test: meta transaction account creation scenarios

core/crypto/Cargo.toml

@@ -18,6 +18,7 @@ c2-chacha.workspace = true
 curve25519-dalek.workspace = true
 derive_more.workspace = true
 ed25519-dalek.workspace = true
+hex.workspace = true
 near-account-id = { path = "../account-id" }
 once_cell.workspace = true
 primitive-types.workspace = true

core/crypto/src/test_utils.rs

@@ -1,3 +1,4 @@
+use borsh::BorshDeserialize;
 use secp256k1::rand::SeedableRng;
 
 use crate::signature::{ED25519PublicKey, ED25519SecretKey, KeyType, PublicKey, SecretKey};
@@ -33,6 +34,19 @@ impl PublicKey {
             _ => unimplemented!(),
         }
     }
+
+    pub fn from_implicit_account(account_id: &AccountId) -> Self {
+        assert!(account_id.is_implicit());
+        let mut public_key_data = Vec::with_capacity(33);
+        public_key_data.push(KeyType::ED25519 as u8);
+        public_key_data.extend(
+            hex::decode(account_id.as_ref().as_bytes())
+                .expect("account id was a valid hex of length 64 resulting in 32 bytes"),
+        );
+        assert_eq!(public_key_data.len(), 33);
+        PublicKey::try_from_slice(&public_key_data)
+            .expect("we should be able to deserialize ED25519 public key")
+    }
 }
 
 impl SecretKey {

core/primitives/src/test_utils.rs

@@ -1,7 +1,7 @@
 use std::collections::HashMap;
 use std::sync::Arc;
 
-use near_crypto::{EmptySigner, InMemorySigner, KeyType, PublicKey, Signature, Signer};
+use near_crypto::{EmptySigner, InMemorySigner, KeyType, PublicKey, SecretKey, Signature, Signer};
 use near_primitives_core::types::ProtocolVersion;
 
 use crate::account::{AccessKey, AccessKeyPermission, Account};
@@ -491,9 +491,26 @@ pub fn create_test_signer(account_name: &str) -> InMemoryValidatorSigner {
 
 /// Helper function that creates a new signer for a given account, that uses the account name as seed.
 ///
+/// This also works for predefined implicit accounts, where the signer will use the implicit key.
+///
 /// Should be used only in tests.
 pub fn create_user_test_signer(account_name: &str) -> InMemorySigner {
-    InMemorySigner::from_seed(account_name.parse().unwrap(), KeyType::ED25519, account_name)
+    let account_id = account_name.parse().unwrap();
+    if account_id == implicit_test_account() {
+        InMemorySigner::from_secret_key(account_id, implicit_test_account_secret())
+    } else {
+        InMemorySigner::from_seed(account_id, KeyType::ED25519, account_name)
+    }
+}
+
+/// A fixed implicit account for which tests can know the private key.
+pub fn implicit_test_account() -> AccountId {
+    "061b1dd17603213b00e1a1e53ba060ad427cef4887bd34a5e0ef09010af23b0a".parse().unwrap()
+}
+
+/// Private key for the fixed implicit test account.
+pub fn implicit_test_account_secret() -> SecretKey {
+    "ed25519:5roj6k68kvZu3UEJFyXSfjdKGrodgZUfFLZFpzYXWtESNsLWhYrq3JGi4YpqeVKuw1m9R2TEHjfgWT1fjUqB1DNy".parse().unwrap()
 }
 
 impl FinalExecutionOutcomeView {

integration-tests/src/tests/client/features/delegate_action.rs

@@ -12,18 +12,20 @@ use near_client::test_utils::TestEnv;
 use near_crypto::{KeyType, PublicKey};
 use near_primitives::account::AccessKey;
 use near_primitives::config::ActionCosts;
-use near_primitives::errors::{ActionsValidationError, InvalidTxError, TxExecutionError};
-use near_primitives::test_utils::create_user_test_signer;
+use near_primitives::errors::{
+    ActionError, ActionErrorKind, ActionsValidationError, InvalidTxError, TxExecutionError,
+};
+use near_primitives::test_utils::{create_user_test_signer, implicit_test_account};
 use near_primitives::transaction::{
-    Action, AddKeyAction, DeleteAccountAction, DeleteKeyAction, DeployContractAction,
-    FunctionCallAction, StakeAction, TransferAction,
+    Action, AddKeyAction, CreateAccountAction, DeleteAccountAction, DeleteKeyAction,
+    DeployContractAction, FunctionCallAction, StakeAction, TransferAction,
 };
 use near_primitives::types::{AccountId, Balance};
 use near_primitives::version::{ProtocolFeature, ProtocolVersion};
 use near_primitives::views::{
     AccessKeyPermissionView, FinalExecutionOutcomeView, FinalExecutionStatus,
 };
-use near_test_contracts::smallest_rs_contract;
+use near_test_contracts::{ft_contract, smallest_rs_contract};
 use nearcore::config::GenesisExt;
 use nearcore::NEAR_BASE;
 use testlib::runtime_utils::{
@@ -117,15 +119,17 @@ fn check_meta_tx_execution(
 
