fix: Raise an error if the transaction is not frozen while signing (#947

)

* fix: raise an error if the txn is not frozen while signing

Signed-off-by: Ivan Ivanov <ivanivanov.ii726@gmail.com>

* test: fix integration tests

Signed-off-by: Ivan Ivanov <ivanivanov.ii726@gmail.com>

* test: fix integration tests

Signed-off-by: Ivan Ivanov <ivanivanov.ii726@gmail.com>

---------

Signed-off-by: Ivan Ivanov <ivanivanov.ii726@gmail.com>

account_create_transaction_e2e_test.go

@@ -355,12 +355,14 @@ func TestIntegrationAccountCreateTransactionWithAliasFromAdminKeyWithReceiverSig
 		Execute(env.Client)
 	require.NoError(t, err)
 
-	resp, err := NewAccountCreateTransaction().
+	frozenTxn, err := NewAccountCreateTransaction().
 		SetReceiverSignatureRequired(true).
 		SetKey(adminKey).
 		SetAlias(evmAddress).
-		Sign(adminKey).
-		Execute(env.Client)
+		FreezeWith(env.Client)
+	require.NoError(t, err)
+
+	resp, err := frozenTxn.Sign(adminKey).Execute(env.Client)
 	require.NoError(t, err)
 
 	receipt, err := resp.GetReceipt(env.Client)
@@ -436,9 +438,13 @@ func TestIntegrationAccountCreateTransactionWithAlias(t *testing.T) {
 	key, err := PrivateKeyGenerateEcdsa()
 	evmAddress := key.PublicKey().ToEvmAddress()
 
-	resp, err := NewAccountCreateTransaction().
+	tx, err := NewAccountCreateTransaction().
 		SetKey(adminKey).
 		SetAlias(evmAddress).
+		FreezeWith(env.Client)
+	require.NoError(t, err)
+
+	resp, err := tx.
 		Sign(key).
 		Execute(env.Client)
 	require.NoError(t, err)
@@ -514,10 +520,14 @@ func TestIntegrationAccountCreateTransactionWithAliasWithReceiverSigRequired(t *
 	key, err := PrivateKeyGenerateEcdsa()
 	evmAddress := key.PublicKey().ToEvmAddress()
 
-	resp, err := NewAccountCreateTransaction().
+	frozenTxn, err := NewAccountCreateTransaction().
 		SetReceiverSignatureRequired(true).
 		SetKey(adminKey).
 		SetAlias(evmAddress).
+		FreezeWith(env.Client)
+	require.NoError(t, err)
+
+	resp, err := frozenTxn.
 		Sign(key).
 		Sign(adminKey).
 		Execute(env.Client)
@@ -560,10 +570,14 @@ func TestIntegrationAccountCreateTransactionWithAliasWithReceiverSigRequiredWith
 	key, err := PrivateKeyGenerateEcdsa()
 	evmAddress := key.PublicKey().ToEvmAddress()
 
-	resp, err := NewAccountCreateTransaction().
+	frozenTxn, err := NewAccountCreateTransaction().
 		SetReceiverSignatureRequired(true).
 		SetKey(adminKey).
 		SetAlias(evmAddress).
+		FreezeWith(env.Client)
+	require.NoError(t, err)
+
+	resp, err := frozenTxn.
 		Sign(key).
 		Execute(env.Client)
 	require.NoError(t, err)

serialize_deserialize_test.go

@@ -92,7 +92,10 @@ func TestIntegrationAddSignatureSerializeDeserializeAddAnotherSignatureExecute(t
 	assert.Equal(t, txFromBytes.signedTransactions._Length(), txBefore.signedTransactions._Length())
 	assert.Equal(t, txFromBytes.memo, txBefore.memo)
 
