autonomys · teor2345 · Jan 14, 2025 · Jan 15, 2025 · Jan 14, 2025 · Jan 14, 2025
diff --git a/Cargo.lock b/Cargo.lock
@@ -7,7 +7,7 @@ use sp_runtime::transaction_validity::{
 };
 use sp_std::prelude::*;
 
-/// Disable specific pallets.
+/// Disable balance transfers, if configured in the runtime.
 #[derive(Debug, Encode, Decode, Clone, Eq, PartialEq, Default, TypeInfo)]
 pub struct DisablePallets;
 

@@ -6,7 +6,7 @@ edition = "2021"
 license = "Apache-2.0"
 homepage = "https://subspace.network"
 repository = "https://github.com/autonomys/subspace"
-description = "Subspace node pallet for EVM account nonce tracker."
+description = "Subspace node pallet for EVM account nonce tracker and contract creation allow list."
 include = [
     "/src",
     "/Cargo.toml",
@@ -18,6 +18,7 @@ frame-support = { default-features = false, git = "https://github.com/subspace/p
 frame-system = { default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "94a1a8143a89bbe9f938c1939ff68abc1519a305" }
 scale-info = { version = "2.11.2", default-features = false, features = ["derive"] }
 sp-core = { default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "94a1a8143a89bbe9f938c1939ff68abc1519a305" }
+sp-domains = { version = "0.1.0", default-features = false, path = "../../../crates/sp-domains" }
 sp-runtime = { default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "94a1a8143a89bbe9f938c1939ff68abc1519a305" }
 
 [features]
@@ -28,5 +29,6 @@ std = [
     "frame-system/std",
     "scale-info/std",
     "sp-core/std",
+    "sp-domains/std",
     "sp-runtime/std",
 ]
@@ -28,8 +28,9 @@ use sp_core::U256;
 #[frame_support::pallet]
 mod pallet {
     use frame_support::pallet_prelude::*;
-    use frame_system::pallet_prelude::BlockNumberFor;
+    use frame_system::pallet_prelude::*;
     use sp_core::U256;
+    use sp_domains::PermissionedActionAllowedBy;
 
     #[pallet::config]
     pub trait Config: frame_system::Config {}
@@ -41,11 +42,31 @@ mod pallet {
     pub(super) type AccountNonce<T: Config> =
         StorageMap<_, Identity, T::AccountId, U256, OptionQuery>;
 
+    /// Storage to hold EVM contract creation allow list accounts.
+    #[pallet::storage]
+    pub(super) type ContractCreationAllowedBy<T: Config> =
+        StorageValue<_, PermissionedActionAllowedBy<T::AccountId>, OptionQuery>;
+
     /// Pallet EVM account nonce tracker.
     #[pallet::pallet]
     #[pallet::without_storage_info]
     pub struct Pallet<T>(_);
 
+    #[pallet::call]
+    impl<T: Config> Pallet<T> {
+        /// Update ContractCreationAllowedBy storage by Sudo.
+        #[pallet::call_index(0)]
+        #[pallet::weight(<T as frame_system::Config>::DbWeight::get().reads_writes(0, 1))]
+        pub fn set_contract_creation_allowed_by(
+            origin: OriginFor<T>,
+            contract_creation_allowed_by: PermissionedActionAllowedBy<T::AccountId>,
+        ) -> DispatchResult {
+            ensure_root(origin)?;
+            ContractCreationAllowedBy::<T>::put(contract_creation_allowed_by);
+            Ok(())
+        }
+    }
+
     #[pallet::hooks]
     impl<T: Config> Hooks<BlockNumberFor<T>> for Pallet<T> {
         fn on_finalize(_now: BlockNumberFor<T>) {
@@ -66,4 +87,11 @@ impl<T: Config> Pallet<T> {
     pub fn set_account_nonce(account: T::AccountId, nonce: U256) {
         AccountNonce::<T>::set(account, Some(nonce))
     }
+
+    /// Returns true if the account is allowed to create contracts.
+    pub fn is_allowed_to_create_contracts(signer: &T::AccountId) -> bool {
+        ContractCreationAllowedBy::<T>::get()
+            .map(|allowed_by| allowed_by.is_allowed(signer))
+            .unwrap_or_default()
+    }
 }
@@ -41,9 +41,9 @@ use frame_support::weights::{ConstantMultiplier, Weight};
 use frame_support::{construct_runtime, parameter_types};
 use frame_system::limits::{BlockLength, BlockWeights};
 use pallet_block_fees::fees::OnChargeDomainTransaction;
-use pallet_ethereum::Call::transact;
 use pallet_ethereum::{
-    Call, PostLogContent, Transaction as EthereumTransaction, TransactionData, TransactionStatus,
+    PostLogContent, Transaction as EthereumTransaction, TransactionAction, TransactionData,
+    TransactionStatus,
 };
 use pallet_evm::{
     Account as EVMAccount, EnsureAddressNever, EnsureAddressRoot, FeeCalculator,
@@ -69,6 +69,7 @@ use sp_runtime::traits::{
 };
 use sp_runtime::transaction_validity::{
     InvalidTransaction, TransactionSource, TransactionValidity, TransactionValidityError,
+    ValidTransaction,
 };
 use sp_runtime::{
     generic, impl_opaque_keys, ApplyExtrinsicResult, ConsensusEngineId, Digest,
@@ -121,6 +122,7 @@ pub type SignedExtra = (
     frame_system::CheckNonce<Runtime>,
     domain_check_weight::CheckWeight<Runtime>,
     pallet_transaction_payment::ChargeTransactionPayment<Runtime>,
+    CheckContractCreation,
 );
 
