defuse/accounts.rs
1use std::collections::HashSet;
2
3use defuse_core::{Nonce, crypto::PublicKey};
4use defuse_serde_utils::base64::AsBase64;
5use near_plugins::AccessControllable;
6use near_sdk::{AccountId, ext_contract};
7
8#[ext_contract(ext_account_manager)]
9pub trait AccountManager {
10 /// Check if account has given public key
11 fn has_public_key(&self, account_id: &AccountId, public_key: &PublicKey) -> bool;
12
13 /// Returns set of public keys registered for given account
14 fn public_keys_of(&self, account_id: &AccountId) -> HashSet<PublicKey>;
15
16 /// Registers or re-activates `public_key` under the caller account_id.
17 ///
18 /// NOTE: MUST attach 1 yⓃ for security purposes.
19 fn add_public_key(&mut self, public_key: PublicKey);
20
21 /// Deactivate `public_key` from the caller account_id,
22 /// i.e. this key can't be used to make any actions unless it's re-created.
23 ///
24 /// NOTE: MUST attach 1 yⓃ for security purposes.
25 fn remove_public_key(&mut self, public_key: PublicKey);
26
27 /// Returns whether given nonce was already used by the account
28 /// NOTE: nonces are non-sequential and follow
29 /// [permit2 nonce schema](https://docs.uniswap.org/contracts/permit2/reference/signature-transfer#nonce-schema).
30 fn is_nonce_used(&self, account_id: &AccountId, nonce: AsBase64<Nonce>) -> bool;
31
32 /// Returns whether authentication by PREDECESSOR_ID is enabled
33 /// for given `account_id`.
34 ///
35 /// NOTE: Authentication by PREDECESSOR_ID is enabled by default
36 /// when creating new accounts.
37 fn is_auth_by_predecessor_id_enabled(&self, account_id: &AccountId) -> bool;
38
39 /// Disables authentication by PREDECESSOR_ID for the caller,
40 /// i.e. PREDECESSOR_ID itself.
41 ///
42 /// **WARN**: Doing so might lock you out of your funds if
43 /// you don't have any other public_keys added to your account.
44 ///
45 /// NOTE: MUST attach 1 yⓃ for security purposes.
46 fn disable_auth_by_predecessor_id(&mut self);
47}
48
49#[ext_contract(ext_force_account_manager)]
50pub trait ForceAccountManager: AccessControllable {
51 /// Returns whether the given`account_id` is locked
52 fn is_account_locked(&self, account_id: &AccountId) -> bool;
53
54 /// Locks given `account_id` from modifying its own state, including
55 /// token balances.
56 /// Returns `false` if the account was already in locked state.
57 ///
58 /// Attached deposit of 1yN is required for security purposes.
59 ///
60 /// NOTE: this still allows for force withdrawals/transfers
61 fn force_lock_account(&mut self, account_id: AccountId) -> bool;
62
63 /// Unlocks given `account_id`.
64 /// Returns `false` if the account wasn't in locked state.
65 ///
66 /// Attached deposit of 1yN is required for security purposes.
67 fn force_unlock_account(&mut self, account_id: &AccountId) -> bool;
68
69 /// Disables authentication by PREDECESSOR_ID for given account ids.
70 ///
71 /// **WARN**: Doing so might lock these accounts out of your funds if
72 /// they don't have any other public_keys added to them.
73 ///
74 /// NOTE: MUST attach 1 yⓃ for security purposes.
75 fn force_disable_auth_by_predecessor_ids(&mut self, account_ids: Vec<AccountId>);
76
77 /// Enables authentication by PREDECESSOR_ID for given account ids.
78 ///
79 /// **WARN**: Doing so might let an attacker who has control over Near
80 /// accounts with the same AccountIds to take over control of these
81 /// accounts inside verifier contract.
82 ///
83 /// NOTE: MUST attach 1 yⓃ for security purposes.
84 fn force_enable_auth_by_predecessor_ids(&mut self, account_ids: Vec<AccountId>);
85}