From 34e586dd4172ce184eab0589d0bf1c639943069c Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Tue, 24 Sep 2024 19:20:20 +0200 Subject: [PATCH 1/6] Add more check parameters without implementation --- .../EraBased/Commands/Governance/Actions.hs | 2 + .../Cardano/CLI/EraBased/Options/Common.hs | 59 +++++++++++++++++++ .../EraBased/Options/Governance/Actions.hs | 20 +------ .../cardano-cli-golden/files/golden/help.cli | 6 ++ ..._governance_action_create-constitution.cli | 17 ++++++ .../conway_governance_action_create-info.cli | 2 +- 6 files changed, 88 insertions(+), 18 deletions(-) diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs index 04a5ffad05..3415c174e6 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs @@ -68,8 +68,10 @@ data GovernanceActionCreateConstitutionCmdArgs era , mPrevGovernanceActionId :: !(Maybe (TxId, Word16)) , proposalUrl :: !ProposalUrl , proposalHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkProposalHash :: !(MustCheckHash ProposalUrl) , constitutionUrl :: !ConstitutionUrl , constitutionHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkConstitutionHash :: !(MustCheckHash ConstitutionUrl) , constitutionScript :: !(Maybe ScriptHash) , outFile :: !(File () Out) } diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Options/Common.hs b/cardano-cli/src/Cardano/CLI/EraBased/Options/Common.hs index 652c9839b6..a4c5cf2aa6 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Options/Common.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Options/Common.hs @@ -3569,6 +3569,65 @@ pAnchorDataHash = , Opt.help "Proposal anchor data hash (obtain it with \"cardano-cli hash anchor-data ...\")" ] +data HashCheckParamInfo anchorData + = HashCheckParamInfo + { flagSuffix :: String + , dataName :: String + , hashParamName :: String + , urlParamName :: String + } + +pMustCheckHash :: HashCheckParamInfo anchorData -> Parser (MustCheckHash anchorData) +pMustCheckHash + ( HashCheckParamInfo + { flagSuffix = flagSuffix' + , dataName = dataName' + , hashParamName = hashParamName' + , urlParamName = urlParamName' + } + ) = + asum + [ Opt.flag' CheckHash $ + mconcat + [ Opt.long ("check-" ++ flagSuffix') + , Opt.help + ( "Check the " + ++ dataName' + ++ " hash (from " + ++ hashParamName' + ++ ") by downloading " + ++ dataName' + ++ " data (from " + ++ urlParamName' + ++ ")." + ) + ] + , Opt.flag' TrustHash $ + mconcat + [ Opt.long ("trust-" ++ flagSuffix') + , Opt.help + ("Do not check the " ++ dataName' ++ " hash (from " ++ hashParamName' ++ ") and trust it is correct.") + ] + ] + +proposalHashCheckInfo :: HashCheckParamInfo ProposalUrl +proposalHashCheckInfo = + HashCheckParamInfo + { flagSuffix = "anchor-data" + , dataName = "proposal" + , hashParamName = "--anchor-data-hash" + , urlParamName = "--anchor-url" + } + +constitutionHashCheckInfo :: HashCheckParamInfo ConstitutionUrl +constitutionHashCheckInfo = + HashCheckParamInfo + { flagSuffix = "constitution-hash" + , dataName = "constitution" + , hashParamName = "--constitution-hash" + , urlParamName = "--constitution-url" + } + pPreviousGovernanceAction :: Parser (Maybe (TxId, Word16)) pPreviousGovernanceAction = optional $ diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs index 24d48236a4..677e37a7ce 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs @@ -74,26 +74,10 @@ pGovernanceActionNewInfoCmd era = do <*> pStakeIdentifier (Just "deposit-return") <*> pAnchorUrl <*> pAnchorDataHash - <*> pMustCheckProposalHash + <*> pMustCheckHash proposalHashCheckInfo <*> pFileOutDirection "out-file" "Path to action file to be used later on with build or build-raw " ) $ Opt.progDesc "Create an info action." - where - pMustCheckProposalHash :: Parser (MustCheckHash ProposalUrl) - pMustCheckProposalHash = - asum - [ Opt.flag' CheckHash $ - mconcat - [ Opt.long "check-anchor-data" - , Opt.help - "Check the proposal hash (from --anchor-data-hash) by downloading anchor data (from --anchor-url)." - ] - , Opt.flag' TrustHash $ - mconcat - [ Opt.long "trust-anchor-data" - , Opt.help "Do not check the proposal hash (from --anchor-data-hash) and trust it is correct." - ] - ] pGovernanceActionNewConstitutionCmd :: CardanoEra era @@ -111,8 +95,10 @@ pGovernanceActionNewConstitutionCmd era = do <*> pPreviousGovernanceAction <*> pAnchorUrl <*> pAnchorDataHash + <*> pMustCheckHash proposalHashCheckInfo <*> pConstitutionUrl <*> pConstitutionHash + <*> pMustCheckHash constitutionHashCheckInfo <*> optional pConstitutionScriptHash <*> pFileOutDirection "out-file" "Output filepath of the constitution." ) diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help.cli index d100e862c8..ad3e15b017 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help.cli @@ -5926,8 +5926,14 @@ Usage: cardano-cli conway governance action create-constitution --prev-governance-action-index WORD16] --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) --constitution-url TEXT --constitution-hash HASH + ( --check-constitution-hash + | --trust-constitution-hash + ) [--constitution-script-hash HASH] --out-file FILEPATH diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-constitution.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-constitution.cli index 2cf633f76d..a2d2eafec3 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-constitution.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-constitution.cli @@ -13,8 +13,14 @@ Usage: cardano-cli conway governance action create-constitution --prev-governance-action-index WORD16] --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) --constitution-url TEXT --constitution-hash HASH + ( --check-constitution-hash + | --trust-constitution-hash + ) [--constitution-script-hash HASH] --out-file FILEPATH @@ -42,9 +48,20 @@ Available options: --anchor-url TEXT Anchor URL --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") + --check-anchor-data Check the proposal hash (from --anchor-data-hash) by + downloading proposal data (from --anchor-url). + --trust-anchor-data Do not check the proposal hash (from + --anchor-data-hash) and trust it is correct. --constitution-url TEXT Constitution URL. --constitution-hash HASH Hash of the constitution data (obtain it with "cardano-cli hash anchor-data ..."). + --check-constitution-hash + Check the constitution hash (from + --constitution-hash) by downloading constitution data + (from --constitution-url). + --trust-constitution-hash + Do not check the constitution hash (from + --constitution-hash) and trust it is correct. --constitution-script-hash HASH Constitution script hash (hex-encoded). Obtain it with "cardano-cli hash script ...". diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-info.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-info.cli index 4a7fc78709..21a8c4bb73 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-info.