-	executed, err := txFromBytes.Sign(newKey).Execute(env.Client)
+	frozenTx, err := txFromBytes.FreezeWith(env.Client)
+	require.NoError(t, err)
+
+	executed, err := frozenTx.Sign(newKey).Execute(env.Client)
 	if err != nil {
 		panic(err)
 	}

token_nft_allowance_e2e_test.go

@@ -52,7 +52,9 @@ func TestIntegrationCantTransferOnBehalfOfSpenderWithoutAllowanceApproval(t *tes
 	tokenReceipt, err := tokenCreate.SetValidateStatus(true).GetReceipt(env.Client)
 	require.NoError(t, err)
 	tokenID := tokenReceipt.TokenID
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).Sign(spenderKey).Execute(env.Client)
+	frozenTxn, err := NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).FreezeWith(env.Client)
+	require.NoError(t, err)
+	_, err = frozenTxn.Sign(spenderKey).Execute(env.Client)
 	require.NoError(t, err)
 
 	mint, err := NewTokenMintTransaction().
@@ -66,9 +68,10 @@ func TestIntegrationCantTransferOnBehalfOfSpenderWithoutAllowanceApproval(t *tes
 	nft1 := NftID{TokenID: *tokenID, SerialNumber: serials[0]}
 	onBehalfOfTxId := TransactionIDGenerate(*spenderAccountId)
 
-	transfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTxId).Sign(spenderKey).Execute(env.Client)
+	frozenTransfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTxId).FreezeWith(env.Client)
 	require.NoError(t, err)
-	_, err = transfer.SetValidateStatus(true).GetReceipt(env.Client)
+	resp, err := frozenTransfer.Sign(spenderKey).Execute(env.Client)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 	require.Error(t, err)
 	require.Equal(t, "exceptional receipt status: SPENDER_DOES_NOT_HAVE_ALLOWANCE", err.Error())
 
@@ -106,10 +109,14 @@ func TestIntegrationCantTransferOnBehalfOfSpenderAfterRemovingTheAllowanceApprov
 	require.NoError(t, err)
 	tokenID := tokenReceipt.TokenID
 
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).Sign(spenderKey).Execute(env.Client)
+	frozenTx, err := NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).FreezeWith(env.Client)
+	require.NoError(t, err)
+	_, err = frozenTx.Sign(spenderKey).Execute(env.Client)
 	require.NoError(t, err)
 
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*receiverAccountId).Sign(receiverKey).Execute(env.Client)
+	frozenTx, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*receiverAccountId).FreezeWith(env.Client)
+	require.NoError(t, err)
+	_, err = frozenTx.Sign(receiverKey).Execute(env.Client)
 	require.NoError(t, err)
 
 	mint, err := NewTokenMintTransaction().SetTokenID(*tokenID).SetMetadata([]byte{0x01}).SetMetadata([]byte{0x02}).Execute(env.Client)
@@ -130,19 +137,23 @@ func TestIntegrationCantTransferOnBehalfOfSpenderAfterRemovingTheAllowanceApprov
 	_, err = deleteTx.SetValidateStatus(true).GetReceipt(env.Client)
 
 	onBehalfOfTxId := TransactionIDGenerate(*spenderAccountId)
-	transfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTxId).Sign(spenderKey).Execute(env.Client)
+	frozenTransfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTxId).FreezeWith(env.Client)
 	require.NoError(t, err)
-	_, err = transfer.SetValidateStatus(true).GetReceipt(env.Client)
+	resp, err := frozenTransfer.Sign(spenderKey).Execute(env.Client)
+	require.NoError(t, err)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 	require.NoError(t, err)
 
 	info, err := NewTokenNftInfoQuery().SetNftID(nft1).Execute(env.Client)
 	require.NoError(t, err)
 	require.Equal(t, *receiverAccountId, info[0].AccountID)
 
 	onBehalfOfTxId2 := TransactionIDGenerate(*spenderAccountId)
-	transfer2, err := NewTransferTransaction().AddApprovedNftTransfer(nft2, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTxId2).Sign(spenderKey).Execute(env.Client)
+	frozenTransfer2, err := NewTransferTransaction().AddApprovedNftTransfer(nft2, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTxId2).FreezeWith(env.Client)
+	require.NoError(t, err)
+	resp, err = frozenTransfer2.Sign(spenderKey).Execute(env.Client)
 	require.NoError(t, err)
-	_, err = transfer2.SetValidateStatus(true).GetReceipt(env.Client)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 	require.Error(t, err)
 	require.Equal(t, "exceptional receipt status: SPENDER_DOES_NOT_HAVE_ALLOWANCE", err.Error())
 
@@ -180,10 +191,14 @@ func TestIntegrationCantRemoveSingleSerialNumberAllowanceWhenAllowanceIsForAllSe
 	require.NoError(t, err)
 	tokenID := tokenReceipt.TokenID
 
