4ca40fd3bc
* Starting on cosmwasm smart contracts * Mixnet contract now builds * Removing license and notice files, the monorepo already has these. * Removing generated README content * Simplified development instructions a bit. * Converted some network monitor files to use SPDX license headers * Renamed packaget to mixnet-contracts * Depending on the Nym topology crate * Renaming contract package in usage * Renamed "announce" to "register_node" in the defined messages * Fixed package name for mixnet contracts in defined release annotations * Added the mixnet contracts to the Cargo lock file * Renamed some fields in our contract topology * Using the stringy mixnode from the validator client. * Removing mix nodes count from state, we can infer that * Saving generated code in comment as it's a useful example for now * Renamed "count" to "get_topology" * Adding the beginnings of a validator client (in Typescript) * Starting to integrate example code. WIP. * Ignoring generated accounts * Making a few less mixnodes :) * Adding shebang to start script * Cranking up the Nym-related gas limits, as otherwise contract upload fails. * Simplest mixnode example is now working * Removing the external client code, it messed up wasm compilation. Will copy/paste for now. * Contract now wants to add a MixNode rather than an IP string * Adding mixnodes via contract now works (!) * Simplified mixnode registration example * Further mixnode-adding simplification. * Adding author name * Fixed description * Sent funds are now required to bond a mixnode * Ensuring that we send correct coin denomination * Unbonding now works (!). Quite primitivist. * Checking that unbonding works from the client. * Setting up a thief account to play with * Checking to see whether thief can unbond a node (it fails, happily) * Adding a more specific error for when an account attempts to unbond but owns no bonds * Figured out how to test contract balances * Set the console messages to explain things a little more nicely * Tests for insufficient funds result * Using more async in driver example * Added a bit more explanation of the actions taken by the driver example * Locking down wasm instantiate a bit more * Docs clarifications on how to run example * README clarification * Corrected the commit hash in the wasmd build command, it was still set for 0.14.0 * Moved models from types into state * Starting work on range queries * whitespace * Going back to slow but reliabel node uploads and disabling new contract upload * Cranking gas fees temporarily * Mixnode key retrieval working and tested * Range retrievals now working well * Removing unused clone * Compressing tests a bit * Testing node retrieval on large numbers of nodes. Not sure whether MockStorage has the same space limitations as production storage does. * Getting rid of spelling warning * Removing unused responses * Minor cleanup * Starting to map my way out of the tuples * Slightly more meaningful variable names * Returning a StdResult from nodes query * Fighting through the unwraps :) * Unfucking a bit more * Starting to use ranged nodes in contract * Testing node retrieval from range store * Ditching generated tests * Adding works, still need to test removing mixnodes * Attempting to remove a mixnode returns an error when no nodes exist * Un-registering when no accounts exist (edit) * un-registering someone else's mixnode fails * Ensuring proper ownership * Testing for only 1 mixnode getting deleted * Testing single-node retrieval * Removing mixnode working * Removed unused imports and unused variable warnings * Made handler functions private * Tested for error response on mixnode removal * Ensured proper post-state on mixnode removal * Using Vec<Coin> for currency equality comparisons * Removed todo, this amount is only for logging purposes anyway * Refactoring tests a bit * Adding a few storytelling comments * Putting helper methods into alphabetical order * Drying up mixnode adding in tests * Using the new add_mixnode helper * Checking full object equality in test * Removing the GetNodes handler * Taking a more "storytelling" approach to the contract tests * We need a few more methods to run our example driver * We now need to make a new address for each node we want to have, as each sending account can only have one node * HumanAddr not needed * Making call sequence a little more readable * Added the results of today's experiments with the REST API to the validator client readme * Corrected console.log message * Adding a note about how to run tests * More contract exercising fun * Updating mocha * Whitespace * Adding a note about running tests * Adding typed rest client * Starting to mess with typescript paging client * Removing the rest client, we'll use the cosmjs one for this * Noting a few more contract requirements * Starting client restructuring * Importing cosmjs stargate client * Starting to work on the chain cache * Cleanup * Removing type annotations which hilariously worked, confusing the compiler * Might as well do each cache individually * Renaming chaincache so that it handles only mixnodes * Renaming chaincache * Setting dynamic per-page value to ease testing * Using perPage in tests * Moving tests back into their own special home so they don't bloat our package * Ignoring generated docs * Adding TypeDoc documentation generator * Removing unused NetClient import * Added docs generation * Noting existence of docs generation * Starting to test paged responses * Working paging tests * Clarified test names a bit * Removed console.logs * Added a test for two full pages. * Formatting * Starting to query for mix nodes * Removed the topology in preparation for paging * Removing unused struct * Getting ready for series-based paging * We're now setting page size limits on list retrievals * Pagination starting to work, needs more testing * Moved test support stuff into its own home * Removing duplicate testy code * Testing all paging stuff in the contract * Removed useless method duplicate * Moving queries into their own file * Removing redundant tests * Testing default paging limit * Testing max paging limit * We don't need to c/p pagination stuff from the cw-plus contracts, removing * Testing pagination * Making next key calculation explict via a function * Removing temporary variable * Commenting final state * Incorporating the PagedResponse * On the road to a working TypeScript client * Adding some logging utilities * Paged retrieval working but needs improvement - it's very brittle * Getting the loop right * Removing unused logger * Setting up a request count * Documenting the ins and outs of the client network interface * Removing requestCount as we're not using it yet * Success! Making paginated requests for mixnodes! * Differentiating between MixNode and MixNodeBond * Checking that Fred can upload a mixnode * Fixing export * Adding the ability for client to get balances * Docs fix * Converting interfaces to types * Changing `mixNodes()` to `getMixNodes()` on client * We might as well return the nodes we've just retrieved when we refresh * Starting work on unbonding * Fixed a caching bug which was causing multiple result sets to be cached * Using the sender address as the key for removal * Importing some result stuff so we can find out what happened on execution * Minor messing around to prove that the sequence fully works * Displaying a nicer message on mixnode unbond * Renamed announce to bond in validator client * Fixed unstable clippy warnings * Removing commented fields * Comment spacing * Changed announce to bond in example code * Making the test accounts directory configurable * Rebuilt * Loading keys from the local ./accounts directory * Ignoring contract lockfile * Saving out a contract lockfile so things continue working after contract upload * Splitting the driver example into smaller self-contained examples * Deleting the example that Andrew hates so much * Making dependabot happy * Stricter equals * Removing unused import
63 lines
3.4 KiB
Markdown
63 lines
3.4 KiB
Markdown
# Importing
|
|
|
|
In [Publishing](./Publishing.md), we discussed how you can publish your contract to the world.
|
|
This looks at the flip-side, how can you use someone else's contract (which is the same
|
|
question as how they will use your contract). Let's go through the various stages.
|
|
|
|
## Verifying Artifacts
|
|
|
|
Before using remote code, you most certainly want to verify it is honest.
|
|
|
|
The simplest audit of the repo is to simply check that the artifacts in the repo
|
|
are correct. This involves recompiling the claimed source with the claimed builder
|
|
and validating that the locally compiled code (hash) matches the code hash that was
|
|
uploaded. This will verify that the source code is the correct preimage. Which allows
|
|
one to audit the original (Rust) source code, rather than looking at wasm bytecode.
|
|
|
|
We have a script to do this automatic verification steps that can
|
|
easily be run by many individuals. Please check out
|
|
[`cosmwasm-verify`](https://github.com/CosmWasm/cosmwasm-verify/blob/master/README.md)
|
|
to see a simple shell script that does all these steps and easily allows you to verify
|
|
any uploaded contract.
|
|
|
|
## Reviewing
|
|
|
|
Once you have done the quick programatic checks, it is good to give at least a quick
|
|
look through the code. A glance at `examples/schema.rs` to make sure it is outputing
|
|
all relevant structs from `contract.rs`, and also ensure `src/lib.rs` is just the
|
|
default wrapper (nothing funny going on there). After this point, we can dive into
|
|
the contract code itself. Check the flows for the handle methods, any invariants and
|
|
permission checks that should be there, and a reasonable data storage format.
|
|
|
|
You can dig into the contract as far as you want, but it is important to make sure there
|
|
are no obvious backdoors at least.
|
|
|
|
## Decentralized Verification
|
|
|
|
It's not very practical to do a deep code review on every dependency you want to use,
|
|
which is a big reason for the popularity of code audits in the blockchain world. We trust
|
|
some experts review in lieu of doing the work ourselves. But wouldn't it be nice to do this
|
|
in a decentralized manner and peer-review each other's contracts? Bringing in deeper domain
|
|
knowledge and saving fees.
|
|
|
|
Luckily, there is an amazing project called [crev](https://github.com/crev-dev/cargo-crev/blob/master/cargo-crev/README.md)
|
|
that provides `A cryptographically verifiable code review system for the cargo (Rust) package manager`.
|
|
|
|
I highly recommend that CosmWasm contract developers get set up with this. At minimum, we
|
|
can all add a review on a package that programmatically checked out that the json schemas
|
|
and wasm bytecode do match the code, and publish our claim, so we don't all rely on some
|
|
central server to say it validated this. As we go on, we can add deeper reviews on standard
|
|
packages.
|
|
|
|
If you want to use `cargo-crev`, please follow their
|
|
[getting started guide](https://github.com/crev-dev/cargo-crev/blob/master/cargo-crev/src/doc/getting_started.md)
|
|
and once you have made your own *proof repository* with at least one *trust proof*,
|
|
please make a PR to the [`cawesome-wasm`]() repo with a link to your repo and
|
|
some public name or pseudonym that people know you by. This allows people who trust you
|
|
to also reuse your proofs.
|
|
|
|
There is a [standard list of proof repos](https://github.com/crev-dev/cargo-crev/wiki/List-of-Proof-Repositories)
|
|
with some strong rust developers in there. This may cover dependencies like `serde` and `snafu`
|
|
but will not hit any CosmWasm-related modules, so we look to bootstrap a very focused
|
|
review community.
|