Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include __check_auth contract instance in footprint when recording #1443

Closed
leighmcculloch opened this issue Aug 12, 2024 · 2 comments · Fixed by #1476
Closed

Include __check_auth contract instance in footprint when recording #1443

leighmcculloch opened this issue Aug 12, 2024 · 2 comments · Fixed by #1476
Assignees
@dmkozh

Comments

@leighmcculloch
Copy link
Member

The env in simulation should include in the footprint contracts that get __check_auth called on them.

@heytdep shared on Discord (link) a transaction built for testnet and run through simulation once. The transaction involves custom auth. The built footprint did not include the contract instance for the custom auth contract.

Transaction:

AAAAAgAAAADhz6YxvqUP4OzxQMYMXFdJcuXYfbIigQtRCbRieQQIUwBw7lEADzfWAAAAFwAAAAAAAAAAAAAAAQAAAAAAAAAYAAAAAAAAAAHsJEGI2Q6jK3qVUCXQJahn2qmm/p2zfU1LlyRUHLDrDQAAAAZzdWJtaXQAAAAAAAQAAAASAAAAARPWiWvcm/7XCKZeqYmBA9eqSG40dtKWG0Evyy8k28PXAAAAEgAAAAET1olr3Jv+1wimXqmJgQPXqkhuNHbSlhtBL8svJNvD1wAAABIAAAABE9aJa9yb/tcIpl6piYED16pIbjR20pYbQS/LLyTbw9cAAAAQAAAAAQAAAAEAAAARAAAAAQAAAAMAAAAPAAAAB2FkZHJlc3MAAAAAEgAAAAHXkotywnA8z+r365/0701QSlWouXn8m0UOoshCtNHOYQAAAA8AAAAGYW1vdW50AAAAAAAKAAAAAAAAAAAAAAAABfXhAAAAAA8AAAAMcmVxdWVzdF90eXBlAAAAAwAAAAIAAAABAAAAAQAAAAET1olr3Jv+1wimXqmJgQPXqkhuNHbSlhtBL8svJNvD1wshA28ulzCuAA9EpgAAABAAAAABAAAAAQAAABEAAAABAAAAAgAAAA8AAAAKcHVibGljX2tleQAAAAAADQAAACDhz6YxvqUP4OzxQMYMXFdJcuXYfbIigQtRCbRieQQIUwAAAA8AAAAJc2lnbmF0dXJlAAAAAAAADQAAAEBKkZFDmoKA8oVB8jL9k2RZkVGU0xeEv1raeVCVAGwaJ5yCgydMnKuPBTJuOknAyqXg2UWcC+kda6t8UNPwWFgMAAAAAAAAAAHsJEGI2Q6jK3qVUCXQJahn2qmm/p2zfU1LlyRUHLDrDQAAAAZzdWJtaXQAAAAAAAQAAAASAAAAARPWiWvcm/7XCKZeqYmBA9eqSG40dtKWG0Evyy8k28PXAAAAEgAAAAET1olr3Jv+1wimXqmJgQPXqkhuNHbSlhtBL8svJNvD1wAAABIAAAABE9aJa9yb/tcIpl6piYED16pIbjR20pYbQS/LLyTbw9cAAAAQAAAAAQAAAAEAAAARAAAAAQAAAAMAAAAPAAAAB2FkZHJlc3MAAAAAEgAAAAHXkotywnA8z+r365/0701QSlWouXn8m0UOoshCtNHOYQAAAA8AAAAGYW1vdW50AAAAAAAKAAAAAAAAAAAAAAAABfXhAAAAAA8AAAAMcmVxdWVzdF90eXBlAAAAAwAAAAIAAAABAAAAAAAAAAHXkotywnA8z+r365/0701QSlWouXn8m0UOoshCtNHOYQAAAAh0cmFuc2ZlcgAAAAMAAAASAAAAARPWiWvcm/7XCKZeqYmBA9eqSG40dtKWG0Evyy8k28PXAAAAEgAAAAHsJEGI2Q6jK3qVUCXQJahn2qmm/p2zfU1LlyRUHLDrDQAAAAoAAAAAAAAAAAAAAAAF9eEAAAAAAAAAAAEAAAAAAAAABgAAAAYAAAAB15KLcsJwPM/q9+uf9O9NUEpVqLl5/JtFDqLIQrTRzmEAAAAUAAAAAQAAAAYAAAAB7CRBiNkOoyt6lVAl0CWoZ9qppv6ds31NS5ckVByw6w0AAAAQAAAAAQAAAAIAAAAPAAAACkVtaXNDb25maWcAAAAAAAMAAAABAAAAAQAAAAYAAAAB7CRBiNkOoyt6lVAl0CWoZ9qppv6ds31NS5ckVByw6w0AAAAQAAAAAQAAAAIAAAAPAAAACEVtaXNEYXRhAAAAAwAAAAEAAAABAAAABgAAAAHsJEGI2Q6jK3qVUCXQJahn2qmm/p2zfU1LlyRUHLDrDQAAABAAAAABAAAAAgAAAA8AAAAJUmVzQ29uZmlnAAAAAAAAEgAAAAHXkotywnA8z+r365/0701QSlWouXn8m0UOoshCtNHOYQAAAAEAAAAGAAAAAewkQYjZDqMrepVQJdAlqGfaqab+nbN9TUuXJFQcsOsNAAAAFAAAAAEAAAAH6NO1mm7ds1cZBLop/Y+zWHxLc7QNTK9k3MNHBOJ7VBwAAAAGAAAABgAAAAET1olr3Jv+1wimXqmJgQPXqkhuNHbSlhtBL8svJNvD1wAAABULIQNvLpcwrgAAAAAAAAAGAAAAAdeSi3LCcDzP6vfrn/TvTVBKVai5efybRQ6iyEK00c5hAAAAEAAAAAEAAAACAAAADwAAAAdCYWxhbmNlAAAAABIAAAABE9aJa9yb/tcIpl6piYED16pIbjR20pYbQS/LLyTbw9cAAAABAAAABgAAAAHXkotywnA8z+r365/0701QSlWouXn8m0UOoshCtNHOYQAAABAAAAABAAAAAgAAAA8AAAAHQmFsYW5jZQAAAAASAAAAAewkQYjZDqMrepVQJdAlqGfaqab+nbN9TUuXJFQcsOsNAAAAAQAAAAYAAAAB7CRBiNkOoyt6lVAl0CWoZ9qppv6ds31NS5ckVByw6w0AAAAQAAAAAQAAAAIAAAAPAAAACVBvc2l0aW9ucwAAAAAAABIAAAABE9aJa9yb/tcIpl6piYED16pIbjR20pYbQS/LLyTbw9cAAAABAAAABgAAAAHsJEGI2Q6jK3qVUCXQJahn2qmm/p2zfU1LlyRUHLDrDQAAABAAAAABAAAAAgAAAA8AAAAHUmVzRGF0YQAAAAASAAAAAdeSi3LCcDzP6vfrn/TvTVBKVai5efybRQ6iyEK00c5hAAAAAQAAAAYAAAAB7CRBiNkOoyt6lVAl0CWoZ9qppv6ds31NS5ckVByw6w0AAAAQAAAAAQAAAAIAAAAPAAAACFVzZXJFbWlzAAAAEQAAAAEAAAACAAAADwAAAApyZXNlcnZlX2lkAAAAAAADAAAAAQAAAA8AAAAEdXNlcgAAABIAAAABE9aJa9yb/tcIpl6piYED16pIbjR20pYbQS/LLyTbw9cAAAABAKMnKAAA2IgAAAX8AAAAAABnWOUAAAABeQQIUwAAAEBpetVkv+xr3m2EJRxDPVGb7Qe//dy95OR4cLXu8C/Bw6q56P+wiKn6B/eirbz/N/g+DKXgbUkGVrnrFl0Om00L

