rippled/VaultDeposit_8cpp_source.html

#include <xrpl/tx/transactors/vault/VaultDeposit.h>


#include <xrpl/basics/Log.h>

#include <xrpl/basics/Number.h>

#include <xrpl/beast/utility/Zero.h>

#include <xrpl/beast/utility/instrumentation.h>

#include <xrpl/ledger/helpers/CredentialHelpers.h>

#include <xrpl/ledger/helpers/MPTokenHelpers.h>

#include <xrpl/ledger/helpers/TokenHelpers.h>

#include <xrpl/ledger/helpers/VaultHelpers.h>

#include <xrpl/protocol/Feature.h>

#include <xrpl/protocol/Indexes.h>

#include <xrpl/protocol/Issue.h>

#include <xrpl/protocol/LedgerFormats.h>

#include <xrpl/protocol/MPTIssue.h>

#include <xrpl/protocol/SField.h>

#include <xrpl/protocol/STAmount.h>

#include <xrpl/protocol/STLedgerEntry.h>

#include <xrpl/protocol/STNumber.h>  // IWYU pragma: keep

#include <xrpl/protocol/STTakesAsset.h>

#include <xrpl/protocol/STTx.h>

#include <xrpl/protocol/TER.h>

#include <xrpl/protocol/XRPAmount.h>

#include <xrpl/tx/Transactor.h>


#include <stdexcept>


namespace xrpl {


[[nodiscard]]

static STAmount


roundToVaultScale(STAmount const& amount, SLE::const_ref vault)

{

    XRPL_ASSERT(vault && vault->getType() == ltVAULT, "xrpl::roundToVaultScale : valid vault sle");

    XRPL_ASSERT(

        amount.asset() == vault->at(sfAsset), "xrpl::roundToVaultScale : valid vault asset");


    if (amount.integral())

        return amount;


    int const postScale = [&]() {

        NumberRoundModeGuard const rg(Number::RoundingMode::ToNearest);

        return scale(vault->at(sfAssetsTotal) + amount, vault->at(sfAsset));

    }();

    return roundToScale(amount, postScale, Number::RoundingMode::Downward);

}


NotTEC


VaultDeposit::preflight(PreflightContext const& ctx)

{

    if (ctx.tx[sfVaultID] == beast::kZero)

    {

        JLOG(ctx.j.debug()) << "VaultDeposit: zero/empty vault ID.";

        return temMALFORMED;

    }


    if (ctx.tx[sfAmount] <= beast::kZero)

        return temBAD_AMOUNT;


    return tesSUCCESS;

}


TER


VaultDeposit::preclaim(PreclaimContext const& ctx)

{

    auto const fix320Enabled = ctx.view.rules().enabled(fixCleanup3_2_0);

    auto const fix330Enabled = ctx.view.rules().enabled(fixCleanup3_3_0);


    auto const vault = ctx.view.read(keylet::vault(ctx.tx[sfVaultID]));

    if (!vault)

        return tecNO_ENTRY;


    auto const& account = ctx.tx[sfAccount];

    auto const amount = ctx.tx[sfAmount];

    auto const vaultAsset = vault->at(sfAsset);

    if (amount.asset() != vaultAsset)

        return tecWRONG_ASSET;


    auto const& vaultAccount = vault->at(sfAccount);

    if (auto ter = canTransfer(ctx.view, vaultAsset, account, vaultAccount); !isTesSuccess(ter))

    {

        JLOG(ctx.j.debug()) << "VaultDeposit: vault assets are non-transferable.";

        return ter;

    }


    auto const mptIssuanceID = vault->at(sfShareMPTID);

    auto const vaultShare = MPTIssue(mptIssuanceID);

    if (vaultShare == amount.asset())

    {

        // LCOV_EXCL_START

        JLOG(ctx.j.error()) << "VaultDeposit: vault shares and assets cannot be same.";

        return tefINTERNAL;

        // LCOV_EXCL_STOP

    }


    auto const sleIssuance = ctx.view.read(keylet::mptokenIssuance(mptIssuanceID));

    if (!sleIssuance)

    {

        // LCOV_EXCL_START

        JLOG(ctx.j.error()) << "VaultDeposit: missing issuance of vault shares.";

        return tefINTERNAL;

