xrpld
Loading...
Searching...
No Matches
ConfidentialMPTClawback.cpp
1#include <xrpl/tx/transactors/token/ConfidentialMPTClawback.h>
2
3#include <xrpl/beast/utility/Journal.h>
4#include <xrpl/core/ServiceRegistry.h>
5#include <xrpl/ledger/ReadView.h>
6#include <xrpl/protocol/ConfidentialTransfer.h>
7#include <xrpl/protocol/Feature.h>
8#include <xrpl/protocol/Indexes.h>
9#include <xrpl/protocol/LedgerFormats.h>
10#include <xrpl/protocol/Protocol.h>
11#include <xrpl/protocol/SField.h>
12#include <xrpl/protocol/STTx.h>
13#include <xrpl/protocol/TER.h>
14#include <xrpl/protocol/XRPAmount.h>
15#include <xrpl/tx/Transactor.h>
16
17#include <memory>
18#include <utility>
19
20namespace xrpl {
21
22NotTEC
23ConfidentialMPTClawback::preflight(PreflightContext const& ctx)
24{
25 if (!ctx.rules.enabled(featureConfidentialTransfer))
26 return temDISABLED;
27
28 auto const account = ctx.tx[sfAccount];
29
30 // Only issuer can clawback
31 if (account != MPTIssue(ctx.tx[sfMPTokenIssuanceID]).getIssuer())
32 return temMALFORMED;
33
34 // Cannot clawback from self
35 if (account == ctx.tx[sfHolder])
36 return temMALFORMED;
37
38 // Check invalid claw amount
39 auto const clawAmount = ctx.tx[sfMPTAmount];
40 if (clawAmount == 0 || clawAmount > kMaxMpTokenAmount)
41 return temBAD_AMOUNT;
42
43 // Verify proof length
44 if (ctx.tx[sfZKProof].length() != kEcClawbackProofLength)
45 return temMALFORMED;
46
47 return tesSUCCESS;
48}
49
50XRPAmount
55
56TER
57ConfidentialMPTClawback::preclaim(PreclaimContext const& ctx)
58{
59 // Check if sender account exists
60 auto const account = ctx.tx[sfAccount];
61 if (!ctx.view.exists(keylet::account(account)))
62 return terNO_ACCOUNT;
63
64 // Check if holder account exists
65 auto const holder = ctx.tx[sfHolder];
66 if (!ctx.view.exists(keylet::account(holder)))
67 return tecNO_TARGET;
68
69 // Check if MPT issuance exists
70 auto const mptIssuanceID = ctx.tx[sfMPTokenIssuanceID];
71 auto const sleIssuance = ctx.view.read(keylet::mptokenIssuance(mptIssuanceID));
72 if (!sleIssuance)
73 return tecOBJECT_NOT_FOUND;
74
75 // Sanity check: account must be the same as issuer
76 if (sleIssuance->getAccountID(sfIssuer) != account)
77 return tefINTERNAL; // LCOV_EXCL_LINE
78
79 // Check if issuance has issuer ElGamal public key
80 if (!sleIssuance->isFieldPresent(sfIssuerEncryptionKey))
81 return tecNO_PERMISSION;
82
83 // Check if clawback is allowed
84 if (!sleIssuance->isFlag(lsfMPTCanClawback))
85 return tecNO_PERMISSION;
86
87 // Check if issuance allows confidential transfer
88 if (!sleIssuance->isFlag(lsfMPTCanHoldConfidentialBalance))
89 return tecNO_PERMISSION;
90
91 // Check holder's MPToken
92 auto const sleHolderMPToken = ctx.view.read(keylet::mptoken(mptIssuanceID, holder));
93 if (!sleHolderMPToken)
94 return tecOBJECT_NOT_FOUND;
95
96 // Check if holder has confidential balances to claw back
97 if (!sleHolderMPToken->isFieldPresent(sfIssuerEncryptedBalance))
98 return tecNO_PERMISSION;
99
100 // Check if Holder has ElGamal public Key
101 if (!sleHolderMPToken->isFieldPresent(sfHolderEncryptionKey))
102 return tecNO_PERMISSION;
103
104 // Sanity check: claw amount can not exceed confidential outstanding amount
105 // or total outstanding amount (prevents underflow in doApply)
106 auto const amount = ctx.tx[sfMPTAmount];
107 if (amount > (*sleIssuance)[~sfConfidentialOutstandingAmount].value_or(0) ||
108 amount > (*sleIssuance)[sfOutstandingAmount])
109 return tecINSUFFICIENT_FUNDS;
110
111 auto const contextHash =
112 getClawbackContextHash(account, mptIssuanceID, ctx.tx.getSeqProxy().value(), holder);
113
114 // Verify the revealed confidential amount by the issuer matches the exact
115 // confidential balance of the holder.
