Merge pull request #118 from kommitters/v0.13

Release v0.13.0

.github/workflows/cd.yml

@@ -13,13 +13,13 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        otp: ["24"]
+        otp: ["24.3.4.9"]
         elixir: ["1.14.0"]
     env:
       HEX_API_KEY: ${{ secrets.HEX_API_KEY }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 # v2.1.0
+        uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -28,12 +28,12 @@ jobs:
             hex.pm:443
             repo.hex.pm:443
 
-      - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
       - uses: erlef/setup-beam@61e01a43a562a89bfc54c7f9a378ff67b03e4a21 # v1.16.0
         with:
           otp-version: ${{ matrix.otp }}
           elixir-version: ${{ matrix.elixir }}
-      - uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
         with:
           path: deps
           key: ${{ runner.os }}-mix-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}

.github/workflows/ci.yml

@@ -16,13 +16,13 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        otp: ["24"]
+        otp: ["24.3.4.9"]
         elixir: ["1.14.0"]
     env:
       MIX_ENV: test
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 # v2.1.0
+        uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -31,13 +31,13 @@ jobs:
             github.com:443
             repo.hex.pm:443
 
-      - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
       - uses: erlef/setup-beam@61e01a43a562a89bfc54c7f9a378ff67b03e4a21 # v1.16.0
         id: beam
         with:
           otp-version: "24"
           elixir-version: "1.14.0"
-      - uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
         with:
           path: deps
           key: ${{ runner.os }}-mix-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}
@@ -48,7 +48,7 @@ jobs:
       - name: Check Formatting
         run: mix format --check-formatted
       - name: Restore PLT cache
-        uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
+        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
         id: plt_cache
         with:
           key: |
@@ -75,7 +75,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 # v2.1.0
+        uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
         with:
           disable-sudo: true
           egress-policy: block

.github/workflows/scorecards.yml

@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 # v2.1.0
+        uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -31,18 +31,18 @@ jobs:
             api.osv.dev:443
             api.securityscorecards.dev:443
             bestpractices.coreinfrastructure.org:443
-            fulcio.sigstore.dev:443
+            *.sigstore.dev:443
             github.com:443
-            rekor.sigstore.dev:443
             sigstore-tuf-root.storage.googleapis.com:443
+            oss-fuzz-build-logs.storage.googleapis.com:443
 
       - name: "Checkout code"
-        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -69,6 +69,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@3ebbd71c74ef574dbc558c82f70e52732c8b44fe # v2.2.1
+        uses: github/codeql-action/upload-sarif@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3
         with:
           sarif_file: results.sarif

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## 0.13.0 (08.08.2023)
+
+- [Allow invocation with invoker authorization](https://github.com/kommitters/soroban.ex/issues/103).
+- [Add BumpFootprintExpiration operation](https://github.com/kommitters/soroban.ex/issues/104).
+- [Add RestoreFootprint operation](https://github.com/kommitters/soroban.ex/issues/105).
+- Allow to use simulate tx in contract functions invocation.
+- Update all dependencies.
+
 ## 0.12.0 (28.07.2023)
 
 - [Soroban Preview 10 support: Enable key use cases for deployment and invocation](https://github.com/kommitters/soroban.ex/issues/102).

README.md

@@ -19,7 +19,7 @@
 ```elixir
 def deps do
   [
-    {:soroban, "~> 0.12.0"}
+    {:soroban, "~> 0.13.0"}
   ]
 end
 ```
@@ -535,25 +535,35 @@ Contract.invoke(contract_address, source_secret_key, function_name, function_arg
 - When the function invoker is not the function authorizer.
 
   > **Note**
-  > The support for this use case is currently in progress in the Stellar SDK.
+  > This operation will not succeed if one of the `auth_secret_keys` is the same as the `source_secret_key`, because the simulate_transaction will return that auth as a `SOROBAN_CREDENTIALS_SOURCE_ACCOUNT` type.
 
