authenticator

package
v25.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 19, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// SignatureVerificationType represents a type of authenticator specifically designed for
	// secp256k1 signature verification.
	SignatureVerificationType = "SignatureVerification"
)

Variables

This section is empty.

Functions

func GetSignerAndSignatures 

func GetSignerAndSignatures(tx sdk.Tx) (signers []sdk.AccAddress, signatures []signing.SignatureV2, err error)

GetSignerAndSignatures gets an array of signer and an array of signatures from the transaction checks they're the same length and returns both.

A signer can only have one signature, so if it appears in multiple messages, the signatures must be the same, and it will only be returned once by this function. This is to mimic the way the classic sdk authentication works, and we will probably want to change this in the future

func IsJsonSuperset 

func IsJsonSuperset(a, b []byte) error

IsJsonSuperset checks if the first JSON byte array is a superset of the second JSON byte array.

func NoReplayProtection 

func NoReplayProtection(txData *ExplicitTxData, signature *signing.SignatureV2) error

func SequenceMatch 

func SequenceMatch(txData *ExplicitTxData, signature *signing.SignatureV2) error

Types

type AllOf 

type AllOf struct {
	SubAuthenticators []Authenticator
	// contains filtered or unexported fields
}

func NewAllOf 

func NewAllOf(am *AuthenticatorManager) AllOf

func NewPartitionedAllOf 

func NewPartitionedAllOf(am *AuthenticatorManager) AllOf

func (AllOf) Authenticate 

func (aoa AllOf) Authenticate(ctx sdk.Context, request AuthenticationRequest) error

func (AllOf) ConfirmExecution 

func (aoa AllOf) ConfirmExecution(ctx sdk.Context, request AuthenticationRequest) error

func (AllOf) Initialize 

func (aoa AllOf) Initialize(config []byte) (Authenticator, error)

func (AllOf) OnAuthenticatorAdded 

func (aoa AllOf) OnAuthenticatorAdded(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (AllOf) OnAuthenticatorRemoved 

func (aoa AllOf) OnAuthenticatorRemoved(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (AllOf) StaticGas 

func (aoa AllOf) StaticGas() uint64

func (AllOf) Track 

func (aoa AllOf) Track(ctx sdk.Context, request AuthenticationRequest) error

func (AllOf) Type 

func (aoa AllOf) Type() string

type AnyOf 

type AnyOf struct {
	SubAuthenticators []Authenticator
	// contains filtered or unexported fields
}

func NewAnyOf 

func NewAnyOf(am *AuthenticatorManager) AnyOf

func NewPartitionedAnyOf 

func NewPartitionedAnyOf(am *AuthenticatorManager) AnyOf

func (AnyOf) Authenticate 

func (aoa AnyOf) Authenticate(ctx sdk.Context, request AuthenticationRequest) error

func (AnyOf) ConfirmExecution 

func (aoa AnyOf) ConfirmExecution(ctx sdk.Context, request AuthenticationRequest) error

ConfirmExecution is called on all sub-authenticators, but only the changes made by the authenticator that succeeds are written.

func (AnyOf) Initialize 

func (aoa AnyOf) Initialize(config []byte) (Authenticator, error)

func (AnyOf) OnAuthenticatorAdded 

func (aoa AnyOf) OnAuthenticatorAdded(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (AnyOf) OnAuthenticatorRemoved 

func (aoa AnyOf) OnAuthenticatorRemoved(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (AnyOf) StaticGas 

func (aoa AnyOf) StaticGas() uint64

func (AnyOf) Track 

func (aoa AnyOf) Track(ctx sdk.Context, request AuthenticationRequest) error

func (AnyOf) Type 

func (aoa AnyOf) Type() string

type AuthenticationRequest 

type AuthenticationRequest struct {
	AuthenticatorId string         `json:"authenticator_id"`
	Account         sdk.AccAddress `json:"account"`
	FeePayer        sdk.AccAddress `json:"fee_payer"`
	FeeGranter      sdk.AccAddress `json:"fee_granter,omitempty"`
	Fee             sdk.Coins      `json:"fee"`
	Msg             LocalAny       `json:"msg"`

	// Since array size is int, and size depends on the system architecture,
	// we use uint64 to cover all available architectures.
	// It is unsigned, so at this point, it can't be negative.
	MsgIndex uint64 `json:"msg_index"`

