feat: added verify uniqueID of certificate (#542)

medibloc · Dec 12, 2022 · 4d043b6 · 4d043b6
1 parent d04fd39
commit 4d043b6
Show file tree

Hide file tree

Showing 7 changed files with 362 additions and 80 deletions.
diff --git a/proto/panacea/datadeal/v2/certificate.proto b/proto/panacea/datadeal/v2/certificate.proto
@@ -15,8 +15,9 @@ message Certificate {
 // UnsignedCertificate defines a certificate information
 message UnsignedCertificate {
     string cid = 1;
-    string oracle_address = 2;
-    uint64 deal_id = 3;
-    string provider_address = 4;
-    string data_hash = 5;
+    string unique_id = 2;
+    string oracle_address = 3;
+    uint64 deal_id = 4;
+    string provider_address = 5;
+    string data_hash = 6;
 }
diff --git a/x/datadeal/keeper/certificate.go b/x/datadeal/keeper/certificate.go
@@ -26,8 +26,8 @@ func (k Keeper) SubmitConsent(ctx sdk.Context, cert *types.Certificate) error {
 		return sdkerrors.Wrapf(types.ErrSubmitConsent, "deal status is not ACTIVE")
 	}
 
-	if k.isProvidedCertificate(ctx, unsignedCert.DealId, unsignedCert.DataHash){
-		return sdkerrors.Wrapf(types.ErrSubmitConsent, "already provided certificate")
+	if err := k.verifyUnsignedCertificate(ctx, unsignedCert); err != nil {
+		return sdkerrors.Wrapf(types.ErrSubmitConsent, err.Error())
 	}
 
 	if err := k.SetCertificate(ctx, cert); err != nil {
@@ -45,6 +45,18 @@ func (k Keeper) SubmitConsent(ctx sdk.Context, cert *types.Certificate) error {
 	return nil
 }
 
+func (k Keeper) verifyUnsignedCertificate(ctx sdk.Context, unsignedCert *types.UnsignedCertificate) error {
+	activeUniqueID := k.oracleKeeper.GetParams(ctx).UniqueId
+	if activeUniqueID != unsignedCert.UniqueId {
+		return fmt.Errorf("does not match active uniqueID. certificateUniqueID(%s) activeUniqueID(%s)", unsignedCert.UniqueId, activeUniqueID)
+	}
+
+	if k.isProvidedCertificate(ctx, unsignedCert.DealId, unsignedCert.DataHash) {
+		return fmt.Errorf("already provided certificate")
+	}
+	return nil
+}
+
 func (k Keeper) isProvidedCertificate(ctx sdk.Context, dealID uint64, dataHash string) bool {
 	store := ctx.KVStore(k.storeKey)
 	return store.Has(types.GetCertificateKey(dealID, dataHash))

diff --git a/x/datadeal/keeper/certificate_test.go b/x/datadeal/keeper/certificate_test.go
@@ -113,6 +113,7 @@ func (suite *certificateTestSuite) TestSubmitConsentSuccess() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          dealID,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -173,6 +174,7 @@ func (suite *certificateTestSuite) TestSubmitConsentChangeStatusComplete() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          dealID,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -227,6 +229,7 @@ func (suite *certificateTestSuite) TestSubmitConsentNotRegisteredOracle() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.providerAccAddr.String(),
 		DealId:          dealID,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -249,7 +252,7 @@ func (suite *certificateTestSuite) TestSubmitConsentNotRegisteredOracle() {
 	suite.Require().ErrorContains(err, fmt.Sprintf("failed to oracle validation. address(%s)", suite.providerAccAddr.String()))
 }
 
-func (suite *certificateTestSuite) TestSubmitConsentNotSameUniqueID() {
+func (suite *certificateTestSuite) TestSubmitConsentNotSameUniqueIDOfOracle() {
 	budgetAmount := uint64(10000)
 	dealID := suite.createSampleDeal(budgetAmount, 1)
 
