Rename old denylist Rust code to v1 (#18228)

## Description In preparation for v2 Rust code. This is NFC. ## Test plan CI --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK:
MystenLabs · Jun 13, 2024 · 6eec800 · 6eec800
1 parent 1de7ffa
commit 6eec800
Show file tree

Hide file tree

Showing 20 changed files with 91 additions and 94 deletions.
diff --git a/.../tests/deny_list/coin_deny_and_undeny.exp → ...sts/deny_list_v1/coin_deny_and_undeny.exp b/.../tests/deny_list/coin_deny_and_undeny.exp → ...sts/deny_list_v1/coin_deny_and_undeny.exp
diff --git a/...tests/deny_list/coin_deny_and_undeny.move → ...ts/deny_list_v1/coin_deny_and_undeny.move b/...tests/deny_list/coin_deny_and_undeny.move → ...ts/deny_list_v1/coin_deny_and_undeny.move
diff --git a/...ny_list/coin_deny_multiple_per_module.exp → ...list_v1/coin_deny_multiple_per_module.exp b/...ny_list/coin_deny_multiple_per_module.exp → ...list_v1/coin_deny_multiple_per_module.exp
diff --git a/...y_list/coin_deny_multiple_per_module.move → ...ist_v1/coin_deny_multiple_per_module.move b/...y_list/coin_deny_multiple_per_module.move → ...ist_v1/coin_deny_multiple_per_module.move
diff --git a/...l-tests/tests/deny_list/coin_deny_tto.exp → ...ests/tests/deny_list_v1/coin_deny_tto.exp b/...l-tests/tests/deny_list/coin_deny_tto.exp → ...ests/tests/deny_list_v1/coin_deny_tto.exp
diff --git a/...-tests/tests/deny_list/coin_deny_tto.move → ...sts/tests/deny_list_v1/coin_deny_tto.move b/...-tests/tests/deny_list/coin_deny_tto.move → ...sts/tests/deny_list_v1/coin_deny_tto.move
diff --git a/crates/sui-config/src/genesis.rs b/crates/sui-config/src/genesis.rs
@@ -11,7 +11,7 @@ use sui_types::base_types::{ObjectID, SuiAddress};
 use sui_types::clock::Clock;
 use sui_types::committee::CommitteeWithNetworkMetadata;
 use sui_types::crypto::DefaultHash;
-use sui_types::deny_list::{get_coin_deny_list, PerTypeDenyList};
+use sui_types::deny_list_v1::{get_coin_deny_list, PerTypeDenyList};
 use sui_types::effects::{TransactionEffects, TransactionEvents};
 use sui_types::gas_coin::TOTAL_SUPPLY_MIST;
 use sui_types::messages_checkpoint::{

diff --git a/crates/sui-core/src/authority.rs b/crates/sui-core/src/authority.rs
@@ -29,7 +29,7 @@ use prometheus::{
 };
 use serde::de::DeserializeOwned;
 use serde::{Deserialize, Serialize};
-use std::collections::{BTreeMap, BTreeSet};
+use std::collections::BTreeMap;
 use std::fs::File;
 use std::io::Write;
 use std::path::{Path, PathBuf};
@@ -80,7 +80,7 @@ use sui_storage::IndexStore;
 use sui_types::authenticator_state::get_authenticator_state;
 use sui_types::committee::{EpochId, ProtocolVersion};
 use sui_types::crypto::{default_hash, AuthoritySignInfo, Signer};
-use sui_types::deny_list::DenyList;
+use sui_types::deny_list_v1::check_coin_deny_list_v1;
 use sui_types::digests::ChainIdentifier;
 use sui_types::digests::TransactionEventsDigest;
 use sui_types::dynamic_field::{DynamicFieldInfo, DynamicFieldName, DynamicFieldType};
@@ -860,8 +860,13 @@ impl AuthorityState {
             &self.metrics.bytecode_verifier_metrics,
         )?;
 
