stellar · Shaptic · Mar 18, 2022 · Mar 14, 2022 · Mar 14, 2022 · Mar 14, 2022
diff --git a/gxdr/xdr_generated.go b/gxdr/xdr_generated.go
diff --git a/network/main.go b/network/main.go
@@ -79,13 +79,14 @@ func HashTransactionV0(tx xdr.TransactionV0, passphrase string) ([32]byte, error
 	if err != nil {
 		return [32]byte{}, err
 	}
+
 	v1Tx := xdr.Transaction{
 		SourceAccount: sa,
 		Fee:           tx.Fee,
 		Memo:          tx.Memo,
 		Operations:    tx.Operations,
 		SeqNum:        tx.SeqNum,
-		TimeBounds:    tx.TimeBounds,
+		Cond:          xdr.NewPreconditionsWithTimeBounds(tx.TimeBounds),
 	}
 	return HashTransaction(v1Tx, passphrase)
 }

diff --git a/network/main_test.go b/network/main_test.go
@@ -39,8 +39,9 @@ func TestHashTransaction(t *testing.T) {
 		Memo:          txe.Memo(),
 		Operations:    txe.Operations(),
 		SeqNum:        xdr.SequenceNumber(txe.SeqNum()),
-		TimeBounds:    txe.TimeBounds(),
+		Cond:          xdr.NewPreconditionsWithTimeBounds(txe.TimeBounds()),
 	}
+
 	actual, err = HashTransaction(tx, TestNetworkPassphrase)
 	assert.NoError(t, err)
 	assert.Equal(t, expected, actual)

diff --git a/services/horizon/internal/db2/history/fee_bump_scenario.go b/services/horizon/internal/db2/history/fee_bump_scenario.go
@@ -141,9 +141,12 @@ func FeeBumpScenario(tt *test.T, q *Q, successful bool) FeeBumpFixture {
 								Type: xdr.MemoTypeMemoNone,
 							},
 							SeqNum: 97,
-							TimeBounds: &xdr.TimeBounds{
-								MinTime: 2,
-								MaxTime: 4,
+							Cond: xdr.Preconditions{
+								Type: xdr.PreconditionTypePrecondTime,
+								TimeBounds: &xdr.TimeBounds{
+									MinTime: 2,
+									MaxTime: 4,
+								},
 							},
 							Operations: []xdr.Operation{
 								{

diff --git a/services/horizon/internal/db2/schema/bindata.go b/services/horizon/internal/db2/schema/bindata.go
diff --git a/services/horizon/internal/db2/schema/migrations/54_bigger_account_signers.sql b/services/horizon/internal/db2/schema/migrations/54_bigger_account_signers.sql
@@ -0,0 +1,10 @@
+-- +migrate Up
+
+-- CAP-40 signed payload strkeys can be 165 characters long, see
+-- strkey/main.go:maxEncodedSize
+ALTER TABLE accounts_signers
+  ALTER COLUMN signer TYPE character varying(165);
+
+-- +migrate Down
+ALTER TABLE accounts_signers
+  ALTER COLUMN signer TYPE character varying(64);
diff --git a/services/horizon/internal/ingest/processors/effects_processor_test.go b/services/horizon/internal/ingest/processors/effects_processor_test.go
@@ -2120,7 +2120,7 @@ func (s *CreateClaimableBalanceEffectsTestSuite) SetupTest() {
 			},
 		},
 	}
-	relBefore := xdr.Int64(1000)
+	relBefore := xdr.Duration(1000)
 	cb1 := xdr.ClaimableBalanceEntry{
 		BalanceId: balanceIDOp1,
 		Amount:    xdr.Int64(200000000),
@@ -2218,7 +2218,7 @@ func (s *CreateClaimableBalanceEffectsTestSuite) SetupTest() {
 	}
 }
 func (s *CreateClaimableBalanceEffectsTestSuite) TestEffects() {
-	relBefore := xdr.Int64(1000)
+	relBefore := xdr.Duration(1000)
 	testCases := []struct {
 		desc     string
 		op       xdr.Operation

