Gas Type Hook

Author: tequdev

Builds/CMake/RippledCore.cmake

@@ -488,6 +488,7 @@ target_sources (rippled PRIVATE
   src/ripple/app/tx/impl/apply.cpp
   src/ripple/app/tx/impl/applySteps.cpp
   src/ripple/app/hook/impl/applyHook.cpp
+  src/ripple/app/hook/impl/GasValidator.cpp
   src/ripple/app/tx/impl/details/NFTokenUtils.cpp
   #[===============================[
      main sources:
@@ -909,6 +910,7 @@ if (tests)
     src/test/jtx/impl/fee.cpp
     src/test/jtx/impl/flags.cpp
     src/test/jtx/impl/genesis.cpp
+    src/test/jtx/impl/hookgas.cpp
     src/test/jtx/impl/import.cpp
     src/test/jtx/impl/invoice_id.cpp
     src/test/jtx/impl/invoke.cpp

hook/sfcodes.h

@@ -63,6 +63,8 @@
 #define sfEmitGeneration ((2U << 16U) + 46U)
 #define sfLockCount ((2U << 16U) + 49U)
 #define sfFirstNFTokenSequence ((2U << 16U) + 50U)
+#define sfHookInstructionCost ((2U << 16U) + 91U)
+#define sfHookGas ((2U << 16U) + 92U)
 #define sfStartTime ((2U << 16U) + 93U)
 #define sfRepeatCount ((2U << 16U) + 94U)
 #define sfDelaySeconds ((2U << 16U) + 95U)

src/ripple/app/hook/GasValidator.h

@@ -0,0 +1,57 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2024 XRPL-Labs
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#ifndef RIPPLE_APP_HOOK_GASVALIDATOR_H_INCLUDED
+#define RIPPLE_APP_HOOK_GASVALIDATOR_H_INCLUDED
+
+#include <ripple/beast/utility/Journal.h>
+#include <ripple/protocol/Rules.h>
+#include <functional>
+#include <optional>
+#include <ostream>
+#include <string>
+#include <vector>
+
+// Forward declaration
+using GuardLog =
+    std::optional<std::reference_wrapper<std::basic_ostream<char>>>;
+
+namespace hook {
+
+/**
+ * @brief Validate WASM host functions for Gas-type hooks
+ *
+ * Validates that a WASM binary only imports allowed host functions
+ * and does not import the _g (guard) function, which is only for
+ * Guard-type hooks.
+ *
+ * @param wasm The WASM binary to validate
+ * @param guardLog Logging function for validation errors
+ * @param guardLogAccStr Account string for logging
+ * @return std::nullopt if validation succeeds, error message otherwise
+ */
+std::optional<std::string>
+validateWasmHostFunctionsForGas(
+    std::vector<uint8_t> const& wasm,
+    ripple::Rules const& rules,
+    beast::Journal const& j);
+
+}  // namespace hook
+
+#endif  // RIPPLE_APP_HOOK_GASVALIDATOR_H_INCLUDED

src/ripple/app/hook/applyHook.h

@@ -10,7 +10,6 @@
 #include <ripple/protocol/SField.h>
 #include <ripple/protocol/TER.h>
 #include <ripple/protocol/digest.h>
-#include <any>
 #include <memory>
 #include <optional>
 #include <queue>
@@ -462,7 +461,9 @@ apply(
     uint32_t wasmParam,
     uint8_t hookChainPosition,
     // result of apply() if this is weak exec
-    std::shared_ptr<STObject const> const& provisionalMeta);
+    std::shared_ptr<STObject const> const& provisionalMeta,
+    uint16_t hookApiVersion,
+    uint32_t hookGas);
 
 struct HookContext;
 
@@ -501,6 +502,7 @@ struct HookResult
     std::string exitReason{""};
     int64_t exitCode{-1};
     uint64_t instructionCount{0};
+    uint64_t instructionCost{0};
     bool hasCallback = false;  // true iff this hook wasm has a cbak function
     bool isCallback =
         false;  // true iff this hook execution is a callback in action
@@ -513,6 +515,8 @@ struct HookResult
         false;  // hook_again allows strong pre-apply to nominate
                 // additional weak post-apply execution
     std::shared_ptr<STObject const> provisionalMeta;
+    uint16_t hookApiVersion = 0;      // 0 = Guard-type, 1 = Gas-type
+    std::optional<uint64_t> hookGas;  // Gas limit for Gas-type hooks
 };
 
 class HookExecutor;
@@ -658,6 +662,7 @@ class HookExecutor
             if (!conf)
                 return;
             WasmEdge_ConfigureStatisticsSetInstructionCounting(conf, true);
+            WasmEdge_ConfigureStatisticsSetCostMeasuring(conf, true);
             ctx = WasmEdge_VMCreate(conf, NULL);
         }
 
