Skip to content
This repository was archived by the owner on Nov 15, 2023. It is now read-only.

Asset Pallet: Support repeated destroys to safely destroy large assets #12310

Merged
paritytech-processbot merged 73 commits into from
Nov 15, 2022
Merged

Asset Pallet: Support repeated destroys to safely destroy large assets #12310

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
73 commits
Select commit Hold shift + click to select a range
6a9d9d1
Support repeated destroys to safely destroy large assets
tonyalaribe Sep 20, 2022
7db1fd5
require freezing accounts before destroying
tonyalaribe Sep 20, 2022
cbe14b2
support only deleting asset as final stage when there's no assets left
tonyalaribe Sep 21, 2022
001eaef
Merge branch 'master' into aa/safely-destroy-large-assets
tonyalaribe Sep 21, 2022
1beae07
pre: introduce the RemoveKeyLimit config parameter
tonyalaribe Sep 22, 2022
c9ce171
debug_ensure empty account in the right if block
tonyalaribe Sep 22, 2022
3067e38
update to having separate max values for accounts and approvals
tonyalaribe Sep 22, 2022
7c4f610
add tests and use RemoveKeyLimit constant
tonyalaribe Sep 26, 2022
aca497f
add useful comments to the extrinsics, and calculate returned weight
tonyalaribe Sep 27, 2022
634345a
Merge branch 'master' of github.com:paritytech/substrate into aa/safe…
tonyalaribe Sep 27, 2022
93d886d
add benchmarking for start_destroy and finish destroy
tonyalaribe Sep 27, 2022
2d3b650
push failing benchmark logic
tonyalaribe Sep 27, 2022
5a612d1
add benchmark tests for new functions
tonyalaribe Sep 27, 2022
b961255
update weights via local benchmarks
tonyalaribe Sep 27, 2022
91e3c18
remove extra weight file
tonyalaribe Sep 27, 2022
60f954a
Update frame/assets/src/lib.rs
tonyalaribe Sep 28, 2022
ce00b5b
Update frame/assets/src/types.rs
tonyalaribe Sep 28, 2022
5492b6d
Update frame/assets/src/lib.rs
tonyalaribe Sep 28, 2022
bc20a6c
effect some changes from codereview
tonyalaribe Sep 28, 2022
6ceb592
use NotFrozen error
tonyalaribe Sep 29, 2022
2edac52
remove origin checks, as anyone can complete destruction after owner …
tonyalaribe Sep 29, 2022
aa2aecf
fix comments about Origin behaviour
tonyalaribe Sep 29, 2022
10fdd90
add AssetStatus docs
tonyalaribe Sep 29, 2022
139d2e9
modularize logic to allow calling logic in on_idle and on_initialize …
tonyalaribe Oct 5, 2022
597f532
introduce simple migration for assets details
tonyalaribe Oct 6, 2022
a09e762
Merge remote-tracking branch 'origin/master' into aa/safely-destroy-l…
Oct 6, 2022
70930ac
reintroduce logging in the migrations
tonyalaribe Oct 7, 2022
dc4a243
move deposit_Event out of the mutate block
tonyalaribe Oct 12, 2022
05d778d
Update frame/assets/src/functions.rs
tonyalaribe Oct 12, 2022
62d4f13
Update frame/assets/src/migration.rs
tonyalaribe Oct 12, 2022
e9e108b
move AssetNotLive checkout out of the mutate blocks
tonyalaribe Oct 12, 2022
5df4a62
Merge branch 'aa/safely-destroy-large-assets' of github.com:paritytec…
tonyalaribe Oct 12, 2022
544ac52
rename RemoveKeysLimit to RemoveItemsLimit
tonyalaribe Oct 13, 2022
9206acf
update docs
tonyalaribe Oct 13, 2022
29c7745
fix event name in benchmark
tonyalaribe Oct 14, 2022
2986f29
fix cargo fmt.
tonyalaribe Oct 14, 2022
