Skip to content

Commit

Permalink
[gas] permission
Browse files Browse the repository at this point in the history
  • Loading branch information
@lightmark
lightmark committed Jan 16, 2025
1 parent bce0eb2 commit 23b7949
Show file tree
Hide file tree
Showing 6 changed files with 381 additions and 13 deletions.
50 changes: 50 additions & 0 deletions aptos-move/framework/aptos-framework/doc/permissioned_delegation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
- [Enum `DelegationKey`](#0x1_permissioned_delegation_DelegationKey)
- [Resource `RegisteredDelegations`](#0x1_permissioned_delegation_RegisteredDelegations)
- [Constants](#@Constants_0)
- [Function `gen_ed25519_key`](#0x1_permissioned_delegation_gen_ed25519_key)
- [Function `fetch_handle`](#0x1_permissioned_delegation_fetch_handle)
- [Function `add_permissioned_handle`](#0x1_permissioned_delegation_add_permissioned_handle)
- [Function `remove_permissioned_handle`](#0x1_permissioned_delegation_remove_permissioned_handle)
Expand Down Expand Up @@ -132,7 +133,11 @@

<dl>
<dt>
<<<<<<< HEAD
<code>delegations: <a href="big_ordered_map.md#0x1_big_ordered_map_BigOrderedMap">big_ordered_map::BigOrderedMap</a>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_DelegationKey">permissioned_delegation::DelegationKey</a>, <a href="permissioned_delegation.md#0x1_permissioned_delegation_AccountDelegation">permissioned_delegation::AccountDelegation</a>&gt;</code>
=======
<code>delegations: <a href="../../aptos-stdlib/doc/table.md#0x1_table_Table">table::Table</a>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_DelegationKey">permissioned_delegation::DelegationKey</a>, <a href="permissioned_delegation.md#0x1_permissioned_delegation_AccountDelegation">permissioned_delegation::AccountDelegation</a>&gt;</code>
>>>>>>> 928d2174a9 ([gas] permission)
</dt>
<dd>
Expand Down Expand Up @@ -201,6 +206,30 @@



<a id="0x1_permissioned_delegation_gen_ed25519_key"></a>

## Function `gen_ed25519_key`



<pre><code><b>public</b> <b>fun</b> <a href="permissioned_delegation.md#0x1_permissioned_delegation_gen_ed25519_key">gen_ed25519_key</a>(key: <a href="../../aptos-stdlib/doc/ed25519.md#0x1_ed25519_UnvalidatedPublicKey">ed25519::UnvalidatedPublicKey</a>): <a href="permissioned_delegation.md#0x1_permissioned_delegation_DelegationKey">permissioned_delegation::DelegationKey</a>
</code></pre>



<details>
<summary>Implementation</summary>


<pre><code><b>public</b> <b>fun</b> <a href="permissioned_delegation.md#0x1_permissioned_delegation_gen_ed25519_key">gen_ed25519_key</a>(key: UnvalidatedPublicKey): <a href="permissioned_delegation.md#0x1_permissioned_delegation_DelegationKey">DelegationKey</a> {
DelegationKey::Ed25519PublicKey(key)
}
</code></pre>