@@ -758,6 +763,23 @@ class HookExecutor
             return;
         }
 
+        // Set Gas limit for Gas-type hooks (HookApiVersion == 1)
+        if (hookCtx.result.hookApiVersion == 1 &&
+            hookCtx.result.hookGas.has_value())
+        {
+            auto* statsCtx = WasmEdge_VMGetStatisticsContext(vm.ctx);
+            if (statsCtx)
+            {
+                // Convert HookGas to cost limit count (1 Gas = 1 cost)
+                uint32_t gasLimit = *hookCtx.result.hookGas;
+                WasmEdge_StatisticsSetCostLimit(statsCtx, gasLimit);
+
+                JLOG(j.trace())
+                    << "HookInfo[" << HC_ACC() << "]: Set Gas limit to "
+                    << gasLimit << " cost limit for Gas-type Hook";
+            }
+        }
+
         WasmEdge_Value params[1] = {WasmEdge_ValueGenI32((int64_t)wasmParam)};
         WasmEdge_Value returns[1];
 
@@ -771,17 +793,29 @@ class HookExecutor
             returns,
             1);
 
+        auto* statsCtx = WasmEdge_VMGetStatisticsContext(vm.ctx);
+        hookCtx.result.instructionCount =
+            WasmEdge_StatisticsGetInstrCount(statsCtx);
+        hookCtx.result.instructionCost =
+            WasmEdge_StatisticsGetTotalCost(statsCtx);
+
         if (auto err = getWasmError("WASM VM error", res); err)
         {
-            JLOG(j.warn()) << "HookError[" << HC_ACC() << "]: " << *err;
+            JLOG(j.trace()) << "HookError[" << HC_ACC() << "]: " << *err;
+
+            // Check if error is due to Gas limit exceeded for Gas-type hooks
+            if (hookCtx.result.hookApiVersion == 1 &&
+                err->find("cost limit exceeded") != std::string::npos)
+            {
+                JLOG(j.trace()) << "HookError[" << HC_ACC()
+                                << "]: Gas limit exceeded. Limit was "
+                                << *hookCtx.result.hookGas << " instructions";
+            }
+
             hookCtx.result.exitType = hook_api::ExitType::WASM_ERROR;
             return;
         }
 
-        auto* statsCtx = WasmEdge_VMGetStatisticsContext(vm.ctx);
-        hookCtx.result.instructionCount =
-            WasmEdge_StatisticsGetInstrCount(statsCtx);
-
         // RH NOTE: stack unwind will clean up WasmEdgeVM
     }
 

