IOST multiple signature
set -eu | |
TEST_USER_ID="testname" | |
GROUP="group" | |
IWALLET_CMD='iwallet --chain_id 1020 -s 127.0.0.1:30002' # single node dev chain | |
seckey1=3MWryACc5nSxRDJCJLe9Xq2spR1j7d5wYbZ4pZN4SvfgUxhG497DQxo5ahENoCnDkLsc7haSveP1q1zkt26JWhog | |
pubkey1=2ott3o9CZcaoZCe4nGYo1azEfEpY4W771GBFe133WW1p | |
function clean_account() { | |
$IWALLET_CMD account del $TEST_USER_ID | |
$IWALLET_CMD account del manager1 | |
$IWALLET_CMD account del manager2 | |
$IWALLET_CMD account del manager3 | |
} | |
function create_account() { | |
$IWALLET_CMD account import $TEST_USER_ID $seckey1 | |
$IWALLET_CMD --account admin account create $TEST_USER_ID --owner $pubkey1 --active $pubkey1 --initial_balance 20 --initial_ram 20000 --initial_gas_pledge 200 | |
$IWALLET_CMD --account admin account create manager1 --initial_balance 20 --initial_ram 20000 --initial_gas_pledge 200 | |
$IWALLET_CMD --account admin account create manager2 --initial_balance 20 --initial_ram 20000 --initial_gas_pledge 200 | |
$IWALLET_CMD --account admin account create manager3 --initial_balance 20 --initial_ram 20000 --initial_gas_pledge 200 | |
} | |
function split_account_perm() { | |
# First, add three items for the active/owner permission. | |
# Then, remove the old keypairs. | |
# Finally, since 34 + 34 + 34 > 100(100 is the default permission threshold), only when these three users all sign the tx can the tx be succeesfully sent and run. | |
$IWALLET_CMD --account $TEST_USER_ID call --signers ${TEST_USER_ID}@owner \ | |
auth.iost assignPermission \[\"$TEST_USER_ID\",\"active\",\"manager1@active\",34\] \ | |
auth.iost assignPermission \[\"$TEST_USER_ID\",\"active\",\"manager2@active\",34\] \ | |
auth.iost assignPermission \[\"$TEST_USER_ID\",\"active\",\"manager3@active\",34\] \ | |
auth.iost revokePermission \[\"$TEST_USER_ID\",\"active\",\"$pubkey1\"\] \ | |
auth.iost assignPermission \[\"$TEST_USER_ID\",\"owner\",\"manager1@active\",34\] \ | |
auth.iost assignPermission \[\"$TEST_USER_ID\",\"owner\",\"manager2@active\",34\] \ | |
auth.iost assignPermission \[\"$TEST_USER_ID\",\"owner\",\"manager3@active\",34\] \ | |
auth.iost revokePermission \[\"$TEST_USER_ID\",\"owner\",\"$pubkey1\"\] | |
echo "split permission done" | |
} | |
function test_singlesig_fail() { | |
# We expected the old keypair is invalid now | |
$IWALLET_CMD --account $TEST_USER_ID call token.iost transfer [\"iost\",\"$TEST_USER_ID\",\"admin\",\"10\",\"\"] && (echo "should fail, but succeed"; exit 1) || echo "command failed as expected" | |
} | |
function test_multisig_usage() { | |
delay_seconds=5 # In practice, since you need to send tx file to different persons and collect their signatures, 600(10 minutes) or 1200(20 minutes) may be a better choice for this parameter. | |
actionStr="[\"iost\",\"$TEST_USER_ID\",\"admin\",\"10\",\"\"]" | |
txStr="--tx_time_delay $delay_seconds token.iost transfer $actionStr" | |
txFile="tx.json" | |
# First, the operator generates the tx file. | |
$IWALLET_CMD call --output $txFile $txStr | |
# Then, diffrent users sign the tx file and generate signature files seperately. | |
# Following commands are assumed to be run by different persons, on different machines. | |
$IWALLET_CMD sign --as_publisher_sign $txFile ~/.iwallet/manager1.json sig2 | |
$IWALLET_CMD sign --as_publisher_sign $txFile ~/.iwallet/manager2.json sig3 | |
$IWALLET_CMD sign --as_publisher_sign $txFile ~/.iwallet/manager3.json sig4 | |
# Finally, the operator send to signed tx to the blockchain. | |
$IWALLET_CMD --account $TEST_USER_ID send --signature_files sig2,sig3,sig4 --as_publisher_sign $txFile || (echo "should succeed, but fail"; exit 1) | |
} | |
#clean_account | |
create_account | |
split_account_perm | |
test_multisig_usage | |
test_singlesig_fail | |
echo "multisig test succeed!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment