fix

Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>

Author: adecaro

token/services/identity/multisig/identity.go

@@ -57,20 +57,20 @@ func WrapIdentities(ids ...token.Identity) (token.Identity, error) {
 
 // Unwrap returns the identities wrapped in the given multisig identity
 // It returns the identities and a boolean indicating whether the given identity is a multisig identity
-func Unwrap(raw []byte) (bool, []token.Identity, error) {
+func Unwrap(raw []byte) ([]token.Identity, bool, error) {
 	ti, err := identity.UnmarshalTypedIdentity(raw)
 	if err != nil {
-		return false, nil, errors.Wrap(err, "failed unmarshalling typed identity")
+		return nil, false, errors.Wrap(err, "failed unmarshalling typed identity")
 	}
 	if ti.Type != Multisig {
-		return false, nil, nil
+		return nil, false, nil
 	}
 	mi := &MultiIdentity{}
 	err = mi.Deserialize(ti.Identity)
 	if err != nil {
-		return false, nil, errors.Wrap(err, "failed unmarshalling multi identity")
+		return nil, false, errors.Wrap(err, "failed unmarshalling multi identity")
 	}
-	return true, mi.Identities, nil
+	return mi.Identities, true, nil
 }
 
 // InfoMatcher matches a multisig identity to its own audit info.

token/services/identity/multisig/identity_test.go

@@ -36,15 +36,15 @@ func TestWrapIdentities(t *testing.T) {
 	wrapped, err := WrapIdentities(identities...)
 	assert.NoError(t, err)
 
-	isMultisig, unwrapped, err := Unwrap(wrapped)
+	unwrapped, isMultisig, err := Unwrap(wrapped)
 	assert.NoError(t, err)
 	assert.True(t, isMultisig)
 	assert.Equal(t, identities, unwrapped)
 }
 
 func TestUnwrap_InvalidIdentity(t *testing.T) {
 	invalidIdentity := []byte("invalid")
-	isMultisig, unwrapped, err := Unwrap(invalidIdentity)
+	unwrapped, isMultisig, err := Unwrap(invalidIdentity)
 	assert.Error(t, err)
 	assert.False(t, isMultisig)
 	assert.Nil(t, unwrapped)

token/services/ttx/collectendorsements.go

@@ -198,7 +198,7 @@ func (c *CollectEndorsementsView) requestSignatures(signers []view.Identity, ver
 		logger.DebugfContext(context.Context(), "collecting signature [%d] on request from [%s]", i, signerIdentity)
 
 		// Case: the identity is a multi-sig identity
-		ok, multiSigners, err := multisig.Unwrap(signerIdentity)
+		multiSigners, ok, err := multisig.Unwrap(signerIdentity)
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed unwrapping multi-sig identity [%s]", signerIdentity)
 		}
@@ -500,7 +500,7 @@ func (c *CollectEndorsementsView) prepareDistributionList(context view.Context,
 			// This is a redeem, nothing to do here.
 			continue
 		}
-		ok, multiSigners, err := multisig.Unwrap(id)
+		multiSigners, ok, err := multisig.Unwrap(id)
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed unwrapping multi-sig identity [%s]", id)
 		}

token/services/ttx/endorse.go

@@ -7,6 +7,7 @@ SPDX-License-Identifier: Apache-2.0
 package ttx
 
 import (
+	"bytes"
 	"context"
 	"time"
 
@@ -15,6 +16,7 @@ import (
 	"github.com/hyperledger-labs/fabric-smart-client/platform/view/services/sig"
 	"github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
 	"github.com/hyperledger-labs/fabric-token-sdk/token"
+	"github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/multisig"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/services/tokens"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/services/utils"
 	jsession "github.com/hyperledger-labs/fabric-token-sdk/token/services/utils/json/session"
@@ -68,7 +70,7 @@ func (s *EndorseView) Call(context view.Context) (interface{}, error) {
 		return nil, errors.Wrapf(err, "failed acknowledging transaction")
 	}
 
-	// cache the token request into the tokens db
+	// cache the token request into the tokens db, should we use the received token request?
 	t, err := tokens.GetService(context, s.tx.TMSID())
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to get tokens db for [%s]", s.tx.TMSID())
@@ -145,21 +147,28 @@ func (s *EndorseView) handleSignatureRequests(context view.Context) error {
 	return nil
 }
 
+// receiveTransaction is used to intercept the last round of transaction distribution from CollectEndorsementsView.
+// Indeed, after having collected the auditor signatures, if needed, and the approval,
+// CollectEndorsementsView distributes the token request with the additional signatures.
 func (s *EndorseView) receiveTransaction(context view.Context) (*Transaction, error) {
-	logger.DebugfContext(context.Context(), "Receive transaction with envelope...")
-	// TODO: this might also happen multiple times because of the pseudonym. Avoid this by identity resolution at the sender
+	logger.DebugfContext(context.Context(), "receive transaction...")
 	tx, err := ReceiveTransaction(context)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed receiving transaction")
 	}
 
-	// TODO: compare with the existing transaction
-	logger.DebugfContext(context.Context(), "Processes Fabric Envelope with ID [%s]", tx.ID())
-
-	// Set the envelope
-	request := s.tx.TokenRequest
-	s.tx = tx
-	s.tx.TokenRequest = request
+	// check that the content of the token request match
+	m1, err := s.tx.TokenRequest.MarshalToSign()
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to marshal token request to sign from the local transaction")
+	}
+	m2, err := tx.TokenRequest.MarshalToSign()
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to marshal token request to sign from the remote transaction")
+	}
+	if !bytes.Equal(m1, m2) {
+		return nil, errors.Errorf("token request's signer does not match the expected signer")
+	}
 	return tx, nil
 }
 
