414 Commits

Author SHA1 Message Date
Patryk Osmaczko
367b7722d1 feat: introduce channel-level encryption
- distribute ratchet keys at both community and channel levels
- use explicit `HashRatchetGroupID` in ecryption layer, instead of
  inheriting `groupID` from `CommunityID`
- populate `HashRatchetGroupID` with `CommunityID+ChannelID` for
  channels, and `CommunityID` for whole community
- hydrate channels with members; channel members are now subset of
  community members
- include channel permissions in periodic permissions check

closes: status-im/status-desktop#10998
2023-07-27 11:35:59 +02:00
Patryk Osmaczko
30da8390bd feat: introduce CommunitiesKeyDistributor
This component decouples key distribution from the Messenger, enhancing
code maintainability, extensibility and testability.
It also alleviates the need to impact all methods potentially affecting
encryption keys.
Moreover, it allows key distribution inspection for integration tests.

part of: status-im/status-desktop#10998
2023-07-27 11:35:59 +02:00
Mykhailo Prakhov
f89eee9f40
feat: register new community member role ROLE_TOKEN_MASTER and grant him admin permissions (#3810)
feat: register new member type TokenMaster and grant him admin permissions
2023-07-26 18:01:19 +02:00
Pascal Precht
3d1b1bab57 feat: introduce messenger API to remove community tokens
This is to allow users to remove a community token if the deployment
transaction has been rejected.
2023-07-26 15:57:08 +02:00
Pascal Precht
e8bac916ec !refactor: introduce SaveCommunityToken() and change AddCommunityToken()
**This is a breaking change!**

Prior to this commit we had `AddCommunityToken(token *communities,
croppedImage CroppedImage)` that we used to

1. add a `CommunityToken` to the user's database and
2. to create a `CommunityTokenMetadata` from it which is then added to
   the community's `CommunityDescription` and published to its members

However, I've then discovered that we need to separate these two things,
such that we can deploy a community token, then add it to the database
only for tracking purposes, **then** add it to the community description
(and propagate to members) once we know that the deploy tx indeed went
through.

To implement this, this commit introduces a new API
`SaveCommunityToken(token *communities.CommunityToken, croppedImage
CroppedImage)` which adds the token to the database only and doesn't
touch the community description.

The `AddCommunityToken` API is then changed that it's exclusively used
for adding an already saved `CommunityToken` to the community
description so it can be published to members. Hence, the signature is
now `AddCommunityToken(communityID string, chainID int, address
string)`, which makes this a breaking change.

Clients that used `AddCommunityToken()` before now need to ensure that
they first call `SaveCommunityToken()` as `AddCommunityToken()` will
fail otherwise.
2023-07-26 14:45:02 +02:00
Mykhailo Prakhov
c77878bbfb
chore: make the owner without the community private key behave like a… (#3788)
* chore: make the owner without the community private key behave like an admin
* Add test for the owner without community key
* chore: refactor Community fn names related to the roles
2023-07-26 14:16:50 +02:00
Samuel Hawksby-Robinson
d60beb2283 refactor to remove rekeyedAt and use group current key 2023-07-24 17:18:42 +01:00
Samuel Hawksby-Robinson
2536d9c8ba Implemented testing to check rekeying is happening 2023-07-24 17:18:42 +01:00
Samuel Hawksby-Robinson
1e09a4bc37 Fix for community / messenger state changes 2023-07-24 17:18:42 +01:00
Samuel Hawksby-Robinson
a06984aeec Ensured time was a value and implemented explicit RekeyCommunity() 2023-07-24 17:18:42 +01:00
Samuel Hawksby-Robinson
03e28eea0d Implement correct getter and setter functionality for Communities 2023-07-24 17:18:42 +01:00
Samuel Hawksby-Robinson
243135d744 Rekey loop basics 2023-07-24 17:18:42 +01:00
Patryk Osmaczko
f1db6d1615 fix: remove redundancy in permissions check when handling request to join
- Fixed redundant permissions check. If community is set to auto-accept,
  then permissions would be checked twice, in
`HandleCommunityRequestToJoin` and `AcceptRequestToJoinCommunity`.
Mitigated it by returning from `HandleCommunityRequestToJoin` immediately
in case of auto-accept.