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-info.cli @@ -34,7 +34,7 @@ Available options: --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") --check-anchor-data Check the proposal hash (from --anchor-data-hash) by - downloading anchor data (from --anchor-url). + downloading proposal data (from --anchor-url). --trust-anchor-data Do not check the proposal hash (from --anchor-data-hash) and trust it is correct. --out-file FILEPATH Path to action file to be used later on with build or From f3038533b97e49f135135d06569565e34cf6c3c0 Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Tue, 24 Sep 2024 21:21:58 +0200 Subject: [PATCH 2/6] Update tests --- .gitattributes | 2 + .../Test/Golden/Governance/Action.hs | 150 ++++++++++-------- .../files/input/example_anchor_data2.txt | 2 + .../Test/Cardano/CLI/Hash.hs | 39 +++-- .../test/cardano-cli-test/Test/Cli/Hash.hs | 12 +- .../files/input/example_anchor_data2.txt | 2 + 6 files changed, 123 insertions(+), 84 deletions(-) create mode 100644 cardano-cli/test/cardano-cli-golden/files/input/example_anchor_data2.txt create mode 100644 cardano-cli/test/cardano-cli-test/files/input/example_anchor_data2.txt diff --git a/.gitattributes b/.gitattributes index eb84872b79..fd9f75d876 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,4 @@ cardano-cli/test/cardano-cli-golden/files/input/example_anchor_data.txt -text +cardano-cli/test/cardano-cli-golden/files/input/example_anchor_data2.txt -text cardano-cli/test/cardano-cli-test/files/input/example_anchor_data.txt -text +cardano-cli/test/cardano-cli-test/files/input/example_anchor_data2.txt -text diff --git a/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs b/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs index 1f7b05cc56..44d0193607 100644 --- a/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs +++ b/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs @@ -10,8 +10,9 @@ import Control.Monad (void) import Control.Monad.Catch (MonadCatch) import Control.Monad.Trans.Control (MonadBaseControl) -import Test.Cardano.CLI.Hash (exampleAnchorDataHash, exampleAnchorDataIpfsHash, - exampleAnchorDataPathGolden, serveFileWhile) +import Test.Cardano.CLI.Hash (exampleAnchorDataHash, exampleAnchorDataHash2, + exampleAnchorDataIpfsHash, exampleAnchorDataIpfsHash2, + exampleAnchorDataPathGolden, exampleAnchorDataPathGolden2, serveFilesWhile) import qualified Test.Cardano.CLI.Util as H import Test.Cardano.CLI.Util (execCardanoCLI, execCardanoCLIWithEnvVars, expectFailure, noteInputFile, noteTempFile, propertyOnce) @@ -20,73 +21,97 @@ import Hedgehog (MonadTest, Property) import qualified Hedgehog.Extras as H import qualified Hedgehog.Extras.Test.Golden as H +hprop_golden_governance_action_create_constitution_wrong_hash1_fails :: Property +hprop_golden_governance_action_create_constitution_wrong_hash1_fails = + propertyOnce . expectFailure . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_governance_action_create_constitution + ('a' : drop 1 exampleAnchorDataHash) + exampleAnchorDataHash2 + tempDir + +hprop_golden_governance_action_create_constitution_wrong_hash2_fails :: Property +hprop_golden_governance_action_create_constitution_wrong_hash2_fails = + propertyOnce . expectFailure . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_governance_action_create_constitution + exampleAnchorDataHash + ('a' : drop 1 exampleAnchorDataHash2) + tempDir + hprop_golden_governance_action_create_constitution :: Property hprop_golden_governance_action_create_constitution = - propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> do - stakeAddressVKeyFile <- noteTempFile tempDir "stake-address.vkey" - stakeAddressSKeyFile <- noteTempFile tempDir "stake-address.skey" + propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_governance_action_create_constitution + exampleAnchorDataHash + exampleAnchorDataHash2 + tempDir - void $ - execCardanoCLI - [ "legacy" - , "stake-address" - , "key-gen" - , "--verification-key-file" - , stakeAddressVKeyFile - , "--signing-key-file" - , stakeAddressSKeyFile - ] +base_golden_governance_action_create_constitution + :: (MonadBaseControl IO m, MonadTest m, MonadIO m, MonadCatch m) + => String + -> String + -> FilePath + -> m () +base_golden_governance_action_create_constitution hash1 hash2 tempDir = do + stakeAddressVKeyFile <- noteTempFile tempDir "stake-address.vkey" + stakeAddressSKeyFile <- noteTempFile tempDir "stake-address.skey" - actionFile <- noteTempFile tempDir "create-constitution.action" - redactedActionFile <- noteTempFile tempDir "create-constitution.action.redacted" + void $ + execCardanoCLI + [ "legacy" + , "stake-address" + , "key-gen" + , "--verification-key-file" + , stakeAddressVKeyFile + , "--signing-key-file" + , stakeAddressSKeyFile + ] - proposalHash <- - execCardanoCLI - [ "hash" - , "anchor-data" - , "--text" - , "whatever" - ] + actionFile <- noteTempFile tempDir "create-constitution.action" + redactedActionFile <- noteTempFile tempDir "create-constitution.action.redacted" - constitutionHash <- - execCardanoCLI - [ "hash" - , "anchor-data" - , "--text" - , "something else" - ] + let relativeUrl1 = ["ipfs", exampleAnchorDataIpfsHash] + let relativeUrl2 = ["ipfs", exampleAnchorDataIpfsHash2] - void $ - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "create-constitution" - , "--mainnet" - , "--anchor-data-hash" - , "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" - , "--anchor-url" - , proposalHash - , "--governance-action-deposit" - , "10" - , "--deposit-return-stake-verification-key-file" - , stakeAddressVKeyFile - , "--out-file" - , actionFile - , "--constitution-url" - , "constitution-dummy-url" - , "--constitution-hash" - , constitutionHash - ] + serveFilesWhile + [ (relativeUrl1, exampleAnchorDataPathGolden) + , (relativeUrl2, exampleAnchorDataPathGolden2) + ] + ( \port -> do + void $ + execCardanoCLIWithEnvVars + [("IPFS_GATEWAY_URI", "http://localhost:" ++ show port ++ "/")] + [ "conway" + , "governance" + , "action" + , "create-constitution" + , "--mainnet" + , "--anchor-data-hash" + , hash1 + , "--anchor-url" + , "ipfs://" ++ exampleAnchorDataIpfsHash + , "--check-anchor-data" + , "--governance-action-deposit" + , "10" + , "--deposit-return-stake-verification-key-file" + , stakeAddressVKeyFile + , "--out-file" + , actionFile + , "--constitution-url" + , "ipfs://" ++ exampleAnchorDataIpfsHash2 + , "--constitution-hash" + , hash2 + , "--check-constitution-hash" + ] + ) - goldenActionFile <- - H.note - "test/cardano-cli-golden/files/golden/governance/action/create-constitution-for-stake-address.action.golden" + goldenActionFile <- + H.note + "test/cardano-cli-golden/files/golden/governance/action/create-constitution-for-stake-address.action.golden" - -- Remove cbor hex from comparison, as it's not stable - H.redactJsonField "cborHex" "" actionFile redactedActionFile + -- Remove cbor hex from comparison, as it's not stable + H.redactJsonField "cborHex" "" actionFile redactedActionFile - H.diffFileVsGoldenFile redactedActionFile goldenActionFile + H.diffFileVsGoldenFile redactedActionFile goldenActionFile hprop_golden_conway_governance_action_view_constitution_json :: Property hprop_golden_conway_governance_action_view_constitution_json = @@ -128,6 +153,7 @@ hprop_golden_conway_governance_action_view_constitution_json = , proposalHash , "--anchor-url" , "proposal-dummy-url" + , "--trust-anchor-data" , "--governance-action-deposit" , "10" , "--deposit-return-stake-verification-key-file" @@ -138,6 +164,7 @@ hprop_golden_conway_governance_action_view_constitution_json = , "http://my-great-constitution.rocks" , "--constitution-hash" , constitutionHash + , "--trust-constitution-hash" ] goldenActionViewFile <- @@ -214,9 +241,8 @@ base_golden_conway_governance_action_view_create_info_json_outfile hash tempDir actionFile <- noteTempFile tempDir "action" let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] - serveFileWhile - relativeUrl - exampleAnchorDataPathGolden + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathGolden)] ( \port -> do void $ execCardanoCLIWithEnvVars diff --git a/cardano-cli/test/cardano-cli-golden/files/input/example_anchor_data2.txt b/cardano-cli/test/cardano-cli-golden/files/input/example_anchor_data2.txt new file mode 100644 index 0000000000..29b8f57ed6 --- /dev/null +++ b/cardano-cli/test/cardano-cli-golden/files/input/example_anchor_data2.txt @@ -0,0 +1,2 @@ +This is another file that serves for testing +the hashing of anchor data files. diff --git a/cardano-cli/test/cardano-cli-test-lib/Test/Cardano/CLI/Hash.hs b/cardano-cli/test/cardano-cli-test-lib/Test/Cardano/CLI/Hash.hs index c89005caac..b7a16e5399 100644 --- a/cardano-cli/test/cardano-cli-test-lib/Test/Cardano/CLI/Hash.hs +++ b/cardano-cli/test/cardano-cli-test-lib/Test/Cardano/CLI/Hash.hs @@ -2,10 +2,14 @@ module Test.Cardano.CLI.Hash ( exampleAnchorDataHash - , serveFileWhile + , exampleAnchorDataHash2 + , serveFilesWhile , exampleAnchorDataPathTest + , exampleAnchorDataPathTest2 , exampleAnchorDataPathGolden + , exampleAnchorDataPathGolden2 , exampleAnchorDataIpfsHash + , exampleAnchorDataIpfsHash2 ) where @@ -16,6 +20,7 @@ import Control.Exception.Lifted (bracket) import Control.Monad (void) import Control.Monad.Trans.Control (MonadBaseControl) import qualified Data.ByteString.UTF8 as BSU8 +import Data.Foldable (find) import Data.List (intercalate) import Data.String (IsString (fromString)) import Data.Text (unpack) @@ -30,34 +35,37 @@ import Network.Wai.Handler.Warp (defaultSettings, openFreePort, runSet import Hedgehog as H import Hedgehog.Internal.Source (HasCallStack) -exampleAnchorDataHash :: String +exampleAnchorDataHash, exampleAnchorDataHash2 :: String exampleAnchorDataHash = "de38a4f5b8b9d8372386cc923bad19d1a0662298cf355bbe947e5eedf127fa9c" +exampleAnchorDataHash2 = "8b4fda934272320ec8d11ba5a7904ab74686a8ec97f2c1331b68d11e28bda26f" -exampleAnchorDataPathGolden :: String +exampleAnchorDataPathGolden, exampleAnchorDataPathGolden2 :: String exampleAnchorDataPathGolden = "test/cardano-cli-golden/files/input/example_anchor_data.txt" +exampleAnchorDataPathGolden2 = "test/cardano-cli-golden/files/input/example_anchor_data2.txt" -exampleAnchorDataPathTest :: String +exampleAnchorDataPathTest, exampleAnchorDataPathTest2 :: String exampleAnchorDataPathTest = "test/cardano-cli-test/files/input/example_anchor_data.txt" +exampleAnchorDataPathTest2 = "test/cardano-cli-golden/files/input/example_anchor_data2.txt" -exampleAnchorDataIpfsHash :: String +exampleAnchorDataIpfsHash, exampleAnchorDataIpfsHash2 :: String exampleAnchorDataIpfsHash = "QmbL5EBFJLf8DdPkWAskG3Euin9tHY8naqQ2JDoHnWHHXJ" +exampleAnchorDataIpfsHash2 = "QmdTJ4PabgSabg8K1Z4MNXnSVM8bjJnAikC3rVWfPVExQj" -- | Takes a relative url (as a list of segments), a file path, and an action, and it serves -- the file in the url provided in a random free port that is passed as a parameter to the -- action. After the action returns, it shuts down the server. It returns the result of the -- action. It also ensures the server is shut down even if the action throws an exception. -serveFileWhile +serveFilesWhile :: (MonadBaseControl IO m, MonadTest m, MonadIO m, HasCallStack) - => [String] - -- ^ Relative URL where the file will be served. - -- Each element is a segment of the URL. - -> FilePath - -- ^ File path for the file to serve + => [([String], FilePath)] + -- ^ List of pairs of a relative URL where a file will be served + -- and the file path for the file to serve. + -- Each element in the relative URL is a segment of the URL. -> (Int -> m a) -- ^ Action to run while the file is being served. -- It receives the port the server is listening on -> m a -serveFileWhile relativeUrl filePath action = +serveFilesWhile relativeUrls action = bracket -- Server setup (resource acquisition) ( do @@ -67,9 +75,10 @@ serveFileWhile relativeUrl filePath action = let app :: Request -> (Response -> IO ResponseReceived) -> IO ResponseReceived app req respond = do let path = T.unpack <$> pathInfo req - if path == relativeUrl - then respond $ responseFile status200 [("Content-Type", "text/plain")] filePath Nothing - else + case find ((== path) . fst) relativeUrls of + Just (_, filePath) -> + respond $ responseFile status200 [("Content-Type", "text/plain")] filePath Nothing + Nothing -> respond $ responseLBS status404 [("Content-Type", "text/plain")] $ fromString ("404 - Url \"" ++ urlFromRequest req ++ "\" - Not Found") diff --git a/cardano-cli/test/cardano-cli-test/Test/Cli/Hash.hs b/cardano-cli/test/cardano-cli-test/Test/Cli/Hash.hs index 744e10af2e..18b83733e3 100644 --- a/cardano-cli/test/cardano-cli-test/Test/Cli/Hash.hs +++ b/cardano-cli/test/cardano-cli-test/Test/Cli/Hash.hs @@ -10,7 +10,7 @@ import System.FilePath (dropTrailingPathSeparator) import System.FilePath.Posix (splitDirectories) import Test.Cardano.CLI.Hash (exampleAnchorDataHash, exampleAnchorDataIpfsHash, - exampleAnchorDataPathTest, serveFileWhile) + exampleAnchorDataPathTest, serveFilesWhile) import Test.Cardano.CLI.Util import Hedgehog as H @@ -98,9 +98,8 @@ hprop_check_anchor_data_hash_from_http_uri :: Property hprop_check_anchor_data_hash_from_http_uri = propertyOnce $ do let relativeUrl = ["example", "url", "file.txt"] - serveFileWhile - relativeUrl - exampleAnchorDataPathTest + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathTest)] ( \port -> do void $ execCardanoCLI @@ -119,9 +118,8 @@ hprop_check_anchor_data_hash_from_ipfs_uri :: Property hprop_check_anchor_data_hash_from_ipfs_uri = propertyOnce $ do let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] - serveFileWhile - relativeUrl - exampleAnchorDataPathTest + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathTest)] ( \port -> do void $ execCardanoCLIWithEnvVars diff --git a/cardano-cli/test/cardano-cli-test/files/input/example_anchor_data2.txt b/cardano-cli/test/cardano-cli-test/files/input/example_anchor_data2.txt new file mode 100644 index 0000000000..29b8f57ed6 --- /dev/null +++ b/cardano-cli/test/cardano-cli-test/files/input/example_anchor_data2.txt @@ -0,0 +1,2 @@ +This is another file that serves for testing +the hashing of anchor data files. From 6d868b50754f520304c4460a1bdd4d589f4e568e Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Tue, 24 Sep 2024 21:45:45 +0200 Subject: [PATCH 3/6] Implement hash checks for `governance action create-constitution` --- .../CLI/EraBased/Run/Governance/Actions.hs | 46 ++++++++++++------- .../Types/Errors/GovernanceActionsError.hs | 5 +- 2 files changed, 34 insertions(+), 17 deletions(-) diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs index 5d0bdc56da..d02c659a7f 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs @@ -101,18 +101,7 @@ runGovernanceActionInfoCmd , L.anchorDataHash = proposalHash } - case checkProposalHash of - CheckHash -> do - anchorData <- - L.AnchorData - <$> fetchURLErrorToGovernanceActionError - ProposalCheck - (getByteStringFromURL httpsAndIpfsSchemas $ L.anchorUrl proposalAnchor) - let hash = L.hashAnchorData anchorData - when (hash /= L.anchorDataHash proposalAnchor) $ - left $ - GovernanceActionsProposalMismatchedHashError ProposalCheck proposalHash hash - TrustHash -> pure () + carryHashChecks checkProposalHash proposalAnchor ProposalCheck let sbe = conwayEraOnwardsToShelleyBasedEra eon govAction = InfoAct @@ -121,10 +110,10 @@ runGovernanceActionInfoCmd firstExceptT GovernanceActionsCmdWriteFileError . newExceptT $ conwayEraOnwardsConstraints eon $ writeFileTextEnvelope outFile (Just "Info proposal") proposalProcedure - where - fetchURLErrorToGovernanceActionError - :: AnchorDataTypeCheck -> ExceptT FetchURLError IO a -> ExceptT GovernanceActionsError IO a - fetchURLErrorToGovernanceActionError adt = withExceptT (GovernanceActionsProposalFetchURLError adt) + +fetchURLErrorToGovernanceActionError + :: AnchorDataTypeCheck -> ExceptT FetchURLError IO a -> ExceptT GovernanceActionsError IO a +fetchURLErrorToGovernanceActionError adt = withExceptT (GovernanceActionsProposalFetchURLError adt) -- TODO: Conway era - update with new ledger types from cardano-ledger-conway-1.7.0.0 runGovernanceActionCreateNoConfidenceCmd @@ -185,9 +174,11 @@ runGovernanceActionCreateConstitutionCmd , Cmd.mPrevGovernanceActionId , Cmd.proposalUrl , Cmd.proposalHash + , Cmd.checkProposalHash , Cmd.constitutionUrl , Cmd.constitutionHash , Cmd.constitutionScript + , Cmd.checkConstitutionHash , Cmd.outFile } = do depositStakeCredential <- @@ -200,6 +191,8 @@ runGovernanceActionCreateConstitutionCmd , L.anchorDataHash = proposalHash } + carryHashChecks checkProposalHash proposalAnchor ProposalCheck + let prevGovActId = L.maybeToStrictMaybe $ shelleyBasedEraConstraints sbe $ @@ -217,6 +210,8 @@ runGovernanceActionCreateConstitutionCmd sbe = conwayEraOnwardsToShelleyBasedEra eon proposalProcedure = createProposalProcedure sbe networkId deposit depositStakeCredential govAct proposalAnchor + carryHashChecks checkConstitutionHash constitutionAnchor ConstitutionCheck + firstExceptT GovernanceActionsCmdWriteFileError . newExceptT $ conwayEraOnwardsConstraints eon $ writeFileTextEnvelope @@ -497,3 +492,22 @@ runGovernanceActionHardforkInitCmd firstExceptT GovernanceActionsCmdWriteFileError . newExceptT $ conwayEraOnwardsConstraints eon $ writeFileTextEnvelope outFile (Just "Hardfork initiation proposal") proposalProcedure + +carryHashChecks + :: MustCheckHash a + -> L.Anchor L.StandardCrypto + -> AnchorDataTypeCheck + -> ExceptT GovernanceActionsError IO () +carryHashChecks checkHash anchor errorAdaptor = + case checkHash of + CheckHash -> do + anchorData <- + L.AnchorData + <$> fetchURLErrorToGovernanceActionError + errorAdaptor + (getByteStringFromURL httpsAndIpfsSchemas $ L.anchorUrl anchor) + let hash = L.hashAnchorData anchorData + when (hash /= L.anchorDataHash anchor) $ + left $ + GovernanceActionsProposalMismatchedHashError errorAdaptor (L.anchorDataHash anchor) hash + TrustHash -> pure () diff --git a/cardano-cli/src/Cardano/CLI/Types/Errors/GovernanceActionsError.hs b/cardano-cli/src/Cardano/CLI/Types/Errors/GovernanceActionsError.hs index da527669c2..2da7185bb7 100644 --- a/cardano-cli/src/Cardano/CLI/Types/Errors/GovernanceActionsError.hs +++ b/cardano-cli/src/Cardano/CLI/Types/Errors/GovernanceActionsError.hs @@ -70,8 +70,11 @@ instance Error GovernanceActionsError where <+> "hash:" <+> pretty (displayException fetchErr) -data AnchorDataTypeCheck = ProposalCheck +data AnchorDataTypeCheck + = ProposalCheck + | ConstitutionCheck deriving Show anchorDataTypeCheckName :: AnchorDataTypeCheck -> String anchorDataTypeCheckName ProposalCheck = "proposal" +anchorDataTypeCheckName ConstitutionCheck = "constitution" From 19eab4e168513efbc4ef66e08cb53b070d7c5888 Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Wed, 25 Sep 2024 16:17:48 +0200 Subject: [PATCH 4/6] Add anchor data hash checks to remaining `governance action` commands --- .../EraBased/Commands/Governance/Actions.hs | 5 + .../EraBased/Options/Governance/Actions.hs | 5 + .../CLI/EraBased/Run/Governance/Actions.hs | 18 +- .../Test/Golden/Governance/Action.hs | 361 +++++++++++------- .../Test/Golden/Governance/Committee.hs | 1 + ...y-create-protocol-parameters-update.action | 2 +- .../hardfork/conway-create-hardfork.action | 2 +- .../view/create-no-confidence.action.view | 4 +- .../action/view/update-committee.action.view | 4 +- .../cardano-cli-golden/files/golden/help.cli | 15 + ...nway_governance_action_create-hardfork.cli | 7 + ...governance_action_create-no-confidence.cli | 7 + ...tion_create-protocol-parameters-update.cli | 7 + ...ance_action_create-treasury-withdrawal.cli | 7 + ...way_governance_action_update-committee.cli | 7 + 15 files changed, 304 insertions(+), 148 deletions(-) diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs index 3415c174e6..35d36107c3 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Commands/Governance/Actions.hs @@ -51,6 +51,7 @@ data GovernanceActionUpdateCommitteeCmdArgs era , returnAddress :: !StakeIdentifier , proposalUrl :: !ProposalUrl , proposalHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkProposalHash :: !(MustCheckHash ProposalUrl) , oldCommitteeVkeySource :: ![VerificationKeyOrHashOrFileOrScriptHash CommitteeColdKey] , newCommitteeVkeySource :: ![(VerificationKeyOrHashOrFileOrScriptHash CommitteeColdKey, EpochNo)] , requiredThreshold :: !Rational @@ -99,6 +100,7 @@ data GovernanceActionCreateNoConfidenceCmdArgs era , returnStakeAddress :: !StakeIdentifier , proposalUrl :: !ProposalUrl , proposalHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkProposalHash :: !(MustCheckHash ProposalUrl) , mPrevGovernanceActionId :: !(Maybe (TxId, Word16)) , outFile :: !(File () Out) } @@ -130,6 +132,7 @@ data GovernanceActionTreasuryWithdrawalCmdArgs era , returnAddr :: !StakeIdentifier , proposalUrl :: !ProposalUrl , proposalHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkProposalHash :: !(MustCheckHash ProposalUrl) , treasuryWithdrawal :: ![(StakeIdentifier, Lovelace)] , constitutionScriptHash :: !(Maybe ScriptHash) , outFile :: !(File () Out) @@ -145,6 +148,7 @@ data GovernanceActionHardforkInitCmdArgs era , mPrevGovernanceActionId :: !(Maybe (TxId, Word16)) , proposalUrl :: !ProposalUrl , proposalHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkProposalHash :: !(MustCheckHash ProposalUrl) , protVer :: !L.ProtVer , outFile :: !(File () Out) } @@ -167,6 +171,7 @@ data UpdateProtocolParametersConwayOnwards era , returnAddr :: !StakeIdentifier , proposalUrl :: !ProposalUrl , proposalHash :: !(L.SafeHash L.StandardCrypto L.AnchorData) + , checkProposalHash :: !(MustCheckHash ProposalUrl) , governanceActionId :: !(Maybe (TxId, Word16)) , constitutionScriptHash :: !(Maybe ScriptHash) } diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs index 677e37a7ce..70b90c81b2 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Options/Governance/Actions.hs @@ -128,6 +128,7 @@ pUpdateCommitteeCmd eon = <*> pStakeIdentifier (Just "deposit-return") <*> pAnchorUrl <*> pAnchorDataHash + <*> pMustCheckHash proposalHashCheckInfo <*> many pRemoveCommitteeColdVerificationKeySource <*> many ( (,) @@ -153,6 +154,7 @@ pGovernanceActionNoConfidenceCmd era = do <*> pStakeIdentifier (Just "deposit-return") <*> pAnchorUrl <*> pAnchorDataHash + <*> pMustCheckHash proposalHashCheckInfo <*> pPreviousGovernanceAction <*> pFileOutDirection "out-file" "Output filepath of the no confidence proposal." ) @@ -174,6 +176,7 @@ pUpdateProtocolParametersPostConway conwayOnwards = <*> pStakeIdentifier (Just "deposit-return") <*> pAnchorUrl <*> pAnchorDataHash + <*> pMustCheckHash proposalHashCheckInfo <*> pPreviousGovernanceAction <*> optional pConstitutionScriptHash @@ -381,6 +384,7 @@ pGovernanceActionTreasuryWithdrawalCmd era = do <*> pStakeIdentifier (Just "deposit-return") <*> pAnchorUrl <*> pAnchorDataHash + <*> pMustCheckHash proposalHashCheckInfo <*> some ((,) <$> pStakeIdentifier (Just "funds-receiving") <*> pTreasuryWithdrawalAmt) <*> optional pConstitutionScriptHash <*> pFileOutDirection "out-file" "Output filepath of the treasury withdrawal." @@ -424,6 +428,7 @@ pGovernanceActionHardforkInitCmd era = do <*> pPreviousGovernanceAction <*> pAnchorUrl <*> pAnchorDataHash + <*> pMustCheckHash proposalHashCheckInfo <*> pPV <*> pFileOutDirection "out-file" "Output filepath of the hardfork proposal." ) diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs index d02c659a7f..22158be2df 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs @@ -128,6 +128,7 @@ runGovernanceActionCreateNoConfidenceCmd , Cmd.returnStakeAddress , Cmd.proposalUrl , Cmd.proposalHash + , Cmd.checkProposalHash , Cmd.mPrevGovernanceActionId , Cmd.outFile } = do @@ -141,6 +142,8 @@ runGovernanceActionCreateNoConfidenceCmd , L.anchorDataHash = proposalHash } + carryHashChecks checkProposalHash proposalAnchor ProposalCheck + let sbe = conwayEraOnwardsToShelleyBasedEra eon previousGovernanceAction = MotionOfNoConfidence $ @@ -233,6 +236,7 @@ runGovernanceActionUpdateCommitteeCmd , Cmd.returnAddress , Cmd.proposalUrl , Cmd.proposalHash + , Cmd.checkProposalHash , Cmd.oldCommitteeVkeySource , Cmd.newCommitteeVkeySource , Cmd.requiredThreshold @@ -252,6 +256,8 @@ runGovernanceActionUpdateCommitteeCmd , L.anchorDataHash = proposalHash } + carryHashChecks checkProposalHash proposalAnchor ProposalCheck + oldCommitteeKeyHashes <- forM oldCommitteeVkeySource $ \vkeyOrHashOrTextFile -> modifyError GovernanceActionsCmdReadFileError $ readVerificationKeyOrHashOrFileOrScriptHash @@ -338,6 +344,7 @@ runGovernanceActionCreateProtocolParametersUpdateCmd eraBasedPParams' = do returnAddr proposalUrl proposalHash + checkProposalHash mPrevGovActId mConstitutionalScriptHash <- hoistMaybe (GovernanceActionsValueUpdateProtocolParametersNotFound anyEra) $ @@ -357,7 +364,10 @@ runGovernanceActionCreateProtocolParametersUpdateCmd eraBasedPParams' = do { L.anchorUrl = unProposalUrl proposalUrl , L.anchorDataHash = proposalHash } - govAct = + + carryHashChecks checkProposalHash proposalAnchor ProposalCheck + + let govAct = UpdatePParams prevGovActId updateProtocolParams @@ -414,6 +424,7 @@ runGovernanceActionTreasuryWithdrawalCmd , Cmd.returnAddr , Cmd.proposalUrl , Cmd.proposalHash + , Cmd.checkProposalHash , Cmd.treasuryWithdrawal , Cmd.constitutionScriptHash , Cmd.outFile @@ -424,6 +435,8 @@ runGovernanceActionTreasuryWithdrawalCmd , L.anchorDataHash = proposalHash } + carryHashChecks checkProposalHash proposalAnchor ProposalCheck + depositStakeCredential <- firstExceptT GovernanceActionsReadStakeCredErrror $ getStakeCredentialFromIdentifier returnAddr @@ -464,6 +477,7 @@ runGovernanceActionHardforkInitCmd , Cmd.mPrevGovernanceActionId , Cmd.proposalUrl , Cmd.proposalHash = anchorDataHash + , Cmd.checkProposalHash , Cmd.protVer , Cmd.outFile } = do @@ -477,6 +491,8 @@ runGovernanceActionHardforkInitCmd , L.anchorDataHash } + carryHashChecks checkProposalHash proposalAnchor ProposalCheck + let sbe = conwayEraOnwardsToShelleyBasedEra eon govActIdentifier = L.maybeToStrictMaybe $ diff --git a/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs b/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs index 44d0193607..986cfe017f 100644 --- a/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs +++ b/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Action.hs @@ -180,47 +180,67 @@ hprop_golden_conway_governance_action_view_constitution_json = ] H.diffVsGoldenFile actionView goldenActionViewFile +hprop_golden_conway_governance_action_view_update_committee_yaml_wrong_hash_fails :: Property +hprop_golden_conway_governance_action_view_update_committee_yaml_wrong_hash_fails = + propertyOnce . expectFailure . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_conway_governance_action_view_update_committee_yaml + ('a' : drop 1 exampleAnchorDataHash) + tempDir + hprop_golden_conway_governance_action_view_update_committee_yaml :: Property hprop_golden_conway_governance_action_view_update_committee_yaml = - propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> do - stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" + propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_conway_governance_action_view_update_committee_yaml exampleAnchorDataHash tempDir - actionFile <- noteTempFile tempDir "action" +base_golden_conway_governance_action_view_update_committee_yaml + :: (MonadBaseControl IO m, MonadTest m, MonadIO m, MonadCatch m) => String -> FilePath -> m () +base_golden_conway_governance_action_view_update_committee_yaml hash tempDir = do + stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" - void $ - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "update-committee" - , "--mainnet" - , "--governance-action-deposit" - , "10" - , "--deposit-return-stake-verification-key-file" - , stakeAddressVKeyFile - , "--anchor-url" - , "proposal-dummy-url" - , "--anchor-data-hash" - , "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" - , "--threshold" - , "0.61" - , "--out-file" - , actionFile - ] + actionFile <- noteTempFile tempDir "action" - goldenActionViewFile <- - H.note "test/cardano-cli-golden/files/golden/governance/action/view/update-committee.action.view" - actionView <- - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "view" - , "--action-file" - , actionFile - , "--output-yaml" - ] - H.diffVsGoldenFile actionView goldenActionViewFile + let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] + + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathGolden)] + ( \port -> do + void $ + execCardanoCLIWithEnvVars + [("IPFS_GATEWAY_URI", "http://localhost:" ++ show port ++ "/")] + [ "conway" + , "governance" + , "action" + , "update-committee" + , "--mainnet" + , "--governance-action-deposit" + , "10" + , "--deposit-return-stake-verification-key-file" + , stakeAddressVKeyFile + , "--anchor-url" + , "ipfs://" ++ exampleAnchorDataIpfsHash + , "--anchor-data-hash" + , hash + , "--check-anchor-data" + , "--threshold" + , "0.61" + , "--out-file" + , actionFile + ] + ) + + goldenActionViewFile <- + H.note "test/cardano-cli-golden/files/golden/governance/action/view/update-committee.action.view" + actionView <- + execCardanoCLI + [ "conway" + , "governance" + , "action" + , "view" + , "--action-file" + , actionFile + , "--output-yaml" + ] + H.diffVsGoldenFile actionView goldenActionViewFile hprop_golden_conway_governance_action_view_create_info_json_outfile_wrong_hash_fails :: Property hprop_golden_conway_governance_action_view_create_info_json_outfile_wrong_hash_fails = @@ -240,6 +260,7 @@ base_golden_conway_governance_action_view_create_info_json_outfile hash tempDir stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" actionFile <- noteTempFile tempDir "action" + let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] serveFilesWhile [(relativeUrl, exampleAnchorDataPathGolden)] @@ -282,93 +303,131 @@ base_golden_conway_governance_action_view_create_info_json_outfile hash tempDir ] H.diffFileVsGoldenFile actionViewFile goldenActionViewFile +hprop_golden_governanceActionCreateNoConfidence_wrong_hash_fails :: Property +hprop_golden_governanceActionCreateNoConfidence_wrong_hash_fails = + propertyOnce . expectFailure . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_governanceActionCreateNoConfidence + ('a' : drop 1 exampleAnchorDataHash) + tempDir + hprop_golden_governanceActionCreateNoConfidence :: Property hprop_golden_governanceActionCreateNoConfidence = - propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> do - stakeAddressVKeyFile <- - noteInputFile "test/cardano-cli-golden/files/input/governance/stake-address.vkey" + propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_governanceActionCreateNoConfidence exampleAnchorDataHash tempDir - actionFile <- noteTempFile tempDir "action" +base_golden_governanceActionCreateNoConfidence + :: (MonadBaseControl IO m, MonadTest m, MonadIO m, MonadCatch m) => String -> FilePath -> m () +base_golden_governanceActionCreateNoConfidence hash tempDir = do + stakeAddressVKeyFile <- + noteInputFile "test/cardano-cli-golden/files/input/governance/stake-address.vkey" - void $ - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "create-no-confidence" - , "--mainnet" - , "--governance-action-deposit" - , "10" - , "--deposit-return-stake-verification-key-file" - , stakeAddressVKeyFile - , "--anchor-url" - , "proposal-dummy-url" - , "--anchor-data-hash" - , "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" - , "--prev-governance-action-index" - , "5" - , "--prev-governance-action-tx-id" - , "b1015258a99351c143a7a40b7b58f033ace10e3cc09c67780ed5b2b0992aa60a" - , "--out-file" - , actionFile - ] + actionFile <- noteTempFile tempDir "action" - actionViewFile <- noteTempFile tempDir "action-view" - goldenActionViewFile <- - H.note - "test/cardano-cli-golden/files/golden/governance/action/view/create-no-confidence.action.view" - void $ - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "view" - , "--action-file" - , actionFile - , "--out-file" - , actionViewFile - ] - H.diffFileVsGoldenFile actionViewFile goldenActionViewFile + let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathGolden)] + ( \port -> do + void $ + execCardanoCLIWithEnvVars + [("IPFS_GATEWAY_URI", "http://localhost:" ++ show port ++ "/")] + [ "conway" + , "governance" + , "action" + , "create-no-confidence" + , "--mainnet" + , "--governance-action-deposit" + , "10" + , "--deposit-return-stake-verification-key-file" + , stakeAddressVKeyFile + , "--anchor-url" + , "ipfs://" ++ exampleAnchorDataIpfsHash + , "--anchor-data-hash" + , hash + , "--check-anchor-data" + , "--prev-governance-action-index" + , "5" + , "--prev-governance-action-tx-id" + , "b1015258a99351c143a7a40b7b58f033ace10e3cc09c67780ed5b2b0992aa60a" + , "--out-file" + , actionFile + ] + ) + + actionViewFile <- noteTempFile tempDir "action-view" + goldenActionViewFile <- + H.note + "test/cardano-cli-golden/files/golden/governance/action/view/create-no-confidence.action.view" + void $ + execCardanoCLI + [ "conway" + , "governance" + , "action" + , "view" + , "--action-file" + , actionFile + , "--out-file" + , actionViewFile + ] + H.diffFileVsGoldenFile actionViewFile goldenActionViewFile + +hprop_golden_conway_governance_action_create_protocol_parameters_update_wrong_hash_fails :: Property +hprop_golden_conway_governance_action_create_protocol_parameters_update_wrong_hash_fails = + propertyOnce . expectFailure . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_conway_governance_action_create_protocol_parameters_update + ('a' : drop 1 exampleAnchorDataHash) + tempDir hprop_golden_conway_governance_action_create_protocol_parameters_update :: Property hprop_golden_conway_governance_action_create_protocol_parameters_update = - propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> do - stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" - -- different versions of https://github.com/IntersectMBO/plutus/blob/master/plutus-core/cost-model/data/builtinCostModel.json - -- transformed and compiled together - costModelsFile <- H.note "test/cardano-cli-golden/files/input/governance/costmodels.json" + propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_conway_governance_action_create_protocol_parameters_update exampleAnchorDataHash tempDir - actionFile <- noteTempFile tempDir "action" +base_golden_conway_governance_action_create_protocol_parameters_update + :: (MonadBaseControl IO m, MonadTest m, MonadIO m, MonadCatch m) => String -> FilePath -> m () +base_golden_conway_governance_action_create_protocol_parameters_update hash tempDir = do + stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" + -- different versions of https://github.com/IntersectMBO/plutus/blob/master/plutus-core/cost-model/data/builtinCostModel.json + -- transformed and compiled together + costModelsFile <- H.note "test/cardano-cli-golden/files/input/governance/costmodels.json" - void $ - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "create-protocol-parameters-update" - , "--anchor-url" - , "example.com" - , "--anchor-data-hash" - , "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" - , "--mainnet" - , "--deposit-return-stake-verification-key-file" - , stakeAddressVKeyFile - , "--governance-action-deposit" - , "12345" - , "--new-governance-action-deposit" - , "123454321" - , "--max-tx-size" - , "1234" - , "--cost-model-file" - , costModelsFile - , "--out-file" - , actionFile - ] + actionFile <- noteTempFile tempDir "action" - goldenActionFile <- - H.note - "test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update.action" - H.diffFileVsGoldenFile actionFile goldenActionFile + let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathGolden)] + ( \port -> do + void $ + execCardanoCLIWithEnvVars + [("IPFS_GATEWAY_URI", "http://localhost:" ++ show port ++ "/")] + [ "conway" + , "governance" + , "action" + , "create-protocol-parameters-update" + , "--anchor-url" + , "ipfs://" ++ exampleAnchorDataIpfsHash + , "--anchor-data-hash" + , hash + , "--check-anchor-data" + , "--mainnet" + , "--deposit-return-stake-verification-key-file" + , stakeAddressVKeyFile + , "--governance-action-deposit" + , "12345" + , "--new-governance-action-deposit" + , "123454321" + , "--max-tx-size" + , "1234" + , "--cost-model-file" + , costModelsFile + , "--out-file" + , actionFile + ] + ) + + goldenActionFile <- + H.note + "test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update.action" + H.diffFileVsGoldenFile actionFile goldenActionFile hprop_golden_conway_governance_action_create_protocol_parameters_update_partial_costmodel :: Property @@ -390,6 +449,7 @@ hprop_golden_conway_governance_action_create_protocol_parameters_update_partial_ , "--anchor-data-hash" , "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" , "--mainnet" + , "--trust-anchor-data" , "--deposit-return-stake-verification-key-file" , stakeAddressVKeyFile , "--governance-action-deposit" @@ -405,37 +465,56 @@ hprop_golden_conway_governance_action_create_protocol_parameters_update_partial_ "test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update-partial-costmodels.action" H.diffFileVsGoldenFile actionFile goldenActionFile +hprop_golden_conway_governance_action_create_hardfork_wrong_hash_fails :: Property +hprop_golden_conway_governance_action_create_hardfork_wrong_hash_fails = + propertyOnce . expectFailure . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_conway_governance_action_create_hardfork + ('a' : drop 1 exampleAnchorDataHash) + tempDir + hprop_golden_conway_governance_action_create_hardfork :: Property hprop_golden_conway_governance_action_create_hardfork = - propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> do - stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" + propertyOnce . H.moduleWorkspace "tmp" $ \tempDir -> + base_golden_conway_governance_action_create_hardfork exampleAnchorDataHash tempDir - actionFile <- noteTempFile tempDir "action" +base_golden_conway_governance_action_create_hardfork + :: (MonadBaseControl IO m, MonadTest m, MonadIO m, MonadCatch m) => String -> FilePath -> m () +base_golden_conway_governance_action_create_hardfork hash tempDir = do + stakeAddressVKeyFile <- H.note "test/cardano-cli-golden/files/input/governance/stake-address.vkey" - void $ - execCardanoCLI - [ "conway" - , "governance" - , "action" - , "create-hardfork" - , "--anchor-url" - , "example.com" - , "--anchor-data-hash" - , "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" - , "--mainnet" - , "--deposit-return-stake-verification-key-file" - , stakeAddressVKeyFile - , "--governance-action-deposit" - , "12345" - , "--protocol-major-version" - , "10" - , "--protocol-minor-version" - , "0" - , "--out-file" - , actionFile - ] + actionFile <- noteTempFile tempDir "action" - goldenActionFile <- - H.note - "test/cardano-cli-golden/files/golden/governance/action/hardfork/conway-create-hardfork.action" - H.diffFileVsGoldenFile actionFile goldenActionFile + let relativeUrl = ["ipfs", exampleAnchorDataIpfsHash] + serveFilesWhile + [(relativeUrl, exampleAnchorDataPathGolden)] + ( \port -> do + void $ + execCardanoCLIWithEnvVars + [("IPFS_GATEWAY_URI", "http://localhost:" ++ show port ++ "/")] + [ "conway" + , "governance" + , "action" + , "create-hardfork" + , "--anchor-url" + , "ipfs://" ++ exampleAnchorDataIpfsHash + , "--anchor-data-hash" + , hash + , "--check-anchor-data" + , "--mainnet" + , "--deposit-return-stake-verification-key-file" + , stakeAddressVKeyFile + , "--governance-action-deposit" + , "12345" + , "--protocol-major-version" + , "10" + , "--protocol-minor-version" + , "0" + , "--out-file" + , actionFile + ] + ) + + goldenActionFile <- + H.note + "test/cardano-cli-golden/files/golden/governance/action/hardfork/conway-create-hardfork.action" + H.diffFileVsGoldenFile actionFile goldenActionFile diff --git a/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Committee.hs b/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Committee.hs index 5131cfddea..9d6ac2bd84 100644 --- a/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Committee.hs +++ b/cardano-cli/test/cardano-cli-golden/Test/Golden/Governance/Committee.hs @@ -193,6 +193,7 @@ hprop_golden_governance_UpdateCommittee = , "http://dummy" , "--anchor-data-hash" , proposalHash + , "--trust-anchor-data" , "--add-cc-cold-verification-key-file" , coldCCVkey1 , "--epoch" diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update.action b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update.action index f008b54022..001b78ae01 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update.action +++ b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/conway-create-protocol-parameters-update.action @@ -1,5 +1,5 @@ { "type": "Governance proposal", "description": "Update protocol parameters