mirror of
https://github.com/digital-asset/daml.git
synced 2024-11-10 10:46:11 +03:00
48fd1e47a0
* Make the contract keys test fail if the transaction is not rejected by the committer - First, this removes the assert statement in the DAML model, so that the transaction validation doesn't fail with a transaction abort. - Second, the gRPC error message should contain Disputed. `InvalidLookup` should only be used in Sandbox Classic, but due to code sharing, the validation that triggers this error is also run for Sadbonx. * Fix the key lookup in kvutils The current way of transaction validation and key lookup does not work in the following scenario: - the transaction coming from the participant has a negative key lookup - the contract key state is loaded, which points to a contract that has been created by another transaction since the command interpretation on the participant - the contract state for the contractId inside the contract key state has not been loaded, therefore the visibility and activeness check in `ProcessTransactionSubmission.lookupKey` returns `None`, even though there is in fact a contract with such a key. To mitigate this issue, the `lookupKey` function must not check activeness or visibility. If the submitter is not allowed to load the contract via a key lookup, the authorization check should catch that. Any other situation that is inconsistent should result in a rejection of the transaction. A small side effect of this change is that the `lookupContract` function might try to load a contract that wasn't loaded from the kv state earlier. This only happens because we first rebuild the entire transaction before we compare it to the original transaction. Previously we threw an exception in this case, but this results in a rather ugly abort of the reinterpretation of the transaction. Therefore the `lookupContract` function just returns `None`. Eventually the transaction will be rejected during validation of the nodes, because the `LookupByKey` nodes will be different. This would not happen if we reinterpreted the transaction lazily and compared the nodes as soon as they are produced with the corresponding node of the original transaction. CHANGELOG_BEGIN [kvutils] Fixed the validation of key lookups. See issue `#5562 <https://github.com/digital-asset/daml/issues/5562>`__. [Participant Server, Ledger API Test Tool] Use rejection reasons of the participant-state API instead of sandbox specific ones. CHANGELOG_END * Validate causal monotonicity of used contract keys When using LookupByKey, the return contract isn't necessarily fetched or used any other way. This means that we need an extra pass over all contract keys to ensure that causal monotonicity is respected. To be able to do this, there is now a new field `DamlContractKeyState.active_at`, which is set to the same value `DamlTransactionEntry.ledger_effective_time`. An additional check in `ProcessTransactionSubmission` uses this field to verify causal monotonicity. |
||
|---|---|---|
| .. | ||
| src/main | ||
| test-certificates | ||
| BUILD.bazel | ||