xrpld
Loading...
Searching...
No Matches
LoanBrokerCoverClawback.cpp
1#include <xrpl/tx/transactors/lending/LoanBrokerCoverClawback.h>
2
3#include <xrpl/basics/Log.h>
4#include <xrpl/basics/Number.h>
5#include <xrpl/basics/base_uint.h>
6#include <xrpl/beast/utility/Zero.h>
7#include <xrpl/core/ServiceRegistry.h>
8#include <xrpl/ledger/ReadView.h>
9#include <xrpl/ledger/helpers/LendingHelpers.h>
10#include <xrpl/ledger/helpers/TokenHelpers.h>
11#include <xrpl/protocol/AccountID.h>
12#include <xrpl/protocol/Asset.h>
13#include <xrpl/protocol/Concepts.h>
14#include <xrpl/protocol/Feature.h>
15#include <xrpl/protocol/Indexes.h>
16#include <xrpl/protocol/Issue.h>
17#include <xrpl/protocol/LedgerFormats.h>
18#include <xrpl/protocol/MPTIssue.h>
19#include <xrpl/protocol/Protocol.h>
20#include <xrpl/protocol/SField.h>
21#include <xrpl/protocol/STAmount.h>
22#include <xrpl/protocol/STLedgerEntry.h>
23#include <xrpl/protocol/STTakesAsset.h>
24#include <xrpl/protocol/STTx.h>
25#include <xrpl/protocol/TER.h>
26#include <xrpl/protocol/Units.h>
27#include <xrpl/protocol/XRPAmount.h>
28#include <xrpl/tx/Transactor.h>
29
30#include <expected>
31#include <optional>
32#include <variant>
33
34namespace xrpl {
35
36bool
41
42NotTEC
43LoanBrokerCoverClawback::preflight(PreflightContext const& ctx)
44{
45 auto const brokerID = ctx.tx[~sfLoanBrokerID];
46 auto const amount = ctx.tx[~sfAmount];
47
48 if (!brokerID && !amount)
49 return temINVALID;
50
51 if (brokerID && *brokerID == beast::kZero)
52 return temINVALID;
53
54 if (amount)
55 {
56 // XRP has no counterparty, and thus nobody can claw it back
57 if (amount->native())
58 return temBAD_AMOUNT;
59
60 // Zero is OK, and indicates "take it all" (down to the minimum cover)
61 if (*amount < beast::kZero)
62 return temBAD_AMOUNT;
63
64 // This should be redundant
65 if (!isLegalNet(*amount))
66 return temBAD_AMOUNT; // LCOV_EXCL_LINE
67
68 if (!brokerID)
69 {
70 if (amount->holds<MPTIssue>())
71 return temINVALID;
72
73 auto const account = ctx.tx[sfAccount];
74 // Since we don't have a LoanBrokerID, holder _should_ be the loan
75 // broker's pseudo-account, but we don't know yet whether it is, so
76 // use a generic placeholder name.
77 auto const holder = amount->getIssuer();
78 if (holder == account || holder == beast::kZero)
79 return temINVALID;
80 }
81 }
82
83 return tesSUCCESS;
84}
85
86std::expected<uint256, TER>
87determineBrokerID(ReadView const& view, STTx const& tx)
88{
89 // If the broker ID was provided in the transaction, that's all we
90 // need.
91 if (auto const brokerID = tx[~sfLoanBrokerID])
92 return *brokerID;
93
94 // If the broker ID was not provided, and the amount is either
95 // absent or holds a non-IOU - including MPT, something went wrong,
96 // because that should have been rejected in preflight().
97 auto const dstAmount = tx[~sfAmount];
98 if (!dstAmount || !dstAmount->holds<Issue>())
99 return std::unexpected{tecINTERNAL}; // LCOV_EXCL_LINE
100
101 // Every trust line is bidirectional. Both sides are simultaneously
102 // issuer and holder. For this transaction, the Account is acting as
103 // a holder, and clawing back funds from the LoanBroker
104 // Pseudo-account acting as holder. If the Amount is an IOU, and the
105 // `issuer` field specified in that Amount is a LoanBroker
106 // Pseudo-account, we can get the LoanBrokerID from there.
107 //
108 // Thus, Amount.issuer _should_ be the loan broker's
109 // pseudo-account, but we don't know yet whether it is.
110 auto const maybePseudo = dstAmount->getIssuer();
111 auto const sle = view.read(keylet::account(maybePseudo));
112
113 // If the account was not found, the transaction can't go further.
114 if (!sle)
115 return std::unexpected{tecNO_ENTRY};
116
117 // If the account was found, and has a LoanBrokerID (and therefore
118 // is a pseudo-account), that's the
119 // answer we need.
120 if (auto const brokerID = sle->at(~sfLoanBrokerID))
121 return *brokerID;
122
123 // If the account does not have a LoanBrokerID, the transaction
124 // can't go further, even if it's a different type of Pseudo-account.
125 return std::unexpected{tecOBJECT_NOT_FOUND};
126 // Or tecWRONG_ASSET?
127}
128
129std::expected<Asset, TER>
130determineAsset(
131 ReadView const& view,
132 AccountID const& account,
133 AccountID const& brokerPseudoAccountID,
134 STAmount const& amount)
135{
136 if (amount.holds<MPTIssue>())
137 return amount.asset();
138
139 // An IOU has an issue, which could be either end of the trust line.
140 // This check only applies to IOUs
141 auto const holder = amount.getIssuer();
142
143 // holder can be the submitting account (the issuer of the asset) if a
144 // LoanBrokerID was provided in the transaction.
145 if (holder == account)
146 {
147 return amount.asset();
148 }
149 if (holder == brokerPseudoAccountID)
150 {
151 // We want the asset to match the vault asset, so use the account as the
152 // issuer
153 return Issue{amount.get<Issue>().currency, account};
154 }
155
156 return std::unexpected(tecWRONG_ASSET);
157}
158
159std::expected<STAmount, TER>
160determineClawAmount(
161 SLE const& sleBroker,
162 Asset const& vaultAsset,
163 std::optional<STAmount> const& amount,
164 SLE::const_ref vaultSle,
165 Rules const& rules)
166{
167 auto const maxClawAmount = [&]() {
168 auto const minRequiredCover = [&]() {
169 if (rules.enabled(fixCleanup3_2_0))
170 {
171 return minimumBrokerCover(
172 sleBroker[sfDebtTotal], TenthBips32(sleBroker[sfCoverRateMinimum]), vaultSle);
173 }
174
175 // Always round the minimum required up
176 NumberRoundModeGuard const mg(Number::RoundingMode::Upward);
177 return tenthBipsOfValue(
178 sleBroker[sfDebtTotal], TenthBips32(sleBroker[sfCoverRateMinimum]));
179 }();
180 // The subtraction probably won't round, but round down if it does.
181 NumberRoundModeGuard const mg(Number::RoundingMode::Downward);
182 return sleBroker[sfCoverAvailable] - minRequiredCover;
183 }();
184 if (maxClawAmount <= beast::kZero)
185 return std::unexpected(tecINSUFFICIENT_FUNDS);
186
187 // Use the vaultAsset here, because it will be the right type in all
188 // circumstances. The amount may be an IOU indicating the pseudo-account's
189 // asset, which is correct, but not what is needed here.
190 if (!amount || *amount == beast::kZero)
191 return STAmount{vaultAsset, maxClawAmount};
192 Number const magnitude{*amount};
193 if (magnitude > maxClawAmount)
194 return STAmount{vaultAsset, maxClawAmount};
195 return STAmount{vaultAsset, magnitude};
196}
197
198template <ValidIssueType T>
199static TER
200preclaimHelper(PreclaimContext const& ctx, SLE const& sleIssuer, STAmount const& clawAmount);
201
202template <>
203TER
204preclaimHelper<Issue>(PreclaimContext const& ctx, SLE const& sleIssuer, STAmount const& clawAmount)
205{
206 // If AllowTrustLineClawback is not set or NoFreeze is set, return no
207 // permission
208 if (!(sleIssuer.isFlag(lsfAllowTrustLineClawback)) || (sleIssuer.isFlag(lsfNoFreeze)))
209 return tecNO_PERMISSION;
210
211 return tesSUCCESS;
212}
213
214template <>
215TER
216preclaimHelper<MPTIssue>(
217 PreclaimContext const& ctx,
218 SLE const& sleIssuer,
219 STAmount const& clawAmount)
220{
221 auto const issuanceKey = keylet::mptokenIssuance(clawAmount.get<MPTIssue>().getMptID());
222 auto const sleIssuance = ctx.view.read(issuanceKey);
223 if (!sleIssuance)
224 return tecOBJECT_NOT_FOUND;
225
226 if (!sleIssuance->isFlag(lsfMPTCanClawback))
227 return tecNO_PERMISSION;
228
229 // With all the checking already done, this should be impossible
230 if (sleIssuance->at(sfIssuer) != sleIssuer[sfAccount])
231 return tecINTERNAL; // LCOV_EXCL_LINE
232
233 return tesSUCCESS;
234}
235
236TER
237LoanBrokerCoverClawback::preclaim(PreclaimContext const& ctx)
238{
239 auto const& tx = ctx.tx;
240
241 auto const account = tx[sfAccount];
242 auto const findBrokerID = determineBrokerID(ctx.view, tx);
243 if (!findBrokerID)
244 return findBrokerID.error();
245 auto const brokerID = *findBrokerID;
246 auto const amount = tx[~sfAmount];
247
248 auto const sleBroker = ctx.view.read(keylet::loanBroker(brokerID));
249 if (!sleBroker)
250 {
251 JLOG(ctx.j.warn()) << "LoanBroker does not exist.";
252 return tecNO_ENTRY;
253 }
254
255 auto const brokerPseudoAccountID = sleBroker->at(sfAccount);
256
257 auto const vault = ctx.view.read(keylet::vault(sleBroker->at(sfVaultID)));
258 if (!vault)
259 {
260 // LCOV_EXCL_START
261 JLOG(ctx.j.fatal()) << "Vault is missing for Broker " << brokerID;
262 return tefBAD_LEDGER;
263 // LCOV_EXCL_STOP
264 }
265
266 auto const vaultAsset = vault->at(sfAsset);
267
268 if (vaultAsset.native())
269 {
270 JLOG(ctx.j.warn()) << "Cannot clawback native asset.";
271 return tecNO_PERMISSION;
272 }
273
274 // Only the issuer of the vault asset can claw it back from the broker's
275 // cover funds.
276 if (vaultAsset.getIssuer() != account)
277 {
278 JLOG(ctx.j.warn()) << "Account is not the issuer of the vault asset.";
279 return tecNO_PERMISSION;
280 }
281
282 if (amount)
283 {
284 auto const findAsset = determineAsset(ctx.view, account, brokerPseudoAccountID, *amount);
285 if (!findAsset)
286 return findAsset.error();
287 auto const txAsset = *findAsset;
288 if (txAsset != vaultAsset)
289 {
290 JLOG(ctx.j.warn()) << "Account is the correct issuer, but trying "
291 "to clawback the wrong asset from LoanBroker";
292 return tecWRONG_ASSET;
293 }
294 }
295
296 auto const findClawAmount =
297 determineClawAmount(*sleBroker, vaultAsset, amount, vault, ctx.view.rules());
298 if (!findClawAmount)
299 {
300 JLOG(ctx.j.warn()) << "LoanBroker cover is already at minimum.";
301 return findClawAmount.error();
302 }
303 STAmount const& clawAmount = *findClawAmount;
304
305 if (auto const ret = canApplyToBrokerCover(
306 ctx.view, sleBroker, vaultAsset, clawAmount, ctx.j, "LoanBrokerCoverClawback"))
307 return ret;
308
309 // Explicitly check the balance of the trust line / MPT to make sure the
310 // balance is actually there. It should always match `sfCoverAvailable`, so
311 // if there isn't, this is an internal error.
312 if (accountHolds(
313 ctx.view,
314 brokerPseudoAccountID,
315 vaultAsset,
316 FreezeHandling::IgnoreFreeze,
317 AuthHandling::IgnoreAuth,
318 ctx.j) < clawAmount)
319 return tecINTERNAL; // tecINSUFFICIENT_FUNDS; LCOV_EXCL_LINE
320
321 // Check if the vault asset issuer has the correct flags
322 auto const sleIssuer = ctx.view.read(keylet::account(vaultAsset.getIssuer()));
323 if (!sleIssuer)
324 {
325 // LCOV_EXCL_START
326 JLOG(ctx.j.fatal()) << "Issuer account does not exist.";
327 return tefBAD_LEDGER;
328 // LCOV_EXCL_STOP
329 }
330
331 return std::visit(
332 [&]<typename T>(T const&) { return preclaimHelper<T>(ctx, *sleIssuer, clawAmount); },
333 vaultAsset.value());
334}
335
336TER
337LoanBrokerCoverClawback::doApply()
338{
339 auto const& tx = ctx_.tx;
340 auto const account = tx[sfAccount];
341 auto const findBrokerID = determineBrokerID(view(), tx);
342 if (!findBrokerID)
343 return tecINTERNAL; // LCOV_EXCL_LINE
344 auto const brokerID = *findBrokerID;
345 auto const amount = tx[~sfAmount];
346
347 auto sleBroker = view().peek(keylet::loanBroker(brokerID));
348 if (!sleBroker)
349 return tecINTERNAL; // LCOV_EXCL_LINE
350
351 auto const brokerPseudoID = *sleBroker->at(sfAccount);
352
353 auto const vault = view().read(keylet::vault(sleBroker->at(sfVaultID)));
354 if (!vault)
355 return tecINTERNAL; // LCOV_EXCL_LINE
356
357 auto const vaultAsset = vault->at(sfAsset);
358
359 auto const findClawAmount =
360 determineClawAmount(*sleBroker, vaultAsset, amount, vault, view().rules());
361 if (!findClawAmount)
362 return tecINTERNAL; // LCOV_EXCL_LINE
363 STAmount const& clawAmount = *findClawAmount;
364 // Just for paranoia's sake
365 if (clawAmount.native())
366 return tecINTERNAL; // LCOV_EXCL_LINE
367
368 // Decrease the LoanBroker's CoverAvailable by Amount
369 sleBroker->at(sfCoverAvailable) -= clawAmount;
370 view().update(sleBroker);
371
372 associateAsset(*sleBroker, vaultAsset);
373
374 // Transfer assets from pseudo-account to depositor.
375 return accountSend(view(), brokerPseudoID, account, clawAmount, j_, WaiveTransferFee::Yes);
376}
377
378void
379LoanBrokerCoverClawback::visitInvariantEntry(bool, SLE::const_ref, SLE::const_ref)
380{
381 // No transaction-specific invariants yet (future work).
382}
383
384bool
385LoanBrokerCoverClawback::finalizeInvariants(
386 STTx const&,
387 TER,
388 XRPAmount,
389 ReadView const&,
390 beast::Journal const&)
391{
392 // No transaction-specific invariants yet (future work).
393 return true;
394}
395
396//------------------------------------------------------------------------------
397
398} // namespace xrpl
beast::Journal
A generic endpoint for log messages.
Definition Journal.h:38
beast::Journal::fatal
Stream fatal() const
Definition Journal.h:321
beast::Journal::warn
Stream warn() const
Definition Journal.h:309
xrpl::ApplyView::peek
virtual SLE::pointer peek(Keylet const &k)=0
Prepare to modify the SLE associated with key.
xrpl::ApplyView::update
virtual void update(SLE::ref sle)=0
Indicate changes to a peeked SLE.
xrpl::Issue
A currency issued by an account.
Definition Issue.h:13
xrpl::LoanBrokerCoverClawback::finalizeInvariants
bool finalizeInvariants(STTx const &tx, TER result, XRPAmount fee, ReadView const &view, beast::Journal const &j) override
Check transaction-specific post-conditions after all entries have been visited.
Definition LoanBrokerCoverClawback.cpp:385
xrpl::LoanBrokerCoverClawback::preclaim
static TER preclaim(PreclaimContext const &ctx)
Definition LoanBrokerCoverClawback.cpp:237
xrpl::LoanBrokerCoverClawback::preflight
static NotTEC preflight(PreflightContext const &ctx)
Definition LoanBrokerCoverClawback.cpp:43
xrpl::LoanBrokerCoverClawback::visitInvariantEntry
void visitInvariantEntry(bool isDelete, SLE::const_ref before, SLE::const_ref after) override
Inspect a single ledger entry modified by this transaction.
Definition LoanBrokerCoverClawback.cpp:379
xrpl::LoanBrokerCoverClawback::checkExtraFeatures
static bool checkExtraFeatures(PreflightContext const &ctx)
Definition LoanBrokerCoverClawback.cpp:37
xrpl::MPTIssue::getMptID
constexpr MPTID const & getMptID() const
Definition MPTIssue.h:33
xrpl::Number
Number is a floating point type that can represent a wide range of values.
Definition Number.h:306
xrpl::ReadView
A view into a ledger.
Definition ReadView.h:31
xrpl::ReadView::rules
virtual Rules const & rules() const =0
Returns the tx processing rules.
xrpl::ReadView::read
virtual SLE::const_pointer read(Keylet const &k) const =0
Return the state item associated with a key.
xrpl::Rules
Rules controlling protocol behavior.
Definition Rules.h:33
xrpl::Rules::enabled
bool enabled(uint256 const &feature) const
Returns true if a feature is enabled.
Definition Rules.cpp:171
xrpl::STAmount::holds
constexpr bool holds() const noexcept
Definition STAmount.h:460
xrpl::STAmount::get
constexpr TIss const & get() const
xrpl::STAmount::native
bool native() const noexcept
Definition STAmount.h:453
xrpl::STAmount::asset
Asset const & asset() const
Definition STAmount.h:478
xrpl::STAmount::getIssuer
AccountID const & getIssuer() const
Definition STAmount.h:498
xrpl::STLedgerEntry::const_ref
std::shared_ptr< STLedgerEntry const > const & const_ref
Definition STLedgerEntry.h:22
xrpl::STObject::isFlag
bool isFlag(std::uint32_t) const
Definition STObject.cpp:501
xrpl::Transactor::j_
beast::Journal const j_
Definition Transactor.h:118
xrpl::Transactor::view
ApplyView & view()
Definition Transactor.h:136
xrpl::Transactor::ctx_
ApplyContext & ctx_
Definition Transactor.h:116
xrpl::keylet::loanBroker
Keylet loanBroker(AccountID const &owner, std::uint32_t seq) noexcept
Definition Indexes.cpp:557
xrpl::keylet::mptokenIssuance
Keylet mptokenIssuance(std::uint32_t seq, AccountID const &issuer) noexcept
Definition Indexes.cpp:521
xrpl::keylet::vault
Keylet vault(AccountID const &owner, std::uint32_t seq) noexcept
Definition Indexes.cpp:551
xrpl::keylet::account
Keylet account(AccountID const &id) noexcept
AccountID root.
Definition Indexes.cpp:186
xrpl
Use hash_* containers for keys that do not need a cryptographically secure hashing algorithm.
Definition algorithm.h:5
xrpl::canApplyToBrokerCover
TER canApplyToBrokerCover(ReadView const &view, SLE::const_ref sleBroker, Asset const &vaultAsset, STAmount const &amount, beast::Journal j, std::string_view logPrefix)
Broker cover preclaim precision guard (fixCleanup3_2_0).
Definition LendingHelpers.cpp:34
xrpl::tenthBipsOfValue
constexpr T tenthBipsOfValue(T value, TenthBips< TBips > bips)
Definition Protocol.h:111
xrpl::tefBAD_LEDGER
@ tefBAD_LEDGER
Definition TER.h:160
xrpl::minimumBrokerCover
Number minimumBrokerCover(Number const &debtTotal, TenthBips32 coverRateMinimum, SLE::const_ref vaultSle)
Definition LendingHelpers.h:211
xrpl::isLegalNet
bool isLegalNet(STAmount const &value)
Definition STAmount.h:598
xrpl::TenthBips32
TenthBips< std::uint32_t > TenthBips32
Definition Units.h:439
xrpl::SLE
STLedgerEntry SLE
Definition ServiceRegistry.h:36
xrpl::NotTEC
TERSubset< CanCvtToNotTEC > NotTEC
Definition TER.h:594
xrpl::preclaimHelper< Issue >
TER preclaimHelper< Issue >(PreclaimContext const &ctx, SLE const &sleIssuer, STAmount const &clawAmount)
Definition LoanBrokerCoverClawback.cpp:204
xrpl::accountSend
TER accountSend(ApplyView &view, AccountID const &from, AccountID const &to, STAmount const &saAmount, beast::Journal j, WaiveTransferFee waiveFee=WaiveTransferFee::No, AllowMPTOverflow allowOverflow=AllowMPTOverflow::No)
Calls static accountSendIOU if saAmount represents Issue.