   ```elixir
   alias Soroban.Contract
   alias Soroban.Types.{Address, Int128}
 
-  contract_address = "CD3HNKU3ERTEYLBBBVTSOYE4ZL2ZWV7NHLQIZRRKC4CBNMZXC7ISBXHV"
+  contract_address = "CD43KXYLGORRXFATEUD3OKOQG4PIKLFL55FRETM3CPHI2WUF2NMFIEUM"
   source_secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
   function_name = "swap"
 
   function_args = [
     Address.new("GDEU46HFMHBHCSFA3K336I3MJSBZCWVI3LUGSNL6AF2BW2Q2XR7NNAPM"),
+    Address.new("GDAH3LPNC32U2HLJ4UKDSG2HSJN65XTMZKAZII4Z4NOAFFWJTI2PUN5W"),
     Int128.new(100),
     Int128.new(4500)
   ]
 
-  auth_secret_key = "SCAVFA3PI3MJLTQNMXOUNBSEUOSY66YMG3T2KCQKLQBENNVLVKNPV3EK"
+  auth_secret_keys = [
+    "SCAVFA3PI3MJLTQNMXOUNBSEUOSY66YMG3T2KCQKLQBENNVLVKNPV3EK",
+    "SDLOYUOMX67YX6NK7TZLWTGYU3V4FIEBL5RFRX36EYDZ4OM46VSJXV7C"
+  ]
 
-  Contract.invoke(contract_address, source_secret_key, function_name, function_args, auth_secret_key)
+  Contract.invoke(
+    contract_address,
+    source_secret_key,
+    function_name,
+    function_args,
+    auth_secret_keys
+  )
 
   {:ok,
     %Soroban.RPC.SendTransactionResponse{
@@ -658,6 +668,207 @@ secret_key = "SCA..."
 