116 return verifyClawbackProof(
117 amount,
118 ctx.tx[sfZKProof],
119 (*sleIssuance)[sfIssuerEncryptionKey],
120 (*sleHolderMPToken)[sfIssuerEncryptedBalance],
121 contextHash);
122}
123
124TER
125ConfidentialMPTClawback::doApply()
126{
127 auto const mptIssuanceID = ctx_.tx[sfMPTokenIssuanceID];
128 auto const holder = ctx_.tx[sfHolder];
129
130 auto sleIssuance = view().peek(keylet::mptokenIssuance(mptIssuanceID));
131 auto sleHolderMPToken = view().peek(keylet::mptoken(mptIssuanceID, holder));
132
133 if (!sleIssuance || !sleHolderMPToken)
134 return tecINTERNAL; // LCOV_EXCL_LINE
135
136 auto const clawAmount = ctx_.tx[sfMPTAmount];
137
138 auto const holderPubKey = (*sleHolderMPToken)[sfHolderEncryptionKey];
139 auto const issuerPubKey = (*sleIssuance)[sfIssuerEncryptionKey];
140
141 // After clawback, the balance should be encrypted zero.
142 auto const encZeroForHolder = encryptCanonicalZeroAmount(holderPubKey, holder, mptIssuanceID);
143 if (!encZeroForHolder)
144 return tecINTERNAL; // LCOV_EXCL_LINE
145
146 auto encZeroForIssuer = encryptCanonicalZeroAmount(issuerPubKey, holder, mptIssuanceID);
147 if (!encZeroForIssuer)
148 return tecINTERNAL; // LCOV_EXCL_LINE
149
150 // Set holder's confidential balances to encrypted zero
151 (*sleHolderMPToken)[sfConfidentialBalanceInbox] = *encZeroForHolder;
152 (*sleHolderMPToken)[sfConfidentialBalanceSpending] = *encZeroForHolder;
153 (*sleHolderMPToken)[sfIssuerEncryptedBalance] = std::move(*encZeroForIssuer);
154 incrementConfidentialVersion(*sleHolderMPToken);
155
156 if (sleHolderMPToken->isFieldPresent(sfAuditorEncryptedBalance))
157 {
158 // Sanity check: the issuance must have an auditor public key if
159 // auditing is enabled.
160 if (!sleIssuance->isFieldPresent(sfAuditorEncryptionKey))
161 return tecINTERNAL; // LCOV_EXCL_LINE
162
163 auto const auditorPubKey = (*sleIssuance)[sfAuditorEncryptionKey];
164
165 auto encZeroForAuditor = encryptCanonicalZeroAmount(auditorPubKey, holder, mptIssuanceID);
166
167 if (!encZeroForAuditor)
168 return tecINTERNAL; // LCOV_EXCL_LINE
169
170 (*sleHolderMPToken)[sfAuditorEncryptedBalance] = std::move(*encZeroForAuditor);
171 }
172
173 // Decrease Global Confidential Outstanding Amount
174 auto const oldCOA = (*sleIssuance)[sfConfidentialOutstandingAmount];
175 if (clawAmount > oldCOA)
176 return tecINTERNAL; // LCOV_EXCL_LINE
177 (*sleIssuance)[sfConfidentialOutstandingAmount] = oldCOA - clawAmount;
178
179 // Decrease Global Total Outstanding Amount
180 auto const oldOA = (*sleIssuance)[sfOutstandingAmount];
181 if (clawAmount > oldOA)
182 return tecINTERNAL; // LCOV_EXCL_LINE
183 (*sleIssuance)[sfOutstandingAmount] = oldOA - clawAmount;
184
185 view().update(sleHolderMPToken);
186 view().update(sleIssuance);
187
188 return tesSUCCESS;
189}
190
191void
198
199bool
200ConfidentialMPTClawback::finalizeInvariants(
201 STTx const&,
202 TER,
203 XRPAmount,
204 ReadView const&,
205 beast::Journal const&)
206{
207 return true;
208}
209
210} // namespace xrpl
beast::Journal
A generic endpoint for log messages.
Definition Journal.h:38
xrpl::ApplyView::peek
virtual SLE::pointer peek(Keylet const &k)=0
Prepare to modify the SLE associated with key.
xrpl::ApplyView::update
virtual void update(SLE::ref sle)=0
Indicate changes to a peeked SLE.
xrpl::ConfidentialMPTClawback::preclaim
static TER preclaim(PreclaimContext const &ctx)
Definition ConfidentialMPTClawback.cpp:57
xrpl::ConfidentialMPTClawback::preflight
static NotTEC preflight(PreflightContext const &ctx)
Definition ConfidentialMPTClawback.cpp:23
xrpl::ConfidentialMPTClawback::calculateBaseFee
static XRPAmount calculateBaseFee(ReadView const &view, STTx const &tx)
Definition ConfidentialMPTClawback.cpp:51
xrpl::ConfidentialMPTClawback::visitInvariantEntry
void visitInvariantEntry(bool isDelete, std::shared_ptr< SLE const > const &before, std::shared_ptr< SLE const > const &after) override
Definition ConfidentialMPTClawback.cpp:192
xrpl::ConfidentialMPTClawback::finalizeInvariants
bool finalizeInvariants(STTx const &tx, TER result, XRPAmount fee, ReadView const &view, beast::Journal const &j) override
Check transaction-specific post-conditions after all entries have been visited.