</details>

<a id="0x1_permissioned_delegation_fetch_handle"></a>

## Function `fetch_handle`
Expand Down Expand Up @@ -254,11 +283,19 @@
<b>let</b> addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
<b>if</b> (!<b>exists</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(addr)) {
<b>move_to</b>(master, <a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a> {
<<<<<<< HEAD
delegations: <a href="big_ordered_map.md#0x1_big_ordered_map_new_with_config">big_ordered_map::new_with_config</a>(50, 20, <b>true</b>, 5)
});
};
<b>let</b> handles = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(addr).delegations;
<b>assert</b>!(!handles.contains(&key), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_already_exists">error::already_exists</a>(<a href="permissioned_delegation.md#0x1_permissioned_delegation_EHANDLE_EXISTENCE">EHANDLE_EXISTENCE</a>));
=======
delegations: <a href="../../aptos-stdlib/doc/table.md#0x1_table_new">table::new</a>()
});
};
<b>let</b> handles = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(addr).delegations;
<b>assert</b>!(!handles.contains(key), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_already_exists">error::already_exists</a>(<a href="permissioned_delegation.md#0x1_permissioned_delegation_EHANDLE_EXISTENCE">EHANDLE_EXISTENCE</a>));
>>>>>>> 928d2174a9 ([gas] permission)
<b>let</b> handle = <a href="permissioned_signer.md#0x1_permissioned_signer_create_storable_permissioned_handle">permissioned_signer::create_storable_permissioned_handle</a>(master, expiration_time);
<b>let</b> <a href="permissioned_signer.md#0x1_permissioned_signer">permissioned_signer</a> = <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_storable_permissioned_handle">permissioned_signer::signer_from_storable_permissioned_handle</a>(&handle);
handles.add(key, AccountDelegation::V1 { handle, <a href="rate_limiter.md#0x1_rate_limiter">rate_limiter</a> });
Expand Down Expand Up @@ -291,10 +328,17 @@
) <b>acquires</b> <a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a> {
<b>assert</b>!(!is_permissioned_signer(master), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_delegation.md#0x1_permissioned_delegation_ENOT_MASTER_SIGNER">ENOT_MASTER_SIGNER</a>));
<b>let</b> addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
<<<<<<< HEAD
<b>let</b> handle_bundles = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(addr).delegations;
<b>assert</b>!(handle_bundles.contains(&key), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_not_found">error::not_found</a>(<a href="permissioned_delegation.md#0x1_permissioned_delegation_EHANDLE_EXISTENCE">EHANDLE_EXISTENCE</a>));
<b>let</b> bundle = handle_bundles.remove(&key);
match (bundle) {
=======
<b>let</b> delegations = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(addr).delegations;
<b>assert</b>!(delegations.contains(key), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_not_found">error::not_found</a>(<a href="permissioned_delegation.md#0x1_permissioned_delegation_EHANDLE_EXISTENCE">EHANDLE_EXISTENCE</a>));
<b>let</b> delegation = delegations.remove(key);
match (delegation) {
>>>>>>> 928d2174a9 ([gas] permission)
AccountDelegation::V1 { handle, <a href="rate_limiter.md#0x1_rate_limiter">rate_limiter</a>: _ } =&gt; {
<a href="permissioned_signer.md#0x1_permissioned_signer_destroy_storable_permissioned_handle">permissioned_signer::destroy_storable_permissioned_handle</a>(handle);
}
Expand Down Expand Up @@ -427,9 +471,15 @@ Authorization function for account abstraction.
count_rate: bool
): &StorablePermissionedHandle {
<b>if</b> (<b>exists</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(master)) {
<<<<<<< HEAD
<b>let</b> bundles = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(master).delegations;
<b>if</b> (bundles.contains(&key)) {
<a href="permissioned_delegation.md#0x1_permissioned_delegation_fetch_handle">fetch_handle</a>(bundles.borrow_mut(&key), count_rate)
=======
<b>let</b> delegations = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_delegation.md#0x1_permissioned_delegation_RegisteredDelegations">RegisteredDelegations</a>&gt;(master).delegations;
<b>if</b> (delegations.contains(key)) {
<a href="permissioned_delegation.md#0x1_permissioned_delegation_fetch_handle">fetch_handle</a>(delegations.borrow_mut(key), count_rate)
>>>>>>> 928d2174a9 ([gas] permission)
} <b>else</b> {
<b>abort</b> <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_delegation.md#0x1_permissioned_delegation_EINVALID_SIGNATURE">EINVALID_SIGNATURE</a>)
}
Expand Down
145 changes: 145 additions & 0 deletions aptos-move/framework/aptos-framework/doc/transaction_validation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@


