feat: enforce that account_ids are valid in FunctionCallPermission (#…

…7139)

closes https://nearinc.atlassian.net/browse/CPR-135

chain/chain/src/tests/simple_chain.rs

@@ -39,7 +39,7 @@ fn build_chain() {
     //     cargo insta test --accept -p near-chain --features nightly -- tests::simple_chain::build_chain
     let hash = chain.head().unwrap().last_block_hash;
     if cfg!(feature = "nightly") {
-        insta::assert_display_snapshot!(hash, @"AzXEGtscMJaA5td3Nxdrmv2eC3SaYD2spydh3WDbRjAh");
+        insta::assert_display_snapshot!(hash, @"FxxmGH4peXwKR5C9YiSKjX7nWVg3zBuvjp9k5bTF1yDs");
     } else {
         insta::assert_display_snapshot!(hash, @"6sAno2uEwwQ5yiDscePWY8HWmRJLpGNv39uoff3BCpxT");
     }
@@ -68,7 +68,7 @@ fn build_chain() {
 
     let hash = chain.head().unwrap().last_block_hash;
     if cfg!(feature = "nightly") {
-        insta::assert_display_snapshot!(hash, @"BkaWorGLVNsKyzS1HXXur1sNYDhSCssNvAnbP1TtW2az");
+        insta::assert_display_snapshot!(hash, @"43q5wcc9rdsocY2Htbk7vT88x6zkka5Vr17CQJUTkT9n");
     } else {
         insta::assert_display_snapshot!(hash, @"Fn9MgjUx6VXhPYNqqDtf2C9kBVveY2vuSLXNLZUNJCqK");
     }

core/primitives-core/src/config.rs

@@ -92,6 +92,10 @@ pub struct VMLimitConfig {
     /// If present, stores max number of locals declared globally in one contract
     #[serde(skip_serializing_if = "Option::is_none")]
     pub max_locals_per_contract: Option<u64>,
+    /// Whether to enforce account_id well-formedness where it wasn't enforced
+    /// historically.
+    #[serde(default = "AccountIdValidityRulesVersion::v0")]
+    pub account_id_validity_rules_version: AccountIdValidityRulesVersion,
 }
 
 fn wasmer2_stack_limit_default() -> i32 {
@@ -154,6 +158,55 @@ impl<'de> Deserialize<'de> for StackLimiterVersion {
     }
 }
 
+#[derive(Debug, Clone, Copy, Hash, PartialEq, Eq)]
+pub enum AccountIdValidityRulesVersion {
+    /// Skip account ID validation according to legacy rules.
+    V0,
+    /// Limit `receiver_id` in `FunctionCallPermission` to be a valid account ID.
+    V1,
+}
+
+impl AccountIdValidityRulesVersion {
+    fn v0() -> AccountIdValidityRulesVersion {
+        AccountIdValidityRulesVersion::V0
+    }
+    fn repr(self) -> u32 {
+        match self {
+            AccountIdValidityRulesVersion::V0 => 0,
+            AccountIdValidityRulesVersion::V1 => 1,
+        }
+    }
+    fn from_repr(repr: u32) -> Option<AccountIdValidityRulesVersion> {
+        let res = match repr {
+            0 => AccountIdValidityRulesVersion::V0,
+            1 => AccountIdValidityRulesVersion::V1,
+            _ => return None,
+        };
+        Some(res)
+    }
+}
+
+impl Serialize for AccountIdValidityRulesVersion {
+    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+    where
+        S: serde::Serializer,
+    {
+        self.repr().serialize(serializer)
+    }
+}
+
+impl<'de> Deserialize<'de> for AccountIdValidityRulesVersion {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: serde::Deserializer<'de>,
+    {
+        u32::deserialize(deserializer).and_then(|repr| {
+            AccountIdValidityRulesVersion::from_repr(repr)
+                .ok_or_else(|| serde::de::Error::custom("invalid account_id_validity_rules"))
+        })
+    }
+}
+
 impl VMConfig {
     pub fn test() -> VMConfig {
         VMConfig {
@@ -234,6 +287,7 @@ impl VMLimitConfig {
             // necessary (they only take constant operands indicating the local to access), which
             // is 4 bytes worth of code for each local.
             max_locals_per_contract: Some(max_contract_size / 4),
+            account_id_validity_rules_version: AccountIdValidityRulesVersion::V1,
         }
     }
 }

