add limit for unlimited txs

Author: olga24912

contracts/satoshi-bridge/src/account.rs

@@ -95,6 +95,10 @@ impl Account {
             btc_pending_verify_list: HashSet::new(),
         }
     }
+
+    pub fn pending_sign_count(&self) -> u32 {
+        u32::try_from(self.btc_pending_sign_ids.len()).unwrap_or(u32::MAX)
+    }
 }
 
 impl Contract {

contracts/satoshi-bridge/src/api/management.rs

@@ -183,12 +183,12 @@ impl Contract {
 
     #[payable]
     #[access_control_any(roles(Role::DAO))]
-    pub fn extend_unlimited_txs_white_list(&mut self, account_ids: Vec<AccountId>) {
+    pub fn extend_multi_txs_white_list(&mut self, account_ids: Vec<AccountId>) {
         assert_one_yocto();
         for account_id in account_ids {
             let is_success = self
                 .data_mut()
-                .unlimited_txs_white_list
+                .multi_txs_white_list
                 .insert(account_id.clone());
             require!(
                 is_success,
@@ -199,10 +199,10 @@ impl Contract {
 
     #[payable]
     #[access_control_any(roles(Role::DAO))]
-    pub fn remove_unlimited_txs_white_list(&mut self, account_ids: Vec<AccountId>) {
+    pub fn remove_multi_txs_white_list(&mut self, account_ids: Vec<AccountId>) {
         assert_one_yocto();
         for account_id in account_ids {
-            let is_success = self.data_mut().unlimited_txs_white_list.remove(&account_id);
+            let is_success = self.data_mut().multi_txs_white_list.remove(&account_id);
             require!(is_success, format!("Invalid account_id: {}", account_id));
         }
     }
@@ -475,6 +475,14 @@ impl Contract {
         self.internal_mut_config().max_btc_tx_pending_sec = max_btc_tx_pending_sec;
     }
 
+    #[payable]
+    #[access_control_any(roles(Role::DAO))]
+    pub fn set_max_pending_sign_txs(&mut self, max_pending_sign_txs: u32) {
+        assert_one_yocto();
+        require!(max_pending_sign_txs >= 1, "Invalid max_pending_sign_txs");
+        self.internal_mut_config().max_pending_sign_txs = max_pending_sign_txs;
+    }
+
     #[payable]
     #[access_control_any(roles(Role::DAO))]
     pub fn set_unhealthy_utxo_amount(&mut self, unhealthy_utxo_amount: U64) {

contracts/satoshi-bridge/src/api/token_receiver.rs

@@ -77,11 +77,15 @@ impl Contract {
         max_gas_fee: Option<U128>,
     ) {
         let (utxo_storage_keys, vutxos) = self.generate_vutxos(&mut psbt);
-        let is_unlimited = self.data().unlimited_txs_white_list.contains(&sender_id);
+        let max_pending = if self.data().multi_txs_white_list.contains(&sender_id) {
+            self.internal_config().max_pending_sign_txs
+        } else {
+            1
+        };
         let account = self.internal_unwrap_or_create_mut_account(&sender_id);
         require!(
-            is_unlimited || account.btc_pending_sign_ids.is_empty(),
-            "Previous btc tx has not been signed"
+            account.pending_sign_count() < max_pending,
+            "Too many pending sign transactions"
         );
 
         let withdraw_change_address_script_pubkey =

contracts/satoshi-bridge/src/api/view.rs

@@ -17,7 +17,7 @@ pub struct Metadata {
     pub relayer_white_list: Vec<AccountId>,
     pub extra_msg_relayer_white_list: Vec<AccountId>,
     pub post_action_receiver_id_white_list: Vec<AccountId>,
-    pub unlimited_txs_white_list: Vec<AccountId>,
+    pub multi_txs_white_list: Vec<AccountId>,
     #[serde(with = "u128_dec_format")]
     pub acc_collected_protocol_fee: u128,
     #[serde(with = "u128_dec_format")]
@@ -58,8 +58,8 @@ impl Contract {
                 .iter()
                 .cloned()
                 .collect(),
-            unlimited_txs_white_list: root_state
-                .unlimited_txs_white_list
+            multi_txs_white_list: root_state
+                .multi_txs_white_list
                 .iter()
                 .cloned()
                 .collect(),

contracts/satoshi-bridge/src/config.rs

@@ -5,6 +5,10 @@ use crate::{
 
 pub const MAX_RATIO: u32 = 10000;
 
