github.com/luckypickle/go-ethereum-vet@v1.14.2/signer/rules/rules.go (about) 1 // Copyright 2018 The go-ethereum Authors 2 // This file is part of go-ethereum. 3 // 4 // go-ethereum is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // go-ethereum is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with go-ethereum. If not, see <http://www.gnu.org/licenses/>. 16 17 package rules 18 19 import ( 20 "encoding/json" 21 "fmt" 22 "os" 23 "strings" 24 25 "github.com/luckypickle/go-ethereum-vet/common" 26 "github.com/luckypickle/go-ethereum-vet/internal/ethapi" 27 "github.com/luckypickle/go-ethereum-vet/log" 28 "github.com/luckypickle/go-ethereum-vet/signer/core" 29 "github.com/luckypickle/go-ethereum-vet/signer/rules/deps" 30 "github.com/luckypickle/go-ethereum-vet/signer/storage" 31 "github.com/robertkrimen/otto" 32 ) 33 34 var ( 35 BigNumber_JS = deps.MustAsset("bignumber.js") 36 ) 37 38 // consoleOutput is an override for the console.log and console.error methods to 39 // stream the output into the configured output stream instead of stdout. 40 func consoleOutput(call otto.FunctionCall) otto.Value { 41 output := []string{"JS:> "} 42 for _, argument := range call.ArgumentList { 43 output = append(output, fmt.Sprintf("%v", argument)) 44 } 45 fmt.Fprintln(os.Stdout, strings.Join(output, " ")) 46 return otto.Value{} 47 } 48 49 // rulesetUI provides an implementation of SignerUI that evaluates a javascript 50 // file for each defined UI-method 51 type rulesetUI struct { 52 next core.SignerUI // The next handler, for manual processing 53 storage storage.Storage 54 credentials storage.Storage 55 jsRules string // The rules to use 56 } 57 58 func NewRuleEvaluator(next core.SignerUI, jsbackend, credentialsBackend storage.Storage) (*rulesetUI, error) { 59 c := &rulesetUI{ 60 next: next, 61 storage: jsbackend, 62 credentials: credentialsBackend, 63 jsRules: "", 64 } 65 66 return c, nil 67 } 68 69 func (r *rulesetUI) Init(javascriptRules string) error { 70 r.jsRules = javascriptRules 71 return nil 72 } 73 func (r *rulesetUI) execute(jsfunc string, jsarg interface{}) (otto.Value, error) { 74 75 // Instantiate a fresh vm engine every time 76 vm := otto.New() 77 // Set the native callbacks 78 consoleObj, _ := vm.Get("console") 79 consoleObj.Object().Set("log", consoleOutput) 80 consoleObj.Object().Set("error", consoleOutput) 81 vm.Set("storage", r.storage) 82 83 // Load bootstrap libraries 84 script, err := vm.Compile("bignumber.js", BigNumber_JS) 85 if err != nil { 86 log.Warn("Failed loading libraries", "err", err) 87 return otto.UndefinedValue(), err 88 } 89 vm.Run(script) 90 91 // Run the actual rule implementation 92 _, err = vm.Run(r.jsRules) 93 if err != nil { 94 log.Warn("Execution failed", "err", err) 95 return otto.UndefinedValue(), err 96 } 97 98 // And the actual call 99 // All calls are objects with the parameters being keys in that object. 100 // To provide additional insulation between js and go, we serialize it into JSON on the Go-side, 101 // and deserialize it on the JS side. 102 103 jsonbytes, err := json.Marshal(jsarg) 104 if err != nil { 105 log.Warn("failed marshalling data", "data", jsarg) 106 return otto.UndefinedValue(), err 107 } 108 // Now, we call foobar(JSON.parse(<jsondata>)). 109 var call string 110 if len(jsonbytes) > 0 { 111 call = fmt.Sprintf("%v(JSON.parse(%v))", jsfunc, string(jsonbytes)) 112 } else { 113 call = fmt.Sprintf("%v()", jsfunc) 114 } 115 return vm.Run(call) 116 } 117 118 func (r *rulesetUI) checkApproval(jsfunc string, jsarg []byte, err error) (bool, error) { 119 if err != nil { 120 return false, err 121 } 122 v, err := r.execute(jsfunc, string(jsarg)) 123 if err != nil { 124 log.Info("error occurred during execution", "error", err) 125 return false, err 126 } 127 result, err := v.ToString() 128 if err != nil { 129 log.Info("error occurred during response unmarshalling", "error", err) 130 return false, err 131 } 132 if result == "Approve" { 