diff --git a/services/horizon/internal/ingest/processors/signers_processor.go b/services/horizon/internal/ingest/processors/signers_processor.go
@@ -138,7 +138,7 @@ func (p *SignersProcessor) Commit(ctx context.Context) error {
 					sponsor,
 				)
 				if err != nil {
-					return errors.Wrap(err, "Error inserting a signer")
+					return errors.Wrapf(err, "Error inserting a signer (%s)", signer)
 				}
 
 				if rowsAffected != 1 {

diff --git a/services/horizon/internal/ingest/verify_test.go b/services/horizon/internal/ingest/verify_test.go
@@ -38,6 +38,9 @@ func genAccount(tt *test.T, gen randxdr.Generator) xdr.LedgerEntryChange {
 			{randxdr.FieldEquals("created.data.account.ext.v1.ext.v2.numSponsoring"), randxdr.SetPositiveNum32},
 			{randxdr.FieldEquals("created.data.account.ext.v1.ext.v2.numSponsored"), randxdr.SetPositiveNum32},
 			{randxdr.FieldEquals("created.data.account.ext.v1.ext.v2.signerSponsoringIDs"), randxdr.SetVecLen(numSigners)},
+			{randxdr.FieldEquals("created.data.account.ext.v1.ext.v2.ext.v"), randxdr.SetU32(0)},
+			// {randxdr.FieldEquals("created.data.account.ext.v1.ext.v2.ext.v3.seqLedger"), randxdr.SetPositiveNum32},
+			// {randxdr.FieldEquals("created.data.account.ext.v1.ext.v2.ext.v3.seqTime"), randxdr.SetPositiveNum64},
 		},
 	)
 

diff --git a/services/horizon/internal/resourceadapter/claimable_balances_test.go b/services/horizon/internal/resourceadapter/claimable_balances_test.go
@@ -24,8 +24,8 @@ func TestPopulateClaimableBalance(t *testing.T) {
 	unconditional := &xdr.ClaimPredicate{
 		Type: xdr.ClaimPredicateTypeClaimPredicateUnconditional,
 	}
-	relBefore := xdr.Int64(12)
-	absBefore := xdr.Int64(1598440539)
+	relBefore := xdr.Duration(12)
+	absBefore := xdr.TimePoint(1598440539)
 
 	id, err := xdr.MarshalHex(&balanceID)
 	tt.NoError(err)

diff --git a/strkey/decode_test.go b/strkey/decode_test.go
@@ -69,6 +69,25 @@ func TestDecode(t *testing.T) {
 				0xb7, 0xd3, 0x73, 0x8d, 0x18, 0x55, 0xf3, 0x63,
 			},
 		},
+		{
+			Name:                "SignedPayload",
+			Address:             "PA3D5KRYM6CB7OWQ6TWYRR3Z4T7GNZLKERYNZGGA5SOAOPIFY6YQGAAAAAEQAAAAAAAAAAAAAAAAAABBXA",
+			ExpectedVersionByte: VersionByteSignedPayload,
+			ExpectedPayload: []byte{
+				// ed25519 (same as test case 1)
+				0x36, 0x3e, 0xaa, 0x38, 0x67, 0x84, 0x1f, 0xba,
+				0xd0, 0xf4, 0xed, 0x88, 0xc7, 0x79, 0xe4, 0xfe,
+				0x66, 0xe5, 0x6a, 0x24, 0x70, 0xdc, 0x98, 0xc0,
+				0xec, 0x9c, 0x07, 0x3d, 0x05, 0xc7, 0xb1, 0x03,
+				// payload length
+				0x00, 0x00, 0x00, 0x09,
+				// payload
+				0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+				0x00,
+				// padding
+				0x00, 0x00, 0x00,
+			},
+		},
 	}
 
 	for _, kase := range cases {

diff --git a/strkey/encode_test.go b/strkey/encode_test.go
@@ -1,6 +1,7 @@
 package strkey
 