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).Sign(spenderKey).Execute(env.Client)
+	frozenTxn, err := NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).FreezeWith(env.Client)
+	require.NoError(t, err)
+	_, err = frozenTxn.Sign(spenderKey).Execute(env.Client)
 	require.NoError(t, err)
 
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*receiverAccountId).Sign(receiverKey).Execute(env.Client)
+	frozenTxn, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*receiverAccountId).FreezeWith(env.Client)
+	require.NoError(t, err)
+	_, err = frozenTxn.Sign(receiverKey).Execute(env.Client)
 	require.NoError(t, err)
 
 	mint, err := NewTokenMintTransaction().SetTokenID(*tokenID).SetMetadata([]byte{0x01}).SetMetadata([]byte{0x02}).Execute(env.Client)
@@ -199,19 +214,21 @@ func TestIntegrationCantRemoveSingleSerialNumberAllowanceWhenAllowanceIsForAllSe
 	require.NoError(t, err)
 
 	onBehalfOfTransactionId := TransactionIDGenerate(*spenderAccountId)
-	transfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId).Sign(spenderKey).Execute(env.Client)
+	frozenTransfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId).FreezeWith(env.Client)
 	require.NoError(t, err)
-	_, err = transfer.SetValidateStatus(true).GetReceipt(env.Client)
+	resp, err := frozenTransfer.Sign(spenderKey).Execute(env.Client)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 	require.NoError(t, err)
 
 	deleteTx, err := NewAccountAllowanceDeleteTransaction().DeleteAllTokenNftAllowances(nft2, &env.OperatorID).Execute(env.Client)
 	require.NoError(t, err)
 	_, err = deleteTx.SetValidateStatus(true).GetReceipt(env.Client)
 
 	onBehalfOfTransactionId2 := TransactionIDGenerate(*spenderAccountId)
-	transfer2, err := NewTransferTransaction().AddApprovedNftTransfer(nft2, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId2).Sign(spenderKey).Execute(env.Client)
+	frozenTransfer2, err := NewTransferTransaction().AddApprovedNftTransfer(nft2, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId2).FreezeWith(env.Client)
 	require.NoError(t, err)
-	_, err = transfer2.SetValidateStatus(true).GetReceipt(env.Client)
+	resp, err = frozenTransfer2.Sign(spenderKey).Execute(env.Client)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 
 	info, err := NewTokenNftInfoQuery().SetNftID(nft1).Execute(env.Client)
 	require.NoError(t, err)
@@ -259,11 +276,14 @@ func TestIntegrationAfterGivenAllowanceForAllSerialsCanGiveSingleSerialToOtherAc
 	require.NoError(t, err)
 	tokenID := tokenReceipt.TokenID
 
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).Sign(spenderKey).Execute(env.Client)
+	frozenTx, err := NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*spenderAccountId).FreezeWith(env.Client)
+	require.NoError(t, err)
+	_, err = frozenTx.Sign(spenderKey).Execute(env.Client)
 	require.NoError(t, err)
 
-	_, err = NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*receiverAccountId).Sign(receiverKey).Execute(env.Client)
+	frozenTxn, err := NewTokenAssociateTransaction().SetTokenIDs(*tokenID).SetAccountID(*receiverAccountId).FreezeWith(env.Client)
 	require.NoError(t, err)
+	_, err = frozenTxn.Sign(receiverKey).Execute(env.Client)
 
 	mint, err := NewTokenMintTransaction().SetTokenID(*tokenID).SetMetadata([]byte{0x01}).SetMetadata([]byte{0x02}).Execute(env.Client)
 	require.NoError(t, err)
@@ -291,15 +311,19 @@ func TestIntegrationAfterGivenAllowanceForAllSerialsCanGiveSingleSerialToOtherAc
 	env.Client.SetOperator(env.OperatorID, env.OperatorKey)
 
 	onBehalfOfTransactionId := TransactionIDGenerate(*delegateSpenderAccountId)
-	transfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId).Sign(delegateSpenderKey).Execute(env.Client)
+	frozenTransfer, err := NewTransferTransaction().AddApprovedNftTransfer(nft1, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId).FreezeWith(env.Client)
 	require.NoError(t, err)
-	_, err = transfer.SetValidateStatus(true).GetReceipt(env.Client)
+	resp, err := frozenTransfer.Sign(delegateSpenderKey).Execute(env.Client)
+	require.NoError(t, err)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 	require.NoError(t, err)
 
