axelarnetwork · AttissNgo · Jan 14, 2025 · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025
@@ -4,7 +4,7 @@ use axelar_soroban_std::events::Event;
 use axelar_soroban_std::token::validate_token_metadata;
 use axelar_soroban_std::ttl::{extend_instance_ttl, extend_persistent_ttl};
 use axelar_soroban_std::{
-    address::AddressExt, ensure, interfaces, types::Token, Ownable, Upgradable,
+    address::AddressExt, ensure, interfaces, types::Token, Operatable, Ownable, Upgradable,
 };
 use interchain_token::InterchainTokenClient;
 use soroban_sdk::token::{self, StellarAssetClient};
@@ -22,32 +22,34 @@ use crate::event::{
 use crate::executable::InterchainTokenExecutableClient;
 use crate::interface::InterchainTokenServiceInterface;
 use crate::storage_types::{DataKey, TokenIdConfigValue};
-use crate::token_handler;
 use crate::types::{
     DeployInterchainToken, HubMessage, InterchainTransfer, Message, TokenManagerType,
 };
+use crate::{flow_limit, token_handler};
 
 const ITS_HUB_CHAIN_NAME: &str = "axelar";
 const PREFIX_INTERCHAIN_TOKEN_ID: &str = "its-interchain-token-id";
 const PREFIX_INTERCHAIN_TOKEN_SALT: &str = "interchain-token-salt";
 const PREFIX_CANONICAL_TOKEN_SALT: &str = "canonical-token-salt";
 
 #[contract]
-#[derive(Ownable, Upgradable)]
+#[derive(Operatable, Ownable, Upgradable)]
 pub struct InterchainTokenService;
 
 #[contractimpl]
 impl InterchainTokenService {
     pub fn __constructor(
         env: Env,
         owner: Address,
+        operator: Address,
         gateway: Address,
         gas_service: Address,
         its_hub_address: String,
         chain_name: String,
         interchain_token_wasm_hash: BytesN<32>,
     ) {
         interfaces::set_owner(&env, &owner);
+        interfaces::set_operator(&env, &operator);
         env.storage().instance().set(&DataKey::Gateway, &gateway);
         env.storage()
             .instance()
@@ -160,6 +162,28 @@ impl InterchainTokenServiceInterface for InterchainTokenService {
             .into()
     }
 
+    fn flow_limit(env: &Env, token_id: BytesN<32>) -> Option<i128> {
+        flow_limit::flow_limit(env, token_id)
+    }
+
+    fn set_flow_limit(
+        env: &Env,
+        token_id: BytesN<32>,
+        flow_limit: Option<i128>,
+    ) -> Result<(), ContractError> {
+        Self::operator(env).require_auth();
+
+        flow_limit::set_flow_limit(env, token_id, flow_limit)
+    }
+
+    fn flow_out_amount(env: &Env, token_id: BytesN<32>) -> i128 {
+        flow_limit::flow_out_amount(env, token_id)
+    }
+
+    fn flow_in_amount(env: &Env, token_id: BytesN<32>) -> i128 {
+        flow_limit::flow_in_amount(env, token_id)
+    }
+
     /// Computes a 32-byte deployment salt for a canonical token using the provided token address.
     ///
     /// The salt is derived by hashing a combination of a prefix, the chain name hash,
@@ -337,6 +361,8 @@ impl InterchainTokenServiceInterface for InterchainTokenService {
             amount,
         )?;
 
+        flow_limit::add_flow_out(env, token_id.clone(), amount)?;
+
         InterchainTransferSentEvent {
             token_id: token_id.clone(),
             source_address: caller.clone(),
@@ -504,6 +530,8 @@ impl InterchainTokenService {
                 let token_config_value =
                     Self::token_id_config_with_extended_ttl(env, token_id.clone())?;
 
+                flow_limit::add_flow_in(env, token_id.clone(), amount)?;
+
                 token_handler::give_token(
                     env,
                     &destination_address,

@@ -22,4 +22,6 @@ pub enum ContractError {
     InvalidTokenMetaData = 16,
     InvalidTokenId = 17,
     TokenAlreadyDeployed = 18,
+    InvalidFlowLimit = 19,
+    FlowLimitExceeded = 20,
 }
@@ -13,6 +13,12 @@ pub struct TrustedChainRemovedEvent {
     pub chain: String,
 }
 