proposal", - "cborHex": "84193039581de18f4a3466a404c11eb410313015b88e447d81b60089e25f611600e6058400f6a3031904d212a3009f1a000302590001011a00060bc719026d00011a000249f01903e800011a000249f018201a0025cea81971f70419744d186419744d186419744d186419744d186419744d186419744d18641864186419744d18641a000249f018201a000249f018201a000249f018201a000249f01903e800011a000249f018201a000249f01903e800081a000242201a00067e2318760001011a000249f01903e800081a000249f01a0001b79818f7011a000249f0192710011a0002155e19052e011903e81a000249f01903e8011a000249f018201a000249f018201a000249f0182001011a000249f0011a000249f0041a000194af18f8011a000194af18f8011a0002377c190556011a0002bdea1901f1011a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000242201a00067e23187600010119f04c192bd200011a000249f018201a000242201a00067e2318760001011a000242201a00067e2318760001011a0025cea81971f707001a000141bb041a000249f019138800011a000249f018201a000302590001011a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a00330da70101ff019f1a0003236119032c01011903e819023b00011903e8195e7104011903e818201a0001ca761928eb041959d818641959d818641959d818641959d818641959d818641959d81864186418641959d81864194c5118201a0002acfa182019b551041a000363151901ff00011a00015c3518201a000797751936f404021a0002ff941a0006ea7818dc0001011903e8196ff604021a0003bd081a00034ec5183e011a00102e0f19312a011a00032e801901a5011a0002da781903e819cf06011a00013a34182019a8f118201903e818201a00013aac0119e143041903e80a1a00030219189c011a00030219189c011a0003207c1901d9011a000330001901ff0119ccf3182019fd40182019ffd5182019581e18201940b318201a00012adf18201a0002ff941a0006ea7818dc0001011a00010f92192da7000119eabb18201a0002ff941a0006ea7818dc0001011a0002ff941a0006ea7818dc0001011a0011b22c1a0005fdde00021a000c504e197712041a001d6af61a0001425b041a00040c660004001a00014fab18201a0003236119032c010119a0de18201a00033d7618201979f41820197fb8182019a95d1820197df718201995aa18201a0223accc0a1a009063b91903fd0a1a02515e841980b30a01010101010101010101ff029fff181e1a075bc371f6826b6578616d706c652e636f6d5820c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" + "cborHex": "84193039581de18f4a3466a404c11eb410313015b88e447d81b60089e25f611600e6058400f6a3031904d212a3009f1a000302590001011a00060bc719026d00011a000249f01903e800011a000249f018201a0025cea81971f70419744d186419744d186419744d186419744d186419744d186419744d18641864186419744d18641a000249f018201a000249f018201a000249f018201a000249f01903e800011a000249f018201a000249f01903e800081a000242201a00067e2318760001011a000249f01903e800081a000249f01a0001b79818f7011a000249f0192710011a0002155e19052e011903e81a000249f01903e8011a000249f018201a000249f018201a000249f0182001011a000249f0011a000249f0041a000194af18f8011a000194af18f8011a0002377c190556011a0002bdea1901f1011a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000242201a00067e23187600010119f04c192bd200011a000249f018201a000242201a00067e2318760001011a000242201a00067e2318760001011a0025cea81971f707001a000141bb041a000249f019138800011a000249f018201a000302590001011a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a000249f018201a00330da70101ff019f1a0003236119032c01011903e819023b00011903e8195e7104011903e818201a0001ca761928eb041959d818641959d818641959d818641959d818641959d818641959d81864186418641959d81864194c5118201a0002acfa182019b551041a000363151901ff00011a00015c3518201a000797751936f404021a0002ff941a0006ea7818dc0001011903e8196ff604021a0003bd081a00034ec5183e011a00102e0f19312a011a00032e801901a5011a0002da781903e819cf06011a00013a34182019a8f118201903e818201a00013aac0119e143041903e80a1a00030219189c011a00030219189c011a0003207c1901d9011a000330001901ff0119ccf3182019fd40182019ffd5182019581e18201940b318201a00012adf18201a0002ff941a0006ea7818dc0001011a00010f92192da7000119eabb18201a0002ff941a0006ea7818dc0001011a0002ff941a0006ea7818dc0001011a0011b22c1a0005fdde00021a000c504e197712041a001d6af61a0001425b041a00040c660004001a00014fab18201a0003236119032c010119a0de18201a00033d7618201979f41820197fb8182019a95d1820197df718201995aa18201a0223accc0a1a009063b91903fd0a1a02515e841980b30a01010101010101010101ff029fff181e1a075bc371f6827835697066733a2f2f516d624c354542464a4c66384464506b5741736b47334575696e39744859386e617151324a446f486e574848584a5820de38a4f5b8b9d8372386cc923bad19d1a0662298cf355bbe947e5eedf127fa9c" } diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/hardfork/conway-create-hardfork.action b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/hardfork/conway-create-hardfork.action index b6b6afdf18..03730c6941 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/hardfork/conway-create-hardfork.action +++ b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/hardfork/conway-create-hardfork.action @@ -1,5 +1,5 @@ { "type": "Governance proposal", "description": "Hardfork initiation proposal", - "cborHex": "84193039581de18f4a3466a404c11eb410313015b88e447d81b60089e25f611600e6058301f6820a00826b6578616d706c652e636f6d5820c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745" + "cborHex": "84193039581de18f4a3466a404c11eb410313015b88e447d81b60089e25f611600e6058301f6820a00827835697066733a2f2f516d624c354542464a4c66384464506b5741736b47334575696e39744859386e617151324a446f486e574848584a5820de38a4f5b8b9d8372386cc923bad19d1a0662298cf355bbe947e5eedf127fa9c" } diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/create-no-confidence.action.view b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/create-no-confidence.action.view index 5b5001d71c..aa61f9f484 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/create-no-confidence.action.view +++ b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/create-no-confidence.action.view @@ -1,7 +1,7 @@ { "anchor": { - "dataHash": "c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745", - "url": "proposal-dummy-url" + "dataHash": "de38a4f5b8b9d8372386cc923bad19d1a0662298cf355bbe947e5eedf127fa9c", + "url": "ipfs://QmbL5EBFJLf8DdPkWAskG3Euin9tHY8naqQ2JDoHnWHHXJ" }, "deposit": 10, "governance action": { diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/update-committee.action.view b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/update-committee.action.view index cb2c2587bd..f83af62700 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/update-committee.action.view +++ b/cardano-cli/test/cardano-cli-golden/files/golden/governance/action/view/update-committee.action.view @@ -1,6 +1,6 @@ anchor: - dataHash: c7ddb5b493faa4d3d2d679847740bdce0c5d358d56f9b1470ca67f5652a02745 - url: proposal-dummy-url + dataHash: de38a4f5b8b9d8372386cc923bad19d1a0662298cf355bbe947e5eedf127fa9c + url: ipfs://QmbL5EBFJLf8DdPkWAskG3Euin9tHY8naqQ2JDoHnWHHXJ deposit: 10 governance action: contents: diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help.cli index ad3e15b017..3b0fa7c67f 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help.cli @@ -5952,6 +5952,9 @@ Usage: cardano-cli conway governance action update-committee ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) [ --remove-cc-cold-verification-key STRING | --remove-cc-cold-verification-key-file FILEPATH | --remove-cc-cold-verification-key-hash STRING @@ -6001,6 +6004,9 @@ Usage: cardano-cli conway governance action create-no-confidence ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) [--prev-governance-action-tx-id TXID --prev-governance-action-index WORD16] --out-file FILEPATH @@ -6020,6 +6026,9 @@ Usage: cardano-cli conway governance action create-protocol-parameters-update ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) [--prev-governance-action-tx-id TXID --prev-governance-action-index WORD16] [--constitution-script-hash HASH] @@ -6084,6 +6093,9 @@ Usage: cardano-cli conway governance action create-treasury-withdrawal ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) ( ( --funds-receiving-stake-verification-key STRING | --funds-receiving-stake-verification-key-file FILEPATH @@ -6112,6 +6124,9 @@ Usage: cardano-cli conway governance action create-hardfork --prev-governance-action-index WORD16] --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) --protocol-major-version MAJOR --protocol-minor-version MINOR --out-file FILEPATH diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-hardfork.