-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(nfts): add CollectionApprovals
and AccountBalance
storages, and general improvements
#387
base: main
Are you sure you want to change the base?
Conversation
…fts' into chungquantin/feat-nfts
Codecov ReportAttention: Patch coverage is
@@ Coverage Diff @@
## main #387 +/- ##
==========================================
+ Coverage 68.41% 71.39% +2.97%
==========================================
Files 70 72 +2
Lines 11838 13520 +1682
Branches 11838 13520 +1682
==========================================
+ Hits 8099 9652 +1553
- Misses 3482 3595 +113
- Partials 257 273 +16
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great progress but there are things that need more consideration. As for the comments that need discussion and decision making, please lead this effort. I would advise to tackle them one by one, separately, so that it is easiest for other team members to understand the problem. What is always hugely helpful is to research yourself and find all the possible solutions. Then provide the best solutions to the team to make a decision as effective as possible.
Besides my comments in the code you also have to reconsider the destroy process. Right now we are removing the AccountBalance
and Allowances
when destroying the collection. This should be done earlier in the burning process. One potential solution which you'd have to research more is burning is only possible when there is no allowance set for the item. As for the account balance, this should already be 0 as all the items should already be burned before destroying the collection. Note the changes you made for the curious implementation, if my suggestion is correct these have to be removed again.
Moreover, we might want to consider to change the destroy process like done in pallet assets. This needs discussion and decision making with the team as well.
Finally, I would really appreciate if we could separate this PR in three PRs:
- AccountBalance
- Allowances
- destroy
This will be much more effective. Another thing to look for; there are a lot of clippy warnings which has to be resolved.
Why do I think we should not go with the implementation of |
1a805f5
to
dc2c68f
Compare
dc2c68f
to
4b4cd22
Compare
Co-authored-by: chungquantin <56880684+chungquantin@users.noreply.github.com>
} | ||
|
||
#[test] | ||
fn various_collection_settings() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not changed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Amazing work! Very clean, and I can definitely see how this will be better for smart contract devs.
One thing I noted (likely already known), but this applies to both PSP-34 and ERC-721. So, upstreaming this change will be useful to us and to Plaza.
I have not reviewed tests or benchmarks yet.
I have left various comments for improvements. The biggest concerns are:
- Force granting approval rights seems wrong. See comment for more details
- If we are not allowing collection destruction until all approvals have been cleared, then an
Admin
account of the collection should be able to force clear as well.
.take(1) | ||
.next() | ||
.is_none(), | ||
Error::<T, I>::DelegateApprovalConflict |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Brain's a little fuzzy right now so will need to check back. But will leave this comment in case anyone has an answer.
check_origin is an Option (it may not exist). But what happens if maybe_check_origin == None
, BUT there is some approval over the entire collection allowing the transfer of this item.
My guess is that check_origin is always provided anyway, so it's likely a non-issue.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO, this should be not a case. If maybe_check_origin == None
(such as ForceOrigin
), we will allow transfer approvals to be removed anyway and bypass the check. This does not bring any vulnerabilities and only authorized account is allowed to take an action.
Co-authored-by: Frank Bell <frank@r0gue.io> Co-authored-by: Daan van der Plas <93204684+Daanvdplas@users.noreply.github.com>
@@ -658,8 +666,6 @@ pub mod pallet { | |||
NotDelegate, | |||
/// The delegate turned out to be different to what was expected. | |||
WrongDelegate, | |||
/// No approval exists that would allow the transfer. | |||
Unapproved, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
leaving a review comment for future reference. This error is unused in the original pallet and is leftover from pallet-uniques
. Hence, we are removing it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wonder if we need to hard code the codec indices for these error variants?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right now, I would say no. When we try to upstream this to P-SDK, the hardcoded indices likely won't be accepted.
4ca88c9
to
6ab88c1
Compare
6ab88c1
to
f83bdc5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving! Really great job with this.
Before merging, could you please just change the PR title to something like: "feat(nfts): add CollectionApprovals
and AccountBalance
storages, and general improvements"
Not a blocker, but if we are upstreaming to P-SDK, we could fix the outdated comment on the Admin
role and change the name of the misleading test: cancel_approval_works_with_admin
. Up to you if you make those changes though.