 ```
 
+#### BumpFootprint operation
+
+##### Bump contract
+
+Extends a contract instance lifetime.
+
+**Parameters**
+
+- `contract_address`: Identifier of the contract to be bumped, encoded as `StrKey`.
+- `source_secret_key`: Secret key of the function invoker responsible for signing the transaction.
+- `ledgers_to_bump`: The number of ledgers wanted to extend the contract lifetime.
+
+```elixir
+alias Soroban.Contract
+alias Soroban.RPC.SendTransactionResponse
+
+contract_address = "CD43KXYLGORRXFATEUD3OKOQG4PIKLFL55FRETM3CPHI2WUF2NMFIEUM"
+secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
+ledgers_to_bump = 100_000
+
+{:ok, %SendTransactionResponse{hash: hash}} =
+  Contract.bump_contract(contract_address, secret_key, ledgers_to_bump)
+
+{:ok,
+ %Soroban.RPC.SendTransactionResponse{
+   status: "PENDING",
+   hash: "2f6f...",
+   latest_ledger: "279954",
+   latest_ledger_close_time: "1691441432",
+   error_result_xdr: nil
+}}
+
+```
+
+##### Bump contract wasm
+
+Extends the lifetime of a contract's uploaded wasm code.
+
+**Parameters**
+
+- `wasm_id`: Binary identification of an uploaded contract.
+- `source_secret_key`: Secret key of the function invoker responsible for signing the transaction.
+- `ledgers_to_bump`: The number of ledgers wanted to extend the wasm lifetime.
+
+```elixir
+alias Soroban.Contract
+alias Soroban.RPC.SendTransactionResponse
+
+wasm_id = "067eb7ba419edd3e946e08eb17a81fbe1e850e690ed7692160875c2b65b45f21"
+secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
+ledgers_to_bump = 100_000
+
+{:ok, %SendTransactionResponse{hash: hash}} =
+  Contract.bump_contract_wasm(wasm_id, secret_key, ledgers_to_bump)
+
+{:ok,
+ %Soroban.RPC.SendTransactionResponse{
+   status: "PENDING",
+   hash: "2f6f...",
+   latest_ledger: "279954",
+   latest_ledger_close_time: "1691441432",
+   error_result_xdr: nil
+}}
+
+```
+
+##### Bump contract keys
+
+Extends the lifetime of a contract's data entry keys.
+
+**Parameters**
+
+- `contract_address`: Identifier of the contract to be bumped, encoded as `StrKey`.
+- `source_secret_key`: Secret key of the function invoker responsible for signing the transaction.
+- `ledgers_to_bump`: The number of ledgers wanted to extend the contract lifetime.
+- `keys`: A list of tuples indicating the durability and the name of the data entry, to increase its lifetime.
+  - `durability`: Allowed types `:persistent`, `:temporary`
+  - `data entry`: Any `String` that is 32 characters or less.
+
+```elixir
+alias Soroban.Contract
+alias Soroban.RPC.SendTransactionResponse
+
+contract_address = "CD43KXYLGORRXFATEUD3OKOQG4PIKLFL55FRETM3CPHI2WUF2NMFIEUM"
+secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
+ledgers_to_bump = 100_000
+keys =  [{:persistent, "Prst"}, {:temporary, "Tmp"}]
+
+{:ok, %SendTransactionResponse{hash: hash}} =
+  Contract.bump_contract_keys(contract_address, secret_key, ledgers_to_bump, keys)
+
+{:ok,
+ %Soroban.RPC.SendTransactionResponse{
+   status: "PENDING",
+   hash: "2f6f...",
+   latest_ledger: "279954",
+   latest_ledger_close_time: "1691441432",
+   error_result_xdr: nil
+}}
+
+```
+
+#### RestoreFootprint operation
+
+##### Restore contract
+
+Restores a contract instance.
+
+**Parameters**
+
+- `contract_address`: Identifier of the contract to be restored, encoded as `StrKey`.
+- `source_secret_key`: Secret key of the function invoker responsible for signing the transaction.
+
+```elixir
+alias Soroban.Contract
+alias Soroban.RPC.SendTransactionResponse
+
+contract_address = "CD43KXYLGORRXFATEUD3OKOQG4PIKLFL55FRETM3CPHI2WUF2NMFIEUM"
+secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
+
+{:ok, %SendTransactionResponse{hash: hash}} =
+  Contract.restore_contract(contract_address, secret_key)
+
+{:ok,
+ %Soroban.RPC.SendTransactionResponse{
+   status: "PENDING",
+   hash: "eedb...",
+   latest_ledger: "295506",
+   latest_ledger_close_time: "1691523150",
+   error_result_xdr: nil
+ }}
+
+```
+
+##### Restore contract wasm
+
+Restores a contract uploaded wasm code.
+
+> **Note**: When restoring a contract wasm make sure the contract wasn't re-uploaded, because the transaction could succeed but, since the `wasm_id` changed, the restored one will continue not working.
+
+**Parameters**
+
+- `wasm_id`: Binary identification of an uploaded contract.
+- `source_secret_key`: Secret key of the function invoker responsible for signing the transaction.
+
+```elixir
+alias Soroban.Contract
+alias Soroban.RPC.SendTransactionResponse
+
+wasm_id = "067eb7ba419edd3e946e08eb17a81fbe1e850e690ed7692160875c2b65b45f21"
+secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
+
+{:ok, %SendTransactionResponse{hash: hash}} = Contract.restore_contract_wasm(wasm_id, secret_key)
+
+{:ok,
+ %Soroban.RPC.SendTransactionResponse{
+   status: "PENDING",
+   hash: "eedb...",
+   latest_ledger: "295508",
+   latest_ledger_close_time: "1691523689",
+   error_result_xdr: nil
+ }}
+
+```
+
+##### Restore contract keys
+
+Restore contract's data entry keys.
+
+> **Note**: Only `persistent` data entries are allowed because temporary entries cannot be restored as they are permanently deleted when they expire.
+
+**Parameters**
+
+- `contract_address`: Identifier of the contract to be restored, encoded as `StrKey`.
+- `source_secret_key`: Secret key of the function invoker responsible for signing the transaction.
+- `keys`: A keyword list indicating the durability and the name of the data entry, to restore.
+  - `durability`: Allowed types `:persistent`
+  - `data entry`: Any `String` that is 32 characters or less.
+
+```elixir
+alias Soroban.Contract
+alias Soroban.RPC.SendTransactionResponse
+
+contract_address = "CD43KXYLGORRXFATEUD3OKOQG4PIKLFL55FRETM3CPHI2WUF2NMFIEUM"
+secret_key = "SDRD4CSRGPWUIPRDS5O3CJBNJME5XVGWNI677MZDD4OD2ZL2R6K5IQ24"
+keys =  [persistent: ["Prst"]]
+
+{:ok, %SendTransactionResponse{hash: hash}} =
+  Contract.restore_contract_keys(contract_address, secret_key, keys)
+
+{:ok,
+ %Soroban.RPC.SendTransactionResponse{
+   status: "PENDING",
+   hash: "0521...",
+   latest_ledger: "295768",
+   latest_ledger_close_time: "1691524532",
+   error_result_xdr: nil
+ }}
+
+```
+
 ### Retrieve unsigned Transaction Envelope XDR
 
 In order to facilitate seamless integration with wallets, we have developed functions that enable the retrieval of the unsigned Transaction Envelope XDR for each type of interaction with contracts: invocation, upload, and deployment.