- Extracted `accountsSatisfyPermissionsToJoin` to remove code
  duplication and simplify the logic.
2023-07-21 20:41:34 +02:00
Mikhail Rogachev
631962ce88
feat: add api to remove private key (#3772)
* feat: add api to remove private key and separete owner from private key ownership

For https://github.com/status-im/status-desktop/issues/11475

* feat: introduce IsControlNode for Community

* feat: remove community private key from syncing

* feat: add IsControlNode flag to Community json serialisation

* Update protocol/protobuf/pairing.proto

Co-authored-by: Jonathan Rainville <rainville.jonathan@gmail.com>

---------

Co-authored-by: Jonathan Rainville <rainville.jonathan@gmail.com>
2023-07-21 13:41:26 +04:00
Mykhailo Prakhov
ac64e33362
chore: validate CommunityDescription signature before sending/during receiving CommunityEventsMessage (#3784)
* chore: validate CommunityDescription in CommunityEventMessage

* Update protocol/communities/community_event.go
2023-07-21 11:38:34 +02:00
Patryk Osmaczko
d9df8b6150 feat: add CommunityEncryptionKeyActions and its evaluation logic
Added utility that evaluates necessary encryption key actions based on
community changes.

part of: status-im/status-desktop#10998
2023-07-20 17:17:46 +02:00
Jonathan Rainville
12dc86fe1b
fix(persistence): fix get revealed accounts when isAirdropAddress is nil (#3780) 2023-07-19 15:23:00 -04:00
John Ngei
cf2d72bfa8
Mute and Unmute community
* mute and unmute all community chats when community mute status changes

* unmute community when atleast one channel is unmuted

* fix: save community, extend the function to save muted state and mute duration
2023-07-19 15:14:42 +03:00
Dario Gabriel Lipicar
1f379aec1f feat: implemented multi chain collectible ownership provider 2023-07-19 07:58:05 -03:00
Mykhailo Prakhov
0919a87588
chore: community admin events (#3678)
chore: 
- add CommunityEventsMessage
- refactor community_admin_event to accept a list of events and patch a CommunityDescription
- save/read community events into/from database
- publish and handle community events message
- fixed admin category tests
- rename AdminEvent to Events or CommunityEvents
2023-07-18 17:06:12 +02:00
Patryk Osmaczko
caca511aed refactor: extract community_changes 2023-07-17 12:48:47 +02:00
Jonathan Rainville
9674bc463f
feat(communities): add airdropAddress param to SharedAccounts (#3756)
Adds airdropAddress to the request to join params and a is_airdrop_address flag in the communities_requests_to_join_revealed_addresses table. 

This airdropAddress is used by the owner to know which address to use when airdropping
2023-07-14 13:33:47 -04:00
Jonathan Rainville
11a3f495bd
fix: only save/send request to join when the permissions are satisfied (#3748) 2023-07-14 13:06:37 -04:00
Andrea Maria Piana
3f5f87d1d1 Don't panic if config is nil in community
I have encountered a crash in the app after syncing, looks like a
community has been created without a Config.
This crashes the app after the user logs in.
This commit prevents the app from crashing, but does not fix the
underlaying issue (that's something I will have to investigate).
Added tests to validate the behavior.

Check community exists
2023-07-14 08:23:38 +01:00
Michal Iskierko
ff0628c23b feat(Collectibles): Handle ERC20 burn and mint
Modify API to handle also ERC20 tokens.
Modify community_tokens table - keep supply as string since string is easly convertible to bigint.BigInt.
Use bigint.BigInt for supply functions and fields.

Issue #11129
2023-07-12 10:41:17 +02:00
Jonathan Rainville
2c275058ad
feat(community): add api to edit shared address (#3723) 2023-07-10 10:11:37 -04:00
Pascal Precht
4305147f7a feat: add cropping support for community token assets
This commit extends the `AddCommunityToken` API to also expect an
optional `CroppedImage`, which will be used instead of the `ImageBase64`
path provided by `CommunityToken`, to calculate the actual base64
encoded image.
2023-07-05 11:46:23 +02:00
Mikhail Rogachev
511d6bfc54
feat: add parsing for new links format (#3665)
* feat(share-links): Add protobuf and encode/decode url data methods

* feat(new-links-format): Adds generators for new links format

* feat: add parsing for new links format

* feat: add messenger-level pubkey serialization and tests

* feat: fix and test CreateCommunityURLWithChatKey

* feat: impl and test parseCommunityURLWithChatKey

* feat: fix and test CreateCommunityURLWithData

* feat:  impl and test parseCommunityURLWithData (not working)