CollectionApprovals
and AccountBalance
storages, and general improvements
Edited: 09/12/2024
DESCRIPTION
This pull request introduces new storage items to the
pallet-nfts
to optimize the performance for the use case of the Pop API contract library implementation.DESIGN DECISION
New configuration parameters
CollectionApprovalDeposit
: The basic amount of funds that must be reserved for collection approvals.This is held for an additional storage item whose value size is
sizeof((Option<BlockNumber>, Balance))
bytes and whose key size issizeof((CollectionId, AccountId, AccountId))
bytes.CollectionApprovalDeposit
will be reserved from the owner on collection approval creation. The same amount of reservedCollectionApprovalDeposit
will be unreserved back to the owner on collection approval cancellation.New storage items and related changes
AccountBalance
: Keep track of the total number of collection items an account has. This storage item needs to be updated on collection item transferred (fn do_transfer()
), burnt (fn do_burn()
) and minted (fn do_mint()
).CollectionApprovals
: Keep track of the collection approval status for a delegated account.Changes made to dispatchable functions
Introducing new dispatchable functions and update the pallet call indices of most of functions:
approve_collection_transfer
: Approve collection items owned by the origin to be transferred by a delegated third-party account. This function reserves the required depositCollectionApprovalDeposit
from theorigin
account.force_approve_collection_transfer
: Force-approve collection items owned by the specifiedowner
to be transferred by a delegated third-party account. This function reserves the required depositCollectionApprovalDeposit
from theorigin
account.cancel_collection_approval
: Cancel one of the collection approvals.force_cancel_collection_approval
: Force-cancel one of the collection approvals granted by the specifiedowner
account. Returning the reserved funds to thedelegate
.clear_all_collection_approvals
: Cancel all the collection approvals. Returning the reserved funds to thedelegate
.force_clear_all_collection_approvals
: Force-cancel all the collection approvals granted by the specifiedowner
account. Returning the reserved funds to thedelegate
.check_collection_approval
Checks whether the
delegate
has the necessary allowance to transfer items in thecollection
that are owned by theaccount
.check_approval
Checks whether the
delegate
has the necessary allowance to transfer items within the collection or a specific item in the collection. If thedelegate
has an approval to transfer all items in the collection that are owned by theaccount
, they can transfer every item without requiring explicit approval for that item.Item = None
Item = Some
do_approve_collection_transfer
Store the new approval with deadline. Approving a
delegate
to transfer items owned by the signedorigin
in the collection will reserve some deposit amount (configured viaT::CollectionApprovalDeposit
) from theorigin
. With the reserved deposit, we don't need to worry about the unbounded storage map and the depositor is incentivised to remove the collection approval to unblock the collection from destruction.do_cancel_collection_approval
Cancels the transfer of items in the collection that owned by the origin to a delegate. This method will remove the collection approval granted to a delegate and unreserve the deposited fund to the delegate.
do_clear_all_collection_approvals
This function is used to clear
limit
collection approvals for the collection items ofowner
. After clearing all approvals, the deposit of each collection approval is returned to theowner
account and theApprovalsCancelled
event is emitted.Weight of this method is calculated by the provided
limit
.do_destroy_collection
To destroy a collection, all collection approvals must be removed first. Destroying a collection can only be called when there is no collection approval exists. If yes, requires the accounts that granted those collection approvals to remove all them first through new methods
clear_all_collection_approvals
orcancel_collection_approval
. These methods unreserve the deposited funds back to theorigin
on called.Introducing new error types
NoItemOwned
: Account owns zero item in the collection.DelegateApprovalConflict
: Collection approval and item approval conflicts.do_cancel_approval()
if there is an existing collection approval with key(collection, account, delegate)
.do_clear_all_transfer_approvals()
if there are collection approvals exist. All collection approvals must be removed first before the method can be called.CollectionApprovalsExist
: There are collection approvals exist.do_destroy_collection()
if there are collection approvals. All collection approvals must be removed first before the method can be called.