WIP

radixdlt · Sep 24, 2024 · 5a2d218 · 5a2d218
1 parent 58e63fa
commit 5a2d218
Show file tree

Hide file tree

Showing 44 changed files with 2,083 additions and 5,229 deletions.
diff --git a/.github/workflows/phylum-daily-analysis.yaml b/.github/workflows/phylum-daily-analysis.yaml
@@ -0,0 +1,61 @@
+name: Daily Analysis Phylum
+
+on:
+  schedule:
+    # Runs at 13:00 UTC every day
+    - cron: '0 13 * * *'
+
+env:
+  PHYLUM_PROJECT_ID: fb999d0c-b260-474e-8c08-2f163aa2c75f
+  PHYLUM_GROUP_NAME: Wallet
+  PHYLUM_NAME: sargon
+jobs:
+  analyze_branch_phylum:
+    name: Analyze dependencies with Phylum
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        branch: [main]
+        include:
+          - branch: main
+      fail-fast: false 
+    steps:
+      - uses: RDXWorks-actions/checkout@main
+        with:
+          ref: ${{ matrix.branch }}
+          fetch-depth: 0
+      - uses: RDXWorks-actions/setup-python@main
+        with:
+          python-version: 3.10.6
+      - name: Install Phylum
+        run: |
+          curl https://sh.phylum.io/ | sh -s -- --yes
+          # Add the Python user base binary directory to PATH
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+      - name: Run Phylum Analysis
+        env: 
+          PHYLUM_API_KEY: ${{ secrets.PHYLUM_API_KEY }}         
+        run: | 
+          phylum analyze --quiet --label ${{ matrix.branch }}_branch_daily_schedule > /dev/null 2>&1 || exit_code=$?
+          if [ $exit_code -eq 100 ]; then 
+            echo "Phylum Analysis returned exit code 100, but continuing.";
+            echo "phylum_analyze_status=failure" >> $GITHUB_ENV 
+            exit 0; 
+          else 
+            echo "phylum_analyze_status=success" >> $GITHUB_ENV 
+            exit $?; 
+          fi
+      - name: Analysis Status Failure notification
+        if: always()
+        uses: RDXWorks-actions/notify-slack-action@master
+        with:
+          status: ${{ env.phylum_analyze_status }}
+          notify_when: 'failure'
+          notification_title: ':clock3: Phylum Scheduled Daily Analysis:'
+          message_format: 'Automatic phylum analysis has found vulnerabilities on ${{ env.PHYLUM_NAME }} in ${{ matrix.branch }} branch:boom:'
+          footer: "Linked Repository <{repo_url}|{repo}> | <https://app.phylum.io/projects/${{ env.PHYLUM_PROJECT_ID }}?label=${{ matrix.branch }}_branch_daily_schedule&group=${{ env.PHYLUM_GROUP_NAME }}|View Report> "
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PHYLUM_WALLET_TEAM_WEBHOOK }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -38,6 +38,24 @@ jobs:
       - name: Check typos
         run: typos
 
+  phylum-analyze:
+    if: ${{ github.event.pull_request }}
+    uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/phylum-analyze.yml@main
+    permissions:
+      id-token: write
+      pull-requests: write
+      contents: read
+      deployments: write
+    secrets:
+      phylum_api_key: ${{ secrets.PHYLUM_API_KEY }}
+    with:
+      phylum_pr_number: ${{ github.event.number }}
+      phylum_pr_name: ${{ github.head_ref }}
+      phylum_group_name: Wallet
+      phylum_project_id: fb999d0c-b260-474e-8c08-2f163aa2c75f
+      github_repository: ${{ github.repository }}
+      add_report_comment_to_pull_request: true
+
   # cargo check
   check-cargo-check:
     runs-on: macos-14-xlarge