 import (
+	"crypto/rand"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -69,6 +70,25 @@ func TestEncode(t *testing.T) {
 			},
 			Expected: "XBU2RRGLXH3E5CQHTD3ODLDF2BWDCYUSSBLLZ5GNW7JXHDIYKXZWGTOG",
 		},
+		{
+			Name:        "SignedPayload",
+			VersionByte: VersionByteSignedPayload,
+			Payload: []byte{
+				// ed25519 (same as test case 1)
+				0x36, 0x3e, 0xaa, 0x38, 0x67, 0x84, 0x1f, 0xba,
+				0xd0, 0xf4, 0xed, 0x88, 0xc7, 0x79, 0xe4, 0xfe,
+				0x66, 0xe5, 0x6a, 0x24, 0x70, 0xdc, 0x98, 0xc0,
+				0xec, 0x9c, 0x07, 0x3d, 0x05, 0xc7, 0xb1, 0x03,
+				// payload length
+				0x00, 0x00, 0x00, 0x09,
+				// payload
+				0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+				0x00,
+				// padding
+				0x00, 0x00, 0x00,
+			},
+			Expected: "PA3D5KRYM6CB7OWQ6TWYRR3Z4T7GNZLKERYNZGGA5SOAOPIFY6YQGAAAAAEQAAAAAAAAAAAAAAAAAABBXA",
+		},
 	}
 
 	for _, kase := range cases {
@@ -83,13 +103,8 @@ func TestEncode(t *testing.T) {
 	assert.Error(t, err)
 
 	// test too long payload
-	_, err = Encode(VersionByteAccountID, []byte{
-		0x69, 0xa8, 0xc4, 0xcb, 0xb9, 0xf6, 0x4e, 0x8a,
-		0x07, 0x98, 0xf6, 0xe1, 0xac, 0x65, 0xd0, 0x6c,
-		0x31, 0x62, 0x92, 0x90, 0x56, 0xbc, 0xf4, 0xcd,
-		0xb7, 0xd3, 0x73, 0x8d, 0x18, 0x55, 0xf3, 0x63,
-		0x69, 0xa8, 0xc4, 0xcb, 0xb9, 0xf6, 0x4e, 0x8a,
-		0x01,
-	})
+	longPayload := make([]byte, maxPayloadSize+1)
+	rand.Read(longPayload)
+	_, err = Encode(VersionByteAccountID, longPayload)
 	assert.EqualError(t, err, "data exceeds maximum payload size for strkey")
 }
diff --git a/strkey/main.go b/strkey/main.go
@@ -34,13 +34,19 @@ const (
 	//VersionByteHashX is the version byte used for encoded stellar hashX
 	//signer keys.
 	VersionByteHashX = 23 << 3 // Base32-encodes to 'X...'
+
+	//VersionByteSignedPayload is the version byte used for encoding "signed
+	//payload" (CAP-40) signer keys.
+	VersionByteSignedPayload = 15 << 3 // Base-32 encodes to 'P'
 )
 
-// maxPayloadSize is the maximum length of the payload for all versions.
-const maxPayloadSize = 40
+// maxPayloadSize is the maximum length of the payload for all versions. The
+// largest strkey is a signed payload: 32-byte public key + 4-byte payload
+// length + 64-byte payload
+const maxPayloadSize = 100
 
 // maxRawSize is the maximum length of a strkey in its raw form not encoded.
-const maxRawSize = 1 + maxPayloadSize + 2
+const maxRawSize = 1 + /* version byte */ maxPayloadSize + 2 /* checksum */
 
 // maxEncodedSize is the maximum length of a strkey when base32 encoded.
 const maxEncodedSize = (maxRawSize*8 + 4) / 5 // (8n+4)/5 is the EncodedLen for no padding
@@ -110,7 +116,7 @@ func Decode(expected VersionByte, src string) ([]byte, error) {
 		return nil, err
 	}
 
-	// if we made it through the gaunlet, return the decoded value
+	// if we made it through the gauntlet, return the decoded value
 	return payload, nil
 }
 
