> command which allows to verify if the given contract code matches the reference bundle.

In addition to the previous PR, I have added the support to verify "verifiable" contract. If the contract bundle specify image in metadata, then we build the target contract code in the container of the specified image and then verify.

This PR also locks the version of wasm-opt crate which often is the cause of binary mismatch.

HCastano and others added 23 commits October 20, 2022 15:15
@HCastano
Add skeleton of Verify command
51117cc
@HCastano
Read BuildInfo from contract metadata
13d29dc
@HCastano
Manually build contract using BuildInfo
85ccd7d
@HCastano
Check built Wasm file against that in the reference metadata
7de595c
@HCastano
Comopare SourceWasm's instead of byte strings
e67d108
@HCastano
Check that current nightly matches that from contract
b90f126
@HCastano
Switch from env_logger to tracing
a350f4c
@HCastano
Use helper function to get current Rust toolchain
e87c51a
@HCastano
Clean up docs a little
4317f55
@HCastano
Bail out if wasm-opt versions don't match
fed9c3f 
This should maybe be a warning instead of an error, but I'll need
to experiment with this more.
@HCastano
Use stable rustc toolchain
b743987
@HCastano
Use keep_debug_symbols from metadata
f6770de
@HCastano
Make output more colourful
2f3ca03
@HCastano
Add missing doc comment
e2c5675
@HCastano
Do a better job of error handling
963387c
@HCastano
Add more error handling improvements
e7b9577
@HCastano
Add CHANGELOG entry
a64b631
@HCastano
Appease Clippy
d6db73f
@HCastano
Use updated Rust toolchain build info
80233c4
@HCastano
Apply fixes for clap v4.0
98cc7fb
@HCastano
Compare cargo-contract versions instead of wasm-opt versions
b2d10c2 
Since releases of `cargo-contract` are now bundled with a `wasm-opt`
library we can assume that equal versions of `cargo-contract` contain
equal versions of `wasm-opt`.
Merge branch 'master' into gn/verify-command
1a71959 
	git update-ref -d MERGE_HEAD
update code
2fd80f1
@SkymanOne SkymanOne mentioned this pull request Aug 29, 2023
Closed
@SkymanOne SkymanOne marked this pull request as ready for review August 29, 2023 22:56
ascjones
ascjones reviewed Aug 30, 2023
View reviewed changes
Copy link
Collaborator

@ascjones ascjones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One more thing: a lot of trust will be put into this command, therefore we should have integration tests here for both the positive and negative results of this command.

@SkymanOne
Copy link
Contributor Author

One more thing: a lot of trust will be put into this command, therefore we should have integration tests here for both the positive and negative results of this command.

I doubt we will be able to simulate different OS environments, but minor changes in the code should work.

SkymanOne
SkymanOne commented Aug 30, 2023
View reviewed changes
crates/cargo-contract/tests/verify.rs
tracing::debug!("Building contract in {}", project_dir.to_string_lossy());
cargo_contract(&project_dir)
.arg("build")
.arg("--release")
Copy link
Contributor Author

@SkymanOne SkymanOne Aug 30, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oddly, without the flag, the cargo contract build produces different wasm binaries even though the crate name and code are identical but places in differnt temp dirs.

ascjones
ascjones approved these changes Aug 31, 2023
View reviewed changes
Copy link
Collaborator

@ascjones ascjones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Might be good as a next step to be able to verify from a contract account id that it is an instance of the verified contract. Should be straightforward just by looking up the code hash and then comparing that.

@SkymanOne SkymanOne merged commit b731f54 into master Sep 1, 2023
10 checks passed
@SkymanOne SkymanOne deleted the gn/verify-command branch September 1, 2023 15:56
@SkymanOne SkymanOne mentioned this pull request Sep 11, 2023
Closed
5 tasks
@smiasojed smiasojed mentioned this pull request Nov 30, 2023
Merged
@smiasojed smiasojed mentioned this pull request Mar 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ascjones ascjones ascjones approved these changes

@cmichi cmichi Awaiting requested review from cmichi cmichi is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SkymanOne @ascjones @HCastano