Merge pull request #3 from rarimo/feat/whitelist

Feat/whitelist

config.yaml

@@ -1,18 +1,9 @@
 network:
   rpc: ""
-  registration: ""
-  lightweight_state: ""
   private_key: ""
   vault_address: "https://127.0.0.1:8200"
   vault_mount_path: "secret_data"
-  whitelist: 
-    - 0x123...123
-    - 0x123...123
-    - 0x123...123
-    - 0x123...123
-    - 0x123...123
-    - 0x123...123
-    - 0x123...123
+  address: "0x111"
 
 log:
   level: debug

docs/spec/components/schemas/SendTx.yaml

@@ -10,6 +10,7 @@ allOf:
         required:
           - tx_data
           - destination
+          - proposal_id
         properties:
           tx_data:
             type: string
@@ -21,3 +22,7 @@ allOf:
             pattern: "^0x[0-9a-fA-F]{40}"
             example: "0xdead...beaf"
             description: Address of the contract to which the transaction data should be sent
+          proposal_id:
+            type: integer
+            format: int64
+            example: 34234

go.mod

@@ -6,6 +6,7 @@ require (
 	github.com/alecthomas/kingpin v2.2.6+incompatible
 	github.com/ethereum/go-ethereum v1.13.11
 	github.com/go-chi/chi v4.1.2+incompatible
+	github.com/go-ozzo/ozzo-validation/v4 v4.2.1
 	github.com/hashicorp/vault/api v1.12.2
 	gitlab.com/distributed_lab/ape v1.7.1
 	gitlab.com/distributed_lab/dig v0.0.0-20230207152643-c44f80a4294c
@@ -19,6 +20,7 @@ require (
 	github.com/StackExchange/wmi v1.2.1 // indirect
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
 	github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d // indirect
+	github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496 // indirect
 	github.com/bits-and-blooms/bitset v1.10.0 // indirect
 	github.com/btcsuite/btcd/btcec/v2 v2.2.0 // indirect
 	github.com/cenkalti/backoff/v3 v3.0.0 // indirect
@@ -34,8 +36,8 @@ require (
 	github.com/getsentry/sentry-go v0.27.0 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-ole/go-ole v1.3.0 // indirect
-	github.com/go-ozzo/ozzo-validation/v4 v4.2.1 // indirect
 	github.com/google/jsonapi v0.0.0-20200226002910-c8283f632fb7 // indirect
+	github.com/google/uuid v1.4.0 // indirect
 	github.com/gorilla/websocket v1.5.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect

internal/config/network.go

@@ -3,6 +3,7 @@ package config
 import (
 	"context"
 	"crypto/ecdsa"
+	"github.com/ethereum/go-ethereum/common"
 	"math/big"
 	"sync"
 
@@ -36,8 +37,8 @@ type RelayerConfig struct {
 	ChainID    *big.Int
 	PrivateKey *ecdsa.PrivateKey
 	nonce      uint64
-
-	mut *sync.Mutex
+	Address    common.Address
+	mut        *sync.Mutex
 }
 
 func (e *ethereum) RelayerConfig() *RelayerConfig {
@@ -49,6 +50,7 @@ func (e *ethereum) RelayerConfig() *RelayerConfig {
 			PrivateKey     *ecdsa.PrivateKey `fig:"private_key"`
 			VaultAddress   string            `fig:"vault_address"`
 			VaultMountPath string            `fig:"vault_mount_path"`
+			Address        common.Address    `fig:"address,required"`
 		}{}
 		err := figure.
 			Out(&networkConfig).
@@ -75,8 +77,9 @@ func (e *ethereum) RelayerConfig() *RelayerConfig {
 		if err != nil {
 			panic(errors.Wrap(err, "failed to get nonce"))
 		}
-
+		result.Address = networkConfig.Address
 		result.mut = &sync.Mutex{}
+
 		return &result
 	}).(*RelayerConfig)
 }

internal/service/handlers/voting.go

@@ -1,11 +1,14 @@
 package handlers
 
 import (
+	"bytes"
 	"fmt"
 	"math/big"
 	"net/http"
 	"strings"
 
+	"github.com/rarimo/voting-relayer/internal/service/proposalsstate"
+
 	"github.com/ethereum/go-ethereum"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
@@ -27,6 +30,16 @@ type txData struct {
 	gas       uint64
 }
 
+func isAddressInWhitelist(votingAddress common.Address, whitelist []common.Address) bool {
+	votingAddressBytes := votingAddress.Bytes()
+	for _, addr := range whitelist {
+		if bytes.Equal(votingAddressBytes, addr.Bytes()) {
+			return true
+		}
+	}
+	return false
+}
+
 func Voting(w http.ResponseWriter, r *http.Request) {
 	req, err := requests.NewVotingRequest(r)
 	if err != nil {
@@ -38,12 +51,15 @@ func Voting(w http.ResponseWriter, r *http.Request) {
 	var (
 		destination = req.Data.Attributes.Destination
 		calldata    = req.Data.Attributes.TxData
+		proposalID  = req.Data.Attributes.ProposalId
 	)
 
 	log := Log(r).WithFields(logan.F{
-		"user-agent":  r.Header.Get("User-Agent"),
-		"calldata":    calldata,
-		"destination": destination,
+		"user-agent":              r.Header.Get("User-Agent"),
+		"calldata":                calldata,
+		"destination":             destination,
+		"proposal_id":             proposalID,
+		"proposol_state_contract": RelayerConfig(r).Address,
 	})
 	log.Debug("voting request")
 
@@ -53,17 +69,35 @@ func Voting(w http.ResponseWriter, r *http.Request) {
 	var txd txData
 	txd.dataBytes, err = hexutil.Decode(calldata)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to decode data")
+		log.WithError(err).Error("Failed to decode data")
 		ape.RenderErr(w, problems.BadRequest(err)...)
 		return
 	}
 
 	RelayerConfig(r).LockNonce()
 	defer RelayerConfig(r).UnlockNonce()
 
+	proposalBigID := big.NewInt(proposalID)
+
+	session, err := proposalsstate.NewProposalsStateCaller(RelayerConfig(r).Address, RelayerConfig(r).RPC)
+
+	if err != nil {
+		log.WithError(err).Error("Failed to get proposal state caller")
+		ape.RenderErr(w, problems.InternalError())
+		return
+	}
+
+	proposalConfig, err := session.GetProposalConfig(nil, proposalBigID)
+
+	if err != nil {
+		log.WithError(err).Error("Failed to get proposal config")
+		ape.RenderErr(w, problems.InternalError())
+		return
+	}
+
 	err = confGas(r, &txd, &votingAddress)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to configure gas and gasPrice")
+		log.WithError(err).Error("Failed to configure gas and gasPrice")
 		// `errors.Is` is not working for rpc errors, they passed as a string without additional wrapping
 		// because of this we operate with raw strings
 		if strings.Contains(err.Error(), vm.ErrExecutionReverted.Error()) {
@@ -77,9 +111,15 @@ func Voting(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if !isAddressInWhitelist(votingAddress, proposalConfig.VotingWhitelist) {
+		log.Error("Address not in voting whitelist")
+		ape.RenderErr(w, problems.Forbidden())
+		return
+	}
+
 	tx, err := sendTx(r, &txd, &votingAddress)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to send tx")
+		log.WithError(err).Error("failed to send tx")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}