diff --git a/.phylum_project b/.phylum_project
@@ -0,0 +1,7 @@
+id: fb999d0c-b260-474e-8c08-2f163aa2c75f
+name: sargon
+created_at: 2024-06-03T13:06:05.511629+02:00
+group_name: Wallet
+depfiles:
+  - path: ./Cargo.lock
+    type: cargo
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,5 +1,6 @@
 fail_fast: true
-
+default_install_hook_types: [pre-push]
+default_stages: [pre-push]
 repos:
   - repo: https://github.com/crate-ci/typos
     rev: v1.22.7
@@ -34,3 +35,22 @@ repos:
         types: [file, rust]
         entry: cargo test --lib
         pass_filenames: false
+
+  - repo: https://github.com/phylum-dev/phylum-ci
+    rev: main
+    hooks:
+      - id: phylum
+        stages: [pre-push]
+        # Optional: Specify the dependency file pattern for your repository
+        files: |
+            (?x)^(
+                Cargo\.lock|
+            )$
+        # Optional: Specify additional arguments to be passed to `phylum-ci`
+        args:
+          - -vv
+          - --depfile=Cargo.lock
+          - --audit
+          - --force-analysis
+          - --all-deps
+        verbose: true
diff --git a/Package.resolved b/Package.resolved
@@ -5,8 +5,8 @@
       "kind" : "remoteSourceControl",
       "location" : "https://github.com/sideeffect-io/AsyncExtensions",
       "state" : {
-        "revision" : "1f0729e4f1f6c7166acfac3cec43b3cbe83be0e6",
-        "version" : "0.5.2"
+        "revision" : "3442d3d046800f1974bda096faaf0ac510b21154",
+        "version" : "0.5.3"
       }
     },
     {

diff --git a/Package.swift b/Package.swift
@@ -55,7 +55,7 @@ let package = Package(
 		.package(url: "https://github.com/SwiftyJSON/SwiftyJSON", from: "5.0.2"),
 
 		// Multicast / Share of notifications in EventBus
-		.package(url: "https://github.com/sideeffect-io/AsyncExtensions", exact: "0.5.2"),
+		.package(url: "https://github.com/sideeffect-io/AsyncExtensions", exact: "0.5.3"),
 	],
 	targets: [
 		binaryTarget,

diff --git a/apple/Sources/Sargon/Extensions/Methods/RET/TransactionManifest+Wrap+Functions.swift b/apple/Sources/Sargon/Extensions/Methods/RET/TransactionManifest+Wrap+Functions.swift
@@ -39,7 +39,11 @@ extension TransactionManifest {
         transactionManifestSummary(manifest: self)
     }
 
-    public func executionSummary(engineToolkitReceipt: Data) throws -> ExecutionSummary {
+	/// Creates the `ExecutionSummary` based on the `engineToolkitReceipt` data. 
+    /// 
+    /// Such value should be obtained from the Gateway `/transaction/preview` endpoint, under the `radix_engine_toolkit_receipt` field.
+    /// Its content will be parsed into a `String` representation and used as parameter here.
+    public func executionSummary(engineToolkitReceipt: String) throws -> ExecutionSummary {
         try transactionManifestExecutionSummary(
             manifest: self,
             engineToolkitReceipt: engineToolkitReceipt

diff --git a/apple/Tests/TestCases/RET/ManifestBuilding/ManifestBuildingTests.swift b/apple/Tests/TestCases/RET/ManifestBuilding/ManifestBuildingTests.swift
@@ -232,13 +232,6 @@ final class ManifestBuildingTests: Test<TransactionManifest> {
 }
 
 extension TestCase {
-
-    func encodedReceipt(_ name: String) throws -> Data {
-        let utf8 = try openTransactionFile(name, extension: "dat")
-        let hex = try XCTUnwrap(String(data: utf8, encoding: .utf8))
-        return try Data(hex: hex)
-    }
-
     func rtm(_ rtmFile: String) throws -> TransactionManifest {
         let data = try openTransactionFile(rtmFile, extension: "rtm")
         let instructionsString = try XCTUnwrap(String(data: data, encoding: .utf8))

diff --git a/apple/Tests/TestCases/RET/TransactionManifestTests.swift b/apple/Tests/TestCases/RET/TransactionManifestTests.swift
@@ -36,13 +36,35 @@ final class TransactionManifestTests: Test<TransactionManifest> {
     }
 
     func test_execution_summary() throws {
-        let name = "transfer_1to2_multiple_nf_and_f_tokens"
-        let receipt = try encodedReceipt(name)
+        let name = "third_party_deposits_update"
+		let engineToolkitReceiptStr = """
+		  {
+			  "kind": "CommitSuccess",
+			  "state_updates_summary": {
+				"new_entities": [],
+				"metadata_updates": {},
+				"non_fungible_data_updates": {},
+				"newly_minted_non_fungibles": []
+			  },
+			  "worktop_changes": {},
+			  "fee_summary": {
+				"execution_fees_in_xrd": "0.07638415",
+				"finalization_fees_in_xrd": "0.0105008",
+				"storage_fees_in_xrd": "0.03871917658",
+				"royalty_fees_in_xrd": "0"
+			  },
+			  "locked_fees": {
+				"contingent": "0",
+				"non_contingent": "0"
+			  }
+			}
+		"""
+		let receipt = engineToolkitReceiptStr.data(using: .utf8)!
         let manifest = try rtm(name)
 