        // LCOV_EXCL_STOP

    }


    if (sleIssuance->isFlag(lsfMPTLocked))

    {

        // LCOV_EXCL_START

        JLOG(ctx.j.error()) << "VaultDeposit: issuance of vault shares is locked.";

        return tefINTERNAL;

        // LCOV_EXCL_STOP

    }


    if (fix330Enabled)

    {

        if (auto const ret = checkDepositFreeze(ctx.view, account, vaultAccount, vaultAsset))

            return ret;

    }

    else

    {

        // Cannot deposit inside Vault an Asset frozen for the depositor

        if (isFrozen(ctx.view, account, vaultAsset))

            return vaultAsset.holds<Issue>() ? tecFROZEN : tecLOCKED;


        // Cannot deposit if the shares of the vault are frozen

        if (isFrozen(ctx.view, account, vaultShare))

            return tecLOCKED;

    }


    if (vault->isFlag(lsfVaultPrivate) && account != vault->at(sfOwner))

    {

        auto const maybeDomainID = sleIssuance->at(~sfDomainID);

        // Since this is a private vault and the account is not its owner, we

        // perform authorization check based on DomainID read from sleIssuance.

        // Had the vault shares been a regular MPToken, we would allow

        // authorization granted by the Issuer explicitly, but Vault uses Issuer

        // pseudo-account, which cannot grant an authorization.

        if (maybeDomainID)

        {

            // As per validDomain documentation, we suppress tecEXPIRED error

            // here, so we can delete any expired credentials inside doApply.

            if (auto const err = credentials::validDomain(ctx.view, *maybeDomainID, account);

                !isTesSuccess(err) && err != tecEXPIRED)

                return err;

        }

        else

        {

            return tecNO_AUTH;

        }

    }


    // Source MPToken must exist (if asset is an MPT)

    if (auto const ter = requireAuth(ctx.view, vaultAsset, account); !isTesSuccess(ter))

        return ter;


    auto const roundedAmount = fix320Enabled ? roundToVaultScale(amount, vault) : amount;


    if (fix320Enabled && roundedAmount == beast::kZero)

    {

        JLOG(ctx.j.warn()) << "VaultDeposit: deposit amount: " << ctx.tx[sfAmount]

                           << " is zero at vault scale";

        return tecPRECISION_LOSS;

    }


    auto const accountBalance = accountHolds(

        ctx.view,

        account,

        vaultAsset,

        FreezeHandling::ZeroIfFrozen,

        AuthHandling::ZeroIfUnauthorized,

        ctx.j,

        SpendableHandling::FullBalance);


    if (accountBalance < roundedAmount)

        return tecINSUFFICIENT_FUNDS;


    // IOU precision checks

    if (fix320Enabled && !roundedAmount.integral())

    {

        // reject deposits that would canonicalize to a no-op at the depositor's trustline scale.

        // Skipped for issuer-as-depositor: accountHolds returns (kMaxValue @ kMaxOffset) which

        // would always trip the predicate.

        if (account != amount.getIssuer() &&

            amount.isZeroAtScale(scale(accountBalance, vaultAsset)))

        {

            JLOG(ctx.j.warn()) << "VaultDeposit: amount " << amount.getFullText()

                               << " rounds to zero at counterparty trust-line scale";

            return tecPRECISION_LOSS;

        }

    }


    return tesSUCCESS;

}


TER


VaultDeposit::doApply()

{

    bool const fix320Enabled = view().rules().enabled(fixCleanup3_2_0);

    auto const vault = view().peek(keylet::vault(ctx_.tx[sfVaultID]));

    if (!vault)

        return tefINTERNAL;  // LCOV_EXCL_LINE

    auto const vaultAsset = vault->at(sfAsset);


    // Post-amendment IOU only: round Downward to the AssetsTotal precision so

    // a sub-ULP tail can't be silently absorbed by one rail and not the other.

    auto const amount =

        fix320Enabled ? roundToVaultScale(ctx_.tx[sfAmount], vault) : ctx_.tx[sfAmount];


    // We validated zero-amount in preclaim, if we ended up with zero now, fail hard.

    if (amount == beast::kZero)

    {

        // LCOV_EXCL_START

        JLOG(j_.error()) << "VaultDeposit: deposit amount: " << ctx_.tx[sfAmount] << " is zero";

        return tecINTERNAL;