Ref: 61eb459b99abbb92f5c566092be8fbf916fc44f149adb6228cb33a66582ad4b3 on testnet

Custom auth requires the use of simulation twice, and if simulation was used twice with the above transaction the contract instance would have been identified in the second pass.

However, it seems reasonable that simulation would identify as much of the footprint as possible on each path, and that the contract instance would be included in the footprint in the first pass. There is already enough data available to the simulation that the custom auth contract would need to be included, at least in the read-only, because the env knows the auth will be called and is being simulated.
@dmkozh
Copy link
Contributor

dmkozh commented Aug 12, 2024

However, it seems reasonable that simulation would identify as much of the footprint as possible on each path

I don't mind adding that, but this only will help if a custom account happens to only use the instance storage.

I think it's probably about time to implement the mock signature mechanism that allows for single pass simulation in recording mode.

@leighmcculloch
Copy link
Member Author

this only will help if a custom account happens to only use the instance storage

The couple custom auth contracts I've written so far happen to only use instance storage. I think given the category of contract instance storage is highly likely for custom auth, but I agree, this issue isn't a solution for the issue @heytdep experienced.

I opened this issue because this feels more like a bug to me. The system isn't completely constructing what is logically part of the known/expected footprint.

This issue doesn't remove the need to do a second pass on simulation though.

@dmkozh dmkozh mentioned this issue Oct 18, 2024
Merged
github-merge-queue bot pushed a commit that referenced this issue Nov 5, 2024
@dmkozh
Emulate access to custom account instance and Wasm in recording auth. (
61831e8 
…#1476)

### What

Emulate access to custom account instance and Wasm in recording auth.

The change gracefully handles failures (e.g. allows for the instance not
being present) in order to not spam diagnostics in unit tests that don't
care about the footprint (which makes up for majority of the unit
tests).

### Why

Better emulate the authorization behavior (in some edge cases this might
allow for single-pass simulation of custom accounts).

Resolves #1443

### Known limitations

In theory, we could also try calling `__check_auth` on the contract (if
possible), but that will likely produce confusing diagnostics for most
of the contracts (e.g. signature verification errors).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dmkozh dmkozh

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Emulate access to custom account instance and Wasm in recording auth. dmkozh/rs-soroban-env
2 participants
@leighmcculloch @dmkozh