+fn default_max_pending_sign_txs() -> u32 {
+    1
+}
+
 #[near(serializers = [borsh, json])]
 #[derive(Clone)]
 #[cfg_attr(not(target_arch = "wasm32"), derive(Debug))]
@@ -108,6 +112,9 @@ pub struct Config {
     pub max_btc_tx_pending_sec: u32,
     // UTXOs less than or equal to this amount are allowed to be merged through active management.
     pub unhealthy_utxo_amount: u64,
+    // The maximum number of pending-sign transactions allowed per whitelisted account.
+    #[serde(default = "default_max_pending_sign_txs")]
+    pub max_pending_sign_txs: u32,
     #[cfg(feature = "zcash")]
     pub expiry_height_gap: u32,
 }

contracts/satoshi-bridge/src/legacy.rs

@@ -54,7 +54,7 @@ impl From<ContractDataV0> for ContractData {
             extra_msg_relayer_white_list: IterableSet::new(StorageKey::ExtraMsgRelayerWhiteList),
             post_action_receiver_id_white_list,
             post_action_msg_templates: IterableMap::new(StorageKey::PostActionMsgTemplates),
-            unlimited_txs_white_list: IterableSet::new(StorageKey::UnlimitedTxsWhiteList),
+            multi_txs_white_list: IterableSet::new(StorageKey::MultiTxsWhiteList),
             lost_found,
             acc_collected_protocol_fee,
             cur_available_protocol_fee,
@@ -189,6 +189,7 @@ impl From<ConfigV0> for Config {
             rbf_num_limit,
             max_btc_tx_pending_sec,
             unhealthy_utxo_amount: 1000,
+            max_pending_sign_txs: 1,
             #[cfg(feature = "zcash")]
             expiry_height_gap: 1000,
         }
@@ -329,6 +330,7 @@ impl From<ConfigV1> for Config {
             rbf_num_limit,
             max_btc_tx_pending_sec,
             unhealthy_utxo_amount,
+            max_pending_sign_txs: 1,
             #[cfg(feature = "zcash")]
             expiry_height_gap,
         }
@@ -388,7 +390,7 @@ impl From<ContractDataV1> for ContractData {
             extra_msg_relayer_white_list: IterableSet::new(StorageKey::ExtraMsgRelayerWhiteList),
             post_action_receiver_id_white_list,
             post_action_msg_templates,
-            unlimited_txs_white_list: IterableSet::new(StorageKey::UnlimitedTxsWhiteList),
+            multi_txs_white_list: IterableSet::new(StorageKey::MultiTxsWhiteList),
             lost_found,
             acc_collected_protocol_fee,
             cur_available_protocol_fee,
@@ -463,7 +465,7 @@ impl From<ContractDataV2> for ContractData {
             extra_msg_relayer_white_list,
             post_action_receiver_id_white_list,
             post_action_msg_templates,
-            unlimited_txs_white_list: IterableSet::new(StorageKey::UnlimitedTxsWhiteList),
+            multi_txs_white_list: IterableSet::new(StorageKey::MultiTxsWhiteList),
             lost_found,
             acc_collected_protocol_fee,
             cur_available_protocol_fee,
@@ -474,9 +476,82 @@ impl From<ContractDataV2> for ContractData {
     }
 }
 
+#[near(serializers = [borsh])]
+#[derive(Clone)]
+pub struct ConfigV2 {
+    pub chain: crate::network::Chain,
+    pub btc_light_client_account_id: AccountId,
+    pub nbtc_account_id: AccountId,
+    pub chain_signatures_account_id: AccountId,
+    pub chain_signatures_root_public_key: Option<PublicKey>,
+    pub change_address: Option<String>,
+    pub confirmations_strategy: HashMap<String, u8>,
+    pub confirmations_delta: u8,
+    pub extra_msg_confirmations_delta: u8,
+    pub deposit_bridge_fee: BridgeFee,
+    pub withdraw_bridge_fee: BridgeFee,
+    pub min_deposit_amount: u128,
+    pub min_withdraw_amount: u128,
+    pub min_change_amount: u128,
+    pub max_change_amount: u128,
+    pub min_btc_gas_fee: u128,
+    pub max_btc_gas_fee: u128,
+    pub max_withdrawal_input_number: u8,
+    pub max_change_number: u8,
+    pub max_active_utxo_management_input_number: u8,
+    pub max_active_utxo_management_output_number: u8,
+    pub active_management_lower_limit: u32,
+    pub active_management_upper_limit: u32,
+    pub passive_management_lower_limit: u32,
+    pub passive_management_upper_limit: u32,
+    pub rbf_num_limit: u8,
+    pub max_btc_tx_pending_sec: u32,
+    pub unhealthy_utxo_amount: u64,
+    #[cfg(feature = "zcash")]
+    pub expiry_height_gap: u32,
+}
+
+impl From<ConfigV2> for Config {
+    fn from(c: ConfigV2) -> Self {
+        Self {
+            chain: c.chain,
+            btc_light_client_account_id: c.btc_light_client_account_id,
+            nbtc_account_id: c.nbtc_account_id,
+            chain_signatures_account_id: c.chain_signatures_account_id,
+            chain_signatures_root_public_key: c.chain_signatures_root_public_key,
+            change_address: c.change_address,
+            confirmations_strategy: c.confirmations_strategy,
+            confirmations_delta: c.confirmations_delta,
+            extra_msg_confirmations_delta: c.extra_msg_confirmations_delta,
+            deposit_bridge_fee: c.deposit_bridge_fee,
+            withdraw_bridge_fee: c.withdraw_bridge_fee,
+            min_deposit_amount: c.min_deposit_amount,
+            min_withdraw_amount: c.min_withdraw_amount,
+            min_change_amount: c.min_change_amount,
+            max_change_amount: c.max_change_amount,
+            min_btc_gas_fee: c.min_btc_gas_fee,
+            max_btc_gas_fee: c.max_btc_gas_fee,
+            max_withdrawal_input_number: c.max_withdrawal_input_number,
+            max_change_number: c.max_change_number,
+            max_active_utxo_management_input_number: c.max_active_utxo_management_input_number,
+            max_active_utxo_management_output_number: c.max_active_utxo_management_output_number,
+            active_management_lower_limit: c.active_management_lower_limit,
+            active_management_upper_limit: c.active_management_upper_limit,
+            passive_management_lower_limit: c.passive_management_lower_limit,
+            passive_management_upper_limit: c.passive_management_upper_limit,
+            rbf_num_limit: c.rbf_num_limit,
+            max_btc_tx_pending_sec: c.max_btc_tx_pending_sec,
+            unhealthy_utxo_amount: c.unhealthy_utxo_amount,
+            max_pending_sign_txs: 1,
+            #[cfg(feature = "zcash")]
+            expiry_height_gap: c.expiry_height_gap,
+        }
+    }
+}
+
 #[near(serializers = [borsh])]
 pub struct ContractDataV3 {
-    pub config: LazyOption<Config>,
+    pub config: LazyOption<ConfigV2>,
     pub accounts: IterableMap<AccountId, VAccount>,
     pub utxos: IterableMap<String, VUTXO>,
     pub unavailable_utxos: IterableMap<String, VUTXO>,
@@ -518,7 +593,10 @@ impl From<ContractDataV3> for ContractData {
         } = c;
 