        // LCOV_EXCL_STOP

    }


    // Make sure the depositor can hold shares.

    auto const mptIssuanceID = (*vault)[sfShareMPTID];

    auto const sleIssuance = view().read(keylet::mptokenIssuance(mptIssuanceID));

    if (!sleIssuance)

    {

        // LCOV_EXCL_START

        JLOG(j_.error()) << "VaultDeposit: missing issuance of vault shares.";

        return tefINTERNAL;

        // LCOV_EXCL_STOP

    }


    auto const& vaultAccount = vault->at(sfAccount);

    // Note, vault owner is always authorized

    if (vault->isFlag(lsfVaultPrivate) && accountID_ != vault->at(sfOwner))

    {

        if (auto const err = enforceMPTokenAuthorization(

                ctx_.view(), mptIssuanceID, accountID_, preFeeBalance_, j_);

            !isTesSuccess(err))

            return err;

    }

    else  // !vault->isFlag(lsfVaultPrivate) || accountID_ == vault->at(sfOwner)

    {

        // No authorization needed, but must ensure there is MPToken

        if (!view().exists(keylet::mptoken(mptIssuanceID, accountID_)))

        {

            if (auto const err = authorizeMPToken(

                    view(), preFeeBalance_, mptIssuanceID->value(), accountID_, ctx_.journal);

                !isTesSuccess(err))

                return err;

        }


        // If the vault is private, set the authorized flag for the vault owner

        if (vault->isFlag(lsfVaultPrivate))

        {

            // This follows from the reverse of the outer enclosing if condition

            XRPL_ASSERT(

                accountID_ == vault->at(sfOwner), "xrpl::VaultDeposit::doApply : account is owner");

            if (auto const err = authorizeMPToken(

                    view(),

                    preFeeBalance_,             // priorBalance

                    mptIssuanceID->value(),     // mptIssuanceID

                    sleIssuance->at(sfIssuer),  // account

                    ctx_.journal,

                    {},         // flags

                    accountID_  // holderID

                );

                !isTesSuccess(err))

                return err;

        }

    }


    STAmount sharesCreated = {vault->at(sfShareMPTID)}, assetsDeposited;

    try

    {

        // Compute exchange before transferring any amounts.

        {

            auto const maybeShares = assetsToSharesDeposit(vault, sleIssuance, amount);

            if (!maybeShares)

                return tecINTERNAL;  // LCOV_EXCL_LINE

            sharesCreated = *maybeShares;

        }

        if (sharesCreated == beast::kZero)

            return tecPRECISION_LOSS;


        auto const maybeAssets = sharesToAssetsDeposit(vault, sleIssuance, sharesCreated);

        if (!maybeAssets)

        {

            return tecINTERNAL;  // LCOV_EXCL_LINE

        }

        if (*maybeAssets > amount)

        {

            // LCOV_EXCL_START

            JLOG(j_.error()) << "VaultDeposit: would take more than offered.";

            return tecINTERNAL;

            // LCOV_EXCL_STOP

        }

        assetsDeposited = *maybeAssets;

    }

    catch (std::overflow_error const&)

    {

        // It's easy to hit this exception from Number with large enough Scale

        // so we avoid spamming the log and only use debug here.

        JLOG(j_.debug())  //

            << "VaultDeposit: overflow error with"

            << " scale=" << (int)vault->at(sfScale).value()  //

            << ", assetsTotal=" << vault->at(sfAssetsTotal).value()

            << ", sharesTotal=" << sleIssuance->at(sfOutstandingAmount) << ", amount=" << amount;

        return tecPATH_DRY;

    }


    XRPL_ASSERT(

        sharesCreated.asset() != assetsDeposited.asset(),

        "xrpl::VaultDeposit::doApply : assets are not shares");


    vault->at(sfAssetsTotal) += assetsDeposited;

    vault->at(sfAssetsAvailable) += assetsDeposited;

    view().update(vault);


    // A deposit must not push the vault over its limit.

    auto const maximum = *vault->at(sfAssetsMaximum);

    if (maximum != 0 && *vault->at(sfAssetsTotal) > maximum)

        return tecLIMIT_EXCEEDED;


    // Transfer assets from depositor to vault.

    if (auto const ter = accountSend(

            view(), accountID_, vaultAccount, assetsDeposited, j_, WaiveTransferFee::Yes);

        !isTesSuccess(ter))

        return ter;


    // This check is wrong. Disable it with fixCleanup3_2_0.

    // For XRP and MPT the predicate is structurally unsatisfiable: xrpLiquid clamps at zero, and

    // MPT balances are unsigned. For IOUs it only fires when the deposit drove the depositor's

    // trust line into debt the exact case preclaim authorizes via SpendableHandling::FullBalance.

    // The check thus converts a preclaim- authorized deposit into tefINTERNAL after the asset

    // transfer.

    if (!fix320Enabled)

    {

        // Sanity check

        if (accountHolds(

                view(),

                accountID_,

                assetsDeposited.asset(),

                FreezeHandling::IgnoreFreeze,

                AuthHandling::IgnoreAuth,

                j_) < beast::kZero)

        {

            JLOG(j_.error()) << "VaultDeposit: negative balance of account assets.";

            return tefINTERNAL;

        }

    }


    // Transfer shares from vault to depositor.

    if (auto const ter =

            accountSend(view(), vaultAccount, accountID_, sharesCreated, j_, WaiveTransferFee::Yes);

        !isTesSuccess(ter))

        return ter;


    associateAsset(*vault, vaultAsset);


    return tesSUCCESS;

}


void


VaultDeposit::visitInvariantEntry(bool, SLE::const_ref, SLE::const_ref)

{

    // No transaction-specific invariants yet (future work).

}


bool


VaultDeposit::finalizeInvariants(

    STTx const&,

    TER,

    XRPAmount,

    ReadView const&,

    beast::Journal const&)

{

    // No transaction-specific invariants yet (future work).

    return true;

}


}  // namespace xrpl

beast::Journal
A generic endpoint for log messages.
Definition Journal.h:38

beast::Journal::error
Stream error() const
Definition Journal.h:315

beast::Journal::debug
Stream debug() const
Definition Journal.h:297

beast::Journal::warn
Stream warn() const
Definition Journal.h:309

xrpl::ApplyView::peek
virtual SLE::pointer peek(Keylet const &k)=0
Prepare to modify the SLE associated with key.

xrpl::ApplyView::update
virtual void update(SLE::ref sle)=0
Indicate changes to a peeked SLE.

xrpl::Issue
A currency issued by an account.
Definition Issue.h:13

xrpl::MPTIssue
Definition MPTIssue.h:13

xrpl::NumberRoundModeGuard
Definition Number.h:899

xrpl::Number::RoundingMode::Downward
@ Downward
Definition Number.h:493

xrpl::Number::RoundingMode::ToNearest
@ ToNearest
Definition Number.h:493

xrpl::ReadView
A view into a ledger.
Definition ReadView.h:31

xrpl::ReadView::rules
virtual Rules const & rules() const =0
Returns the tx processing rules.

xrpl::ReadView::read
virtual SLE::const_pointer read(Keylet const &k) const =0
Return the state item associated with a key.

xrpl::Rules::enabled
bool enabled(uint256 const &feature) const
Returns true if a feature is enabled.
Definition Rules.cpp:171

xrpl::STAmount
Definition STAmount.h:32

xrpl::STAmount::integral
bool integral() const noexcept
Definition STAmount.h:447

xrpl::STAmount::asset
Asset const & asset() const
Definition STAmount.h:478

xrpl::STLedgerEntry::const_ref
std::shared_ptr< STLedgerEntry const  > const  & const_ref
Definition STLedgerEntry.h:22

xrpl::STTx
Definition STTx.h:28

xrpl::Transactor::j_
beast::Journal const j_
Definition Transactor.h:118

xrpl::Transactor::view
ApplyView & view()
Definition Transactor.h:136

xrpl::Transactor::accountID_
AccountID const accountID_
Definition Transactor.h:120

xrpl::Transactor::preFeeBalance_
XRPAmount preFeeBalance_
Definition Transactor.h:121

xrpl::Transactor::ctx_
ApplyContext & ctx_
Definition Transactor.h:116

xrpl::VaultDeposit::doApply
TER doApply() override
Definition VaultDeposit.cpp:195

xrpl::VaultDeposit::preclaim
static TER preclaim(PreclaimContext const &ctx)
Definition VaultDeposit.cpp:64