@@ -182,7 +188,7 @@ func Version(src string) (VersionByte, error) {
 // is not one of the defined valid version byte constants.
 func checkValidVersionByte(version VersionByte) error {
 	switch version {
-	case VersionByteAccountID, VersionByteMuxedAccount, VersionByteSeed, VersionByteHashTx, VersionByteHashX:
+	case VersionByteAccountID, VersionByteMuxedAccount, VersionByteSeed, VersionByteHashTx, VersionByteHashX, VersionByteSignedPayload:
 		return nil
 	default:
 		return ErrInvalidVersionByte

diff --git a/strkey/main_test.go b/strkey/main_test.go
@@ -41,6 +41,11 @@ func TestVersion(t *testing.T) {
 			Address:             "MBU2RRGLXH3E5CQHTD3ODLDF2BWDCYUSSBLLZ5GNW7JXHDIYKXZWGTOG",
 			ExpectedVersionByte: VersionByte(0x60),
 		},
+		{
+			Name:                "Signed Payload",
+			Address:             "PDPYP7E6NEYZSVOTV6M23OFM2XRIMPDUJABHGHHH2Y67X7JL25GW6AAAAAAAAAAAAAAJEVA",
+			ExpectedVersionByte: VersionByteSignedPayload,
+		},
 	}
 
 	for _, kase := range cases {

diff --git a/strkey/signed_payload.go b/strkey/signed_payload.go
@@ -0,0 +1,81 @@
+package strkey
+
+import (
+	"bytes"
+
+	xdr "github.com/stellar/go-xdr/xdr3"
+	"github.com/stellar/go/support/errors"
+)
+
+type SignedPayload struct {
+	signer  string
+	payload []byte
+}
+
+const maxPayloadLen = 64
+
+// NewSignedPayload creates a signed payload from an account ID (G... address)
+// and a payload. The payload buffer is copied directly into the structure, so
+// it should not be modified after construction.
+func NewSignedPayload(signerPublicKey string, payload []byte) (*SignedPayload, error) {
+	if len(payload) > maxPayloadLen {
+		return nil, errors.Errorf("payload length %d exceeds max %d",
+			len(payload), maxPayloadLen)
+	}
+
+	return &SignedPayload{signer: signerPublicKey, payload: payload}, nil
+}
+
+// Encode turns a signed payload structure into its StrKey equivalent.
+func (sp *SignedPayload) Encode() (string, error) {
+	signerBytes, err := Decode(VersionByteAccountID, sp.Signer())
+	if err != nil {
+		return "", errors.Wrap(err, "failed to decode signed payload signer")
+	}
+
+	b := new(bytes.Buffer)
+	b.Write(signerBytes)
+	xdr.Marshal(b, sp.Payload())
+
+	strkey, err := Encode(VersionByteSignedPayload, b.Bytes())
+	if err != nil {
+		return "", errors.Wrap(err, "failed to encode signed payload")
+	}
+	return strkey, nil
+}
+
+func (sp *SignedPayload) Signer() string {
+	return sp.signer
+}
+
+func (sp *SignedPayload) Payload() []byte {
+	return sp.payload
+}
+
+// DecodeSignedPayload transforms a P... signer into a `SignedPayload` instance.
+func DecodeSignedPayload(address string) (*SignedPayload, error) {
+	raw, err := Decode(VersionByteSignedPayload, address)
+	if err != nil {
+		return nil, errors.New("invalid signed payload")
+	}
+
+	const signerLen = 32
+	rawSigner, raw := raw[:signerLen], raw[signerLen:]
+	signer, err := Encode(VersionByteAccountID, rawSigner)
+	if err != nil {
+		return nil, errors.Wrap(err, "invalid signed payload signer")
+	}
+
+	payload := []byte{}
+	reader := bytes.NewBuffer(raw)
+	readBytes, err := xdr.Unmarshal(reader, &payload)
+	if err != nil {
+		return nil, errors.Wrap(err, "invalid signed payload")
+	}
+
+	if len(raw) != readBytes || reader.Len() > 0 {
+		return nil, errors.New("invalid signed payload padding")
+	}
+
+	return NewSignedPayload(signer, payload)
+}