Skip to content

feat(verifier): make the authenticate function force the entry modifier #9368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: vm-lang/aa-auth/8861-runtime-package-metadata
Choose a base branch
from
Open

feat(verifier): make the authenticate function force the entry modifier #9368

wants to merge 2 commits into from

Conversation

@miker83z
Copy link
Contributor

@miker83z miker83z commented Nov 20, 2025

Description of change

  • Changed the entry functions verifier check to support AuthContext as the second to last parameter. This might be a reason for an execution CUT.
  • Changed the check of authenticate functions to only support (public and private) entry functions. Now it only need to check that params are not receiving and are either primitive types or immutable references.

Links to any relevant issues

Fixes #9364

How the change has been tested

  • Basic tests (linting, compilation, formatting, unit/integration tests)
  • Patch-specific tests (correctness, functionality coverage)
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that new and existing unit tests pass locally with my changes

@miker83z miker83z requested review from Dkwcs and valeriyr November 20, 2025 17:16
@miker83z miker83z requested review from a team as code owners November 20, 2025 17:16
@vercel
Copy link

vercel bot commented Nov 20, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

6 Skipped Deployments
Project Deployment Preview Comments Updated (UTC)
apps-backend Ignored Ignored Preview Nov 20, 2025 5:36pm
apps-ui-kit Ignored Ignored Preview Nov 20, 2025 5:36pm
iota-evm-bridge Ignored Ignored Preview Nov 20, 2025 5:36pm
iota-multisig-toolkit Ignored Ignored Preview Nov 20, 2025 5:36pm
rebased-explorer Ignored Ignored Preview Nov 20, 2025 5:36pm
wallet-dashboard Ignored Ignored Preview Nov 20, 2025 5:36pm

@iota-ci iota-ci added sc-platform Issues related to the Smart Contract Platform group. vm-language Issues related to the VM & Language Team labels Nov 20, 2025
@miker83z miker83z removed request for a team November 20, 2025 17:17
@miker83z miker83z linked an issue Nov 20, 2025 that may be closed by this pull request
[AA] Make the authenticate function an entry function #9364
Open
@Dkwcs
Copy link
Contributor

Dkwcs commented Nov 21, 2025

Should this PR also include iota-adapter-transcational-tests update?

Dkwcs
Dkwcs reviewed Nov 21, 2025
View reviewed changes
crates/iota-e2e-tests/tests/abstract_account/authenticate/sources/option.move
_auth_ctx: &AuthContext,
_ctx: &TxContext,
) {}
// FAIL Invalid 'entry' parameter type
Copy link
Contributor

@Dkwcs Dkwcs Nov 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does it fail? Because of Option arg?

Dkwcs
Dkwcs reviewed Nov 21, 2025
View reviewed changes
iota-execution/latest/iota-verifier/src/authenticator_verifier.rs
} else {
Err(format!(
"Invalid pure type. A datatype instantiation must be an option of pure types, offending argument: {param:?}"
"Invalid parameter type for authenticate function: {}. Valid types are immutable references to anything but receiving objects, or primitive types.",
Copy link
Contributor

@Dkwcs Dkwcs Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Extremely minor notice - do we need comma before but.
Alternately I would rephrase it to Invalid parameter type for authenticate function: {}. Valid types are immutable references to anything, except receiving objects, or primitive types

The same notice for the error message above

Dkwcs
Dkwcs reviewed Nov 21, 2025
View reviewed changes
iota-execution/latest/iota-verifier/src/entry_points_verifier.rs
let handle = view.function_handle_at(func_def.function);
let params = view.signature_at(handle.parameters);

let all_non_ctx_params = match params.0.last() {
Copy link
Contributor

@Dkwcs Dkwcs Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest simplified version of these checks.

  1. Removing inner match
  2. Less manual indexing
  3. A bit more structured
Suggested change
let all_non_ctx_params = match params.0.last() {
let all_non_ctx_params = match params.0.last() {
Some(last_param) if TxContext::kind(view, last_param) != TxContextKind::None => {
let mut non_ctx_params = &params.0[..params.0.len() - 1];
if let Some((second_last, rest)) = non_ctx_params.split_last() {
if AuthContext::kind(view, second_last) != AuthContextKind::None {
non_ctx_params = rest;
}
}
non_ctx_params
}
_ => &params.0[..],
};

valeriyr
valeriyr reviewed Nov 21, 2025
View reviewed changes
crates/iota-e2e-tests/tests/abstract_account/authenticate/sources/vector.move
Comment on lines +8 to +11
// Test account struct
public struct Account has key {
id: UID,
}
Copy link
Contributor

@valeriyr valeriyr Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the reason to duplicate this type everywhere?
It is not really important for these tests; can be declared only once.

crates/iota-e2e-tests/tests/abstract_account/authenticate/sources/object.move
Comment on lines -24 to 47
// FAIL
#[allow(lint(share_owned))]
public fun by_value(_account: &Account, object: Object, _auth_ctx: &AuthContext, _ctx: &TxContext) {
transfer::public_share_object(object);
//#[authenticator]
public entry fun by_value(
_account: &Account,
object: Object,
_actx: &AuthContext,
_ctx: &TxContext,
) {
let Object { id } = object;
object::delete(id);
}

// FAIL
public fun by_mutable_ref(
//#[authenticator]
public entry fun by_mutable_ref(
_account: &Account,
_object: &mut Object,
_auth_ctx: &AuthContext,
_actx: &AuthContext,
_ctx: &TxContext,
) {}
Copy link
Contributor

@valeriyr valeriyr Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure that I see the reason for having these tests anymore.
If we just comment some use cases, comment the #[authenticator] attribute. We check only positive ones that don't fail.
Are we going to create a test for each failed case later?

external-crates/move/crates/move-compiler/src/iota_mode/typing.rs
let all_non_ctx_parameters = match parameters.last() {
Some((_, _, last_param_ty)) if tx_context_kind(last_param_ty) != TxContextKind::None => {
&parameters[0..parameters.len() - 1]
let params_without_tx_ctx = &parameters[0..parameters.len() - 1];
Copy link
Contributor

@valeriyr valeriyr Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to check AuthContext on the compiler level?
Can it be considered as a simple object parameter by the compiler?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@valeriyr valeriyr valeriyr left review comments

@Dkwcs Dkwcs Dkwcs left review comments

Assignees

No one assigned

Labels

sc-platform Issues related to the Smart Contract Platform group. vm-language Issues related to the VM & Language Team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[AA] Make the authenticate function an entry function

5 participants

@miker83z @Dkwcs @valeriyr @iota-ci