* feat: UrlDataResponse as response share urls api

* feat: impl& tested ShareCommunityChannelURLWithChatKey

* feat: impl & tested ParseCommunityChannelURLWithChatKey

* fix: bring urls to new format

* feat: add regexp for community channel urls

* feat: impl & test contact urls with chatKey, Ens and data

* fix: encodeDataURL/encodeDataURL patch from Samyoul

* fix: fix unmarshalling protobufs

* fix: fix minor issues, temporary comment TestParseUserURLWithENS

* fix: allow url to contain extra `#` in the signature

* fix: check signatures with SigToPub

* chore: lint fixes

* fix: encode the signature

* feat: Check provided channelID is Uuid

* fix(share-community-url): Remove if community encrypted scope

* fix: review fixes

* fix: use proto.Unmarshal instead of json.Marshal

* feat(share-urls): Adds TagsIndices to community data

* feat: support tag indices to community url data

---------

Co-authored-by: Boris Melnik <borismelnik@status.im>
2023-07-04 17:48:52 +04:00
Pascal Precht
8184ae62ed fix: mark community as no longer spectated when joined
Fixes https://github.com/status-im/status-desktop/issues/11334
2023-07-04 15:35:37 +02:00
Michal Iskierko
6ec50d52aa feat(AssetsDeployment): Assets deployment
- Add ERC20 contract
- Add decimals field to community_tokens db table
- Adjusting API to handle assets deployment
- Add decimals field to CommunityTokenMetadata

Issue #10987
2023-06-29 16:10:05 +02:00
Andrea Maria Piana
db56132d01 Avoid publishing on a channel if manager stopped 2023-06-29 13:04:49 +01:00
Patryk Osmaczko
c53723705c chore: add TestBecomeMemberPermissions integration test 2023-06-29 10:02:09 +02:00
Pascal Precht
db65d42912 fix: default to attaching all support chainIDs in membership requests
There's only one scenario in which a `RevealedAccount` will have an
empty `ChainIDs` list attached to it:

When the community in question requires users to satisfy certain
criteria to join, and the user's wallet does not own the necessary funds
on any of the supported chains.

If there are **no** permissions to join on the community, then we want
to reveal all (selected) accounts with all supported chainIDs.

This is necessary so that, once the community *does* become
permissioned, it'll have address + chain information from all joined
members.

Closes: https://github.com/status-im/status-desktop/issues/11255
2023-06-29 08:46:02 +02:00
Pascal Precht
b8b402da8d feat: store check channel permission responses
This commit adds new tables to the database and APIs in `Messenger` and
communities `Manager` to store `CheckChannelPermissionsResponse`s.

The responses are stored whenever channel permissions have been checked.

The reason we're doing this is so that clients can retrieve the last
known channel permission state before waiting for onchain checks to
finish.
2023-06-27 12:13:59 +02:00
Pascal Precht
a8678575a7 fix: admins are not allowed to kick or ban other admins 2023-06-27 09:14:26 +02:00
Andrea Maria Piana
6e19098dee Run tests separately, make sure messenger is shutdown, fix torrent test 2023-06-23 11:30:04 +01:00
Boris Melnik
3e7d1a5f34
fix(migration): Fixes mute_till migration (#3653) 2023-06-22 18:49:58 +03:00
Mikhail Rogachev
2fb87b5f0d
Chore: improve mocking for community tests (#3637)
* chore: different wallet addresses for different users in community tests

* chore: fix naming for account.Manager interface
2023-06-21 16:13:31 +04:00
Pascal Precht
bf64f97d5a feat: introduce CheckAllCommunityChannelsPermissions() API
This API is used to get a permission status of all channels of a given
community.

Clients can use this API to get the provided information for all
community channels with a single RPC call instead of doing one call
for each channel separately.
2023-06-20 10:06:44 +02:00
Pascal Precht
7938297606 feat: introduce CheckChannelPermissions API
Similar to `CheckPermissionToJoin()` we now get
a `CheckChannelPermissions()` API.

It will rely on the same `PermissionResponse` types, but gives
information about both `ViewOnlyPermissions` and
`ViewAndPostPermissions`.
2023-06-20 09:42:10 +02:00
Pascal Precht
f702b54d08 fix: don't check permissions if revealed accounts aren't legit
This seems to be a bug that was introduced when two features, admin
permissions and "always reveal wallet accounts" where merged.