-        if epoch_store.coin_deny_list_state_enabled() {
-            self.check_coin_deny(tx_data.sender(), &checked_input_objects, &receiving_objects)?;
+        if epoch_store.coin_deny_list_v1_enabled() {
+            check_coin_deny_list_v1(
+                tx_data.sender(),
+                &checked_input_objects,
+                &receiving_objects,
+                &self.get_object_store(),
+            )?;
         }
 
         let owned_objects = checked_input_objects.inner().filter_owned_objects();
@@ -4460,7 +4465,7 @@ impl AuthorityState {
         &self,
         epoch_store: &Arc<AuthorityPerEpochStore>,
     ) -> Option<EndOfEpochTransactionKind> {
-        if !epoch_store.protocol_config().enable_coin_deny_list() {
+        if !epoch_store.protocol_config().enable_coin_deny_list_v1() {
             return None;
         }
 
@@ -4695,30 +4700,6 @@ impl AuthorityState {
         Ok(())
     }
 
-    fn check_coin_deny(
-        &self,
-        sender: SuiAddress,
-        input_objects: &CheckedInputObjects,
-        receiving_objects: &ReceivingObjects,
-    ) -> SuiResult {
-        let all_objects = input_objects
-            .inner()
-            .iter_objects()
-            .chain(receiving_objects.iter_objects());
-        let coin_types = all_objects
-            .filter_map(|obj| {
-                if obj.is_gas_coin() {
-                    None
-                } else {
-                    obj.coin_type_maybe()
-                        .map(|type_tag| type_tag.to_canonical_string(false))
-                }
-            })
-            .collect::<BTreeSet<_>>();
-        DenyList::check_coin_deny_list(sender, coin_types, &self.get_object_store())?;
-        Ok(())
-    }
-
     #[instrument(level = "error", skip_all)]
     async fn reopen_epoch_db(
         &self,

diff --git a/crates/sui-core/src/authority/authority_per_epoch_store.rs b/crates/sui-core/src/authority/authority_per_epoch_store.rs
@@ -891,8 +891,8 @@ impl AuthorityPerEpochStore {
             .is_some()
     }
 
-    pub fn coin_deny_list_state_enabled(&self) -> bool {
-        self.protocol_config().enable_coin_deny_list() && self.coin_deny_list_state_exists()
+    pub fn coin_deny_list_v1_enabled(&self) -> bool {
+        self.protocol_config().enable_coin_deny_list_v1() && self.coin_deny_list_state_exists()
     }
 
     pub fn bridge_exists(&self) -> bool {

diff --git a/crates/sui-core/src/authority/epoch_start_configuration.rs b/crates/sui-core/src/authority/epoch_start_configuration.rs
@@ -9,7 +9,7 @@ use std::fmt;
 use sui_types::authenticator_state::get_authenticator_state_obj_initial_shared_version;
 use sui_types::base_types::SequenceNumber;
 use sui_types::bridge::{get_bridge_obj_initial_shared_version, is_bridge_committee_initiated};
-use sui_types::deny_list::get_deny_list_obj_initial_shared_version;
+use sui_types::deny_list_v1::get_deny_list_obj_initial_shared_version;
 use sui_types::epoch_data::EpochData;
 use sui_types::error::SuiResult;
 use sui_types::messages_checkpoint::{CheckpointDigest, CheckpointTimestamp};

diff --git a/crates/sui-e2e-tests/tests/coin_deny_list_tests.rs b/crates/sui-e2e-tests/tests/coin_deny_list_tests.rs
@@ -4,12 +4,12 @@
 use std::path::PathBuf;
 use sui_json_rpc_types::SuiTransactionBlockEffectsAPI;
 use sui_macros::sim_test;
-use sui_types::deny_list::CoinDenyCap;
-use sui_types::deny_list::RegulatedCoinMetadata;
+use sui_types::deny_list_v1::CoinDenyCap;
+use sui_types::deny_list_v1::RegulatedCoinMetadata;
 use test_cluster::TestClusterBuilder;
 