	// Only allowing messages with a single signer, so the signature can be a single byte array.
	Signature           []byte                  `json:"signature"`
	SignModeTxData      SignModeData            `json:"sign_mode_tx_data"`
	TxData              ExplicitTxData          `json:"tx_data"`
	SignatureData       SimplifiedSignatureData `json:"signature_data"`
	Simulate            bool                    `json:"simulate"`
	AuthenticatorParams []byte                  `json:"authenticator_params,omitempty"`
}

func GenerateAuthenticationRequest 

func GenerateAuthenticationRequest(
	ctx sdk.Context,
	ak authante.AccountKeeper,
	sigModeHandler authsigning.SignModeHandler,
	account sdk.AccAddress,
	feePayer sdk.AccAddress,
	feeGranter sdk.AccAddress,
	fee sdk.Coins,
	msg sdk.Msg,
	tx sdk.Tx,
	msgIndex int,
	simulate bool,
	replayProtection ReplayProtection,
) (AuthenticationRequest, error)

GenerateAuthenticationRequest creates an AuthenticationRequest for the transaction.

type Authenticator 

type Authenticator interface {
	// Type returns the specific type of the authenticator, such as SignatureVerification.
	// This type is used for registering and identifying the authenticator within the AuthenticatorManager.
	Type() string

	// StaticGas provides the fixed gas amount consumed for each invocation of this authenticator.
	// This is used for managing gas consumption during transaction verification.
	StaticGas() uint64

	// Initialize prepares the authenticator with necessary data from storage, specific to an account-authenticator pair.
	// This method is used for setting up the authenticator with data like a PublicKey for signature verification.
	Initialize(config []byte) (Authenticator, error)

	// Authenticate confirms the validity of a message using the provided authentication data.
	// NOTE: Any state changes made by this function will be discarded.
	// It's a core function within an ante handler to ensure message authenticity and enforce gas consumption.
	Authenticate(ctx sdk.Context, request AuthenticationRequest) error

	// Track allows the authenticator to record information, regardless of the transaction's authentication method.
	// NOTE: Any state changes made by this function will be written to the store as long as Authenticate succeeds and will not be reverted if the message execution fails.
	// This function is used for the authenticator to acknowledge the execution of specific messages by an account.
	Track(ctx sdk.Context, request AuthenticationRequest) error

	// ConfirmExecution enforces transaction rules post-transaction, like spending and transaction limits.
	// It is used to verify execution-specific state and values, to allow authentication to be dependent on the effects of a transaction.
	ConfirmExecution(ctx sdk.Context, request AuthenticationRequest) error

	// OnAuthenticatorAdded handles the addition of an authenticator to an account.
	// It checks the data format and compatibility, to maintain account security and authenticator integrity.
	OnAuthenticatorAdded(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

	// OnAuthenticatorRemoved manages the removal of an authenticator from an account.
	// This function is used for updating global data or preventing removal when necessary to maintain system stability.
	OnAuthenticatorRemoved(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error
}

Authenticator is an interface that encapsulates all authentication functionalities essential for verifying transactions, paying transaction fees, and managing gas consumption during verification.

type AuthenticatorManager 

type AuthenticatorManager struct {
	// contains filtered or unexported fields
}

AuthenticatorManager is a manager for all registered authenticators.

func NewAuthenticatorManager 

func NewAuthenticatorManager() *AuthenticatorManager

NewAuthenticatorManager creates a new AuthenticatorManager.

func (*AuthenticatorManager) GetAuthenticatorByType 

func (am *AuthenticatorManager) GetAuthenticatorByType(authenticatorType string) Authenticator

GetAuthenticatorByType returns the base implementation of the authenticator type.

func (*AuthenticatorManager) GetRegisteredAuthenticators 

func (am *AuthenticatorManager) GetRegisteredAuthenticators() []Authenticator

GetRegisteredAuthenticators returns the list of registered authenticators in sorted order.

func (*AuthenticatorManager) InitializeAuthenticators 

func (am *AuthenticatorManager) InitializeAuthenticators(initialAuthenticators []Authenticator)

InitializeAuthenticators initializes authenticators. If already initialized, it will not overwrite.

func (*AuthenticatorManager) IsAuthenticatorTypeRegistered 

func (am *AuthenticatorManager) IsAuthenticatorTypeRegistered(authenticatorType string) bool

IsAuthenticatorTypeRegistered checks if the authenticator type is registered.

func (*AuthenticatorManager) RegisterAuthenticator 

func (am *AuthenticatorManager) RegisterAuthenticator(authenticator Authenticator)

RegisterAuthenticator adds a new authenticator to the map of registered authenticators.

func (*AuthenticatorManager) ResetAuthenticators 

func (am *AuthenticatorManager) ResetAuthenticators()

ResetAuthenticators resets all registered authenticators.g

func (*AuthenticatorManager) UnregisterAuthenticator 

func (am *AuthenticatorManager) UnregisterAuthenticator(authenticator Authenticator)

UnregisterAuthenticator removes an authenticator from the map of registered authenticators.