xrpl::VaultDeposit::visitInvariantEntry
void visitInvariantEntry(bool isDelete, SLE::const_ref before, SLE::const_ref after) override
Inspect a single ledger entry modified by this transaction.
Definition VaultDeposit.cpp:360

xrpl::VaultDeposit::finalizeInvariants
bool finalizeInvariants(STTx const &tx, TER result, XRPAmount fee, ReadView const &view, beast::Journal const &j) override
Check transaction-specific post-conditions after all entries have been visited.
Definition VaultDeposit.cpp:366

xrpl::VaultDeposit::preflight
static NotTEC preflight(PreflightContext const &ctx)
Definition VaultDeposit.cpp:49

xrpl::XRPAmount
Definition XRPAmount.h:23

xrpl::credentials::validDomain
TER validDomain(ReadView const &view, uint256 domainID, AccountID const &subject)
Definition CredentialHelpers.cpp:189

xrpl::keylet::mptokenIssuance
Keylet mptokenIssuance(std::uint32_t seq, AccountID const &issuer) noexcept
Definition Indexes.cpp:521

xrpl::keylet::vault
Keylet vault(AccountID const &owner, std::uint32_t seq) noexcept
Definition Indexes.cpp:551

xrpl::keylet::mptoken
Keylet mptoken(MPTID const &issuanceID, AccountID const &holder) noexcept
Definition Indexes.cpp:533

xrpl
Use hash_* containers for keys that do not need a cryptographically secure hashing algorithm.
Definition algorithm.h:5

xrpl::FreezeHandling::ZeroIfFrozen
@ ZeroIfFrozen
Definition TokenHelpers.h:24

xrpl::FreezeHandling::IgnoreFreeze
@ IgnoreFreeze
Definition TokenHelpers.h:24

xrpl::SpendableHandling::FullBalance
@ FullBalance
Definition TokenHelpers.h:30

xrpl::scale
int scale(Number const &number, Asset const &asset)
Get the scale of a Number for a given asset.
Definition STAmount.h:779

xrpl::tefINTERNAL
@ tefINTERNAL
Definition TER.h:163

xrpl::WaiveTransferFee::Yes
@ Yes
Definition TokenHelpers.h:32

xrpl::authorizeMPToken
TER authorizeMPToken(ApplyView &view, XRPAmount const &priorBalance, MPTID const &mptIssuanceID, AccountID const &account, beast::Journal journal, std::uint32_t flags=0, std::optional< AccountID > holderID=std::nullopt)
Definition MPTokenHelpers.cpp:149

xrpl::canTransfer
TER canTransfer(ReadView const &view, MPTIssue const &mptIssue, AccountID const &from, AccountID const &to, WaiveMPTCanTransfer waive=WaiveMPTCanTransfer::No, std::uint8_t depth=0)
Check whether to may receive the given MPT from from.
Definition MPTokenHelpers.cpp:544

xrpl::roundToScale
STAmount roundToScale(STAmount const &value, std::int32_t scale, Number::RoundingMode rounding=Number::getround())
Round an arbitrary precision Amount to the precision of an STAmount that has a given exponent.
Definition STAmount.cpp:1405

xrpl::NotTEC
TERSubset< CanCvtToNotTEC > NotTEC
Definition TER.h:594

xrpl::AuthHandling::ZeroIfUnauthorized
@ ZeroIfUnauthorized
Definition TokenHelpers.h:27

xrpl::AuthHandling::IgnoreAuth
@ IgnoreAuth
Definition TokenHelpers.h:27

xrpl::sharesToAssetsDeposit
std::optional< STAmount > sharesToAssetsDeposit(SLE::const_ref vault, SLE::const_ref issuance, STAmount const &shares)
From the perspective of a vault, return the number of assets to take from depositor when they receive...
Definition VaultHelpers.cpp:44

xrpl::isFrozen
bool isFrozen(ReadView const &view, AccountID const &account, MPTIssue const &mptIssue, std::uint8_t depth=0)
Definition MPTokenHelpers.cpp:57

xrpl::accountSend
TER accountSend(ApplyView &view, AccountID const &from, AccountID const &to, STAmount const &saAmount, beast::Journal j, WaiveTransferFee waiveFee=WaiveTransferFee::No, AllowMPTOverflow allowOverflow=AllowMPTOverflow::No)
Calls static accountSendIOU if saAmount represents Issue.
Definition TokenHelpers.cpp:1468