-        let summary = try manifest.executionSummary(encodedReceipt: receipt)
+        let summary = try manifest.executionSummary(engineToolkitReceipt: receipt)
 
-        XCTAssertNoDifference(summary.addressesOfAccountsRequiringAuth, ["account_tdx_2_1288efhmjt8kzce77par4ex997x2zgnlv5qqv9ltpxqg7ur0xpqm6gk"])
+        XCTAssertNoDifference(summary.addressesOfAccountsRequiringAuth, ["account_tdx_2_129uv9r46an4hwng8wc97qwpraspvnrc7v2farne4lr6ff7yaevaz2a"])
     }
 
 	func test_from_instructions_string_with_max_sbor_depth_is_ok() throws {

diff --git a/crates/sargon/fixtures/transaction/account_locker_claim_fungibles_and_non_fungibles.dat b/crates/sargon/fixtures/transaction/account_locker_claim_fungibles_and_non_fungibles.dat
@@ -0,0 +1,65 @@
+{
+  "kind": "CommitSuccess",
+  "state_updates_summary": {
+    "new_entities": [],
+    "metadata_updates": {},
+    "non_fungible_data_updates": {},
+    "newly_minted_non_fungibles": []
+  },
+  "worktop_changes": {
+    "0": [
+      {
+        "kind": "Put",
+        "value": {
+          "kind": "Ids",
+          "resource_address": "resource_tdx_2_1n2z4k99wuqlph9lj64ckc64znm48axl37xctsa0xqmm2sqg7klrte3",
+          "ids": [
+            "#8#"
+          ]
+        }
+      }
+    ],
+    "1": [
+      {
+        "kind": "Take",
+        "value": {
+          "kind": "Ids",
+          "resource_address": "resource_tdx_2_1n2z4k99wuqlph9lj64ckc64znm48axl37xctsa0xqmm2sqg7klrte3",
+          "ids": [
+            "#8#"
+          ]
+        }
+      }
+    ],
+    "3": [
+      {
+        "kind": "Put",
+        "value": {
+          "kind": "Amount",
+          "resource_address": "resource_tdx_2_1th75jg2gx9l3v0r8duzrmknfarhd3ha0387lg9n78qc9849xsfyq32",
+          "amount": "3"
+        }
+      }
+    ],
+    "4": [
+      {
+        "kind": "Take",
+        "value": {
+          "kind": "Amount",
+          "resource_address": "resource_tdx_2_1th75jg2gx9l3v0r8duzrmknfarhd3ha0387lg9n78qc9849xsfyq32",
+          "amount": "3"
+        }
+      }
+    ]
+  },
+  "fee_summary": {
+    "execution_fees_in_xrd": "0.2516311",
+    "finalization_fees_in_xrd": "0.03200635",
+    "storage_fees_in_xrd": "0.12903213279",
+    "royalty_fees_in_xrd": "0"
+  },
+  "locked_fees": {
+    "contingent": "0",
+    "non_contingent": "0"
+  }
+}
diff --git a/crates/sargon/fixtures/transaction/account_locker_claim_fungibles_and_non_fungibles.json b/crates/sargon/fixtures/transaction/account_locker_claim_fungibles_and_non_fungibles.json
diff --git a/crates/sargon/fixtures/transaction/claim_two_stakes_from_one_validator.dat b/crates/sargon/fixtures/transaction/claim_two_stakes_from_one_validator.dat
@@ -0,0 +1,67 @@
+{
+  "kind": "CommitSuccess",
+  "state_updates_summary": {
+    "new_entities": [],
+    "metadata_updates": {},
+    "non_fungible_data_updates": {},
+    "newly_minted_non_fungibles": []
+  },
+  "worktop_changes": {
+    "0": [
+      {
+        "kind": "Put",
+        "value": {
+          "kind": "Ids",