type ConfirmExecutionRequest 

type ConfirmExecutionRequest struct {
	AuthenticatorId     string         `json:"authenticator_id"`
	Account             sdk.AccAddress `json:"account"`
	FeePayer            sdk.AccAddress `json:"fee_payer"`
	FeeGranter          sdk.AccAddress `json:"fee_granter,omitempty"`
	Fee                 sdk.Coins      `json:"fee"`
	Msg                 LocalAny       `json:"msg"`
	MsgIndex            uint64         `json:"msg_index"`
	AuthenticatorParams []byte         `json:"authenticator_params,omitempty"`
}

type CosmwasmAuthenticator 

type CosmwasmAuthenticator struct {
	// contains filtered or unexported fields
}

func NewCosmwasmAuthenticator 

func NewCosmwasmAuthenticator(contractKeeper *keeper.PermissionedKeeper, accountKeeper authante.AccountKeeper, cdc codectypes.AnyUnpacker) CosmwasmAuthenticator

func (CosmwasmAuthenticator) Authenticate 

func (cwa CosmwasmAuthenticator) Authenticate(ctx sdk.Context, request AuthenticationRequest) error

func (CosmwasmAuthenticator) ConfirmExecution 

func (cwa CosmwasmAuthenticator) ConfirmExecution(ctx sdk.Context, request AuthenticationRequest) error

func (CosmwasmAuthenticator) ContractAddress 

func (cwa CosmwasmAuthenticator) ContractAddress() sdk.AccAddress

func (CosmwasmAuthenticator) Initialize 

func (cwa CosmwasmAuthenticator) Initialize(config []byte) (Authenticator, error)

func (CosmwasmAuthenticator) OnAuthenticatorAdded 

func (cwa CosmwasmAuthenticator) OnAuthenticatorAdded(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (CosmwasmAuthenticator) OnAuthenticatorRemoved 

func (cwa CosmwasmAuthenticator) OnAuthenticatorRemoved(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (CosmwasmAuthenticator) Params 

func (cwa CosmwasmAuthenticator) Params() []byte

func (CosmwasmAuthenticator) StaticGas 

func (cwa CosmwasmAuthenticator) StaticGas() uint64

func (CosmwasmAuthenticator) Track 

func (cwa CosmwasmAuthenticator) Track(ctx sdk.Context, request AuthenticationRequest) error

func (CosmwasmAuthenticator) Type 

func (cwa CosmwasmAuthenticator) Type() string

type CosmwasmAuthenticatorInitData 

type CosmwasmAuthenticatorInitData struct {
	Contract string `json:"contract"`
	Params   []byte `json:"params"`
}

type ExplicitTxData 

type ExplicitTxData struct {
	ChainID         string     `json:"chain_id"`
	AccountNumber   uint64     `json:"account_number"`
	AccountSequence uint64     `json:"sequence"`
	TimeoutHeight   uint64     `json:"timeout_height"`
	Msgs            []LocalAny `json:"msgs"`
	Memo            string     `json:"memo"`
}

ExplicitTxData encapsulates key transaction data like chain ID, account info, and messages.

type InitializedAuthenticator 

type InitializedAuthenticator struct {
	Id            uint64
	Authenticator Authenticator
}

InitializedAuthenticator denotes an authenticator fetched from the store and prepared for use.

type LocalAny 

type LocalAny struct {
	TypeURL string `json:"type_url"`
	Value   []byte `json:"value"`
}

LocalAny holds a message with its type URL and byte value. This is necessary because the type Any fails to serialize and deserialize properly in nested contexts.

type MessageFilter 

type MessageFilter struct {
	// contains filtered or unexported fields
}

MessageFilter filters incoming messages based on a predefined JSON pattern. It allows for complex pattern matching to support advanced authentication flows.

func NewMessageFilter 

func NewMessageFilter(encCfg appparams.EncodingConfig) MessageFilter

NewMessageFilter creates a new MessageFilter with the provided EncodingConfig.

func (MessageFilter) Authenticate 

func (m MessageFilter) Authenticate(ctx sdk.Context, request AuthenticationRequest) error

Authenticate checks if the provided message conforms to the set JSON pattern. It returns an AuthenticationResult based on the evaluation.

func (MessageFilter) ConfirmExecution 

func (m MessageFilter) ConfirmExecution(ctx sdk.Context, request AuthenticationRequest) error

ConfirmExecution confirms the execution of a message. Currently, it always confirms.

func (MessageFilter) Initialize 

func (m MessageFilter) Initialize(config []byte) (Authenticator, error)

Initialize sets up the authenticator with the given data, which should be a valid JSON pattern for message filtering.

func (MessageFilter) OnAuthenticatorAdded 

func (m MessageFilter) OnAuthenticatorAdded(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

OnAuthenticatorAdded performs additional checks when an authenticator is added. Specifically, it ensures numbers in JSON are encoded as strings.

func (MessageFilter) OnAuthenticatorRemoved 

func (m MessageFilter) OnAuthenticatorRemoved(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

