scrtlabs · assafmo · Oct 19, 2021 · Sep 25, 2021 · Sep 25, 2021 · Sep 25, 2021
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -3,15 +3,13 @@ name = "snip20-reference-impl"
 version = "0.1.0"
 authors = ["Itzik <[email protected]>"]
 edition = "2018"
-
 exclude = [
   # Those files are rust-optimizer artifacts. You might want to commit them for convenience but they should not be part of the source code publication.
   "contract.wasm",
   "hash.txt",
 ]
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
 [lib]
 crate-type = ["cdylib", "rlib"]
 
@@ -44,10 +42,11 @@ bincode2 = "2.0.1"
 subtle = { version = "2.2.3", default-features = false }
 base64 = "0.12.3"
 hex = "0.4.2"
-
 rand_chacha = { version = "0.2.2", default-features = false }
-rand_core = { version =  "0.5.1", default-features = false }
+rand_core = { version = "0.5.1", default-features = false }
 sha2 = { version = "0.9.1", default-features = false }
+ripemd160 = "0.9.1"
+secp256k1 = "0.19.0"
 
 [dev-dependencies]
 cosmwasm-schema = { version = "0.9.2" }
diff --git a/Makefile b/Makefile
@@ -71,9 +71,9 @@ contract.wasm.gz: contract.wasm
 .PHONY: start-server
 start-server: # CTRL+C to stop
 	docker run -it --rm \
-		-p 26657:26657 -p 26656:26656 -p 1317:1317 \
+		-p 26657:26657 -p 26656:26656 -p 1337:1337 \
 		-v $$(pwd):/root/code \
-		--name secretdev enigmampc/secret-network-sw-dev:v1.0.4-3
+		--name secretdev enigmampc/secret-network-sw-dev:latest
 
 .PHONY: schema
 schema:

diff --git a/src/contract.rs b/src/contract.rs
@@ -5,17 +5,22 @@ use cosmwasm_std::{
     HandleResponse, HumanAddr, InitResponse, Querier, QueryResult, ReadonlyStorage, StdError,
     StdResult, Storage, Uint128,
 };
+use ripemd160::{Digest, Ripemd160};
+use secp256k1::Secp256k1;
+use sha2::Sha256;
 
 use crate::batch;
 use crate::msg::{
     space_pad, ContractStatusLevel, HandleAnswer, HandleMsg, InitMsg, QueryAnswer, QueryMsg,
     ResponseStatus::Success,
 };
+use crate::msg::{Signature, SignedPermit};
 use crate::rand::sha_256;
 use crate::receiver::Snip20ReceiveMsg;
 use crate::state::{
     get_receiver_hash, read_allowance, read_viewing_key, set_receiver_hash, write_allowance,
     write_viewing_key, Balances, Config, Constants, ReadonlyBalances, ReadonlyConfig,
+    QUERY_BALANCE_PERMIT_MSG,
 };
 use crate::transaction_history::{
     get_transfers, get_txs, store_burn, store_deposit, store_mint, store_redeem, store_transfer,
@@ -90,6 +95,7 @@ pub fn init<S: Storage, A: Api, Q: Querier>(
         redeem_is_enabled: init_config.redeem_enabled(),
         mint_is_enabled: init_config.mint_enabled(),
         burn_is_enabled: init_config.burn_enabled(),
+        query_balance_permit_msg: QUERY_BALANCE_PERMIT_MSG.to_string(),
     })?;
     config.set_total_supply(total_supply);
     config.set_contract_status(ContractStatusLevel::NormalRun);
@@ -242,10 +248,103 @@ pub fn query<S: Storage, A: Api, Q: Querier>(deps: &Extern<S, A, Q>, msg: QueryM
         QueryMsg::ContractStatus {} => query_contract_status(&deps.storage),
         QueryMsg::ExchangeRate {} => query_exchange_rate(&deps.storage),
         QueryMsg::Minters { .. } => query_minters(deps),
+        QueryMsg::BalanceWithPermit { signed, signature } => {
+            query_balance_with_permit(deps, signed, signature)
+        }
         _ => authenticated_queries(deps, msg),
     }
 }
 
