diff --git a/aptos-move/aptos-vm/src/aptos_vm.rs b/aptos-move/aptos-vm/src/aptos_vm.rs index 4477623c4456b..e9ea5342b2407 100644 --- a/aptos-move/aptos-vm/src/aptos_vm.rs +++ b/aptos-move/aptos-vm/src/aptos_vm.rs @@ -18,7 +18,7 @@ use crate::{ system_module_names::*, transaction_metadata::TransactionMetadata, transaction_validation, verifier, - verifier::randomness::is_entry_function_unbiasable, + verifier::randomness::has_randomness_attribute, VMExecutor, VMValidator, }; use anyhow::anyhow; @@ -746,8 +746,7 @@ impl AptosVM { entry_fn.ty_args(), )?; - // TODO(George): change the order once performance is confirmed. - if is_entry_function_unbiasable(resolver, session, entry_fn)? && is_friend_or_private { + if is_friend_or_private && has_randomness_attribute(resolver, session, entry_fn)? { let txn_context = session .get_native_extensions() .get_mut::(); diff --git a/aptos-move/aptos-vm/src/verifier/randomness.rs b/aptos-move/aptos-vm/src/verifier/randomness.rs index d838a859081e6..7efb11bb4f114 100644 --- a/aptos-move/aptos-vm/src/verifier/randomness.rs +++ b/aptos-move/aptos-vm/src/verifier/randomness.rs @@ -5,8 +5,8 @@ use crate::move_vm_ext::{AptosMoveResolver, SessionExt}; use aptos_types::transaction::EntryFunction; use move_binary_format::errors::VMResult; -/// Returns true if function has an annotation that it is unbiasable. -pub(crate) fn is_entry_function_unbiasable( +/// Returns true if function has an attribute that it uses randomness. +pub(crate) fn has_randomness_attribute( resolver: &impl AptosMoveResolver, session: &mut SessionExt, entry_fn: &EntryFunction, @@ -19,7 +19,7 @@ pub(crate) fn is_entry_function_unbiasable( Ok(metadata .fun_attributes .get(entry_fn.function().as_str()) - .map(|attrs| attrs.iter().any(|attr| attr.is_unbiasable())) + .map(|attrs| attrs.iter().any(|attr| attr.is_randomness())) .unwrap_or(false)) } else { Ok(false) diff --git a/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_non_entry/sources/invalid.move b/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_non_entry/sources/invalid.move index c549928ad1155..79aed20fd29af 100644 --- a/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_non_entry/sources/invalid.move +++ b/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_non_entry/sources/invalid.move @@ -1,5 +1,5 @@ module 0x1::invalid { - #[unbiasable] + #[randomness] public entry fun foo() { // Do nothing. } diff --git a/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_public_entry/sources/invalid.move b/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_public_entry/sources/invalid.move index fdcc2081f5151..4ebacdc780254 100644 --- a/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_public_entry/sources/invalid.move +++ b/aptos-move/e2e-move-tests/src/tests/randomness.data/invalid_pack_public_entry/sources/invalid.move @@ -1,5 +1,5 @@ module 0x1::invalid { - #[unbiasable] + #[randomness] public fun foo() { // Do nothing. } diff --git a/aptos-move/e2e-move-tests/src/tests/randomness.data/pack/sources/test.move b/aptos-move/e2e-move-tests/src/tests/randomness.data/pack/sources/test.move index 7d8595e04609d..fcca05f37e222 100644 --- a/aptos-move/e2e-move-tests/src/tests/randomness.data/pack/sources/test.move +++ b/aptos-move/e2e-move-tests/src/tests/randomness.data/pack/sources/test.move @@ -5,12 +5,12 @@ module 0x1::test { // Do nothing. } - #[unbiasable] + #[randomness] entry fun ok_if_annotated_and_not_using_randomness() { // Do nothing. } - #[unbiasable] + #[randomness] entry fun ok_if_annotated_and_using_randomness() { let _ = randomness::u64_integer(); } diff --git a/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public.data/pack/sources/some_randapp.move b/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public.data/pack/sources/some_randapp.move index 2629c1fbd38f1..fc1be127ef869 100644 --- a/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public.data/pack/sources/some_randapp.move +++ b/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public.data/pack/sources/some_randapp.move @@ -1,7 +1,7 @@ module 0x1::some_randapp { use aptos_framework::randomness; - #[unbiasable] + #[randomness] entry fun safe_private_entry_call() { let _ = randomness::u64_integer(); } @@ -10,7 +10,7 @@ module 0x1::some_randapp { let _ = randomness::u64_integer(); } - #[unbiasable] + #[randomness] public(friend) entry fun safe_friend_entry_call() { let _ = randomness::u64_integer(); } diff --git a/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public_entry.data/pack/sources/some_randapp.move b/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public_entry.data/pack/sources/some_randapp.move index 2629c1fbd38f1..fc1be127ef869 100644 --- a/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public_entry.data/pack/sources/some_randapp.move +++ b/aptos-move/e2e-move-tests/src/tests/randomness_unsafe_public_entry.data/pack/sources/some_randapp.move @@ -1,7 +1,7 @@ module 0x1::some_randapp { use aptos_framework::randomness; - #[unbiasable] + #[randomness] entry fun safe_private_entry_call() { let _ = randomness::u64_integer(); } @@ -10,7 +10,7 @@ module 0x1::some_randapp { let _ = randomness::u64_integer(); } - #[unbiasable] + #[randomness] public(friend) entry fun safe_friend_entry_call() { let _ = randomness::u64_integer(); } diff --git a/aptos-move/framework/aptos-framework/doc/randomness.md b/aptos-move/framework/aptos-framework/doc/randomness.md index 652af756d8640..057c243eaf098 100644 --- a/aptos-move/framework/aptos-framework/doc/randomness.md +++ b/aptos-move/framework/aptos-framework/doc/randomness.md @@ -191,7 +191,7 @@ Event emitted every time a public randomness API in this module is called. Randomness APIs calls must originate from a private entry function with -#[unbiasable] annotation. Otherwise, test-and-abort attacks are possible. +#[randomness] annotation. Otherwise, test-and-abort attacks are possible.
const E_API_USE_SUSCEPTIBLE_TO_TEST_AND_ABORT: u64 = 1;
@@ -973,7 +973,7 @@ Aborts with randomness] annotation.
 