core/primitives-core/src/parameter.rs

@@ -171,6 +171,7 @@ pub enum Parameter {
     MaxFunctionsNumberPerContract,
     Wasmer2StackLimit,
     MaxLocalsPerContract,
+    AccountIdValidityRulesVersion,
 }
 
 #[derive(
@@ -303,6 +304,7 @@ impl Parameter {
             Parameter::MaxFunctionsNumberPerContract,
             Parameter::Wasmer2StackLimit,
             Parameter::MaxLocalsPerContract,
+            Parameter::AccountIdValidityRulesVersion,
         ]
         .iter()
     }

core/primitives/Cargo.toml

@@ -45,11 +45,13 @@ dump_errors_schema = ["near-rpc-error-macro/dump_errors_schema"]
 protocol_feature_chunk_only_producers = []
 protocol_feature_fix_staking_threshold = []
 protocol_feature_fix_contract_loading_cost = []
+protocol_feature_account_id_in_function_call_permission = []
 nightly = [
   "nightly_protocol",
   "protocol_feature_chunk_only_producers",
   "protocol_feature_fix_staking_threshold",
   "protocol_feature_fix_contract_loading_cost",
+  "protocol_feature_account_id_in_function_call_permission",
 ]
 nightly_protocol = []
 

core/primitives/res/runtime_configs/130.txt

@@ -0,0 +1 @@
+account_id_validity_rules_version: 0 -> 1

core/primitives/res/runtime_configs/parameters.txt

@@ -153,3 +153,5 @@ max_length_storage_key: 4_194_304
 max_length_storage_value: 4_194_304
 max_promises_per_function_call_action: 1_024
 max_number_input_data_dependencies: 128
+stack_limiter_version: 0
+account_id_validity_rules_version: 0

core/primitives/src/errors.rs

@@ -189,7 +189,7 @@ pub enum ActionsValidationError {
     /// Integer overflow during a compute.
     IntegerOverflow,
     /// Invalid account ID.
-    InvalidAccountId { account_id: AccountId },
+    InvalidAccountId { account_id: String },
     /// The size of the contract code exceeded the limit in a DeployContract action.
     ContractSizeExceeded { size: u64, limit: u64 },
     /// The length of the method name exceeded the limit in a Function Call action.

core/primitives/src/runtime/config_store.rs

@@ -27,6 +27,8 @@ static CONFIG_DIFFS: &[(ProtocolVersion, &str)] = &[
     // Increased deployment costs, increased wasmer2 stack_limit, added limiting of contract locals,
     // set read_cached_trie_node cost, decrease storage key limit
     (53, include_config!("53.txt")),
+    #[cfg(feature = "protocol_feature_account_id_in_function_call_permission")]
+    (130, include_config!("130.txt")),
 ];
 
 /// Testnet parameters for versions <= 29, which (incorrectly) differed from mainnet parameters

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__0.json.snap

@@ -188,7 +188,8 @@ expression: store.get_config(*version)
       "max_length_storage_value": 4194304,
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__42.json.snap

@@ -188,7 +188,8 @@ expression: store.get_config(*version)
       "max_length_storage_value": 4194304,
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__48.json.snap

@@ -188,7 +188,8 @@ expression: store.get_config(*version)
       "max_length_storage_value": 4194304,
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__49.json.snap

@@ -189,7 +189,8 @@ expression: store.get_config(*version)
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__50.json.snap

@@ -189,7 +189,8 @@ expression: store.get_config(*version)
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__52.json.snap

