Axelar的函数ValidateContractCall()是用来做什么的?

huangapple go评论75阅读模式
英文:

What Does The Axelar Function ValidateContractCall() Do?

问题

validateContractCall()函数似乎很重要,但我对于需要验证什么以及我的合约代码需要进行哪些进一步的验证以确保消息是合法的并且源自于源链上的“允许”的合约,还不是100%清楚。我知道其他GMP服务要求您注册一个合约地址的“允许列表”等等,那么Axelar的方法是什么呢?
谢谢。

英文:

The validateContractCall() function seems important, but I am not 100% clear on what gets validated and what my own contract code needs to do in terms of further validation to ensure that the message is legit and originated from "allowed" contract(s) on the source chain. I know other GMP services require you to register an "allowlist" of contract addresses, etc. -- what is the approach with Axelar?
Thank You

答案1

得分: 1

这里正在验证的是函数的执行是否来自Axelar网络。Axelar验证者集拥有控制部署在每个链上的Gateway合约的密钥。

这个密钥是由许多"密钥份额"生成的。每个验证者根据其抵押的AXL数量控制一定数量的密钥份额。只有在验证者集经过投票成功达成共识后,该密钥才会执行Gateway合约。

validateContractCall()函数确保触发该函数的密钥实际上来自Axelar验证者集,在完成上述过程后。

值得注意的是,在该函数的实际定义中:

function validateContractCall(
        bytes32 commandId,
        string calldata sourceChain,
        string calldata sourceAddress,
        bytes32 payloadHash
    ) external override returns (bool valid) {
        bytes32 key = _getIsContractCallApprovedKey(commandId, sourceChain, sourceAddress, msg.sender, payloadHash);
        valid = getBool(key);
        if (valid) _setBool(key, false);
    }

我们手动传入了sourceChainsourceAddress,因此除了验证调用是否来自Axelar网络之外,还值得验证调用是否来自正确的源链和源合约地址。

如果你想进一步了解,请参考以下资源!

英文:

What is getting validated here is that the execution of the function is coming from the Axelar network. The Axelar validator set owns the key which controls the Gateway contract on each chain it's deployed on.

This key is generated by many "key shares". Each validator controls a given amount of key shares based on how much AXL they have staked. Transactions are confirmed after a vote by the validators. Only after a successful consensus by the validator set the Gateway contract is executed by this key.

The validateContractCall() is making sure that the key triggering the function is, in fact coming from the Axelar validator set after completing the above process.

Worth noting that in the actual definition of this function:

function validateContractCall(
        bytes32 commandId,
        string calldata sourceChain,
        string calldata sourceAddress,
        bytes32 payloadHash
    ) external override returns (bool valid) {
        bytes32 key = _getIsContractCallApprovedKey(commandId, sourceChain, sourceAddress, msg.sender, payloadHash);
        valid = getBool(key);
        if (valid) _setBool(key, false);
    }

We pass in the sourceChain and sourceAddress manually, so it is also worth validating that the call is coming from the correct source chain and source contract address in addition to validating that the call is coming from the Axelar network.

Here are some good resources if you want to read up more on this!

huangapple
  • 本文由 发表于 2023年8月9日 04:31:43
  • 转载请务必保留本文链接:https://go.coder-hub.com/76863027.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定