oasysgames · Tsuyoshi-Ishikawa · Feb 10, 2023 · Feb 10, 2023 · Feb 15, 2023 · Feb 15, 2023
diff --git a/README.md b/README.md
@@ -243,6 +243,59 @@ export const getTxAllowList = (): Array<TransactionAllow> => {
 |  lt  |  txValue < condition is allowed  |
 |  lte  |  txValue <= condition is allowed  |
 
+#### Contract(Option)
+You cant restrict to transact contract method.
+
+```typescript
+// everyone can only transact to greet and setGreeting to 0x5FbDB2315678afecb367f032d93F642f64180aa3
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['0x5FbDB2315678afecb367f032d93F642f64180aa3'],
+      contractList: [
+        'greet',
+        'setGreeting(string)',
+      ],
+    },
+  ];
+};
+// everyone can only transact to greet and setGreeting to 0x5FbDB2315678afecb367f032d93F642f64180aa3 and 0x5FbDB2315678afecb367f032d93F642f64180aa4
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['0x5FbDB2315678afecb367f032d93F642f64180aa3', '0x5FbDB2315678afecb367f032d93F642f64180aa4'],
+      contractList: [
+        'greet',
+        'setGreeting(string)',
+      ],
+    },
+  ];
+};
+```
+
+```typescript
+// if contractList is [], all transaction is allowed.
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['0x5FbDB2315678afecb367f032d93F642f64180aa3'],
+      contractList: [],
+    },
+  ];
+};
+```
+
+#### Webhook(Option)
+You can add webhook setting that execute your original transaction restriction in another environment.
+
+This setting allows you to post a request to a specified location before executing a transaction.
+You can then use that request to implement your own request control.
+
+If you set webhook restriction, follow [Webhook](https://github.com/oasysgames/verse-proxy/blob/master/docs/Webhook.md)
+
 #### Transaction access rate limit(Option)
 If you set transaction access rate limit, follow [Transaction access rate limit](/docs/RateLimit.md)
 