6ac84a1
fix lint in benchmarking
tonyalaribe Oct 14, 2022
1f2930f
Merge branch 'master' of github.com:paritytech/substrate into aa/safe…
tonyalaribe Oct 14, 2022
791aa7f
Empty commit to trigger CI
tonyalaribe Oct 14, 2022
450a698
Update frame/assets/src/lib.rs
tonyalaribe Oct 14, 2022
3daef79
Update frame/assets/src/lib.rs
tonyalaribe Oct 14, 2022
ea34cf5
Update frame/assets/src/functions.rs
tonyalaribe Oct 14, 2022
84cbb47
Update frame/assets/src/functions.rs
tonyalaribe Oct 14, 2022
082a10c
Update frame/assets/src/functions.rs
tonyalaribe Oct 14, 2022
e84d5ae
Update frame/assets/src/lib.rs
tonyalaribe Oct 14, 2022
78cde15
Update frame/assets/src/functions.rs
tonyalaribe Oct 14, 2022
c6470fb
effect change suggested during code review
tonyalaribe Oct 14, 2022
85e50b9
move limit to a single location
tonyalaribe Oct 14, 2022
c97e850
Merge branch 'master' of github.com:paritytech/substrate into aa/safe…
tonyalaribe Oct 17, 2022
df27e0b
Update frame/assets/src/functions.rs
tonyalaribe Oct 18, 2022
ca9fa2e
rename events
tonyalaribe Oct 18, 2022
9609f13
fix weight typo, using rocksdb instead of T::DbWeight. Pending genera…
tonyalaribe Oct 18, 2022
26d27cc
switch to using dead_account.len()
tonyalaribe Oct 18, 2022
72ec8f8
rename event in the benchmarks
tonyalaribe Oct 20, 2022
ee30cf8
empty to retrigger CI
tonyalaribe Oct 20, 2022
87a7877
Merge branch 'master' of github.com:paritytech/substrate into aa/safe…
tonyalaribe Oct 20, 2022
773212e
trigger CI to check cumulus dependency
tonyalaribe Oct 20, 2022
a4be57f
trigger CI for dependent cumulus
tonyalaribe Oct 20, 2022
111da0e
Merge branch 'master' into aa/safely-destroy-large-assets
tonyalaribe Oct 22, 2022
9c06bb8
Update frame/assets/src/migration.rs
tonyalaribe Oct 24, 2022
4eef069
move is-frozen to the assetStatus enum (#12547)
tonyalaribe Oct 26, 2022
486814f
add pre and post migration hooks
tonyalaribe Oct 26, 2022
c185cb0
update do_transfer logic to add new assert for more correct error mes…
tonyalaribe Oct 26, 2022
91095af
trigger CI
tonyalaribe Oct 26, 2022
9ef3c2b
switch checking AssetStatus from checking Destroying state to checkin…
tonyalaribe Oct 27, 2022
6165576
fix error type in tests from Frozen to AssetNotLive
tonyalaribe Oct 27, 2022
7811b62
trigger CI
tonyalaribe Oct 27, 2022
cd3e28d
change ensure check for fn reducible_balance()
tonyalaribe Oct 27, 2022
aee596e
change the error type to Error:<T,I>::IncorrectStatus to be clearer
tonyalaribe Nov 7, 2022
30814df
Trigger CI
tonyalaribe Nov 7, 2022
9b653a5
Merge branch 'master' into aa/safely-destroy-large-assets
tonyalaribe Nov 7, 2022
57fe747
Merge branch 'master' into aa/safely-destroy-large-assets
tonyalaribe Nov 10, 2022
7ba1ef5
Merge branch 'master' into aa/safely-destroy-large-assets
tonyalaribe Nov 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
modularize logic to allow calling logic in on_idle and on_initialize … 
…hooks
  • Loading branch information
@tonyalaribe
tonyalaribe committed Oct 5, 2022
commit 139d2e9235ce45501140cdff8b2158f29efe8be8
113 changes: 113 additions & 0 deletions frame/assets/src/functions.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -665,6 +665,119 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
Ok(())
}