 #[sim_test]
-async fn test_regulated_coin_creation() {
+async fn test_regulated_coin_v1_creation() {
     let test_cluster = TestClusterBuilder::new().build().await;
     let mut path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
     path.push("tests/move_test_code");

diff --git a/crates/sui-genesis-builder/src/lib.rs b/crates/sui-genesis-builder/src/lib.rs
@@ -28,7 +28,7 @@ use sui_types::crypto::{
     AuthorityKeyPair, AuthorityPublicKeyBytes, AuthoritySignInfo, AuthoritySignInfoTrait,
     AuthoritySignature, DefaultHash, SuiAuthoritySignature,
 };
-use sui_types::deny_list::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
+use sui_types::deny_list_v1::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
 use sui_types::digests::ChainIdentifier;
 use sui_types::effects::{TransactionEffects, TransactionEffectsAPI, TransactionEvents};
 use sui_types::epoch_data::EpochData;
@@ -331,7 +331,7 @@ impl Builder {
         );
 
         assert_eq!(
-            protocol_config.enable_coin_deny_list(),
+            protocol_config.enable_coin_deny_list_v1(),
             unsigned_genesis.coin_deny_list_state().is_some(),
         );
 
@@ -1131,7 +1131,7 @@ pub fn generate_genesis_system_object(
                 vec![],
             )?;
         }
-        if protocol_config.enable_coin_deny_list() {
+        if protocol_config.enable_coin_deny_list_v1() {
             builder.move_call(
                 SUI_FRAMEWORK_ADDRESS.into(),
                 DENY_LIST_MODULE.to_owned(),

diff --git a/crates/sui-protocol-config/src/lib.rs b/crates/sui-protocol-config/src/lib.rs
@@ -1378,7 +1378,7 @@ impl ProtocolConfig {
         self.feature_flags.enable_poseidon
     }
 
-    pub fn enable_coin_deny_list(&self) -> bool {
+    pub fn enable_coin_deny_list_v1(&self) -> bool {
         self.feature_flags.enable_coin_deny_list
     }
 

diff --git a/crates/sui-types/src/deny_list.rs → crates/sui-types/src/deny_list_v1.rs b/crates/sui-types/src/deny_list.rs → crates/sui-types/src/deny_list_v1.rs
@@ -8,6 +8,7 @@ use crate::error::{UserInputError, UserInputResult};
 use crate::id::{ID, UID};
 use crate::object::{Object, Owner};
 use crate::storage::ObjectStore;
+use crate::transaction::{CheckedInputObjects, ReceivingObjects};
 use crate::SUI_DENY_LIST_OBJECT_ID;
 use move_core_types::ident_str;
 use move_core_types::identifier::IdentStr;
@@ -46,59 +47,74 @@ pub struct PerTypeDenyList {
     pub denied_addresses: Table,
 }
 
-impl DenyList {
-    pub fn check_coin_deny_list(
-        address: SuiAddress,
-        coin_types: BTreeSet<String>,
-        object_store: &dyn ObjectStore,
-    ) -> UserInputResult {
-        let Some(deny_list) = get_coin_deny_list(object_store) else {
-            // TODO: This is where we should fire an invariant violation metric.
-            if cfg!(debug_assertions) {
-                panic!("Failed to get the coin deny list");
+/// Checks coin denylist v1 at signing time.
+/// It checks that none of the coin types in the transaction are denied for the sender.
+pub fn check_coin_deny_list_v1(
+    sender: SuiAddress,
+    input_objects: &CheckedInputObjects,
+    receiving_objects: &ReceivingObjects,
+    object_store: &dyn ObjectStore,
+) -> UserInputResult {
+    let all_objects = input_objects
+        .inner()
+        .iter_objects()
+        .chain(receiving_objects.iter_objects());
+    let coin_types = all_objects
+        .filter_map(|obj| {
+            if obj.is_gas_coin() {
+                None
             } else {
-                return Ok(());
+                obj.coin_type_maybe()
+                    .map(|type_tag| type_tag.to_canonical_string(false))
             }
-        };
-        Self::check_deny_list(deny_list, address, coin_types, object_store)
-    }
+        })
+        .collect::<BTreeSet<_>>();
+
+    let Some(deny_list) = get_coin_deny_list(object_store) else {
+        // TODO: This is where we should fire an invariant violation metric.
+        if cfg!(debug_assertions) {
+            panic!("Failed to get the coin deny list");
+        } else {
+            return Ok(());
+        }
+    };
+    check_deny_list_v1_impl(deny_list, sender, coin_types, object_store)
+}
 
