Generate manifest with static calls

[shargon]

Close #475

[superboyiii]

@shargon I'll test this later but I think it's better not be merged to RC1 since not much time left.

[erikzhang]

@superboyiii It should be added to RC1.

[superboyiii]

I've tested this. It works but I'm confused if it makes sense in this mechanism.

1. In previous, innative contracts are allowed to call all contracts as default. And if add 1 permission, it becomes only allowed this permission method to call.
2. In this PR, innative contracts are not allowed to be called by all contracts as default. That means if we'd like to call any more method of other SC, we have to upgrade our SC again and again. In most DAPP, modules are added step by step not at the same time. In this way, I think most developers will add [ContractPermission(*)] at the beginning and upgrade ContractPermission later. So is it useful we set forbidden all as the default?
   @shargon @erikzhang

[shargon]

We can add a compiler flag --allowAllCalls?

[erikzhang]

[ContractPermission("*")]

You need to manually add this line to declare the calling permissions of all contracts.

[erikzhang]

Tested?

[superboyiii]

Tested?

I will test it soon.

[superboyiii]

@shargon I set [ContractPermission("*", "*")] but ToDelegate() still return fault because of authorization. Does this mean if natvie management contract is allowed in permission as default, then all permissions must add manually? "*" seems doesn't work.

{
    "jsonrpc": "2.0",
    "id": 3,
    "result": {
        "script": "ABQMFI5SMl22gwrQirvz2CzRnQyvhFHfDBSabQINJN1EW/uACj2hZ5UvHKCtDwwUj0sLioGSzZgeFe060WuXVzteXjgUwB8MBXRlc3QyDBTX2B1RYQz8amWTYixFhXS9jndqD0FifVtS",
        "state": "FAULT",
        "gasconsumed": "3471120",
        "exception": "An unhandled exception was thrown. No authorization.",
        "stack": []
    }
}

[erikzhang]

[ContractPermission("*", "*")]

I think it's not [ContractPermission("*", "*")] but [ContractPermission("*")].

[superboyiii]

I think it's not [ContractPermission("*", "*")] but [ContractPermission("*")].

I've tried both, [ContractPermission("*", "*")] and [ContractPermission("*")] does no difference in either nef hash or manifest json result. And I saw my permission and native permission exist both, which should be the final result?

[erikzhang]

which should be the final result?

The first one.

But I think we should optimize for it. @shargon

[superboyiii]

Sorry, I turned witnessScopes from CalledByEntry to Global, everything works well.
So in current mechanism, default still is allowAll and whatever your permission is, contrtactmanagement can always be invoked in getContract, destroy, update.
@shargon @erikzhang

[erikzhang]

You still need the permissions. Otherwise it should fail.

[superboyiii]

You still need the permissions. Otherwise it should fail.

If one permission is manually added, then will be denyAll except contractmanagerment. But if you don't set any permission, it's the same effect as [ContractPermission("*", "*")].

[superboyiii]

Test PASS
It works well on mine.

[erikzhang]

@shargon Can you optimize the permission list?

[shargon]

Can you optimize the permission list?

Yes, I will

[superboyiii]

Can you optimize the permission list?

Yes, I will

If optimize it, we need do it quickly since I'll release CLI today and set up Testnet on 18th. It should be merged before Testnet.

[shargon]

@superboyiii please test it

[superboyiii]

@superboyiii please test it

It works on mine.
with ["*"]

without ["*"]

They all work as expected.

[superboyiii]

@erikzhang Need your review.

[erikzhang]

@shargon Please use the PermissionBuilder added in da3b922.

[shargon]

@superboyiii please test it

[superboyiii]

@shargon Double []?

ContractPermission FromJson() will fail here.

[superboyiii]

Test PASS
Works well on mine. But need fix the UT. @shargon

[erikzhang]

Please fix the UT.

[superboyiii]

@shargon I just push a PR on your repo to fix this, could you review it? neo-project/neo-modules#564

[shargon]

@superboyiii merged!

[superboyiii]

@erikzhang Merge?

[erikzhang]

It's better to test it again before merging.

[superboyiii]

It's better to test it again before merging.

Give me half an hour.

[superboyiii]

It's better to test it again before merging.

Test PASS
Works well on mine.