Definition ConfidentialMPTClawback.cpp:200
xrpl::MPTIssue::getIssuer
AccountID const & getIssuer() const
Definition MPTIssue.cpp:29
xrpl::ReadView
A view into a ledger.
Definition ReadView.h:31
xrpl::ReadView::exists
virtual bool exists(Keylet const &k) const =0
Determine if a state item exists.
xrpl::ReadView::read
virtual SLE::const_pointer read(Keylet const &k) const =0
Return the state item associated with a key.
xrpl::Rules::enabled
bool enabled(uint256 const &feature) const
Returns true if a feature is enabled.
Definition Rules.cpp:171
xrpl::STTx::getSeqProxy
SeqProxy getSeqProxy() const
Definition STTx.cpp:193
xrpl::SeqProxy::value
constexpr std::uint32_t value() const
Definition SeqProxy.h:62
xrpl::Transactor::view
ApplyView & view()
Definition Transactor.h:136
xrpl::Transactor::calculateBaseFee
static XRPAmount calculateBaseFee(ReadView const &view, STTx const &tx)
Definition Transactor.cpp:342
xrpl::Transactor::ctx_
ApplyContext & ctx_
Definition Transactor.h:116
xrpl::keylet::mptokenIssuance
Keylet mptokenIssuance(std::uint32_t seq, AccountID const &issuer) noexcept
Definition Indexes.cpp:521
xrpl::keylet::mptoken
Keylet mptoken(MPTID const &issuanceID, AccountID const &holder) noexcept
Definition Indexes.cpp:533
xrpl::keylet::account
Keylet account(AccountID const &id) noexcept
AccountID root.
Definition Indexes.cpp:186
xrpl
Use hash_* containers for keys that do not need a cryptographically secure hashing algorithm.
Definition algorithm.h:5
xrpl::terNO_ACCOUNT
@ terNO_ACCOUNT
Definition TER.h:209
xrpl::encryptCanonicalZeroAmount
std::optional< Buffer > encryptCanonicalZeroAmount(Slice const &pubKeySlice, AccountID const &account, MPTID const &mptId)
Generates the canonical zero encryption for a specific MPToken.
Definition ConfidentialTransfer.cpp:265
xrpl::kConfidentialFeeMultiplier
constexpr std::uint32_t kConfidentialFeeMultiplier
Extra base fee multiplier charged to confidential MPT transactions.
Definition Protocol.h:364
xrpl::tefINTERNAL
@ tefINTERNAL
Definition TER.h:163
xrpl::kEcClawbackProofLength
constexpr std::size_t kEcClawbackProofLength
Length of the ZKProof for ConfidentialMPTClawback.
Definition Protocol.h:361
xrpl::NotTEC
TERSubset< CanCvtToNotTEC > NotTEC
Definition TER.h:594
xrpl::getClawbackContextHash
uint256 getClawbackContextHash(AccountID const &account, uint192 const &issuanceID, std::uint32_t sequence, AccountID const &holder)
Generates the context hash for ConfidentialMPTClawback transactions.
Definition ConfidentialTransfer.cpp:84
xrpl::temMALFORMED
@ temMALFORMED
Definition TER.h:73
xrpl::temDISABLED
@ temDISABLED
Definition TER.h:100
xrpl::temBAD_AMOUNT
@ temBAD_AMOUNT
Definition TER.h:75
xrpl::TER
TERSubset< CanCvtToTER > TER
Definition TER.h:634
xrpl::tecNO_TARGET
@ tecNO_TARGET
Definition TER.h:302
xrpl::tecOBJECT_NOT_FOUND
@ tecOBJECT_NOT_FOUND
Definition TER.h:324
xrpl::tecINTERNAL
@ tecINTERNAL
Definition TER.h:308
xrpl::tecINSUFFICIENT_FUNDS
@ tecINSUFFICIENT_FUNDS
Definition TER.h:323
xrpl::tecNO_PERMISSION
@ tecNO_PERMISSION
Definition TER.h:303
xrpl::incrementConfidentialVersion
void incrementConfidentialVersion(STObject &mptoken)
Increments the confidential balance version counter on an MPToken.
Definition include/xrpl/protocol/ConfidentialTransfer.h:65
xrpl::kMaxMpTokenAmount
constexpr std::uint64_t kMaxMpTokenAmount
The maximum amount of MPTokenIssuance.
Definition Protocol.h:238
xrpl::tesSUCCESS
@ tesSUCCESS
Definition TER.h:240
xrpl::verifyClawbackProof
TER verifyClawbackProof(uint64_t const amount, Slice const &proof, Slice const &pubKeySlice, Slice const &ciphertext, uint256 const &contextHash)
Verifies a compact sigma clawback proof.
Definition ConfidentialTransfer.cpp:377
xrpl::PreclaimContext
State information when determining if a tx is likely to claim a fee.
Definition Transactor.h:61
xrpl::PreclaimContext::view
ReadView const & view
Definition Transactor.h:64
xrpl::PreflightContext
State information when preflighting a tx.
Definition Transactor.h:18
Generated by doxygen 1.16.1