     let sender_before = node_user.view_balance(&sender).unwrap();
     let relayer_before = node_user.view_balance(&relayer).unwrap();
-    let receiver_before = node_user.view_balance(&receiver).unwrap();
+    let receiver_before = node_user.view_balance(&receiver).unwrap_or(0);
     let relayer_nonce_before = node_user
         .get_access_key(&relayer, &PublicKey::from_seed(KeyType::ED25519, &relayer))
         .unwrap()
         .nonce;
-    let user_nonce_before = node_user
-        .get_access_key(&sender, &PublicKey::from_seed(KeyType::ED25519, &sender))
-        .unwrap()
-        .nonce;
+    let user_pubk = if sender.is_implicit() {
+        PublicKey::from_implicit_account(&sender)
+    } else {
+        PublicKey::from_seed(KeyType::ED25519, &sender)
+    };
+    let user_nonce_before = node_user.get_access_key(&sender, &user_pubk).unwrap().nonce;
 
     let tx_result = node_user
         .meta_tx(sender.clone(), receiver.clone(), relayer.clone(), actions.clone())
@@ -171,7 +175,7 @@ fn check_meta_tx_no_fn_call(
     receiver: AccountId,
 ) -> FinalExecutionOutcomeView {
     let fee_helper = fee_helper(node);
-    let gas_cost = normal_tx_cost + fee_helper.meta_tx_overhead_cost(&actions);
+    let gas_cost = normal_tx_cost + fee_helper.meta_tx_overhead_cost(&actions, &receiver);
 
     let (tx_result, sender_diff, relayer_diff, receiver_diff) =
         check_meta_tx_execution(node, actions, sender, relayer, receiver);
@@ -203,7 +207,7 @@ fn check_meta_tx_fn_call(
 ) -> FinalExecutionOutcomeView {
     let fee_helper = fee_helper(node);
     let num_fn_calls = actions.len();
-    let meta_tx_overhead_cost = fee_helper.meta_tx_overhead_cost(&actions);
+    let meta_tx_overhead_cost = fee_helper.meta_tx_overhead_cost(&actions, &receiver);
 
     let (tx_result, sender_diff, relayer_diff, receiver_diff) =
         check_meta_tx_execution(node, actions, sender, relayer, receiver);
@@ -401,8 +405,8 @@ fn meta_tx_delete_account() {
         vec![Action::DeleteAccount(DeleteAccountAction { beneficiary_id: relayer.clone() })];
 
     // special case balance check for deleting account
-    let gas_cost =
-        fee_helper.prepaid_delete_account_cost() + fee_helper.meta_tx_overhead_cost(&actions);
+    let gas_cost = fee_helper.prepaid_delete_account_cost()
+        + fee_helper.meta_tx_overhead_cost(&actions, &receiver);
     let (_tx_result, sender_diff, relayer_diff, receiver_diff) =
         check_meta_tx_execution(&node, actions, sender, relayer, receiver.clone());
 