We need to make sure we **first** check the revealed accounts and only
**then** do we perform permission checks on them. Otherwise we can run
into scenarios where fake addresses are used and users will be accepted
to the community.
2023-06-19 15:27:10 +02:00
Pascal Precht
a36202ff30 fix: don't return with error in permissions check when no chain IDs are
found

Turns out that, when we return with an error, instead of
a non-statisfied check permissions response, we can run into cases where
members that should be kicked are not kicked.
2023-06-19 15:26:42 +02:00
Boris Melnik
1eb92a19a2
feat(communities): Adds muting interval to community (#3549) 2023-06-17 11:19:05 +03:00
Mikhail Rogachev
51e3d800bb
fix: save revealed accounts regardless of permissions granted (#3609) 2023-06-16 11:10:32 +04:00
Michal Iskierko
ccde92377d feat(BurnCollectibles): Add burn collectibles functionality
Change smart contract with new API.
Update gas amount for deployment.
Add Burn() and EstimateBurn() functions.
Add RemainingSupply() functions.

Issue #10816
2023-06-15 15:38:19 +02:00
Mykhailo Prakhov
e058b50a2e
feat: community admin permission functionality (#3569)
* feat: community admin implementation

* fix: code review fixes

* chore: request admin permissions in CheckPermissionToJoin, unit test fix
2023-06-14 10:15:46 -04:00
Pascal Precht
1a2ca21070 Add chainIds to revealed accounts in memberhsip requests
This commit does a few things:

- Adds a migration that adds chainids to communities_request_to_join_revealed_addresses
- Removes RevealedAddress in favor of RevealedAccount which is now a struct that contains the revealed address, as well as the signature and a list of chain IDs on which to check for user funds
- Changes the logic of sending requests to join a community, such that after creating address signatures, the user node will also check which of the addresses has funds on which networks for the community's token permissions, and add the chainds to the RevealedAccount
- Updates checkPermissionToJoin() such that only relevant chainids are used when checking user's funds. Chain IDs are retrieved from RevealedAccounts and matched against token permission criteria chain IDs
2023-06-12 10:49:29 +02:00
Alex Jbanca
e8c4b7647f
chore(upgradeSQLCipher): Upgrading SQLCipher to version 5.4.5 (#3559)
* chore(upgradeSQLCipher): Upgrading SQLCipher to version 5.4.5

Changes:
### github.com/mutecomm/go-sqlcipher
1. The improved crypto argorighms from go-sqlcipher v3 are merged in v4
	Tags:
	v4.4.2-status.1 - merge `burn_stack` improvement
	v4.4.2-status.2 - merge `SHA1` improvement
	v4.4.2-status.4- merge 'AES' improvement
2. Fixed `go-sqlcipher` to support v3 database in compatibility mode (`sqlcipher` already supports this) (Tag: v4.4.2-status.3)
3. Upgrade `sqlcipher` to v5.4.5 (Tag: v4.5.4-status.1)

### github.com/status-im/migrate/v4
1. Upgrade `go-sqlcipher` version in `github.com/status-im/migrate/v4`

### status-go
1. Upgrade `go-sqlcipher` and `migrate` modules in status-go
2. Configure the DB connections to open the DB in v3 compatibility mode

* chore(upgradeSQLCipher): Use sqlcipher v3 configuration to encrypt a plain text database

* chore(upgradeSQLCipher): Scanning NULL BLOB value should return nil

Fixing failing tests: TestSyncDeviceSuite/TestPairingSyncDeviceClientAsReceiver;  TestSyncDeviceSuite/TestPairingSyncDeviceClientAsSender

Considering the following configuration:
1. Table with BLOB column has 1 NULL value
2. Query the value
3. Rows.Scan(&dest sql.NullString)

Expected: dest.Valid == false; dest.String == nil
Actual: dest.Valid == true; dest.String == ""

* chore: Bump go-sqlcipher version to include NULL BLOB fix
2023-06-07 08:58:01 +03:00
Patryk Osmaczko
15d2b4fe80 feat: add configurable throttling mechanism for importing msgs
part of: status-im/status-desktop#10815
2023-06-06 08:49:02 +02:00
Pascal Precht
ffc1006953 Add permission checks for ENS token permissions
Also add tests for creating and editing token permissions
as well as a test for checking ENS ownership.
2023-06-05 13:10:48 +02:00