- [Resource `TransactionValidation`](#0x1_transaction_validation_TransactionValidation)
- [Struct `GasPermission`](#0x1_transaction_validation_GasPermission)
- [Constants](#@Constants_0)
- [Function `grant_gas_permission`](#0x1_transaction_validation_grant_gas_permission)
- [Function `revoke_gas_permission`](#0x1_transaction_validation_revoke_gas_permission)
- [Function `initialize`](#0x1_transaction_validation_initialize)
- [Function `prologue_common`](#0x1_transaction_validation_prologue_common)
- [Function `script_prologue`](#0x1_transaction_validation_script_prologue)
Expand Down Expand Up @@ -57,6 +60,7 @@
<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error">0x1::error</a>;
<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/features.md#0x1_features">0x1::features</a>;
<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option">0x1::option</a>;
<b>use</b> <a href="permissioned_signer.md#0x1_permissioned_signer">0x1::permissioned_signer</a>;
<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">0x1::signer</a>;
<b>use</b> <a href="system_addresses.md#0x1_system_addresses">0x1::system_addresses</a>;
<b>use</b> <a href="timestamp.md#0x1_timestamp">0x1::timestamp</a>;
Expand Down Expand Up @@ -123,6 +127,33 @@ correct chain-specific prologue and epilogue functions
</dl>


</details>

<a id="0x1_transaction_validation_GasPermission"></a>

## Struct `GasPermission`



<pre><code><b>struct</b> <a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> <b>has</b> <b>copy</b>, drop, store
</code></pre>



<details>
<summary>Fields</summary>


<dl>
<dt>
<code>dummy_field: bool</code>
</dt>
<dd>

</dd>
</dl>


</details>

<a id="@Constants_0"></a>
Expand Down Expand Up @@ -243,6 +274,76 @@ important to the semantics of the system.



<a id="0x1_transaction_validation_PROLOGUE_PERMISSIONED_GAS_LIMIT_INSUFFICIENT"></a>



<pre><code><b>const</b> <a href="transaction_validation.md#0x1_transaction_validation_PROLOGUE_PERMISSIONED_GAS_LIMIT_INSUFFICIENT">PROLOGUE_PERMISSIONED_GAS_LIMIT_INSUFFICIENT</a>: u64 = 1011;
</code></pre>



<a id="0x1_transaction_validation_grant_gas_permission"></a>

## Function `grant_gas_permission`

Permission management

Master signer grant permissioned signer ability to consume a given amount of gas in octas.


<pre><code><b>public</b> <b>fun</b> <a href="transaction_validation.md#0x1_transaction_validation_grant_gas_permission">grant_gas_permission</a>(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, gas_amount: u64)
</code></pre>



<details>
<summary>Implementation</summary>


<pre><code><b>public</b> <b>fun</b> <a href="transaction_validation.md#0x1_transaction_validation_grant_gas_permission">grant_gas_permission</a>(
master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>,
permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>,
gas_amount: u64
) {
<a href="permissioned_signer.md#0x1_permissioned_signer_authorize_increase">permissioned_signer::authorize_increase</a>(
master,
permissioned,
(gas_amount <b>as</b> u256),
<a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {}
)
}
</code></pre>



</details>

<a id="0x1_transaction_validation_revoke_gas_permission"></a>

## Function `revoke_gas_permission`

Removing permissions from permissioned signer.


<pre><code><b>public</b> <b>fun</b> <a href="transaction_validation.md#0x1_transaction_validation_revoke_gas_permission">revoke_gas_permission</a>(permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>)
</code></pre>



<details>
<summary>Implementation</summary>


<pre><code><b>public</b> <b>fun</b> <a href="transaction_validation.md#0x1_transaction_validation_revoke_gas_permission">revoke_gas_permission</a>(permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>) {
<a href="permissioned_signer.md#0x1_permissioned_signer_revoke_permission">permissioned_signer::revoke_permission</a>(permissioned, <a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {})
}
</code></pre>



</details>

<a id="0x1_transaction_validation_initialize"></a>

## Function `initialize`
Expand Down Expand Up @@ -382,6 +483,14 @@ Only called during genesis to initialize system resources for this module.
is_simulation,
gas_payer_address
)) {
<b>assert</b>!(
<a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_capacity_above">permissioned_signer::check_permission_capacity_above</a>(
gas_payer,
(max_transaction_fee <b>as</b> u256),
<a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {}
),
<a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="transaction_validation.md#0x1_transaction_validation_PROLOGUE_PERMISSIONED_GAS_LIMIT_INSUFFICIENT">PROLOGUE_PERMISSIONED_GAS_LIMIT_INSUFFICIENT</a>)
);
<b>if</b> (<a href="../../aptos-stdlib/../move-stdlib/doc/features.md#0x1_features_operations_default_to_fa_apt_store_enabled">features::operations_default_to_fa_apt_store_enabled</a>()) {
<b>assert</b>!(
<a href="aptos_account.md#0x1_aptos_account_is_fungible_balance_at_least">aptos_account::is_fungible_balance_at_least</a>(gas_payer_address, max_transaction_fee),
Expand Down Expand Up @@ -960,12 +1069,31 @@ Called by the Adapter
);
};

