sway-lib-std icon indicating copy to clipboard operation
sway-lib-std copied to clipboard

Published 20 hours ago verified publisher icon FuelLabs

Adding a get_signer function to the Auth module

Open nfurfaro opened this issue 3 years ago • 5 comments

This adds a wrapper around the ec_recover_address() function. Completing this implementation properly requires:

  • refactoring the ec_recover functions to return Results
  • the ability to use match with enums so we can act according to the specific Result variant returned from ec_recover_address()

This adds feature required for FuelLabs/sway#1061

nfurfaro avatar Feb 08 '22 18:02 nfurfaro

@adlerjohn This is targeting item number 2: image

The original thinking on this (a while ago now) was that contracts can't sign messages (at least this holds true for ethereum), so if the caller is a contract, return the error variant.

As for the nonce, etc, I think this needs to be handled by the specific contract implementation as opposed to in the stdlib.

nfurfaro avatar Feb 08 '22 19:02 nfurfaro

Ah I see. Well it depends how this is going to be used. Either the signature has to be an Option, or contracts will have two separate methods to either signature- or other-authenticate the sender. If we're going down the route of this PR, then it should probably be the former, and there should be some libraries to handle nonce management.

adlerjohn avatar Feb 08 '22 19:02 adlerjohn

I left this PR in draft status as I think the topic deserves some discussion around how we want to expose the different auth methods. I was going for the " two separate methods" approach to authentication. The way I've split things up currently, the msg_sender() function will handle items 1 & 3 (I haven't added the get_coins_owner() func yet )in the auth module proposal, and get_signer() would handle item number 2.

Related, ec_recover() and ec_recover_address() need to be refactored to return Results, and then get_signer() can act accordingly depending on the variant it receives from ec_recover_address() This is tracked here: FuelLabs/sway#1067 as well as in a TODO comment in the get_signer() code.

nfurfaro avatar Feb 08 '22 19:02 nfurfaro

As for failing CI, I think it's because CI installs Forc with cargo, but the latest changes on Sway master haven't been published yet...

nfurfaro avatar Feb 08 '22 19:02 nfurfaro

Update: I will pick this up again when I wrap up adding tests to the auth module and the reentrancy check functionality for the stdlib.

nfurfaro avatar Feb 18 '22 18:02 nfurfaro