+fn query_balance_with_permit<S: Storage, A: Api, Q: Querier>(
+    deps: &Extern<S, A, Q>,
+    signed: SignedPermit,
+    signature: Signature,
+) -> Result<Binary, StdError> {
+    if signed.msgs.len() != 1 {
+        return Err(StdError::generic_err(format!(
+            "Must sign exactly 1 permit message, got: {:?}.",
+            signed.msgs.len()
+        )));
+    }
+
+    if signed.msgs[0].r#type != "query_balance_permit" {
+        return Err(StdError::generic_err(format!(
+            "Type must be 'query_balance_permit', got: {:?}.",
+            signed.msgs[0].r#type
+        )));
+    }
+
+    let permit = &signed.msgs[0].value;
+
+    // Validate permit_user_id
+    let _permit_user_id = &permit.permit_user_id;
+    // TODO fail if permit_user_id is revoked
+
+    // Validate permit message
+    let query_balance_permit_msg = ReadonlyConfig::from_storage(&deps.storage)
+        .constants()?
+        .query_balance_permit_msg;
+    if permit.message != query_balance_permit_msg {
+        return Err(StdError::generic_err(format!(
+            "Message must be '{:?}', got: '{:?}'.",
+            query_balance_permit_msg, permit.message
+        )));
+    }
+
+    // Validate that account is derived from pubkey
+    let pubkey = signature.pub_key.value;
+    let account_from_pubkey = deps.api.human_address(&pubkey_to_account(&pubkey))?;
+
+    if account_from_pubkey != permit.query_balance_of {
+        return Err(StdError::generic_err(format!(
+            "Input account {:?} not the same as account {:?} that was derived from pubkey {:?}.",
+            permit.query_balance_of,
+            account_from_pubkey,
+            pubkey.clone()
+        )));
+    }
+
+    // Validate signature, source: https://github.com/enigmampc/SecretNetwork/blob/master/cosmwasm/packages/wasmi-runtime/src/crypto/secp256k1.rs#L49-L82
+    let signed_bytes = &to_binary(&signed)?.0;
+
+    let signed_bytes_hash = Sha256::digest(signed_bytes);
+    let msg = secp256k1::Message::from_slice(signed_bytes_hash.as_slice()).map_err(|err| {
+        StdError::generic_err(format!(
+            "Failed to create a secp256k1 message from signed_bytes: {:?}",
+            err
+        ))
+    })?;
+
+    let verifier = Secp256k1::verification_only();
+
+    // Create `secp256k1`'s types
+    let secp256k1_signature = secp256k1::Signature::from_compact(&signature.signature.0)
+        .map_err(|err| StdError::generic_err(format!("Malformed signature: {:?}", err)))?;
+    let secp256k1_pubkey = secp256k1::PublicKey::from_slice(pubkey.0.as_slice())
+        .map_err(|err| StdError::generic_err(format!("Malformed pubkey: {:?}", err)))?;
+
+    verifier
+        .verify(&msg, &secp256k1_signature, &secp256k1_pubkey)
+        .map_err(|err| {
+            StdError::generic_err(format!(
+                "Failed to verify signatures for the given permit: {:?}",
+                err
+            ))
+        })?;
+
+    let amount = Uint128(
+        ReadonlyBalances::from_storage(&deps.storage)
+            .account_amount(&deps.api.canonical_address(&permit.query_balance_of)?),
+    );
+    to_binary(&QueryAnswer::Balance { amount })
+}
+
+fn pubkey_to_account(pubkey: &Binary) -> CanonicalAddr {
+    let mut hasher = Ripemd160::new();
+    hasher.update(Sha256::digest(&pubkey.0));
+    CanonicalAddr(Binary(hasher.finalize().to_vec()))
+}
+
 pub fn authenticated_queries<S: Storage, A: Api, Q: Querier>(
     deps: &Extern<S, A, Q>,
     msg: QueryMsg,
@@ -327,6 +426,7 @@ fn query_token_info<S: ReadonlyStorage>(storage: &S) -> QueryResult {
         symbol: constants.symbol,
         decimals: constants.decimals,
         total_supply,
+        query_balance_permit_msg: constants.query_balance_permit_msg,
     })
 }
 