src/ripple/app/hook/impl/GasValidator.cpp

@@ -0,0 +1,156 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2024 XRPL-Labs
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#include <ripple/app/hook/GasValidator.h>
+#include <ripple/app/hook/Guard.h>
+#include <ripple/app/hook/Macro.h>
+#include <ripple/basics/Log.h>
+#include <ripple/protocol/Feature.h>
+#include <wasmedge/wasmedge.h>
+
+namespace hook {
+
+std::optional<std::string>
+validateWasmHostFunctionsForGas(
+    std::vector<uint8_t> const& wasm,
+    Rules const& rules,
+    beast::Journal const& j)
+{
+    // Create WasmEdge Loader
+    WasmEdge_LoaderContext* loader = WasmEdge_LoaderCreate(NULL);
+    if (!loader)
+    {
+        return "Failed to create WasmEdge Loader";
+    }
+
+    // Parse WASM binary
+    WasmEdge_ASTModuleContext* astModule = NULL;
+    WasmEdge_Result res = WasmEdge_LoaderParseFromBuffer(
+        loader, &astModule, wasm.data(), wasm.size());
+
+    if (!WasmEdge_ResultOK(res))
+    {
+        WasmEdge_LoaderDelete(loader);
+        const char* msg = WasmEdge_ResultGetMessage(res);
+        return std::string("Failed to parse WASM: ") +
+            (msg ? msg : "unknown error");
+    }
+
+    // Get import count
+    uint32_t importCount = WasmEdge_ASTModuleListImportsLength(astModule);
+
+    if (importCount == 0)
+    {
+        WasmEdge_ASTModuleDelete(astModule);
+        WasmEdge_LoaderDelete(loader);
+        JLOG(j.trace()) << "HookSet(" << hook::log::IMPORTS_MISSING
+                        << "): WASM must import at least hook API functions";
+        return "WASM must import at least hook API functions";
+    }
+
+    // Get imports (max 256)
+    const WasmEdge_ImportTypeContext* imports[256];
+    uint32_t actualImportCount = std::min(importCount, 256u);
+    actualImportCount =
+        WasmEdge_ASTModuleListImports(astModule, imports, actualImportCount);
+
+    std::optional<std::string> error;
+
+    // Check each import
+    for (uint32_t i = 0; i < actualImportCount; i++)
+    {
+        WasmEdge_String moduleName =
+            WasmEdge_ImportTypeGetModuleName(imports[i]);
+        WasmEdge_String externalName =
+            WasmEdge_ImportTypeGetExternalName(imports[i]);
+        WasmEdge_ExternalType extType =
+            WasmEdge_ImportTypeGetExternalType(imports[i]);
+
+        // Only check function imports
+        if (extType != WasmEdge_ExternalType_Function)
+            continue;
+
+        // Convert WasmEdge_String to std::string for comparison
+        std::string modName(moduleName.Buf, moduleName.Length);
+        std::string extName(externalName.Buf, externalName.Length);
+
+        // Check module name is "env"
+        if (modName != "env")
+        {
+            JLOG(j.trace())
+                << "HookSet(" << hook::log::IMPORT_MODULE_ENV
+                << "): Import module must be 'env', found: " << modName;
+            error = "Import module must be 'env', found: " + modName;
+            break;
+        }
+
+        // Check for forbidden _g function (guard function)
+        if (extName == "_g")
+        {
+            JLOG(j.trace())
+                << "HookSet(" << hook::log::IMPORT_ILLEGAL
+                << "): Gas-type hooks cannot import _g (guard) function";
+            error = "Gas-type hooks cannot import _g (guard) function";
+            break;
+        }
+
+        // Check external name length
+        if (extName.length() < 1 || extName.length() > 64)
+        {
+            JLOG(j.trace()) << "HookSet(" << hook::log::IMPORT_NAME_BAD
+                            << "): Import name length invalid: " << extName;
+            error = "Import name length invalid: " + extName;
+            break;
+        }
+
+        // Check against whitelist using find()
+        bool found = false;
+
+        // Check base whitelist (import_whitelist)
+        if (hook_api::import_whitelist.find(extName) !=
+            hook_api::import_whitelist.end())
+        {
+            found = true;
+        }
+
+        // Check extended whitelist (import_whitelist_1)
+        if (!found && rules.enabled(featureHooksUpdate1) &&
+            hook_api::import_whitelist_1.find(extName) !=
+                hook_api::import_whitelist_1.end())
+        {
+            found = true;
+        }
+
+        if (!found)
+        {
+            JLOG(j.trace()) << "HookSet(" << hook::log::IMPORT_ILLEGAL
+                            << "): Import not in whitelist: " << extName;
+            error = "Import not in whitelist: " + extName;
+            break;
+        }
+    }
+
+    // Cleanup
+    WasmEdge_ASTModuleDelete(astModule);
+    WasmEdge_LoaderDelete(loader);
+
+    return error;
+}
+
+}  // namespace hook

src/ripple/app/hook/impl/applyHook.cpp

@@ -1232,7 +1232,9 @@ hook::apply(
     bool isStrong,
     uint32_t wasmParam,
     uint8_t hookChainPosition,
-    std::shared_ptr<STObject const> const& provisionalMeta)
+    std::shared_ptr<STObject const> const& provisionalMeta,
+    uint16_t hookApiVersion,
+    uint32_t hookGas)
 {
     HookContext hookCtx = {
         .applyCtx = applyCtx,
@@ -1264,7 +1266,9 @@ hook::apply(
              .wasmParam = wasmParam,
              .hookChainPosition = hookChainPosition,
              .foreignStateSetDisabled = false,
-             .provisionalMeta = provisionalMeta},
+             .provisionalMeta = provisionalMeta,
+             .hookApiVersion = hookApiVersion,
+             .hookGas = hookGas},
         .emitFailure = isCallback && wasmParam & 1
             ? std::optional<ripple::STObject>(
                   (*(applyCtx.view().peek(keylet::emittedTxn(
@@ -2049,6 +2053,9 @@ hook::finalizeHookResult(
             ripple::Slice{
                 hookResult.exitReason.data(), hookResult.exitReason.size()});
         meta.setFieldU64(sfHookInstructionCount, hookResult.instructionCount);
+        if (hookResult.hookApiVersion == 1)
+            meta.setFieldU32(sfHookInstructionCost, hookResult.instructionCost);
+
         meta.setFieldU16(
             sfHookEmitCount,
             emission_txnid.size());  // this will never wrap, hard limit