 /// Custom signed extra for check_and_pre_dispatch.
@@ -134,6 +136,7 @@ type CustomSignedExtra = (
     pallet_evm_nonce_tracker::CheckNonce<Runtime>,
     domain_check_weight::CheckWeight<Runtime>,
     pallet_transaction_payment::ChargeTransactionPayment<Runtime>,
+    CheckContractCreation,
 );
 
 /// Unchecked extrinsic type as expected by this runtime.
@@ -152,6 +155,95 @@ pub type Executive = domain_pallet_executive::Executive<
     AllPalletsWithSystem,
 >;
 
+/// Rejects contracts that can't be created under the current allow list.
+/// Returns false if the call is a contract call, and the account is *not* allowed to call it.
+/// Otherwise, returns true.
+pub fn is_create_contract_allowed(call: &RuntimeCall, signer: &AccountId) -> bool {
+    if is_create_contract(call)
+        && !pallet_evm_nonce_tracker::Pallet::<Runtime>::is_allowed_to_create_contracts(signer)
+    {
+        return false;
+    }
+
+    // If it's not a contract call, or the account is allowed to create contracts, return true.
+    true
+}
+
+/// Returns true if the call is a contract creation call.
+pub fn is_create_contract(call: &RuntimeCall) -> bool {
+    match call {
+        RuntimeCall::EVM(pallet_evm::Call::create { .. })
+        | RuntimeCall::EVM(pallet_evm::Call::create2 { .. }) => true,
+        RuntimeCall::Ethereum(pallet_ethereum::Call::transact {
+            transaction: EthereumTransaction::Legacy(transaction),
+            ..
+        }) => transaction.action == TransactionAction::Create,
+        RuntimeCall::Ethereum(pallet_ethereum::Call::transact {
+            transaction: EthereumTransaction::EIP2930(transaction),
+            ..
+        }) => transaction.action == TransactionAction::Create,
+        RuntimeCall::Ethereum(pallet_ethereum::Call::transact {
+            transaction: EthereumTransaction::EIP1559(transaction),
+            ..
+        }) => transaction.action == TransactionAction::Create,
+        // TODO: does this need a recursion limit?
+        RuntimeCall::Utility(utility_call) => match utility_call {
+            pallet_utility::Call::batch { calls }
+            | pallet_utility::Call::batch_all { calls }
+            | pallet_utility::Call::force_batch { calls } => calls.iter().any(is_create_contract),
+            pallet_utility::Call::as_derivative { call, .. }
+            | pallet_utility::Call::dispatch_as { call, .. }
+            | pallet_utility::Call::with_weight { call, .. } => is_create_contract(call),
+            pallet_utility::Call::__Ignore(..) => false,
+        },
+        _ => false,
+    }
+}
+
+/// Reject contract creation, unless the account is in the current evm contract allow list.
+#[derive(Debug, Encode, Decode, Clone, Eq, PartialEq, Default, TypeInfo)]
+pub struct CheckContractCreation;
+
+impl SignedExtension for CheckContractCreation {
+    const IDENTIFIER: &'static str = "CheckContractCreation";
+    type AccountId = <Runtime as frame_system::Config>::AccountId;
+    type Call = <Runtime as frame_system::Config>::RuntimeCall;
+    type AdditionalSigned = ();
+    type Pre = ();
+
+    fn additional_signed(&self) -> Result<Self::AdditionalSigned, TransactionValidityError> {
+        Ok(())
+    }
+
+    fn validate(
+        &self,
+        who: &Self::AccountId,
+        call: &Self::Call,
+        _info: &DispatchInfoOf<Self::Call>,
+        _len: usize,
+    ) -> TransactionValidity {
+        // Reject contract creation unless the account is in the allow list.
+        if !is_create_contract_allowed(call, who) {
+            InvalidTransaction::Call.into()
+        } else {
+            Ok(ValidTransaction::default())
+        }
+    }
+
+    fn pre_dispatch(
+        self,
+        who: &Self::AccountId,
+        call: &Self::Call,
+        info: &DispatchInfoOf<Self::Call>,
+        len: usize,
+    ) -> Result<Self::Pre, TransactionValidityError> {
+        self.validate(who, call, info, len)?;
+        Ok(())
+    }
+
+    // TODO: can unsigned calls create contracts?
+}
+
 impl fp_self_contained::SelfContainedCall for RuntimeCall {
     type SignedInfo = H160;
 
