defuse/contract/accounts/
mod.rs

1mod account;
2mod force;
3mod state;
4
5pub use self::{account::*, state::*};
6
7use std::{borrow::Cow, collections::HashSet};
8
9use defuse_core::{
10    DefuseError, Nonce, PublicKey, Result,
11    accounts::{AccountEvent, PublicKeyEvent},
12    engine::{State, StateView},
13    events::DefuseEvent,
14    intents::{MaybeIntentEvent, account::SetAuthByPredecessorId},
15};
16
17use defuse_near_utils::{Lock, NestPrefix, UnwrapOrPanic};
18use defuse_serde_utils::base64::AsBase64;
19
20use near_sdk::{
21    AccountId, AccountIdRef, BorshStorageKey, FunctionError, IntoStorageKey, assert_one_yocto,
22    borsh::BorshSerialize, env, near, store::IterableMap,
23};
24
25use crate::{
26    accounts::AccountManager,
27    contract::{Contract, ContractExt, accounts::AccountEntry},
28};
29
30#[near]
31impl AccountManager for Contract {
32    fn has_public_key(&self, account_id: &AccountId, public_key: &PublicKey) -> bool {
33        StateView::has_public_key(self, account_id, public_key)
34    }
35
36    fn public_keys_of(&self, account_id: &AccountId) -> HashSet<PublicKey> {
37        StateView::iter_public_keys(self, account_id).collect()
38    }
39
40    #[payable]
41    fn add_public_key(&mut self, public_key: PublicKey) {
42        assert_one_yocto();
43        let account_id = self.ensure_auth_predecessor_id();
44
45        self.add_public_key_and_emit_event(account_id.as_ref(), public_key);
46    }
47
48    #[payable]
49    fn remove_public_key(&mut self, public_key: PublicKey) {
50        assert_one_yocto();
51        let account_id = self.ensure_auth_predecessor_id();
52
53        self.remove_public_key_and_emit_event(account_id.as_ref(), public_key);
54    }
55
56    fn is_nonce_used(&self, account_id: &AccountId, nonce: AsBase64<Nonce>) -> bool {
57        StateView::is_nonce_used(self, account_id, nonce.into_inner())
58    }
59
60    fn is_auth_by_predecessor_id_enabled(&self, account_id: &AccountId) -> bool {
61        StateView::is_auth_by_predecessor_id_enabled(self, account_id)
62    }
63
64    #[payable]
65    fn disable_auth_by_predecessor_id(&mut self) {
66        assert_one_yocto();
67
68        self.set_auth_by_predecessor_id_and_emit_event(
69            &self.ensure_auth_predecessor_id(),
70            false,
71            false,
72        )
73        .unwrap_or_panic();
74    }
75}
76
77impl Contract {
78    #[inline]
79    pub fn ensure_auth_predecessor_id(&self) -> AccountId {
80        let predecessor_account_id = env::predecessor_account_id();
81        if !StateView::is_auth_by_predecessor_id_enabled(self, &predecessor_account_id) {
82            DefuseError::AuthByPredecessorIdDisabled(predecessor_account_id).panic();
83        }
84        predecessor_account_id
85    }
86
87    /// Sets whether authentication by `PREDECESSOR_ID` is enabled.
88    /// Emits an event if the authentication status was toggled.
89    /// Returns whether authentication by `PREDECESSOR_ID` was toggled.
90    pub fn set_auth_by_predecessor_id_and_emit_event(
91        &mut self,
92        account_id: &AccountIdRef,
93        enable: bool,
94        force: bool,
95    ) -> Result<bool> {
96        let toggled = self.internal_set_auth_by_predecessor_id(account_id, enable, force)?;
97
98        if toggled {
99            DefuseEvent::SetAuthByPredecessorId(MaybeIntentEvent::new_fn_call(AccountEvent::new(
100                Cow::Borrowed(account_id),
101                Cow::Owned(SetAuthByPredecessorId { enabled: enable }),
102            )))
103            .emit();
104        }
105
106        Ok(toggled)
107    }
108
109    /// Sets whether authentication by `PREDECESSOR_ID` is enabled.