/// Start the process of destroying an asset, by setting the asset status to Destroying, and
/// emitting the DestructionStarted event.
pub(super) fn do_start_destroy(
id: T::AssetId,
maybe_check_owner: Option<T::AccountId>,
) -> DispatchResult {
let _ =
Asset::<T, I>::try_mutate_exists(id, |maybe_details| -> Result<(), DispatchError> {
let mut details = maybe_details.as_mut().ok_or(Error::<T, I>::Unknown)?;
if let Some(check_owner) = maybe_check_owner {
ensure!(details.owner == check_owner, Error::<T, I>::NoPermission);
}
ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
Copy link
Member

@ggwpez ggwpez Oct 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we now have asset status and is_froze?
Could is_frozen not be calculated from status? An Frozen could be added to the AssetStatus.

Copy link
Contributor Author

@tonyalaribe tonyalaribe Oct 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, but shouldn't that be better in a different PR? There's a lot of existing frozen related logic, so it could be better to handle all that separately.

details.status = AssetStatus::Destroying;
Copy link
Member

@ggwpez ggwpez Oct 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So it is possible to call start_destroy multiple times?
There could be a check that checks the status as well I assume.
In either way please add a test.

Copy link
Contributor Author

@tonyalaribe tonyalaribe Oct 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a test for the multi destroying. Do you mean I should add a test specifically for calling start_destroy multiple times?


Self::deposit_event(Event::DestructionStarted { asset_id: id });
Ok(())
})?;
Ok(())
}

/// Destroy accounts associated with a given asset up to the max (T::RemoveKeysLimit).
///
/// Each call emits the `Event::DestroyedAccountss` event.
pub(super) fn do_destroy_accounts(id: T::AssetId) -> Result<u32, DispatchError> {
let mut dead_accounts: Vec<T::AccountId> = vec![];
let mut removed_accounts = 0;
let _ =
Asset::<T, I>::try_mutate_exists(id, |maybe_details| -> Result<(), DispatchError> {
let mut details = maybe_details.as_mut().ok_or(Error::<T, I>::Unknown)?;
ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
// Should only destroy accounts while the asset is being destroyed
ensure!(details.status == AssetStatus::Destroying, Error::<T, I>::LiveAsset);
Copy link
Contributor

@muharem muharem Oct 30, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

error is not so accurate now

Copy link
Contributor Author

@tonyalaribe tonyalaribe Nov 1, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, but it might still work though. Or i could introduce Error::::NotDestroying? But NotDestroying doesn't sound good either 🤔

Copy link
Contributor

@jsidorenko jsidorenko Nov 3, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could be Error::<T, I>::Incorrect(Wrong)State(Status)

Copy link
Contributor Author

@tonyalaribe tonyalaribe Nov 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, that makes sense. changing


for (who, v) in Account::<T, I>::drain_prefix(id) {
let _ = Self::dead_account(&who, &mut details, &v.reason, true);
dead_accounts.push(who);
removed_accounts = removed_accounts.saturating_add(1);
if removed_accounts >= T::RemoveKeysLimit::get() {
break
}
}

Self::deposit_event(Event::DestroyedAccounts {
asset_id: id,
accounts_destroyed: removed_accounts as u32,
accounts_remaining: details.accounts as u32,
});
Copy link
Contributor

@muharem muharem Oct 11, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

still feels strange to me why its not at the end, after T::Freezer::died(id, &who);

Copy link
Contributor Author

@tonyalaribe tonyalaribe Oct 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alright, i'll move it.

Copy link
Contributor Author

@tonyalaribe tonyalaribe Oct 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But you're right, it's likely safer there as well. I just won't have access to details.account from outside. But i'll just copy it into another variable.