@@ -175,6 +267,11 @@ impl fp_self_contained::SelfContainedCall for RuntimeCall {
         dispatch_info: &DispatchInfoOf<RuntimeCall>,
         len: usize,
     ) -> Option<TransactionValidity> {
+        if !is_create_contract_allowed(self, &(*info).into()) {
+            // TODO: should this be Custom() instead?
+            return Some(Err(InvalidTransaction::Call.into()));
+        }
+
         match self {
             RuntimeCall::Ethereum(call) => {
                 // Ensure the caller can pay for the consensus chain storage fee
@@ -199,6 +296,11 @@ impl fp_self_contained::SelfContainedCall for RuntimeCall {
         dispatch_info: &DispatchInfoOf<RuntimeCall>,
         len: usize,
     ) -> Option<Result<(), TransactionValidityError>> {
+        if !is_create_contract_allowed(self, &(*info).into()) {
+            // TODO: should this be Custom() instead?
+            return Some(Err(InvalidTransaction::Call.into()));
+        }
+
         match self {
             RuntimeCall::Ethereum(call) => {
                 // Withdraw the consensus chain storage fee from the caller and record
@@ -946,7 +1048,7 @@ fn pre_dispatch_evm_transaction(
             {
                 let _ = transaction_validity?;
 
-                let Call::transact { transaction } = call;
+                let pallet_ethereum::Call::transact { transaction } = call;
                 domain_check_weight::CheckWeight::<Runtime>::do_pre_dispatch(dispatch_info, len)?;
 
                 let transaction_data: TransactionData = (&transaction).into();
@@ -1009,6 +1111,7 @@ fn check_transaction_and_do_pre_dispatch_inner(
                 pallet_evm_nonce_tracker::CheckNonce::from(extra.5 .0),
                 extra.6,
                 extra.7,
+                extra.8,
             );
 
             custom_extra
@@ -1526,7 +1629,7 @@ impl_runtime_apis! {
             xts: Vec<<Block as BlockT>::Extrinsic>,
         ) -> Vec<EthereumTransaction> {
             xts.into_iter().filter_map(|xt| match xt.0.function {
-                RuntimeCall::Ethereum(transact { transaction }) => Some(transaction),
+                RuntimeCall::Ethereum(pallet_ethereum::Call::transact {  transaction }) => Some(transaction),
                 _ => None
             }).collect::<Vec<EthereumTransaction>>()
         }
@@ -1560,7 +1663,7 @@ impl_runtime_apis! {
     impl fp_rpc::ConvertTransactionRuntimeApi<Block> for Runtime {
         fn convert_transaction(transaction: EthereumTransaction) -> <Block as BlockT>::Extrinsic {
             UncheckedExtrinsic::new_unsigned(
-                pallet_ethereum::Call::<Runtime>::transact { transaction }.into(),
+                pallet_ethereum::Call::transact { transaction }.into(),
             )
         }
     }