110    /// Returns whether authentication by `PREDECESSOR_ID` was toggled.
111    pub(crate) fn internal_set_auth_by_predecessor_id(
112        &mut self,
113        account_id: &AccountIdRef,
114        enable: bool,
115        force: bool,
116    ) -> Result<bool> {
117        if enable {
118            let Some(account) = self.accounts.get_mut(account_id) else {
119                // no need to create an account: not-yet-existing accounts
120                // have auth by PREDECESSOR_ID enabled by default
121                return Ok(false);
122            };
123            account
124        } else {
125            self.accounts.get_or_create(account_id.into())
126        }
127        .get_mut_maybe_forced(force)
128        .ok_or_else(|| DefuseError::AccountLocked(account_id.into()))
129        .map(|account| account.set_auth_by_predecessor_id(enable))
130    }
131
132    pub fn add_public_key_and_emit_event(
133        &mut self,
134        account_id: &AccountIdRef,
135        public_key: PublicKey,
136    ) {
137        State::add_public_key(self, account_id.into(), public_key).unwrap_or_panic();
138
139        DefuseEvent::PublicKeyAdded(MaybeIntentEvent::new_fn_call(AccountEvent::new(
140            Cow::Borrowed(account_id),
141            PublicKeyEvent {
142                public_key: Cow::Borrowed(&public_key),
143            },
144        )))
145        .emit();
146    }
147
148    pub fn remove_public_key_and_emit_event(
149        &mut self,
150        account_id: &AccountIdRef,
151        public_key: PublicKey,
152    ) {
153        State::remove_public_key(self, account_id.into(), public_key).unwrap_or_panic();
154
155        DefuseEvent::PublicKeyRemoved(MaybeIntentEvent::new_fn_call(AccountEvent::new(
156            Cow::Borrowed(account_id),
157            PublicKeyEvent {
158                public_key: Cow::Borrowed(&public_key),
159            },
160        )))
161        .emit();
162    }
163}
164
165#[derive(Debug)]
166#[near(serializers = [borsh])]
167pub struct Accounts {
168    accounts: IterableMap<AccountId, AccountEntry>,
169    prefix: Vec<u8>,
170}
171
172impl Accounts {
173    #[inline]
174    pub fn new<S>(prefix: S) -> Self
175    where
176        S: IntoStorageKey,
177    {
178        let prefix = prefix.into_storage_key();
179
180        Self {
181            accounts: IterableMap::new(prefix.as_slice().nest(AccountsPrefix::Accounts)),
182            prefix,
183        }
184    }
185
186    #[inline]
187    pub fn get(&self, account_id: &AccountIdRef) -> Option<&Lock<Account>> {
188        self.accounts.get(account_id).map(|a| &**a)
189    }
190
191    #[inline]
192    pub fn get_mut(&mut self, account_id: &AccountIdRef) -> Option<&mut Lock<Account>> {
193        self.accounts.get_mut(account_id).map(|a| &mut **a)
194    }
195
196    /// Gets or creates an account with given `account_id`.
197    /// NOTE: The created account will be unblocked by default.
198    #[inline]
199    pub fn get_or_create(&mut self, account_id: AccountId) -> &mut Lock<Account> {
200        self.accounts
201            .entry(account_id)
202            .or_insert_with_key(|account_id| {
203                Lock::unlocked(Account::new(
204                    self.prefix
205                        .as_slice()
206                        .nest(AccountsPrefix::Account(account_id)),
207                    account_id,
208                ))
209                .into()
210            })
211    }
212}
213
214#[derive(BorshSerialize, BorshStorageKey)]
215#[borsh(crate = "::near_sdk::borsh")]
216enum AccountsPrefix<'a> {
217    Accounts,
218    Account(&'a AccountIdRef),
219}
defuse/contract/accounts/mod.rs

defuse/contract/accounts/
mod.rs
