-
Notifications
You must be signed in to change notification settings - Fork 62
fix(core): reject receiving objects owned by AA accounts #9869
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
miker83z
merged 28 commits into
vm-lang/aa-auth/8805-beta-feature-branch
from
vm-lang/aa-auth/9862-remove-receive-aa-accounts
Jan 26, 2026
Merged
Changes from all commits
Commits
Show all changes
28 commits
Select commit
Hold shift + click to select a range
5de301f
feat(iota-e2e-tests): new test_receiving_gas_in_two_separate_txs test…
Dkwcs 29a8629
ObjectVersionUnavailableForConsumption panic case in the test
Dkwcs a7081c9
refactor(e2e): aa receiving test after rebase
miker83z 5b37980
fix(core): tx input loader rejects receiving objects owned by AA acco…
miker83z abad653
fix(e2e): AA receiving objects tests
miker83z b575c03
fix(move-build): make FnInfoKey unique
miker83z 49a5f4e
feat(core): lock receiving objects at signing time
miker83z 9277a76
feat(e2e): add delayed AA account test
miker83z cecbdde
Revert "feat(core): lock receiving objects at signing time"
miker83z 52017da
Revert "fix(core): tx input loader rejects receiving objects owned by…
miker83z d5d2f3a
feat(native): receive_object_internal aborts if parent is an AA account
miker83z 0790063
fix(e2e): update tests to support receive_object_internal execution f…
miker83z 362bd89
feat(aa): account can only be created from a fresh object (not passed…
miker83z e615feb
fix(snapshots)
miker83z b63f930
temporarely remove fresh_id check
miker83z db0e397
fix(e2e): update receiving tests
miker83z e48c157
Revert "temporarely remove fresh_id check"
miker83z 640e223
Revert "fix(snapshots)"
miker83z 91b9539
Revert "feat(aa): account can only be created from a fresh object (no…
miker83z f9c113a
fix(native): add move_auth flag check in receive_object_internal
miker83z 37ad2a8
feat(protocol): bump transfer_receive_object_cost_base to 100
miker83z ae68a72
fix(e2e): update aa tests
miker83z dab65e1
fix(e2e): update comments
miker83z 8d4395e
fix(adapter-tx-tests): update receiving object snap
miker83z 6b5a516
fix(e2e): typo
miker83z f51894e
update snapshots
miker83z 6d652da
Merge branch 'vm-lang/aa-auth/8805-beta-feature-branch' into vm-lang/…
miker83z 20442a7
fix(iota): use local framework for example test
miker83z File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
129 changes: 129 additions & 0 deletions
129
...ota-e2e-tests/tests/abstract_account/abstract_account/sources/abstract_account_keyed.move
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,129 @@ | ||
| // Copyright (c) 2025 IOTA Stiftung | ||
| // SPDX-License-Identifier: Apache-2.0 | ||
|
|
||
| module abstract_account::abstract_account_keyed; | ||
|
|
||
| use abstract_account::abstract_account::{Self, AbstractAccount}; | ||
| use abstract_account::basic_keyed_aa; | ||
| use iota::auth_context::AuthContext; | ||
| use iota::authenticator_function::AuthenticatorFunctionRefV1; | ||
|
|
||
| // === Errors === | ||
|
|
||
| // === Constants === | ||
|
|
||
| // === Structs === | ||
|
|
||
| // === Events === | ||
|
|
||
| // === Method Aliases === | ||
|
|
||
| // === Public Functions === | ||
|
|
||
| /// Creates a new `AbstractAccount` as a shared object with the given authenticator. | ||
| /// | ||
| /// `authenticator` is expected to have a signature like the following: | ||
| /// | ||
| /// public fun authenticate(self: &AbstractAccount, signature: vector<u8>, _: &AuthContext, _: &TxContext) { ... } | ||
| /// | ||