-    fn check_deny_list(
-        deny_list: PerTypeDenyList,
-        address: SuiAddress,
-        coin_types: BTreeSet<String>,
-        object_store: &dyn ObjectStore,
-    ) -> UserInputResult {
-        // TODO: Add caches to avoid repeated DF reads.
-        let Ok(count) = get_dynamic_field_from_store::<SuiAddress, u64>(
+fn check_deny_list_v1_impl(
+    deny_list: PerTypeDenyList,
+    address: SuiAddress,
+    coin_types: BTreeSet<String>,
+    object_store: &dyn ObjectStore,
+) -> UserInputResult {
+    let Ok(count) = get_dynamic_field_from_store::<SuiAddress, u64>(
+        object_store,
+        deny_list.denied_count.id,
+        &address,
+    ) else {
+        return Ok(());
+    };
+    if count == 0 {
+        return Ok(());
+    }
+    for coin_type in coin_types {
+        let Ok(denied_addresses) = get_dynamic_field_from_store::<Vec<u8>, VecSet<SuiAddress>>(
             object_store,
-            deny_list.denied_count.id,
-            &address,
+            deny_list.denied_addresses.id,
+            &coin_type.clone().into_bytes(),
         ) else {
-            return Ok(());
+            continue;
         };
-        if count == 0 {
-            return Ok(());
-        }
-        for coin_type in coin_types {
-            let Ok(denied_addresses) = get_dynamic_field_from_store::<Vec<u8>, VecSet<SuiAddress>>(
-                object_store,
-                deny_list.denied_addresses.id,
-                &coin_type.clone().into_bytes(),
-            ) else {
-                continue;
-            };
-            let denied_addresses: BTreeSet<_> = denied_addresses.contents.into_iter().collect();
-            if denied_addresses.contains(&address) {
-                debug!(
-                    "Address {} is denied for coin package {:?}",
-                    address, coin_type
-                );
-                return Err(UserInputError::AddressDeniedForCoin { address, coin_type });
-            }
+        let denied_addresses: BTreeSet<_> = denied_addresses.contents.into_iter().collect();
+        if denied_addresses.contains(&address) {
+            debug!(
+                "Address {} is denied for coin package {:?}",
+                address, coin_type
+            );
+            return Err(UserInputError::AddressDeniedForCoin { address, coin_type });
         }
-        Ok(())
     }
+    Ok(())
 }
 
 #[derive(Debug, Serialize, Deserialize, Clone)]

diff --git a/crates/sui-types/src/lib.rs b/crates/sui-types/src/lib.rs
@@ -36,7 +36,7 @@ pub mod coin;
 pub mod collection_types;
 pub mod committee;
 pub mod crypto;
-pub mod deny_list;
+pub mod deny_list_v1;
 pub mod digests;
 pub mod display;
 pub mod dynamic_field;

diff --git a/crates/sui-types/src/transaction.rs b/crates/sui-types/src/transaction.rs
@@ -438,7 +438,7 @@ impl EndOfEpochTransactionKind {
             }
             Self::DenyListStateCreate => {
                 // Transaction should have been rejected earlier (or never formed).
-                assert!(config.enable_coin_deny_list());
+                assert!(config.enable_coin_deny_list_v1());
             }
             Self::BridgeStateCreate(_) | Self::BridgeCommitteeInit(_) => {
                 // Transaction should have been rejected earlier (or never formed).
@@ -520,7 +520,7 @@ impl VersionedProtocolMessage for TransactionKind {
                                 }
                             }
                             EndOfEpochTransactionKind::DenyListStateCreate => {
-                                if !protocol_config.enable_coin_deny_list() {
+                                if !protocol_config.enable_coin_deny_list_v1() {
                                     return Err(SuiError::UnsupportedFeatureError {
                                         error: "coin deny list not enabled".to_string(),
                                     });