@@ -189,7 +189,8 @@ expression: store.get_config(*version)
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__53.json.snap

@@ -190,7 +190,8 @@ expression: store.get_config(*version)
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
       "wasmer2_stack_limit": 204800,
-      "max_locals_per_contract": 1000000
+      "max_locals_per_contract": 1000000,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_0.json.snap

@@ -188,7 +188,8 @@ expression: store.get_config(*version)
       "max_length_storage_value": 4194304,
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_42.json.snap

@@ -188,7 +188,8 @@ expression: store.get_config(*version)
       "max_length_storage_value": 4194304,
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_48.json.snap

@@ -188,7 +188,8 @@ expression: store.get_config(*version)
       "max_length_storage_value": 4194304,
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_49.json.snap

@@ -189,7 +189,8 @@ expression: store.get_config(*version)
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_50.json.snap

@@ -189,7 +189,8 @@ expression: store.get_config(*version)
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_52.json.snap

@@ -189,7 +189,8 @@ expression: store.get_config(*version)
       "max_promises_per_function_call_action": 1024,
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
-      "wasmer2_stack_limit": 102400
+      "wasmer2_stack_limit": 102400,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/runtime/snapshots/near_primitives__runtime__config_store__tests__testnet_53.json.snap

@@ -190,7 +190,8 @@ expression: store.get_config(*version)
       "max_number_input_data_dependencies": 128,
       "max_functions_number_per_contract": 10000,
       "wasmer2_stack_limit": 204800,
-      "max_locals_per_contract": 1000000
+      "max_locals_per_contract": 1000000,
+      "account_id_validity_rules_version": 0
     }
   },
   "account_creation_config": {

core/primitives/src/version.rs

@@ -162,6 +162,9 @@ pub enum ProtocolFeature {
     /// Charge for contract loading before it happens.
     #[cfg(feature = "protocol_feature_fix_contract_loading_cost")]
     FixContractLoadingCost,
+    /// Charge for contract loading before it happens.
+    #[cfg(feature = "protocol_feature_account_id_in_function_call_permission")]
+    AccountIdInFunctionCallPermission,
 }
 
 /// Both, outgoing and incoming tcp connections to peers, will be rejected if `peer's`
@@ -176,7 +179,7 @@ const STABLE_PROTOCOL_VERSION: ProtocolVersion = 55;
 cfg_if::cfg_if! {
     if #[cfg(feature = "nightly_protocol")] {
         /// Current latest nightly version of the protocol.
-        pub const PROTOCOL_VERSION: ProtocolVersion = 129;
+        pub const PROTOCOL_VERSION: ProtocolVersion = 130;
     } else if #[cfg(feature = "shardnet")] {
         /// Protocol version for shardnet.
         pub const PROTOCOL_VERSION: ProtocolVersion = 100;
@@ -247,6 +250,8 @@ impl ProtocolFeature {
             ProtocolFeature::FixStakingThreshold => 126,
             #[cfg(feature = "protocol_feature_fix_contract_loading_cost")]
             ProtocolFeature::FixContractLoadingCost => 129,
+            #[cfg(feature = "protocol_feature_account_id_in_function_call_permission")]
+            ProtocolFeature::AccountIdInFunctionCallPermission => 130,
         }
     }
 }

integration-tests/Cargo.toml

@@ -71,10 +71,14 @@ protocol_feature_chunk_only_producers = [
   "near-client/protocol_feature_chunk_only_producers",
   "near-primitives/protocol_feature_chunk_only_producers",
 ]
+protocol_feature_account_id_in_function_call_permission = [
+  "near-primitives/protocol_feature_account_id_in_function_call_permission"
+]
 nightly = [
   "nightly_protocol",
   "nearcore/nightly",
   "protocol_feature_chunk_only_producers",
+  "protocol_feature_account_id_in_function_call_permission",
 ]
 nightly_protocol = ["nearcore/nightly_protocol"]
 sandbox = [