 	onBehalfOfTransactionId2 := TransactionIDGenerate(*delegateSpenderAccountId)
-	transfer2, err := NewTransferTransaction().AddApprovedNftTransfer(nft2, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId2).Sign(delegateSpenderKey).Execute(env.Client)
+	frozenTransfer2, err := NewTransferTransaction().AddApprovedNftTransfer(nft2, env.OperatorID, *receiverAccountId, true).SetTransactionID(onBehalfOfTransactionId2).FreezeWith(env.Client)
+	require.NoError(t, err)
+	resp, err = frozenTransfer2.Sign(delegateSpenderKey).Execute(env.Client)
 	require.NoError(t, err)
-	_, err = transfer2.SetValidateStatus(true).GetReceipt(env.Client)
+	_, err = resp.SetValidateStatus(true).GetReceipt(env.Client)
 	require.Error(t, err)
 	require.Equal(t, "exceptional receipt status: SPENDER_DOES_NOT_HAVE_ALLOWANCE", err.Error())
 

token_update_nfts_transaction_e2e_test.go

@@ -237,11 +237,14 @@ func updateNftMetadata(t *testing.T, env *IntegrationTestEnv, tokenID TokenID, s
 			SetSerialNumbers(serials).
 			SetMetadata(updatedMetadata)
 	} else {
-		tokenUpdateNftsTx = NewTokenUpdateNftsTransaction().
+		frozenTx, err := NewTokenUpdateNftsTransaction().
 			SetTokenID(tokenID).
 			SetSerialNumbers(serials).
 			SetMetadata(updatedMetadata).
-			Sign(*metadataKey)
+			FreezeWith(env.Client)
+		require.NoError(t, err)
+
+		tokenUpdateNftsTx = frozenTx.Sign(*metadataKey)
 	}
 
 	tx, err := tokenUpdateNftsTx.Execute(env.Client)

transaction.go

@@ -476,6 +476,12 @@ func (tx *Transaction) IsFrozen() bool {
 	return tx.signedTransactions._Length() > 0
 }
 
+func (tx *Transaction) _RequireFrozen() {
+	if !tx.IsFrozen() {
+		tx.freezeError = errTransactionIsNotFrozen
+	}
+}
+
 func (tx *Transaction) _RequireNotFrozen() {
 	if tx.IsFrozen() {
 		tx.freezeError = errTransactionIsFrozen
@@ -850,7 +856,6 @@ func (tx *Transaction) Sign(privateKey PrivateKey) TransactionInterface {
 func (tx *Transaction) signWithOperator(client *Client, e TransactionInterface) (TransactionInterface, error) { // nolint
 	// If the transaction is not signed by the _Operator, we need
 	// to sign the transaction with the _Operator
-
 	if client == nil {
 		return nil, errNoClientProvided
 	} else if client.operator == nil {
@@ -866,6 +871,9 @@ func (tx *Transaction) signWithOperator(client *Client, e TransactionInterface)
 	return tx.SignWith(client.operator.publicKey, client.operator.signer), nil
 }
 func (tx *Transaction) SignWith(publicKey PublicKey, signer TransactionSigner) TransactionInterface {
+	// We need to make sure the request is frozen
+	tx._RequireFrozen()
+
 	if !tx._KeyAlreadySigned(publicKey) {
 		tx._SignWith(publicKey, signer)
 	}

transaction_e2e_test.go

@@ -289,3 +289,21 @@ func DisabledTestTransactionFromBytes(t *testing.T) { // nolint
 		panic("Transaction was not a crypto transfer?")
 	}
 }
+
+func TestIntegrationTransactionFailsWhenSigningWithoutFreezing(t *testing.T) {
+	t.Parallel()
+	env := NewIntegrationTestEnv(t)
+
+	newKey, err := PrivateKeyGenerateEd25519()
+	require.NoError(t, err)
+
+	tx := NewAccountCreateTransaction().
+		SetKey(newKey.PublicKey()).
+		SetNodeAccountIDs(env.NodeAccountIDs)
+
+	_, err = tx.Sign(newKey).Execute(env.Client)
+	require.ErrorContains(t, err, "transaction is not frozen")
+
+	err = CloseIntegrationTestEnv(env, nil)
+	require.NoError(t, err)
+}