diff --git a/sui-execution/latest/sui-adapter/src/execution_engine.rs b/sui-execution/latest/sui-adapter/src/execution_engine.rs
@@ -45,7 +45,7 @@ mod checked {
     };
     use sui_types::clock::{CLOCK_MODULE_NAME, CONSENSUS_COMMIT_PROLOGUE_FUNCTION_NAME};
     use sui_types::committee::EpochId;
-    use sui_types::deny_list::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
+    use sui_types::deny_list_v1::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
     use sui_types::digests::{
         get_mainnet_chain_identifier, get_testnet_chain_identifier, ChainIdentifier,
     };
@@ -662,7 +662,7 @@ mod checked {
                             builder = setup_randomness_state_create(builder);
                         }
                         EndOfEpochTransactionKind::DenyListStateCreate => {
-                            assert!(protocol_config.enable_coin_deny_list());
+                            assert!(protocol_config.enable_coin_deny_list_v1());
                             builder = setup_coin_deny_list_state_create(builder);
                         }
                         EndOfEpochTransactionKind::BridgeStateCreate(chain_id) => {

diff --git a/sui-execution/latest/sui-verifier/src/id_leak_verifier.rs b/sui-execution/latest/sui-verifier/src/id_leak_verifier.rs
@@ -29,7 +29,7 @@ use move_core_types::{
 };
 use std::{collections::BTreeMap, error::Error, num::NonZeroU64};
 use sui_types::bridge::BRIDGE_MODULE_NAME;
-use sui_types::deny_list::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
+use sui_types::deny_list_v1::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
 use sui_types::{
     authenticator_state::AUTHENTICATOR_STATE_MODULE_NAME,
     clock::CLOCK_MODULE_NAME,

diff --git a/sui-execution/v2/sui-adapter/src/execution_engine.rs b/sui-execution/v2/sui-adapter/src/execution_engine.rs
@@ -36,7 +36,7 @@ mod checked {
     };
     use sui_types::clock::{CLOCK_MODULE_NAME, CONSENSUS_COMMIT_PROLOGUE_FUNCTION_NAME};
     use sui_types::committee::EpochId;
-    use sui_types::deny_list::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
+    use sui_types::deny_list_v1::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
     use sui_types::effects::TransactionEffects;
     use sui_types::error::{ExecutionError, ExecutionErrorKind};
     use sui_types::execution::is_certificate_denied;
@@ -649,7 +649,7 @@ mod checked {
                             builder = setup_randomness_state_create(builder);
                         }
                         EndOfEpochTransactionKind::DenyListStateCreate => {
-                            assert!(protocol_config.enable_coin_deny_list());
+                            assert!(protocol_config.enable_coin_deny_list_v1());
                             builder = setup_coin_deny_list_state_create(builder);
                         }
                         EndOfEpochTransactionKind::BridgeStateCreate(_) => {

diff --git a/sui-execution/v2/sui-verifier/src/id_leak_verifier.rs b/sui-execution/v2/sui-verifier/src/id_leak_verifier.rs
@@ -29,7 +29,7 @@ use move_core_types::{
 };
 use std::{collections::BTreeMap, error::Error, num::NonZeroU64};
 use sui_types::bridge::BRIDGE_MODULE_NAME;
-use sui_types::deny_list::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
+use sui_types::deny_list_v1::{DENY_LIST_CREATE_FUNC, DENY_LIST_MODULE};
 use sui_types::{
     authenticator_state::AUTHENTICATOR_STATE_MODULE_NAME,
     clock::CLOCK_MODULE_NAME,