+          "resource_address": "resource_tdx_2_1ng3g2nj5pfpmdphgz0nrh8z0gtqcxx5z5dn48t85ar0z0zjhefufaw",
+          "ids": [
+            "{1c1ce92c810094a7-65659db6a666c19c-6cea4367bb789b55-276b137712ceecce}",
+            "{5aebd0270caf3f87-51031498741f57b5-d24fe0d62a976589-519c6a92423888cc}"
+          ]
+        }
+      }
+    ],
+    "1": [
+      {
+        "kind": "Take",
+        "value": {
+          "kind": "Ids",
+          "resource_address": "resource_tdx_2_1ng3g2nj5pfpmdphgz0nrh8z0gtqcxx5z5dn48t85ar0z0zjhefufaw",
+          "ids": [
+            "{1c1ce92c810094a7-65659db6a666c19c-6cea4367bb789b55-276b137712ceecce}",
+            "{5aebd0270caf3f87-51031498741f57b5-d24fe0d62a976589-519c6a92423888cc}"
+          ]
+        }
+      }
+    ],
+    "2": [
+      {
+        "kind": "Put",
+        "value": {
+          "kind": "Amount",
+          "resource_address": "resource_tdx_2_1tknxxxxxxxxxradxrdxxxxxxxxx009923554798xxxxxxxxxtfd2jc",
+          "amount": "150"
+        }
+      }
+    ],
+    "3": [
+      {
+        "kind": "Take",
+        "value": {
+          "kind": "Amount",
+          "resource_address": "resource_tdx_2_1tknxxxxxxxxxradxrdxxxxxxxxx009923554798xxxxxxxxxtfd2jc",
+          "amount": "150"
+        }
+      }
+    ]
+  },
+  "fee_summary": {
+    "execution_fees_in_xrd": "0.2383276",
+    "finalization_fees_in_xrd": "0.041757",
+    "storage_fees_in_xrd": "0.11224746511",
+    "royalty_fees_in_xrd": "0"
+  },
+  "locked_fees": {
+    "contingent": "0",
+    "non_contingent": "0"
+  }
+}
diff --git a/crates/sargon/fixtures/transaction/claim_two_stakes_from_one_validator.rtm b/crates/sargon/fixtures/transaction/claim_two_stakes_from_one_validator.rtm
@@ -0,0 +1,33 @@
+CALL_METHOD
+    Address("account_tdx_2_129uv9r46an4hwng8wc97qwpraspvnrc7v2farne4lr6ff7yaevaz2a")
+    "lock_fee"
+    Decimal("0.571994908619")
+;
+CALL_METHOD
+    Address("account_tdx_2_129uv9r46an4hwng8wc97qwpraspvnrc7v2farne4lr6ff7yaevaz2a")
+    "withdraw_non_fungibles"
+    Address("resource_tdx_2_1ng3g2nj5pfpmdphgz0nrh8z0gtqcxx5z5dn48t85ar0z0zjhefufaw")
+    Array<NonFungibleLocalId>(
+        NonFungibleLocalId("{1c1ce92c810094a7-65659db6a666c19c-6cea4367bb789b55-276b137712ceecce}"),
+        NonFungibleLocalId("{5aebd0270caf3f87-51031498741f57b5-d24fe0d62a976589-519c6a92423888cc}")
+    )
+;
+TAKE_ALL_FROM_WORKTOP
+    Address("resource_tdx_2_1ng3g2nj5pfpmdphgz0nrh8z0gtqcxx5z5dn48t85ar0z0zjhefufaw")
+    Bucket("bucket1")
+;
+CALL_METHOD
+    Address("validator_tdx_2_1sdtnujyn3720ymg8lakydkvc5tw4q3zecdj95akdwt9de362mvtd94")
+    "claim_xrd"
+    Bucket("bucket1")
+;
+TAKE_FROM_WORKTOP
+    Address("resource_tdx_2_1tknxxxxxxxxxradxrdxxxxxxxxx009923554798xxxxxxxxxtfd2jc")
+    Decimal("150")
+    Bucket("bucket2")
+;
+CALL_METHOD
+    Address("account_tdx_2_129uv9r46an4hwng8wc97qwpraspvnrc7v2farne4lr6ff7yaevaz2a")
+    "deposit"
+    Bucket("bucket2")
+;
diff --git a/crates/sargon/fixtures/transaction/claim_two_validator_stakes.dat b/crates/sargon/fixtures/transaction/claim_two_validator_stakes.dat