| /// to allow to verify the `signature` parameter against the public key stored in the account. | ||
| /// | ||
| /// There are several ready-made authenticators available in this module: | ||
| /// - `authenticate_ed25519` | ||
| /// - `authenticate_secp256k1` | ||
| /// - `authenticate_secp256r1` | ||
| public fun create( | ||
| public_key: vector<u8>, | ||
| authenticator: AuthenticatorFunctionRefV1<AbstractAccount>, | ||
| ctx: &mut TxContext, | ||
| ) { | ||
| abstract_account::builder(authenticator, ctx) | ||
| .add_dynamic_field(basic_keyed_aa::owner_public_key(), public_key) | ||
| .build(); | ||
| } | ||
|
|
||
| /// Rotates the account owner public key to a new one as well as the authenticator. | ||
| /// Once this function is called, the previous public key and authenticator are no longer valid. | ||
| /// Only the account itself can call this function. | ||
| public fun rotate_public_key( | ||
| account: &mut AbstractAccount, | ||
| public_key: vector<u8>, | ||
| authenticator: AuthenticatorFunctionRefV1<AbstractAccount>, | ||
| ctx: &TxContext, | ||
| ) { | ||
| // Update the account owner public key dynamic field. It is expected that the field already exists. | ||
| account.replace_field(basic_keyed_aa::owner_public_key(), public_key, ctx); | ||
|
|
||
| // Update the account authenticator dynamic field. It is expected that the field already exists. | ||
| account.rotate_auth_function_ref_v1(authenticator, ctx); | ||
| } | ||
|
|
||
| /// Ed25519 signature authenticator. | ||
| #[authenticator] | ||
| public fun authenticate_ed25519( | ||
| account: &AbstractAccount, | ||
| signature: vector<u8>, | ||
| actx: &AuthContext, | ||
| ctx: &TxContext, | ||
| ) { | ||
| // Check the signature. | ||
| basic_keyed_aa::authenticate_ed25519( | ||
| &signature, | ||
| borrow_public_key(account), | ||
| actx, | ||
| ctx, | ||
| ); | ||
| } | ||
|
|
||
| /// Secp256k1 signature authenticator. | ||
| #[authenticator] | ||
| public fun authenticate_secp256k1( | ||
| account: &AbstractAccount, | ||
| signature: vector<u8>, | ||
| actx: &AuthContext, | ||
| ctx: &TxContext, | ||
| ) { | ||
| // Check the signature. | ||
| basic_keyed_aa::authenticate_secp256k1( | ||
| &signature, | ||
| borrow_public_key(account), | ||
| actx, | ||
| ctx, | ||
| ); | ||
| } | ||
|
|
||
| /// Secp256r1 signature authenticator. | ||
| #[authenticator] | ||
| public fun authenticate_secp256r1( | ||
| account: &AbstractAccount, | ||
| signature: vector<u8>, | ||
| actx: &AuthContext, | ||
| ctx: &TxContext, | ||
| ) { | ||
| // Check the signature. | ||
| basic_keyed_aa::authenticate_secp256r1( | ||
| &signature, | ||
| borrow_public_key(account), | ||
| actx, | ||
| ctx, | ||
| ); | ||
| } | ||
|
|
||
| /// Free access, do nothing. | ||
| #[authenticator] | ||
| public fun authenticate_free_access(_: &AbstractAccount, _: &AuthContext, _: &TxContext) {} | ||
|
|
||
| // === View Functions === | ||
|
|
||
| /// An utility function to borrow the account-related public key. | ||
| public fun borrow_public_key(account: &AbstractAccount): &vector<u8> { | ||
| account.borrow_field(basic_keyed_aa::owner_public_key()) | ||
| } | ||
|
|
||
| // === Admin Functions === | ||
|
|
||
| // === Package Functions === | ||
|
|
||
| // === Private Functions === | ||
|
|
||
| // === Test Functions === |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this error explain the receiving case enough?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, but that's the only one we could obtain through a native function I guess.