Ok(())
})?;

for who in dead_accounts {
T::Freezer::died(id, &who);
}
Ok(removed_accounts)
}

/// Destroy approvals associated with a given asset up to the max (T::RemoveKeysLimit).
///
/// Each call emits the `Event::DestroyedApprovals` event
pub(super) fn do_destroy_approvals(id: T::AssetId) -> Result<u32, DispatchError> {
let mut removed_approvals = 0;
let _ =
Asset::<T, I>::try_mutate_exists(id, |maybe_details| -> Result<(), DispatchError> {
let mut details = maybe_details.as_mut().ok_or(Error::<T, I>::Unknown)?;

ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
// Should only destroy accounts while the asset is being destroyed
ensure!(details.status == AssetStatus::Destroying, Error::<T, I>::LiveAsset);

for ((owner, _), approval) in Approvals::<T, I>::drain_prefix((id,)) {
T::Currency::unreserve(&owner, approval.deposit);
removed_approvals = removed_approvals.saturating_add(1);
details.approvals = details.approvals.saturating_sub(1);
if removed_approvals >= T::RemoveKeysLimit::get() {
break
}
}
Self::deposit_event(Event::DestroyedApprovals {
asset_id: id,
approvals_destroyed: removed_approvals as u32,
approvals_remaining: details.approvals as u32,
});
Ok(())
})?;
Ok(removed_approvals)
}

/// Complete destrouing asset and unreserve the currency.
///
/// On success, the `Event::Destroyed` event is emitted.
pub(super) fn do_finish_destroy(id: T::AssetId) -> DispatchResult {
let _ =
Asset::<T, I>::try_mutate_exists(id, |maybe_details| -> Result<(), DispatchError> {
let details = maybe_details.take().ok_or(Error::<T, I>::Unknown)?;
ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
ensure!(details.status == AssetStatus::Destroying, Error::<T, I>::LiveAsset);
ensure!(details.accounts == 0, Error::<T, I>::InUse);
Copy link
Member

@ggwpez ggwpez Oct 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there could be a better error here since this is documented as The asset ID is already taken.
Something that makes it clear that you need to call destroy_accounts/destroy_approvals.

Copy link
Contributor Author

@tonyalaribe tonyalaribe Oct 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you have any suggestions on what to call it?

ensure!(details.approvals == 0, Error::<T, I>::InUse);

let metadata = Metadata::<T, I>::take(&id);
T::Currency::unreserve(
&details.owner,
details.deposit.saturating_add(metadata.deposit),
);
Self::deposit_event(Event::Destroyed { asset_id: id });

Ok(())
})?;
Ok(())
}

/// Creates an approval from `owner` to spend `amount` of asset `id` tokens by 'delegate'
/// while reserving `T::ApprovalDeposit` from owner
///
Expand Down
100 changes: 5 additions & 95 deletions frame/assets/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -616,21 +616,7 @@ pub mod pallet {
Ok(_) => None,
Err(origin) => Some(ensure_signed(origin)?),
};
let _ = Asset::<T, I>::try_mutate_exists(
id,
|maybe_details| -> Result<(), DispatchError> {
let mut details = maybe_details.as_mut().ok_or(Error::<T, I>::Unknown)?;
if let Some(check_owner) = maybe_check_owner {
ensure!(details.owner == check_owner, Error::<T, I>::NoPermission);
}
ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
details.status = AssetStatus::Destroying;

Self::deposit_event(Event::DestructionStarted { asset_id: id });
Ok(())
},
)?;
Ok(())
Self::do_start_destroy(id, maybe_check_owner)
}