+#[derive(Debug, PartialEq, Eq)]
+pub struct FlowLimitSetEvent {
+    pub token_id: BytesN<32>,
+    pub flow_limit: Option<i128>,
+}
+
 #[derive(Debug, PartialEq, Eq)]
 pub struct InterchainTokenDeployedEvent {
     pub token_id: BytesN<32>,
@@ -84,6 +90,20 @@ impl Event for TrustedChainRemovedEvent {
     }
 }
 
+impl Event for FlowLimitSetEvent {
+    fn topics(&self, env: &Env) -> impl Topics + Debug {
+        (
+            Symbol::new(env, "flow_limit_set"),
+            self.token_id.to_val(),
+            self.flow_limit,
+        )
+    }
+
+    fn data(&self, env: &Env) -> impl IntoVal<Env, Val> + Debug {
+        Vec::<Val>::new(env)
+    }
+}
+
 impl Event for InterchainTokenDeployedEvent {
     fn topics(&self, env: &Env) -> impl Topics + Debug {
         (
@@ -179,6 +199,9 @@ impl_event_testutils!(TrustedChainSetEvent, (Symbol, String), ());
 #[cfg(any(test, feature = "testutils"))]
 impl_event_testutils!(TrustedChainRemovedEvent, (Symbol, String), ());
 
+#[cfg(any(test, feature = "testutils"))]
+impl_event_testutils!(FlowLimitSetEvent, (Symbol, BytesN<32>, Option<i128>), ());
+
 #[cfg(any(test, feature = "testutils"))]
 impl_event_testutils!(
     InterchainTokenDeployedEvent,

@@ -0,0 +1,123 @@
+use axelar_soroban_std::ensure;
+use axelar_soroban_std::events::Event;
+use axelar_soroban_std::ttl::extend_persistent_ttl;
+use soroban_sdk::{BytesN, Env};
+
+use crate::error::ContractError;
+use crate::event::FlowLimitSetEvent;
+use crate::storage_types::DataKey;
+
+const EPOCH_TIME: u64 = 6 * 60 * 60; // 6 hours in seconds = 21600
+
+pub fn flow_limit(env: &Env, token_id: BytesN<32>) -> Option<i128> {
+    env.storage()
+        .persistent()
+        .get(&DataKey::FlowLimit(token_id))
-        .get(&DataKey::FlowLimit(token_id))
+        .get::<_, Option<Option<i128>>>(&DataKey::FlowLimit(token_id))
+        .unwrap_or(None)
-        .get(&DataKey::FlowLimit(token_id))
+        .get::<_, Option<Option<i128>>>(&DataKey::FlowLimit(token_id))
+        .unwrap_or(None)
+}
+
+pub fn set_flow_limit(
+    env: &Env,
+    token_id: BytesN<32>,
+    flow_limit: Option<i128>,
+) -> Result<(), ContractError> {
+    if let Some(limit) = flow_limit {
+        ensure!(limit > 0, ContractError::InvalidFlowLimit);
+    }
+
+    env.storage()
+        .persistent()
+        .set(&DataKey::FlowLimit(token_id.clone()), &flow_limit);
+
+    FlowLimitSetEvent {
+        token_id,
+        flow_limit,
+    }
+    .emit(env);
+
+    Ok(())
+}
+
+pub fn flow_out_amount(env: &Env, token_id: BytesN<32>) -> i128 {
+    let epoch = env.ledger().timestamp() / EPOCH_TIME;
+    env.storage()
+        .temporary()
+        .get(&DataKey::FlowOut(token_id, epoch))
+        .unwrap_or(0)
+}
+
+pub fn flow_in_amount(env: &Env, token_id: BytesN<32>) -> i128 {
+    let epoch = env.ledger().timestamp() / EPOCH_TIME;
+    env.storage()
+        .temporary()
+        .get(&DataKey::FlowIn(token_id, epoch))
+        .unwrap_or(0)
+}
+
+enum FlowDirection {
+    In,
+    Out,
+}
+
+fn add_flow(
+    env: &Env,
+    token_id: BytesN<32>,
+    flow_amount: i128,
+    direction: FlowDirection,
+) -> Result<(), ContractError> {
+    let Some(flow_limit) = flow_limit(env, token_id.clone()) else {
+        return Ok(());
+    };
+
+    let epoch = env.ledger().timestamp() / EPOCH_TIME;
+
+    let (flow_to_add_key, flow_to_compare_key) = match direction {
+        FlowDirection::In => (
+            DataKey::FlowIn(token_id.clone(), epoch),
+            DataKey::FlowOut(token_id.clone(), epoch),
+        ),
+        FlowDirection::Out => (
+            DataKey::FlowOut(token_id.clone(), epoch),
+            DataKey::FlowIn(token_id.clone(), epoch),
+        ),
+    };
+
+    let flow_to_add: i128 = env.storage().temporary().get(&flow_to_add_key).unwrap_or(0);
+    let flow_to_compare: i128 = env
+        .storage()
+        .temporary()
+        .get(&flow_to_compare_key)
+        .unwrap_or(0);
+
+    ensure!(flow_amount <= flow_limit, ContractError::FlowLimitExceeded);
+
+    let new_flow = flow_to_add
+        .checked_add(flow_amount)
+        .ok_or(ContractError::FlowLimitExceeded)?;
+    let max_allowed = flow_to_compare
+        .checked_add(flow_limit)
+        .ok_or(ContractError::FlowLimitExceeded)?;
+
+    ensure!(new_flow <= max_allowed, ContractError::FlowLimitExceeded);
+
+    env.storage().temporary().set(&flow_to_add_key, &new_flow);
+
+    extend_persistent_ttl(env, &DataKey::FlowLimit(token_id));
+
+    Ok(())
+}
+
+pub fn add_flow_in(
+    env: &Env,
+    token_id: BytesN<32>,
+    flow_amount: i128,
+) -> Result<(), ContractError> {
+    add_flow(env, token_id, flow_amount, FlowDirection::In)
+}
+
+pub fn add_flow_out(
+    env: &Env,
+    token_id: BytesN<32>,
+    flow_amount: i128,
+) -> Result<(), ContractError> {
+    add_flow(env, token_id, flow_amount, FlowDirection::Out)
+}
@@ -34,6 +34,18 @@ pub trait InterchainTokenServiceInterface: AxelarExecutableInterface {
 