@@ -3609,11 +3709,16 @@ mod tests {
                 symbol,
                 decimals,
                 total_supply,
+                query_balance_permit_msg,
             } => {
                 assert_eq!(name, init_name);
                 assert_eq!(symbol, init_symbol);
                 assert_eq!(decimals, init_decimals);
                 assert_eq!(total_supply, Some(Uint128(5000)));
+                assert_eq!(
+                    query_balance_permit_msg,
+                    QUERY_BALANCE_PERMIT_MSG.to_string()
+                );
             }
             _ => panic!("unexpected"),
         }

diff --git a/src/msg.rs b/src/msg.rs
@@ -323,6 +323,10 @@ pub enum QueryMsg {
         address: HumanAddr,
         key: String,
     },
+    BalanceWithPermit {
+        signed: SignedPermit,
+        signature: Signature,
+    },
     TransferHistory {
         address: HumanAddr,
         key: String,
@@ -365,6 +369,7 @@ pub enum QueryAnswer {
         symbol: String,
         decimals: u8,
         total_supply: Option<Uint128>,
+        query_balance_permit_msg: String,
     },
     TokenConfig {
         public_total_supply: bool,
@@ -456,6 +461,72 @@ pub fn space_pad(block_size: usize, message: &mut Vec<u8>) -> &mut Vec<u8> {
     message
 }
 
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+pub struct Signature {
+    pub pub_key: PubKey,
+    pub signature: Binary,
+}
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+pub struct PubKey {
+    /// ignored, but must be "tendermint/PubKeySecp256k1"
+    pub r#type: String,
+    /// Secp256k1 PubKey
+    pub value: Binary,
+}
+
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+// Note: The order of fields in this struct is important for the permit signature verification!
+pub struct SignedPermit {
+    /// ignored
+    pub account_number: Uint128,
+    /// ignored, no Env in query
+    pub chain_id: String,
+    /// ignored
+    pub fee: Fee,
+    /// ignored
+    pub memo: String,
+    /// the signed message
+    pub msgs: Vec<PermitMsg>,
+    /// ignored
+    pub sequence: Uint128,
+}
+
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+// Note: The order of fields in this struct is important for the permit signature verification!
+pub struct Fee {
+    pub amount: Vec<Coin>,
+    pub gas: Uint128,
+}
+
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+// Note: The order of fields in this struct is important for the permit signature verification!
+pub struct Coin {
+    pub amount: Uint128,
+    pub denom: String,
+}
+
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+// Note: The order of fields in this struct is important for the permit signature verification!
+pub struct PermitMsg {
+    pub r#type: String,
+    pub value: PermitContent,
+}
+
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
+#[serde(rename_all = "snake_case")]
+// Note: The order of fields in this struct is important for the permit signature verification!
+pub struct PermitContent {
+    pub message: String,
+    pub permit_user_id: String,
+    pub query_balance_of: HumanAddr,
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;

diff --git a/src/state.rs b/src/state.rs
@@ -28,6 +28,8 @@ pub const PREFIX_ALLOWANCES: &[u8] = b"allowances";
 pub const PREFIX_VIEW_KEY: &[u8] = b"viewingkey";
 pub const PREFIX_RECEIVERS: &[u8] = b"receivers";
 
+pub const QUERY_BALANCE_PERMIT_MSG: &str = "This signature is a permit to query my balance.";
+
 // Config
 
 #[derive(Serialize, Debug, Deserialize, Clone, PartialEq, JsonSchema)]
@@ -47,6 +49,7 @@ pub struct Constants {
     pub mint_is_enabled: bool,
     // is burn enabled
     pub burn_is_enabled: bool,
+    pub query_balance_permit_msg: String,
 }
 
 pub struct ReadonlyConfig<'a, S: ReadonlyStorage> {