<b>let</b> max_transaction_fee = txn_gas_price * txn_max_gas_units;
<b>let</b> gas_payer_signer = &<a href="create_signer.md#0x1_create_signer_create_signer">create_signer::create_signer</a>(gas_payer);
<b>if</b> (transaction_fee_amount &gt; storage_fee_refunded) {
<b>let</b> burn_amount = transaction_fee_amount - storage_fee_refunded;
<<<<<<< HEAD
<a href="transaction_fee.md#0x1_transaction_fee_burn_fee">transaction_fee::burn_fee</a>(gas_payer, burn_amount);
} <b>else</b> <b>if</b> (transaction_fee_amount &lt; storage_fee_refunded) {
<b>let</b> mint_amount = storage_fee_refunded - transaction_fee_amount;
<a href="transaction_fee.md#0x1_transaction_fee_mint_and_refund">transaction_fee::mint_and_refund</a>(gas_payer, mint_amount)
=======
<a href="transaction_fee.md#0x1_transaction_fee_burn_fee">transaction_fee::burn_fee</a>(gas_payer_signer, burn_amount);
<a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_consume">permissioned_signer::check_permission_consume</a>(
gas_payer_signer,
(burn_amount <b>as</b> u256),
<a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {}
);
} <b>else</b> <b>if</b> (transaction_fee_amount &lt; storage_fee_refunded) {
<b>let</b> mint_amount = storage_fee_refunded - transaction_fee_amount;
<a href="transaction_fee.md#0x1_transaction_fee_mint_and_refund">transaction_fee::mint_and_refund</a>(gas_payer_signer, mint_amount);
<a href="permissioned_signer.md#0x1_permissioned_signer_increase_limit">permissioned_signer::increase_limit</a>(
gas_payer_signer,
(mint_amount <b>as</b> u256),
<a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {}
);
>>>>>>> 928d2174a9 ([gas] permission)
};
};

Expand Down Expand Up @@ -1194,10 +1322,27 @@ If there is no fee_payer, fee_payer = sender

<b>if</b> (transaction_fee_amount &gt; storage_fee_refunded) {
<b>let</b> burn_amount = transaction_fee_amount - storage_fee_refunded;
<<<<<<< HEAD
<a href="transaction_fee.md#0x1_transaction_fee_burn_fee">transaction_fee::burn_fee</a>(gas_payer_address, burn_amount);
} <b>else</b> <b>if</b> (transaction_fee_amount &lt; storage_fee_refunded) {
<b>let</b> mint_amount = storage_fee_refunded - transaction_fee_amount;
<a href="transaction_fee.md#0x1_transaction_fee_mint_and_refund">transaction_fee::mint_and_refund</a>(gas_payer_address, mint_amount)
=======
<a href="transaction_fee.md#0x1_transaction_fee_burn_fee">transaction_fee::burn_fee</a>(&gas_payer, burn_amount);
<a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_consume">permissioned_signer::check_permission_consume</a>(
&gas_payer,
(burn_amount <b>as</b> u256),
<a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {}
);
} <b>else</b> <b>if</b> (transaction_fee_amount &lt; storage_fee_refunded) {
<b>let</b> mint_amount = storage_fee_refunded - transaction_fee_amount;
<a href="transaction_fee.md#0x1_transaction_fee_mint_and_refund">transaction_fee::mint_and_refund</a>(&gas_payer, mint_amount);
<a href="permissioned_signer.md#0x1_permissioned_signer_increase_limit">permissioned_signer::increase_limit</a>(
&gas_payer,
(mint_amount <b>as</b> u256),
<a href="transaction_validation.md#0x1_transaction_validation_GasPermission">GasPermission</a> {}
);
>>>>>>> 928d2174a9 ([gas] permission)
};
};

Expand Down
Loading

0 comments on commit 23b7949

Please sign in to comment.