Definition TokenHelpers.cpp:1468
xrpl::AccountID
BaseUInt< 160, detail::AccountIDTag > AccountID
A 160-bit unsigned that uniquely identifies an account.
Definition AccountID.h:28
xrpl::temINVALID
@ temINVALID
Definition TER.h:96
xrpl::temBAD_AMOUNT
@ temBAD_AMOUNT
Definition TER.h:75
xrpl::TER
TERSubset< CanCvtToTER > TER
Definition TER.h:634
xrpl::preclaimHelper< MPTIssue >
TER preclaimHelper< MPTIssue >(PreclaimContext const &ctx, SLE const &sleIssuer, STAmount const &clawAmount)
Definition LoanBrokerCoverClawback.cpp:216
xrpl::tecWRONG_ASSET
@ tecWRONG_ASSET
Definition TER.h:358
xrpl::tecNO_ENTRY
@ tecNO_ENTRY
Definition TER.h:304
xrpl::tecOBJECT_NOT_FOUND
@ tecOBJECT_NOT_FOUND
Definition TER.h:324
xrpl::tecINTERNAL
@ tecINTERNAL
Definition TER.h:308
xrpl::tecINSUFFICIENT_FUNDS
@ tecINSUFFICIENT_FUNDS
Definition TER.h:323
xrpl::tecNO_PERMISSION
@ tecNO_PERMISSION
Definition TER.h:303
xrpl::associateAsset
void associateAsset(STLedgerEntry &sle, Asset const &asset)
Associate an Asset with all sMD_NeedsAsset fields in a ledger entry.
xrpl::determineBrokerID
std::expected< uint256, TER > determineBrokerID(ReadView const &view, STTx const &tx)
Definition LoanBrokerCoverClawback.cpp:87
xrpl::accountHolds
STAmount accountHolds(ReadView const &view, AccountID const &account, Currency const &currency, AccountID const &issuer, FreezeHandling zeroIfFrozen, beast::Journal j, SpendableHandling includeFullBalance=SpendableHandling::SimpleBalance)
Definition TokenHelpers.cpp:338
xrpl::tesSUCCESS
@ tesSUCCESS
Definition TER.h:240
xrpl::preclaimHelper
static TER preclaimHelper(PreclaimContext const &ctx, SLE const &sleIssuer, STAmount const &clawAmount)
xrpl::determineClawAmount
std::expected< STAmount, TER > determineClawAmount(SLE const &sleBroker, Asset const &vaultAsset, std::optional< STAmount > const &amount, SLE::const_ref vaultSle, Rules const &rules)
Definition LoanBrokerCoverClawback.cpp:160
xrpl::checkLendingProtocolDependencies
bool checkLendingProtocolDependencies(Rules const &rules, STTx const &tx)
Definition LendingHelpers.cpp:65
xrpl::determineAsset
std::expected< Asset, TER > determineAsset(ReadView const &view, AccountID const &account, AccountID const &brokerPseudoAccountID, STAmount const &amount)
Definition LoanBrokerCoverClawback.cpp:130
xrpl::PreclaimContext
State information when determining if a tx is likely to claim a fee.
Definition Transactor.h:61
xrpl::PreclaimContext::view
ReadView const & view
Definition Transactor.h:64
xrpl::PreclaimContext::j
beast::Journal const j
Definition Transactor.h:69
xrpl::PreflightContext
State information when preflighting a tx.
Definition Transactor.h:18
std::unexpected
T unexpected(T... args)
std::visit
T visit(T... args)
Generated by doxygen 1.16.1