diff --git a/docs/Webhook.md b/docs/Webhook.md
@@ -0,0 +1,169 @@
+# Webhook
+You can add webhook setting that execute your original transaction restriction in another environment.
+
+This setting allows you to post a request to a specified location before executing a transaction.
+You can then use that request to implement your own request control.
+
+| key  |  description  | Required |
+| ---- | ---- | ---- |
+|  url  | Your restriction webhook url  | O |
+|  headers  |  Information that you want to send to webhook(described later) as http_header | X |
+|  timeout  |  Webhook request timeout(ms)  | O |
+|  retry  |   Webhook request retry times  | O |
+|  parse  | Whether to parse tx in the proxy(described later) | O |
+
+```typescript
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['*'],
+      webhooks: [
+        {
+          url: 'https://localhost:8080',
+          headers: {
+            Authorization: 'Bearer xxxxxxxx',
+          },
+          timeout: 1000, // 1000 is 1 second.
+          retry: 3,
+          parse: false,
+        },
+      ],
+    },
+  ];
+};
+// You can set multiple webhook to `webhooks`.
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['*'],
+      webhooks: [
+        {
+          url: 'https://localhost:8080',
+          headers: {
+            Authorization: 'Bearer xxxxxxxx',
+          },
+          timeout: 1000, // 1000 is 1 second.
+          retry: 3,
+          parse: false,
+        },
+        {
+          url: 'https://localhost:8000',
+          timeout: 1000, // 1000 is 1 second.
+          retry: 3,
+          parse: false,
+        },
+      ],
+    },
+  ];
+};
+```
+
+Webhook Request body patterns are following.
+
+| Body key  |  Description  |
+| ---- | ---- |
+|  _meta.ip  |  client ip address  |
+|  _meta.headers.host  |  jsonrpc host  |
+|  _meta.headers.user-agent  |  client user agent  |
+| * | transaction data is set in body according to parse setting.
+
+
+
+In case that header is not set and parse setting is false
+```typescript
+// src/config/transactionAllowList.ts
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['*'],
+      webhooks: [
+        {
+          url: 'https://rpc.sandverse.oasys.games/',
+          headers: { 
+            host: 'rpc.sandverse.oasys.games',
+            Authorization: 'Bearer xxxxxxxx',
+          },
+          timeout: 1000,
+          retry: 3,
+          parse: false,
+        },
+      ],
+    },
+  ];
+};
+```
+
+```typescript
+{
+  // jsonrpc body is set
+  method: 'eth_sendRawTransaction',
+  params: [
+    '0xf8c62780826b23945fbdb2315678afecb367f032d93f642f64180aa380b864a41368620000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000568656c6c6f000000000000000000000000000000000000000000000000000000829deda02c108533361ec243ad0d7f88c07165327c1b14ec64565edbbd50d7193399f0b8a071de69bb3d7cd3aa8697c0a459b2ccc29401d715135cb8a34d2d703b7cd77f47'
+  ],
+  id: 56,
+  jsonrpc: '2.0',
+  // meta is client information
+  _meta: {
+    ip: '::1',
+    headers: {
+      host: 'localhost:3001',
+      'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36'
+    }
+  }
+}
+```
+
+In case that header is set Authorization and parse setting is true
+```typescript
+// src/config/transactionAllowList.ts
+export const getTxAllowList = (): Array<TransactionAllow> => {
+  return [
+    {
+      fromList: ['*'],
+      toList: ['*'],
+      webhooks: [
+        {
+          url: 'https://rpc.sandverse.oasys.games/',
+          headers: {
+            host: 'rpc.sandverse.oasys.games',
+            Authorization: 'Bearer xxxxxxxx',
+          },
+          timeout: 1000,
+          retry: 3,
+          parse: true,
+        },
+      ],
+    },
+  ];
+};
+```
+
+```typescript
+{
+  // parsed jsonrpc body is set
+  nonce: 40,
+  gasPrice: BigNumber { _hex: '0x00', _isBigNumber: true },
+  gasLimit: BigNumber { _hex: '0x6b23', _isBigNumber: true },
+  to: '0x5FbDB2315678afecb367f032d93F642f64180aa3',
+  value: BigNumber { _hex: '0x00', _isBigNumber: true },
+  data: '0xa41368620000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000568656c6c6f000000000000000000000000000000000000000000000000000000',
+  chainId: 20197,
+  v: 40429,
+  r: '0x8a5a8f761bd45ba475b6b2a535a6d1a4d0941b657269b91ab19467e8a9d9d195',
+  s: '0x11c0fb7057f3e18a6e01c324ff8a084abd369acc5289ab586c7f13b4ae88933d',
+  from: '0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266',
+  hash: '0x159625a3df0467d5be60adf105dfc5626294434f45d7f6ce4aeefbee9cedf383',
+  type: null,
+  // meta is client information
+  _meta: {
+    ip: '::1',
+    headers: {
+      host: 'localhost:3001',
+      'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36'
+    }
+  }
+}
+```
diff --git a/src/app.module.ts b/src/app.module.ts
@@ -8,6 +8,7 @@ import {
   VerseService,
   AllowCheckService,
   TypeCheckService,
+  WebhookService,
   RateLimitService,
 } from './services';
 import { DatastoreService } from './repositories';
@@ -28,6 +29,7 @@ import configuration from './config/configuration';
     ProxyService,
     AllowCheckService,
     TypeCheckService,
+    WebhookService,
     DatastoreService,
     RateLimitService,
   ],

diff --git a/src/config/transactionAllowList.ts b/src/config/transactionAllowList.ts
@@ -7,6 +7,16 @@ export interface ComparisonOperation {
   lte?: string; // txValue <= condition is allowed
 }
 