@@ -258,6 +261,7 @@ func (suite *certificateTestSuite) TestSubmitConsentNotSameUniqueID() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          dealID,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -289,6 +293,7 @@ func (suite *certificateTestSuite) TestSubmitConsentInvalidSignature() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          dealID,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -317,6 +322,7 @@ func (suite *certificateTestSuite) TestSubmitConsentNotExistDeal() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          1,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -344,6 +350,7 @@ func (suite *certificateTestSuite) TestSubmitConsentAlreadyDealStatusComplete()
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          1,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -371,6 +378,7 @@ func (suite *certificateTestSuite) TestSubmitConsentExistSameCertificate() {
 
 	unsignedCert := &types.UnsignedCertificate{
 		Cid:             "cid",
+		UniqueId:        suite.uniqueID,
 		OracleAddress:   suite.oracleAccAddr.String(),
 		DealId:          1,
 		ProviderAddress: suite.providerAccAddr.String(),
@@ -389,5 +397,38 @@ func (suite *certificateTestSuite) TestSubmitConsentExistSameCertificate() {
 	}
 	err = suite.DataDealKeeper.SubmitConsent(suite.Ctx, certificate)
 	suite.Require().ErrorIs(err, types.ErrSubmitConsent)
-	suite.Require().ErrorContains(err, "already provided certificate")
+	suite.Require().ErrorContains(err, "already provided certificate: error while submit consent")
+}
+
+func (suite *certificateTestSuite) TestSubmitConsentNotSameUniqueIDOfCertificate() {
+	budgetAmount := uint64(10000)
+	dealID := suite.createSampleDeal(budgetAmount, 1)
+
+	oracleCommissionRate := sdk.NewDecWithPrec(1, 1) // 10%
+	suite.storeSampleOracle(suite.oracleAccAddr.String(), suite.uniqueID, oracleCommissionRate)
+
+	invalidUniqueID := "invalidUniqueID"
+	unsignedCert := &types.UnsignedCertificate{
+		Cid:             "cid",
+		UniqueId:        invalidUniqueID,
+		OracleAddress:   suite.oracleAccAddr.String(),
+		DealId:          dealID,
+		ProviderAddress: suite.providerAccAddr.String(),
+		DataHash:        suite.dataHash,
+	}
+
+	unsignedCertBz, err := unsignedCert.Marshal()
+	suite.Require().NoError(err)
+
+	sign, err := suite.oraclePrivKey.Sign(unsignedCertBz)
+	suite.Require().NoError(err)
+
+	certificate := &types.Certificate{
+		UnsignedCertificate: unsignedCert,
+		Signature:           sign.Serialize(),
+	}
+
+	err = suite.DataDealKeeper.SubmitConsent(suite.Ctx, certificate)
+	suite.Require().ErrorIs(err, types.ErrSubmitConsent)
+	suite.Require().ErrorContains(err, fmt.Sprintf("does not match active uniqueID. certificateUniqueID(%s) activeUniqueID(%s)", invalidUniqueID, suite.uniqueID))
 }
diff --git a/x/datadeal/types/certificate.go b/x/datadeal/types/certificate.go
@@ -0,0 +1,50 @@
+package types
+
+import (
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+)
+
+func (m *Certificate) ValidateBasic() error {
+	if m.UnsignedCertificate == nil {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "unsignedCertificate is empty")
+	}
+
+	if err := m.UnsignedCertificate.ValidateBasic(); err != nil {
+		return sdkerrors.Wrapf(err, "failed to validation unsignedCertificate")
+	}
+
+	if m.Signature == nil {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "signature is empty")
+	}
+
+	return nil
+}
+
+func (m *UnsignedCertificate) ValidateBasic() error {
+	if len(m.Cid) == 0 {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "cid is empty")
+	}
+
+	if len(m.UniqueId) == 0 {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "uniqueId is empty")
+	}
+
+	if _, err := sdk.AccAddressFromBech32(m.OracleAddress); err != nil {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "oracleAddress is invalid. address: %s, error: %s", m.OracleAddress, err.Error())
+	}
+
+	if m.DealId <= 0 {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "dealId is greater than 0")
+	}
+
+	if _, err := sdk.AccAddressFromBech32(m.ProviderAddress); err != nil {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "providerAddress is invalid. address: %s, error: %s", m.OracleAddress, err.Error())
+	}
+
+	if len(m.DataHash) == 0 {
+		return sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "dataHash is empty")
+	}
+
+	return nil
+}