@@ -572,3 +576,148 @@ fn assert_ft_balance(
     let balance = std::str::from_utf8(&response.result).expect("invalid UTF8");
     assert_eq!(format!("\"{expected_balance}\""), balance);
 }
+
+/// Test account creation scenarios with meta transactions.
+///
+/// Named accounts aren't the primary use case for meta transactions but still
+/// worth a test case.
+#[test]
+fn meta_tx_create_named_account() {
+    let relayer = bob_account();
+    let sender = alice_account();
+    let new_account = eve_dot_alice_account();
+    let node = RuntimeNode::new(&relayer);
+
+    let fee_helper = fee_helper(&node);
+    let amount = NEAR_BASE;
+
+    let public_key = PublicKey::from_seed(KeyType::ED25519, &new_account);
+
+    // That's the minium to create a (useful) account.
+    let actions = vec![
+        Action::CreateAccount(CreateAccountAction {}),
+        Action::Transfer(TransferAction { deposit: amount }),
+        Action::AddKey(AddKeyAction { public_key, access_key: AccessKey::full_access() }),
+    ];
+
+    // Check account doesn't exist, yet
+    node.view_account(&new_account).expect_err("account already exists");
+
+    let tx_cost = fee_helper.create_account_transfer_full_key_cost();
+    check_meta_tx_no_fn_call(&node, actions, tx_cost, amount, sender, relayer, new_account.clone());
+
+    // Check account exists
+    node.view_account(&new_account).expect("failed looking up account");
+}
+
+/// Try creating an implicit account with `CreateAction` which is not allowed in
+/// or outside meta transactions and must fail with `OnlyImplicitAccountCreationAllowed`.
+#[test]
+fn meta_tx_create_implicit_account_fails() {
+    let relayer = bob_account();
+    let sender = alice_account();
+    let new_account: AccountId = implicit_test_account();
+    let node = RuntimeNode::new(&relayer);
+
+    let actions = vec![Action::CreateAccount(CreateAccountAction {})];
+    let tx_result = node
+        .user()
+        .meta_tx(sender.clone(), new_account.clone(), relayer.clone(), actions.clone())
+        .unwrap();
+
+    let account_creation_result = &tx_result.receipts_outcome[1].outcome.status;
+    assert!(matches!(
+        account_creation_result,
+        near_primitives::views::ExecutionStatusView::Failure(TxExecutionError::ActionError(
+            ActionError { kind: ActionErrorKind::OnlyImplicitAccountCreationAllowed { .. }, .. }
+        )),
+    ));
+}
+
+/// Try creating an implicit account with a meta tx transfer and use the account
+/// in the same meta transaction.
+///
+/// This is expected to fail with `AccountDoesNotExist` as noted in NEP-366.
+#[test]
+fn meta_tx_create_and_use_implicit_account() {
+    let relayer = bob_account();
+    let sender = alice_account();
+    let new_account: AccountId = implicit_test_account();
+    let node = RuntimeNode::new(&relayer);
+
+    // Check account doesn't exist, yet
+    node.view_account(&new_account).expect_err("account already exists");
+
+    let initial_amount = nearcore::NEAR_BASE;
+    let actions = vec![
+        Action::Transfer(TransferAction { deposit: initial_amount }),
+        Action::DeployContract(DeployContractAction { code: ft_contract().to_vec() }),
+    ];
+
+    // execute and expect `AccountDoesNotExist`
+    let tx_result =
+        node.user().meta_tx(sender.clone(), new_account.clone(), relayer.clone(), actions).unwrap();
+    let status = &tx_result.receipts_outcome[1].outcome.status;
+    assert!(matches!(
+        status,
+        near_primitives::views::ExecutionStatusView::Failure(TxExecutionError::ActionError(
+            ActionError { kind: ActionErrorKind::AccountDoesNotExist { account_id }, .. }
+        )) if *account_id == new_account,
+    ));
+}
+
+/// Creating an implicit account with a meta tx transfer and use the account in
+/// a second meta transaction.
+///
+/// Creation through a meta tx should work as normal, it's just that the relayer
+/// pays for the storage and the user could delete the account and cash in,
+/// hence this workflow is not ideal from all circumstances.
+#[test]
+fn meta_tx_create_implicit_account() {
+    let relayer = bob_account();
+    let sender = alice_account();
+    let new_account: AccountId = implicit_test_account();
+    let node = RuntimeNode::new(&relayer);
+
+    // Check account doesn't exist, yet
+    node.view_account(&new_account).expect_err("account already exists");
+
+    let fee_helper = fee_helper(&node);
+    let initial_amount = nearcore::NEAR_BASE;
+    let actions = vec![Action::Transfer(TransferAction { deposit: initial_amount })];
+    let tx_cost = fee_helper.create_account_transfer_full_key_cost();
+    check_meta_tx_no_fn_call(
+        &node,
+        actions,
+        tx_cost,
+        initial_amount,
+        sender.clone(),
+        relayer.clone(),
+        new_account.clone(),
+    );
+
+    // Check account exists with expected balance
+    node.view_account(&new_account).expect("failed looking up account");
+    let balance = node.view_balance(&new_account).expect("failed looking up balance");
+    assert_eq!(balance, initial_amount);
+
+    // Now test we can use this account in a meta transaction that sends back half the tokens to alice.
+    let transfer_amount = initial_amount / 2;
+    let actions = vec![Action::Transfer(TransferAction { deposit: transfer_amount })];
+    let tx_cost = fee_helper.transfer_cost();
+    check_meta_tx_no_fn_call(
+        &node,
+        actions,
+        tx_cost,
+        transfer_amount,
+        new_account.clone(),
+        relayer,
+        sender,
+    )
+    .assert_success();
+
+    // balance of the new account should NOT change, the relayer pays for it!
+    // (note: relayer balance checks etc are done in the shared checker function)
+    let balance = node.view_balance(&new_account).expect("failed looking up balance");
+    assert_eq!(balance, initial_amount);
+}

test-utils/testlib/Cargo.toml

@@ -13,6 +13,7 @@ near-chain = { path = "../../chain/chain" }
 near-crypto = { path = "../../core/crypto" }
 near-primitives = { path = "../../core/primitives" }
 near-test-contracts = { path = "../../runtime/near-test-contracts" }
+node-runtime = { path = "../../runtime/runtime" }
 
 [features]
 default = []