defuse/accounts.rs
1use defuse_core::{Nonce, crypto::PublicKey};
2use defuse_serde_utils::base64::AsBase64;
3use near_plugins::AccessControllable;
4use near_sdk::{AccountId, ext_contract};
5use std::collections::HashSet;
6
7#[ext_contract(ext_account_manager)]
8pub trait AccountManager {
9 /// Check if account has given public key
10 fn has_public_key(&self, account_id: &AccountId, public_key: &PublicKey) -> bool;
11
12 /// Returns set of public keys registered for given account
13 fn public_keys_of(&self, account_id: &AccountId) -> HashSet<PublicKey>;
14
15 /// Registers or re-activates `public_key` under the caller account_id.
16 ///
17 /// NOTE: MUST attach 1 yⓃ for security purposes.
18 fn add_public_key(&mut self, public_key: PublicKey);
19
20 /// Deactivate `public_key` from the caller account_id,
21 /// i.e. this key can't be used to make any actions unless it's re-created.
22 ///
23 /// NOTE: MUST attach 1 yⓃ for security purposes.
24 fn remove_public_key(&mut self, public_key: PublicKey);
25
26 /// Returns whether given nonce was already used by the account
27 /// NOTE: nonces are non-sequential and follow
28 /// [permit2 nonce schema](https://docs.uniswap.org/contracts/permit2/reference/signature-transfer#nonce-schema).
29 fn is_nonce_used(&self, account_id: &AccountId, nonce: AsBase64<Nonce>) -> bool;
30
31 /// Returns whether authentication by PREDECESSOR_ID is enabled
32 /// for given `account_id`.
33 ///
34 /// NOTE: Authentication by PREDECESSOR_ID is enabled by default
35 /// when creating new accounts.
36 fn is_auth_by_predecessor_id_enabled(&self, account_id: &AccountId) -> bool;
37
38 /// Disables authentication by PREDECESSOR_ID for the caller,
39 /// i.e. PREDECESSOR_ID itself.
40 ///
41 /// **WARN**: Doing so might lock you out of your funds if
42 /// you don't have any other public_keys added to your account.
43 ///
44 /// NOTE: MUST attach 1 yⓃ for security purposes.
45 fn disable_auth_by_predecessor_id(&mut self);
46}
47
48#[ext_contract(ext_force_account_manager)]
49pub trait ForceAccountManager: AccessControllable {
50 /// Returns whether the given`account_id` is locked
51 fn is_account_locked(&self, account_id: &AccountId) -> bool;
52
53 /// Locks given `account_id` from modifying its own state, including
54 /// token balances.
55 /// Returns `false` if the account was already in locked state.
56 ///
57 /// Attached deposit of 1yN is required for security purposes.
58 ///
59 /// NOTE: this still allows for force withdrawals/transfers
60 fn force_lock_account(&mut self, account_id: AccountId) -> bool;
61
62 /// Unlocks given `account_id`.
63 /// Returns `false` if the account wasn't in locked state.
64 ///
65 /// Attached deposit of 1yN is required for security purposes.
66 fn force_unlock_account(&mut self, account_id: &AccountId) -> bool;
67
68 /// Disables authentication by PREDECESSOR_ID for given account ids.
69 ///
70 /// **WARN**: Doing so might lock these accounts out of your funds if
71 /// they don't have any other public_keys added to them.
72 ///
73 /// NOTE: MUST attach 1 yⓃ for security purposes.
74 fn force_disable_auth_by_predecessor_ids(&mut self, account_ids: Vec<AccountId>);
75
76 /// Enables authentication by PREDECESSOR_ID for given account ids.
77 ///
78 /// **WARN**: Doing so might let an attacker who has control over Near
79 /// accounts with the same AccountIds to take over control of these
80 /// accounts inside verifier contract.
81 ///
82 /// NOTE: MUST attach 1 yⓃ for security purposes.
83 fn force_enable_auth_by_predecessor_ids(&mut self, account_ids: Vec<AccountId>);
84}