133 log.Info("Op approved") 134 return true, nil 135 } else if result == "Reject" { 136 log.Info("Op rejected") 137 return false, nil 138 } 139 return false, fmt.Errorf("Unknown response") 140 } 141 142 func (r *rulesetUI) ApproveTx(request *core.SignTxRequest) (core.SignTxResponse, error) { 143 jsonreq, err := json.Marshal(request) 144 approved, err := r.checkApproval("ApproveTx", jsonreq, err) 145 if err != nil { 146 log.Info("Rule-based approval error, going to manual", "error", err) 147 return r.next.ApproveTx(request) 148 } 149 150 if approved { 151 return core.SignTxResponse{ 152 Transaction: request.Transaction, 153 Approved: true, 154 Password: r.lookupPassword(request.Transaction.From.Address()), 155 }, 156 nil 157 } 158 return core.SignTxResponse{Approved: false}, err 159 } 160 161 func (r *rulesetUI) lookupPassword(address common.Address) string { 162 return r.credentials.Get(strings.ToLower(address.String())) 163 } 164 165 func (r *rulesetUI) ApproveSignData(request *core.SignDataRequest) (core.SignDataResponse, error) { 166 jsonreq, err := json.Marshal(request) 167 approved, err := r.checkApproval("ApproveSignData", jsonreq, err) 168 if err != nil { 169 log.Info("Rule-based approval error, going to manual", "error", err) 170 return r.next.ApproveSignData(request) 171 } 172 if approved { 173 return core.SignDataResponse{Approved: true, Password: r.lookupPassword(request.Address.Address())}, nil 174 } 175 return core.SignDataResponse{Approved: false, Password: ""}, err 176 } 177 178 func (r *rulesetUI) ApproveExport(request *core.ExportRequest) (core.ExportResponse, error) { 179 jsonreq, err := json.Marshal(request) 180 approved, err := r.checkApproval("ApproveExport", jsonreq, err) 181 if err != nil { 182 log.Info("Rule-based approval error, going to manual", "error", err) 183 return r.next.ApproveExport(request) 184 } 185 if approved { 186 return core.ExportResponse{Approved: true}, nil 187 } 188 return core.ExportResponse{Approved: false}, err 189 } 190 191 func (r *rulesetUI) ApproveImport(request *core.ImportRequest) (core.ImportResponse, error) { 192 // This cannot be handled by rules, requires setting a password 193 // dispatch to next 194 return r.next.ApproveImport(request) 195 } 196 197 func (r *rulesetUI) ApproveListing(request *core.ListRequest) (core.ListResponse, error) { 198 jsonreq, err := json.Marshal(request) 199 approved, err := r.checkApproval("ApproveListing", jsonreq, err) 200 if err != nil { 201 log.Info("Rule-based approval error, going to manual", "error", err) 202 return r.next.ApproveListing(request) 203 } 204 if approved { 205 return core.ListResponse{Accounts: request.Accounts}, nil 206 } 207 return core.ListResponse{}, err 208 } 209 210 func (r *rulesetUI) ApproveNewAccount(request *core.NewAccountRequest) (core.NewAccountResponse, error) { 211 // This cannot be handled by rules, requires setting a password 212 // dispatch to next 213 return r.next.ApproveNewAccount(request) 214 } 215 216 func (r *rulesetUI) ShowError(message string) { 217 log.Error(message) 218 r.next.ShowError(message) 219 } 220 221 func (r *rulesetUI) ShowInfo(message string) { 222 log.Info(message) 223 r.next.ShowInfo(message) 224 } 225 func (r *rulesetUI) OnSignerStartup(info core.StartupInfo) { 226 jsonInfo, err := json.Marshal(info) 227 if err != nil { 228 log.Warn("failed marshalling data", "data", info) 229 return 230 } 231 r.next.OnSignerStartup(info) 232 _, err = r.execute("OnSignerStartup", string(jsonInfo)) 233 if err != nil { 234 log.Info("error occurred during execution", "error", err) 235 } 236 } 237 238 func (r *rulesetUI) OnApprovedTx(tx ethapi.SignTransactionResult) { 239 jsonTx, err := json.Marshal(tx) 240 if err != nil { 241 log.Warn("failed marshalling transaction", "tx", tx) 242 return 243 } 244 _, err = r.execute("OnApprovedTx", string(jsonTx)) 245 if err != nil { 246 log.Info("error occurred during execution", "error", err) 247 } 248 }