+export interface Webhook {
+  url: string;
+  headers: {
+    [name: string]: string;
+    host: string;
+  };
+  timeout: number;
+  retry: number;
+  parse: boolean;
+}
 export interface RateLimit {
   name: string;
   perFrom?: boolean;
@@ -20,6 +30,8 @@ export interface TransactionAllow {
   fromList: Array<string>;
   toList: Array<string>;
   value?: ComparisonOperation;
+  contractMethodList?: string[];
+  webhooks?: Array<Webhook>;
   rateLimit?: RateLimit;
 }
 

diff --git a/src/controllers/__tests__/proxy.controller.spec.ts b/src/controllers/__tests__/proxy.controller.spec.ts
@@ -8,6 +8,7 @@ import {
   ProxyService,
   AllowCheckService,
   TypeCheckService,
+  WebhookService,
   RateLimitService,
 } from 'src/services';
 import { ProxyController } from 'src/controllers';
@@ -28,6 +29,7 @@ describe('ProxyController', () => {
         VerseService,
         TransactionService,
         AllowCheckService,
+        WebhookService,
         TypeCheckService,
         ProxyService,
         RateLimitService,

diff --git a/src/controllers/proxy.controller.ts b/src/controllers/proxy.controller.ts
@@ -5,6 +5,7 @@ import {
   Body,
   ForbiddenException,
   Res,
+  Ip,
 } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { IncomingHttpHeaders } from 'http';

diff --git a/src/entities/Webhook.ts b/src/entities/Webhook.ts
@@ -0,0 +1,8 @@
+import { Transaction } from 'ethers';
+import { JsonrpcRequestBody, RequestContext } from 'src/entities';
+
+export interface WebhookTransferData {
+  requestContext: RequestContext;
+  body: JsonrpcRequestBody;
+  tx: Transaction;
+}
diff --git a/src/entities/index.ts b/src/entities/index.ts
@@ -1,5 +1,7 @@
+export * from './Request';
 export * from './TransactionParam';
 export * from './Jsonrpc';
 export * from './Verse';
+export * from './Webhook';
 export * from './Error';
 export * from './Request';
diff --git a/src/services/__tests__/allowCheck.service.spec.ts b/src/services/__tests__/allowCheck.service.spec.ts
@@ -172,6 +172,56 @@ describe('isIncludedAddress', () => {
   });
 });
 
+describe('isAllowedContractMethod', () => {
+  const allowCheckService = new AllowCheckService();
+  test('contractMethodList is undefined', () => {
+    const contractMethodList = undefined;
+    const methodId = '0x095ea7b3'; // approve(address,uint256)
+
+    const result = allowCheckService.isAllowedContractMethod(
+      contractMethodList,
+      methodId,
+    );
+    expect(result).toBe(true);
+  });
+
+  test('contractMethodList is empty array', () => {
+    const contractMethodList: string[] = [];
+    const methodId = '0x095ea7b3'; // approve(address,uint256)
+
+    const result = allowCheckService.isAllowedContractMethod(
+      contractMethodList,
+      methodId,
+    );
+    expect(result).toBe(true);
+  });
+
+  test('allowedMethod is not in contractMethodList', () => {
+    const contractMethodList = ['transfer(address,uint256)'];
+    const methodId = '0x095ea7b3'; // approve(address,uint256)
+
+    const result = allowCheckService.isAllowedContractMethod(
+      contractMethodList,
+      methodId,
+    );
+    expect(result).toBe(false);
+  });
+
+  test('allowedMethod is in contractMethodList', () => {
+    const contractMethodList = [
+      'approve(address,uint256)',
+      'transfer(address,uint256)',
+    ];
+    const methodId = '0x095ea7b3'; // approve(address,uint256)
+
+    const result = allowCheckService.isAllowedContractMethod(
+      contractMethodList,
+      methodId,
+    );
+    expect(result).toBe(true);
+  });
+});
+
 describe('isAllowedValue', () => {
   const allowCheckService = new AllowCheckService();
 

diff --git a/src/services/__tests__/proxy.service.spec.ts b/src/services/__tests__/proxy.service.spec.ts
@@ -10,6 +10,7 @@ import {
   AllowCheckService,
   RateLimitService,
   TypeCheckService,
+  WebhookService,
 } from 'src/services';
 import { JsonrpcError } from 'src/entities';
 import { DatastoreService } from 'src/repositories';
@@ -87,6 +88,7 @@ describe('ProxyService', () => {
         AllowCheckService,
         TypeCheckService,
         RateLimitService,
+        WebhookService,
         DatastoreService,
       ],
     }).compile();