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-hardfork.cli index 282fa5e887..5fe5832d20 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-hardfork.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-hardfork.cli @@ -13,6 +13,9 @@ Usage: cardano-cli conway governance action create-hardfork --prev-governance-action-index WORD16] --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) --protocol-major-version MAJOR --protocol-minor-version MINOR --out-file FILEPATH @@ -41,6 +44,10 @@ Available options: --anchor-url TEXT Anchor URL --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") + --check-anchor-data Check the proposal hash (from --anchor-data-hash) by + downloading proposal data (from --anchor-url). + --trust-anchor-data Do not check the proposal hash (from + --anchor-data-hash) and trust it is correct. --protocol-major-version MAJOR Specify the major protocol version to fork into. An increase indicates a hard fork. It must be the next diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-no-confidence.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-no-confidence.cli index 34356781b6..85d1fed3b6 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-no-confidence.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-no-confidence.cli @@ -11,6 +11,9 @@ Usage: cardano-cli conway governance action create-no-confidence ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) [--prev-governance-action-tx-id TXID --prev-governance-action-index WORD16] --out-file FILEPATH @@ -35,6 +38,10 @@ Available options: --anchor-url TEXT Anchor URL --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") + --check-anchor-data Check the proposal hash (from --anchor-data-hash) by + downloading proposal data (from --anchor-url). + --trust-anchor-data Do not check the proposal hash (from + --anchor-data-hash) and trust it is correct. --prev-governance-action-tx-id TXID Txid of the previous governance action. --prev-governance-action-index WORD16 diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-protocol-parameters-update.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-protocol-parameters-update.cli index 7743b18c90..5adbf0da1c 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-protocol-parameters-update.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-protocol-parameters-update.cli @@ -11,6 +11,9 @@ Usage: cardano-cli conway governance action create-protocol-parameters-update ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) [--prev-governance-action-tx-id TXID --prev-governance-action-index WORD16] [--constitution-script-hash HASH] @@ -80,6 +83,10 @@ Available options: --anchor-url TEXT Anchor URL --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") + --check-anchor-data Check the proposal hash (from --anchor-data-hash) by + downloading proposal data (from --anchor-url). + --trust-anchor-data Do not check the proposal hash (from + --anchor-data-hash) and trust it is correct. --prev-governance-action-tx-id TXID Txid of the previous governance action. --prev-governance-action-index WORD16 diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-treasury-withdrawal.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-treasury-withdrawal.cli index 589c4bf234..14f60a6b2a 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-treasury-withdrawal.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_create-treasury-withdrawal.cli @@ -11,6 +11,9 @@ Usage: cardano-cli conway governance action create-treasury-withdrawal ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) ( ( --funds-receiving-stake-verification-key STRING | --funds-receiving-stake-verification-key-file FILEPATH @@ -42,6 +45,10 @@ Available options: --anchor-url TEXT Anchor URL --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") + --check-anchor-data Check the proposal hash (from --anchor-data-hash) by + downloading proposal data (from --anchor-url). + --trust-anchor-data Do not check the proposal hash (from + --anchor-data-hash) and trust it is correct. --funds-receiving-stake-verification-key STRING Stake verification key (Bech32 or hex-encoded). --funds-receiving-stake-verification-key-file FILEPATH diff --git a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_update-committee.cli b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_update-committee.cli index 92675da290..b1d5ecf41f 100644 --- a/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_update-committee.cli +++ b/cardano-cli/test/cardano-cli-golden/files/golden/help/conway_governance_action_update-committee.cli @@ -11,6 +11,9 @@ Usage: cardano-cli conway governance action update-committee ) --anchor-url TEXT --anchor-data-hash HASH + ( --check-anchor-data + | --trust-anchor-data + ) [ --remove-cc-cold-verification-key STRING | --remove-cc-cold-verification-key-file FILEPATH | --remove-cc-cold-verification-key-hash STRING @@ -48,6 +51,10 @@ Available options: --anchor-url TEXT Anchor URL --anchor-data-hash HASH Proposal anchor data hash (obtain it with "cardano-cli hash anchor-data ...") + --check-anchor-data Check the proposal hash (from --anchor-data-hash) by + downloading proposal data (from --anchor-url). + --trust-anchor-data Do not check the proposal hash (from + --anchor-data-hash) and trust it is correct. --remove-cc-cold-verification-key STRING Constitutional Committee cold key (hex-encoded). --remove-cc-cold-verification-key-file FILEPATH From fdb7f257e55647bd166729b086776119368ffb9f Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Wed, 25 Sep 2024 18:09:58 +0200 Subject: [PATCH 5/6] Add haddock to `carryHashChecks` --- .../src/Cardano/CLI/EraBased/Run/Governance/Actions.hs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs index 22158be2df..ca12f13d77 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs @@ -509,10 +509,15 @@ runGovernanceActionHardforkInitCmd conwayEraOnwardsConstraints eon $ writeFileTextEnvelope outFile (Just "Hardfork initiation proposal") proposalProcedure +-- | Check the hash of the anchor data against the hash in the anchor if +-- checkHash is set to CheckHash. carryHashChecks :: MustCheckHash a + -- ^ Whether to check the hash or not (CheckHash for checking or TrustHash for not checking) -> L.Anchor L.StandardCrypto + -- ^ The anchor data whose hash is to be checked -> AnchorDataTypeCheck + -- ^ The type of anchor data to check (for error reporting purpouses) -> ExceptT GovernanceActionsError IO () carryHashChecks checkHash anchor errorAdaptor = case checkHash of From 93027e43b370c044d6caa8c1bf9aa8f175094d26 Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Wed, 25 Sep 2024 18:49:41 +0200 Subject: [PATCH 6/6] Rename `errorAdaptor` to `checkType` Co-authored-by: Mateusz Galazyn <228866+carbolymer@users.noreply.github.com> --- .../src/Cardano/CLI/EraBased/Run/Governance/Actions.hs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs index ca12f13d77..c8d4729488 100644 --- a/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs +++ b/cardano-cli/src/Cardano/CLI/EraBased/Run/Governance/Actions.hs @@ -519,16 +519,16 @@ carryHashChecks -> AnchorDataTypeCheck -- ^ The type of anchor data to check (for error reporting purpouses) -> ExceptT GovernanceActionsError IO () -carryHashChecks checkHash anchor errorAdaptor = +carryHashChecks checkHash anchor checkType = case checkHash of CheckHash -> do anchorData <- L.AnchorData <$> fetchURLErrorToGovernanceActionError - errorAdaptor + checkType (getByteStringFromURL httpsAndIpfsSchemas $ L.anchorUrl anchor) let hash = L.hashAnchorData anchorData when (hash /= L.anchorDataHash anchor) $ left $ - GovernanceActionsProposalMismatchedHashError errorAdaptor (L.anchorDataHash anchor) hash + GovernanceActionsProposalMismatchedHashError checkType (L.anchorDataHash anchor) hash TrustHash -> pure ()