@@ -191,20 +200,33 @@ func (s *EndorseView) ack(context view.Context, receivedTx *Transaction) error {
 	return nil
 }
 
+// requiredSigners extracts from the given token request a list of identities that can generate a signature over it.
 func requiredSigners(ctx context.Context, request *token.Request) ([]token.Identity, error) {
 	issuerSigners := request.IssueSigners()
 	transferSigners := request.TransferSigners()
 	res := make([]token.Identity, 0, len(issuerSigners)+len(transferSigners))
 	sigService := request.TokenService.SigService()
 	for _, signer := range issuerSigners {
-		if sigService.IsMe(ctx, signer) {
-			res = append(res, signer)
+		multiSigners, _, _ := multisig.Unwrap(signer)
+		if len(multiSigners) != 0 {
+			res = append(res, multiSigners...)
+			continue
 		}
+		res = append(res, signer)
 	}
 	for _, signer := range transferSigners {
-		if sigService.IsMe(ctx, signer) {
-			res = append(res, signer)
+		multiSigners, _, _ := multisig.Unwrap(signer)
+		if len(multiSigners) != 0 {
+			res = append(res, multiSigners...)
+			continue
+		}
+		res = append(res, signer)
+	}
+	subset := make([]token.Identity, 0, len(res))
+	for _, res := range res {
+		if sigService.IsMe(ctx, res) {
+			subset = append(subset, res)
 		}
 	}
-	return res, nil
+	return subset, nil
 }

token/services/ttx/multisig/spend.go

@@ -98,7 +98,7 @@ func NewRequestSpendView(unspentToken *token.UnspentToken, opts ...token2.Servic
 		return &RequestSpendView{err: errors.Wrap(err, "failed to compile service options")}
 	}
 
-	ok, identities, err := multisig.Unwrap(unspentToken.Owner)
+	identities, ok, err := multisig.Unwrap(unspentToken.Owner)
 	if err != nil {
 		return &RequestSpendView{err: errors.Wrap(err, "failed to unwrap identities")}
 	}

token/services/ttx/recipients.go

@@ -414,7 +414,7 @@ func (s *RespondRequestRecipientIdentityView) handleMultisig(
 	}
 
 	// register the audit info for each party too
-	ok, multisigIdentities, err := multisig.Unwrap(multisigRecipientData.RecipientData.Identity)
+	multisigIdentities, ok, err := multisig.Unwrap(multisigRecipientData.RecipientData.Identity)
 	if err != nil {
 		return errors.Wrapf(err, "failed to unwrap multisig identity")
 	}

token/services/ttx/transaction.go

@@ -8,19 +8,16 @@ package ttx
 
 import (
 	"context"
-	"encoding/base64"
-	errors2 "errors"
 	"runtime/debug"
 	"time"
 
 	"github.com/hyperledger-labs/fabric-smart-client/pkg/utils/errors"
 	"github.com/hyperledger-labs/fabric-smart-client/platform/view/services/endpoint"
-	"github.com/hyperledger-labs/fabric-smart-client/platform/view/services/storage/kvs"
 	"github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
 	"github.com/hyperledger-labs/fabric-token-sdk/token"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/services/network"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/services/utils"
-	session2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/utils/json/session"
+	jsession "github.com/hyperledger-labs/fabric-token-sdk/token/services/utils/json/session"
 	token2 "github.com/hyperledger-labs/fabric-token-sdk/token/token"
 )
 
@@ -420,7 +417,7 @@ func NewReceiveTransactionView() *ReceiveTransactionView {
 }
 
 func (f *ReceiveTransactionView) Call(context view.Context) (interface{}, error) {
-	jsonSession := session2.JSON(context)
+	jsonSession := jsession.JSON(context)
 	msg, err := jsonSession.ReceiveRawWithTimeout(time.Minute * 4)
 	if err != nil {
 		logger.ErrorfContext(context.Context(), err.Error())
@@ -439,7 +436,7 @@ func (f *ReceiveTransactionView) Call(context view.Context) (interface{}, error)
 		var err2 error
 		tx, err2 = f.unmarshalAsSignatureRequest(context, msg)
 		if err2 != nil {
-			return nil, errors.Wrap(errors2.Join(err, err2), "failed to receive transaction")
+			return nil, errors.Wrap(errors.Join(err, err2), "failed to receive transaction")
 		}
 	}
 	return tx, nil
@@ -458,15 +455,5 @@ func (f *ReceiveTransactionView) unmarshalAsSignatureRequest(context view.Contex
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to receive transaction")
 	}
-	k, err := kvs.CreateCompositeKey("signatureRequest", []string{tx.ID()})
-	if err != nil {
-		return nil, errors.Wrap(err, "failed to generate key to store signature request")
-	}
-	k = base64.StdEncoding.EncodeToString([]byte(k))
-	if kvss, err := context.GetService(&kvs.KVS{}); err != nil {
-		return nil, errors.Wrap(err, "failed to get KVS from context")
-	} else if err := kvss.(*kvs.KVS).Put(context.Context(), k, base64.StdEncoding.EncodeToString(raw)); err != nil {
-		return nil, errors.Wrap(err, "failed to store signature request")
-	}
 	return tx, nil
 }