     fn token_manager_type(env: &Env, token_id: BytesN<32>) -> TokenManagerType;
 
+    fn flow_limit(env: &Env, token_id: BytesN<32>) -> Option<i128>;
+
+    fn set_flow_limit(
+        env: &Env,
+        token_id: BytesN<32>,
+        flow_limit: Option<i128>,
+    ) -> Result<(), ContractError>;
+
+    fn flow_out_amount(env: &Env, token_id: BytesN<32>) -> i128;
+
+    fn flow_in_amount(env: &Env, token_id: BytesN<32>) -> i128;
+
     fn deploy_interchain_token(
         env: &Env,
         deployer: Address,

@@ -17,6 +17,7 @@ cfg_if::cfg_if! {
         mod storage_types;
         mod token_handler;
         mod contract;
+        mod flow_limit;
 
         pub use contract::{InterchainTokenService, InterchainTokenServiceClient};
     }

@@ -12,6 +12,9 @@ pub enum DataKey {
     ChainName,
     InterchainTokenWasmHash,
     TokenIdConfigKey(BytesN<32>),
+    FlowLimit(BytesN<32>),
+    FlowOut(BytesN<32>, u64),
+    FlowIn(BytesN<32>, u64),
 }
 
 #[contracttype]

@@ -51,7 +51,7 @@ fn execute_fails_with_invalid_message() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(
         &source_chain,
@@ -101,7 +101,7 @@ fn interchain_transfer_message_execute_succeeds() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(&source_chain, &message_id, &source_address, &payload);
 
@@ -153,7 +153,7 @@ fn deploy_interchain_token_message_execute_succeeds() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(&source_chain, &message_id, &source_address, &payload);
 
@@ -207,7 +207,7 @@ fn deploy_interchain_token_message_execute_fails_empty_token_name() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(
         &source_chain,
@@ -254,7 +254,7 @@ fn deploy_interchain_token_message_execute_fails_empty_token_symbol() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(
         &source_chain,
@@ -303,7 +303,7 @@ fn deploy_interchain_token_message_execute_fails_invalid_minter_address() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(
         &source_chain,
@@ -364,7 +364,7 @@ fn deploy_interchain_token_message_execute_fails_token_already_deployed() {
         },
     ];
 
-    approve_gateway_messages(&env, gateway_client, signers, messages);
+    approve_gateway_messages(&env, &gateway_client, signers, messages);
 
     client.execute(&source_chain, &first_message_id, &source_address, &payload);