/// Destroy all accounts associated with a given asset.
Expand All @@ -651,42 +637,11 @@ pub mod pallet {
#[pallet::compact] id: T::AssetId,
) -> DispatchResultWithPostInfo {
let _ = ensure_signed(origin)?;
let mut dead_accounts: Vec<T::AccountId> = vec![];
let mut removed_accounts = 0;
let _ = Asset::<T, I>::try_mutate_exists(
id,
|maybe_details| -> Result<(), DispatchError> {
let mut details = maybe_details.as_mut().ok_or(Error::<T, I>::Unknown)?;
ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
// Should only destroy accounts while the asset is being destroyed
ensure!(details.status == AssetStatus::Destroying, Error::<T, I>::LiveAsset);

for (who, v) in Account::<T, I>::drain_prefix(id) {
let _ = Self::dead_account(&who, &mut details, &v.reason, true);
dead_accounts.push(who);
removed_accounts = removed_accounts.saturating_add(1);
if removed_accounts >= T::RemoveKeysLimit::get() {
break
}
}

Self::deposit_event(Event::DestroyedAccounts {
asset_id: id,
accounts_destroyed: removed_accounts as u32,
accounts_remaining: details.accounts as u32,
});

Ok(())
},
)?;

for who in dead_accounts {
T::Freezer::died(id, &who);
}
let removed_accounts = Self::do_destroy_accounts(id)?;
Ok(Some(T::WeightInfo::destroy_accounts(removed_accounts)).into())
}

/// Destroy all approvals associated with a given asset.
/// Destroy all approvals associated with a given asset up to the max (T::RemoveKeysLimit),
/// `destroy_approvals` should only be called after `start_destroy` has been called, and the
/// asset is in a `Destroying` state
///
Expand All @@ -704,33 +659,7 @@ pub mod pallet {
#[pallet::compact] id: T::AssetId,
) -> DispatchResultWithPostInfo {
let _ = ensure_signed(origin)?;
let mut removed_approvals = 0;
let _ = Asset::<T, I>::try_mutate_exists(
id,
|maybe_details| -> Result<(), DispatchError> {
let mut details = maybe_details.as_mut().ok_or(Error::<T, I>::Unknown)?;

ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
// Should only destroy accounts while the asset is being destroyed
ensure!(details.status == AssetStatus::Destroying, Error::<T, I>::LiveAsset);

for ((owner, _), approval) in Approvals::<T, I>::drain_prefix((id,)) {
T::Currency::unreserve(&owner, approval.deposit);
removed_approvals = removed_approvals.saturating_add(1);
details.approvals = details.approvals.saturating_sub(1);
if removed_approvals >= T::RemoveKeysLimit::get() {
break
}
}
Self::deposit_event(Event::DestroyedApprovals {
asset_id: id,
approvals_destroyed: removed_approvals as u32,
approvals_remaining: details.approvals as u32,
});
Ok(())
},
)?;

let removed_approvals = Self::do_destroy_approvals(id)?;
Ok(Some(T::WeightInfo::destroy_approvals(removed_approvals)).into())
}

Expand All @@ -749,26 +678,7 @@ pub mod pallet {
#[pallet::compact] id: T::AssetId,
) -> DispatchResult {
let _ = ensure_signed(origin)?;
let _ = Asset::<T, I>::try_mutate_exists(
id,
|maybe_details| -> Result<(), DispatchError> {
let details = maybe_details.take().ok_or(Error::<T, I>::Unknown)?;
ensure!(details.is_frozen, Error::<T, I>::NotFrozen);
ensure!(details.status == AssetStatus::Destroying, Error::<T, I>::LiveAsset);
ensure!(details.accounts == 0, Error::<T, I>::InUse);
ensure!(details.approvals == 0, Error::<T, I>::InUse);

let metadata = Metadata::<T, I>::take(&id);
T::Currency::unreserve(
&details.owner,
details.deposit.saturating_add(metadata.deposit),
);
Self::deposit_event(Event::Destroyed { asset_id: id });

Ok(())
},
)?;
Ok(())
Self::do_finish_destroy(id)
}

/// Mint assets of a particular class.
Expand Down