OnAuthenticatorRemoved is a no-op in this implementation but can be used when an authenticator is removed.

func (MessageFilter) StaticGas 

func (m MessageFilter) StaticGas() uint64

StaticGas returns the static gas amount for the authenticator. Currently, it's set to zero.

func (MessageFilter) Track 

func (m MessageFilter) Track(ctx sdk.Context, request AuthenticationRequest) error

Track is a no-op in this implementation but can be used to track message handling.

func (MessageFilter) Type 

func (m MessageFilter) Type() string

Type returns the type of the authenticator.

type OnAuthenticatorAddedRequest 

type OnAuthenticatorAddedRequest struct {
	Account             sdk.AccAddress `json:"account"`
	AuthenticatorParams []byte         `json:"authenticator_params,omitempty"`
	AuthenticatorId     string         `json:"authenticator_id"`
}

type OnAuthenticatorRemovedRequest 

type OnAuthenticatorRemovedRequest struct {
	Account             sdk.AccAddress `json:"account"`
	AuthenticatorParams []byte         `json:"authenticator_params,omitempty"`
	AuthenticatorId     string         `json:"authenticator_id"`
}

type ReplayProtection 

type ReplayProtection func(txData *ExplicitTxData, signature *signing.SignatureV2) error

make replay protection into an interface. SequenceMatch is a default implementation

type SignModeData 

type SignModeData struct {
	Direct  []byte `json:"sign_mode_direct"`
	Textual string `json:"sign_mode_textual"`
}

SignModeData represents the signing modes with direct bytes and textual representation.

type SignatureAssignment 

type SignatureAssignment string
const (
	Single      SignatureAssignment = "single"
	Partitioned SignatureAssignment = "partitioned"
)

type SignatureVerification 

type SignatureVerification struct {
	PubKey cryptotypes.PubKey
	// contains filtered or unexported fields
}

signature authenticator

func NewSignatureVerification 

func NewSignatureVerification(ak authante.AccountKeeper) SignatureVerification

NewSignatureVerification creates a new SignatureVerification

func (SignatureVerification) Authenticate 

func (sva SignatureVerification) Authenticate(ctx sdk.Context, request AuthenticationRequest) error

Authenticate takes a SignaturesVerificationData struct and validates each signer and signature using signature verification

func (SignatureVerification) ConfirmExecution 

func (sva SignatureVerification) ConfirmExecution(ctx sdk.Context, request AuthenticationRequest) error

func (SignatureVerification) Initialize 

func (sva SignatureVerification) Initialize(config []byte) (Authenticator, error)

Initialize sets up the public key to the data supplied from the account-authenticator configuration

func (SignatureVerification) OnAuthenticatorAdded 

func (sva SignatureVerification) OnAuthenticatorAdded(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (SignatureVerification) OnAuthenticatorRemoved 

func (sva SignatureVerification) OnAuthenticatorRemoved(ctx sdk.Context, account sdk.AccAddress, config []byte, authenticatorId string) error

func (SignatureVerification) StaticGas 

func (sva SignatureVerification) StaticGas() uint64

func (SignatureVerification) Track 

func (sva SignatureVerification) Track(ctx sdk.Context, request AuthenticationRequest) error

func (SignatureVerification) Type 

func (sva SignatureVerification) Type() string

type SimplifiedSignatureData 

type SimplifiedSignatureData struct {
	Signers    []sdk.AccAddress `json:"signers"`
	Signatures [][]byte         `json:"signatures"`
}

SimplifiedSignatureData contains lists of signers and their corresponding signatures.

type SubAuthenticatorInitData 

type SubAuthenticatorInitData struct {
	Type   string `json:"type"`
	Config []byte `json:"config"`
}

type SudoMsg 

type SudoMsg struct {
	OnAuthenticatorAdded   *OnAuthenticatorAddedRequest   `json:"on_authenticator_added,omitempty"`
	OnAuthenticatorRemoved *OnAuthenticatorRemovedRequest `json:"on_authenticator_removed,omitempty"`
	Authenticate           *AuthenticationRequest         `json:"authenticate,omitempty"`
	Track                  *TrackRequest                  `json:"track,omitempty"`
	ConfirmExecution       *ConfirmExecutionRequest       `json:"confirm_execution,omitempty"`
}

type TrackRequest 

type TrackRequest struct {
	AuthenticatorId     string         `json:"authenticator_id"`
	Account             sdk.AccAddress `json:"account"`
	FeePayer            sdk.AccAddress `json:"fee_payer"`
	FeeGranter          sdk.AccAddress `json:"fee_granter,omitempty"`
	Fee                 sdk.Coins      `json:"fee"`
	Msg                 LocalAny       `json:"msg"`
	MsgIndex            uint64         `json:"msg_index"`
	AuthenticatorParams []byte         `json:"authenticator_params,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.