         Self {
-            config,
+            config: LazyOption::new(
+                StorageKey::Config,
+                Some(config.get().clone().unwrap().into()),
+            ),
             accounts,
             utxos,
             unavailable_utxos,
@@ -529,7 +607,7 @@ impl From<ContractDataV3> for ContractData {
             extra_msg_relayer_white_list,
             post_action_receiver_id_white_list,
             post_action_msg_templates,
-            unlimited_txs_white_list: IterableSet::new(StorageKey::UnlimitedTxsWhiteList),
+            multi_txs_white_list: IterableSet::new(StorageKey::MultiTxsWhiteList),
             lost_found,
             acc_collected_protocol_fee,
             cur_available_protocol_fee,

contracts/satoshi-bridge/src/lib.rs

@@ -92,7 +92,7 @@ enum StorageKey {
     LostFound,
     PostActionMsgTemplates,
     ExtraMsgRelayerWhiteList,
-    UnlimitedTxsWhiteList,
+    MultiTxsWhiteList,
 }
 
 #[derive(AccessControlRole, Deserialize, Serialize, Copy, Clone)]
@@ -120,7 +120,7 @@ pub struct ContractData {
     pub extra_msg_relayer_white_list: IterableSet<AccountId>,
     pub post_action_receiver_id_white_list: IterableSet<AccountId>,
     pub post_action_msg_templates: IterableMap<AccountId, HashSet<String>>,
-    pub unlimited_txs_white_list: IterableSet<AccountId>,
+    pub multi_txs_white_list: IterableSet<AccountId>,
     pub lost_found: IterableMap<AccountId, u128>,
     pub acc_collected_protocol_fee: u128,
     pub cur_available_protocol_fee: u128,
@@ -188,7 +188,7 @@ impl Contract {
                     StorageKey::PostActionReceiverIdWhiteListWhiteList,
                 ),
                 post_action_msg_templates: IterableMap::new(StorageKey::PostActionMsgTemplates),
-                unlimited_txs_white_list: IterableSet::new(StorageKey::UnlimitedTxsWhiteList),
+                multi_txs_white_list: IterableSet::new(StorageKey::MultiTxsWhiteList),
                 lost_found: IterableMap::new(StorageKey::LostFound),
                 acc_collected_protocol_fee: 0,
                 cur_available_protocol_fee: 0,

contracts/satoshi-bridge/src/unit/mod.rs

@@ -79,6 +79,7 @@ pub fn init_contract() -> Contract {
         chain_signatures_root_public_key: None,
         change_address: None,
         unhealthy_utxo_amount: 1000,
+        max_pending_sign_txs: 1,
         #[cfg(feature = "zcash")]
         expiry_height_gap: 1000,
     })

contracts/satoshi-bridge/tests/setup/context.rs

@@ -210,6 +210,7 @@ impl Context {
                     "rbf_num_limit": 99,
                     "max_btc_tx_pending_sec": 3600 * 24,
                     "unhealthy_utxo_amount": 1000,
+                    "max_pending_sign_txs": 1,
                     "expiry_height_gap": 5000,
                 }
             }))