xrpl::checkDepositFreeze
TER checkDepositFreeze(ReadView const &view, AccountID const &srcAcct, AccountID const &dstAcct, Asset const &asset)
Checks freeze compliance for depositing an asset into a pseudo-account (e.g.
Definition TokenHelpers.cpp:210

xrpl::temMALFORMED
@ temMALFORMED
Definition TER.h:73

xrpl::temBAD_AMOUNT
@ temBAD_AMOUNT
Definition TER.h:75

xrpl::isTesSuccess
bool isTesSuccess(TER x) noexcept
Definition TER.h:663

xrpl::TER
TERSubset< CanCvtToTER > TER
Definition TER.h:634

xrpl::requireAuth
TER requireAuth(ReadView const &view, MPTIssue const &mptIssue, AccountID const &account, AuthType authType=AuthType::Legacy, std::uint8_t depth=0)
Check if the account lacks required authorization for MPT.
Definition MPTokenHelpers.cpp:313

xrpl::tecWRONG_ASSET
@ tecWRONG_ASSET
Definition TER.h:358

xrpl::tecLOCKED
@ tecLOCKED
Definition TER.h:356

xrpl::tecNO_ENTRY
@ tecNO_ENTRY
Definition TER.h:304

xrpl::tecPATH_DRY
@ tecPATH_DRY
Definition TER.h:292

xrpl::tecNO_AUTH
@ tecNO_AUTH
Definition TER.h:298

xrpl::tecINTERNAL
@ tecINTERNAL
Definition TER.h:308

xrpl::tecFROZEN
@ tecFROZEN
Definition TER.h:301

xrpl::tecINSUFFICIENT_FUNDS
@ tecINSUFFICIENT_FUNDS
Definition TER.h:323

xrpl::tecEXPIRED
@ tecEXPIRED
Definition TER.h:312

xrpl::tecPRECISION_LOSS
@ tecPRECISION_LOSS
Definition TER.h:361

xrpl::tecLIMIT_EXCEEDED
@ tecLIMIT_EXCEEDED
Definition TER.h:359

xrpl::enforceMPTokenAuthorization
TER enforceMPTokenAuthorization(ApplyView &view, MPTID const &mptIssuanceID, AccountID const &account, XRPAmount const &priorBalance, beast::Journal j)
Enforce account has MPToken to match its authorization.
Definition MPTokenHelpers.cpp:421

xrpl::associateAsset
void associateAsset(STLedgerEntry &sle, Asset const &asset)
Associate an Asset with all sMD_NeedsAsset fields in a ledger entry.

xrpl::accountHolds
STAmount accountHolds(ReadView const &view, AccountID const &account, Currency const &currency, AccountID const &issuer, FreezeHandling zeroIfFrozen, beast::Journal j, SpendableHandling includeFullBalance=SpendableHandling::SimpleBalance)
Definition TokenHelpers.cpp:338

xrpl::tesSUCCESS
@ tesSUCCESS
Definition TER.h:240

xrpl::assetsToSharesDeposit
std::optional< STAmount > assetsToSharesDeposit(SLE::const_ref vault, SLE::const_ref issuance, STAmount const &assets)
From the perspective of a vault, return the number of shares to give depositor when they offer a fixe...
Definition VaultHelpers.cpp:20

xrpl::roundToVaultScale
static STAmount roundToVaultScale(STAmount const &amount, SLE::const_ref vault)
Definition VaultDeposit.cpp:32

std::overflow_error

stdexcept

xrpl::PreclaimContext
State information when determining if a tx is likely to claim a fee.
Definition Transactor.h:61

xrpl::PreclaimContext::view
ReadView const  & view
Definition Transactor.h:64

xrpl::PreclaimContext::tx
STTx const  & tx
Definition Transactor.h:67

xrpl::PreclaimContext::j
beast::Journal const j
Definition Transactor.h:69

xrpl::PreflightContext
State information when preflighting a tx.
Definition Transactor.h:18

xrpl::PreflightContext::j
beast::Journal const j
Definition Transactor.h:25

xrpl::PreflightContext::tx
STTx const  & tx
Definition Transactor.h:21