 
 
fun is_unbiasable(): bool
diff --git a/aptos-move/framework/aptos-framework/sources/randomness.move b/aptos-move/framework/aptos-framework/sources/randomness.move
index ea2031be1004a..8873ce72dfb91 100644
--- a/aptos-move/framework/aptos-framework/sources/randomness.move
+++ b/aptos-move/framework/aptos-framework/sources/randomness.move
@@ -23,7 +23,7 @@ module aptos_framework::randomness {
     const DST: vector = b"APTOS_RANDOMNESS";
 
     /// Randomness APIs calls must originate from a private entry function with
-    /// `#[unbiasable]` annotation. Otherwise, test-and-abort attacks are possible.
+    /// `#[randomness]` annotation. Otherwise, test-and-abort attacks are possible.
     const E_API_USE_SUSCEPTIBLE_TO_TEST_AND_ABORT: u64 = 1;
 
     const MAX_U256: u256 = 115792089237316195423570985008687907853269984665640564039457584007913129639935;
@@ -384,7 +384,7 @@ module aptos_framework::randomness {
     /// Called in each randomness generation function to ensure certain safety invariants, namely:
     ///  1. The transaction that led to the call of this function had a private (or friend) entry
     ///     function as its payload.
-    ///  2. The entry function had `#[unbiasable]` annotation.
+    ///  2. The entry function had `#[randomness]` annotation.
     native fun is_unbiasable(): bool;
 
     #[test]
diff --git a/aptos-move/framework/src/extended_checks.rs b/aptos-move/framework/src/extended_checks.rs
index 795ec0344f0f7..01472f20c795b 100644
--- a/aptos-move/framework/src/extended_checks.rs
+++ b/aptos-move/framework/src/extended_checks.rs
@@ -37,11 +37,11 @@ const INIT_MODULE_FUN: &str = "init_module";
 const LEGACY_ENTRY_FUN_ATTRIBUTE: &str = "legacy_entry_fun";
 const ERROR_PREFIX: &str = "E";
 const EVENT_STRUCT_ATTRIBUTE: &str = "event";
+const RANDOMNESS_ATTRIBUTE: &str = "randomness";
 const RESOURCE_GROUP: &str = "resource_group";
 const RESOURCE_GROUP_MEMBER: &str = "resource_group_member";
 const RESOURCE_GROUP_NAME: &str = "group";
 const RESOURCE_GROUP_SCOPE: &str = "scope";
-const UNBIASABLE_ATTRIBUTE: &str = "unbiasable";
 const VIEW_FUN_ATTRIBUTE: &str = "view";
 
 // top-level attribute names, only.
@@ -52,7 +52,7 @@ pub fn get_all_attribute_names() -> &'static BTreeSet {
         RESOURCE_GROUP_MEMBER,
         VIEW_FUN_ATTRIBUTE,
         EVENT_STRUCT_ATTRIBUTE,
-        UNBIASABLE_ATTRIBUTE,
+        RANDOMNESS_ATTRIBUTE,
     ];
 
     fn extended_attribute_names() -> BTreeSet {
@@ -460,18 +460,18 @@ impl<'a> ExtendedChecker<'a> {
 impl<'a> ExtendedChecker<'a> {
     fn check_and_record_unbiasabale_entry_functions(&mut self, module: &ModuleEnv) {
         for ref fun in module.get_functions() {
-            if !self.has_attribute(fun, UNBIASABLE_ATTRIBUTE) {
+            if !self.has_attribute(fun, RANDOMNESS_ATTRIBUTE) {
                 continue;
             }
 
             if !fun.is_entry() || fun.visibility().is_public() {
                 self.env.error(
                     &fun.get_id_loc(),
-                    "only private or public(friend) entry functions can have #[unbiasable] attribute",
+                    "only private or public(friend) entry functions can have #[randomness] attribute",
                 )
             }
 
-            // Record functions which are unbiasable.
+            // Record functions which use randomness.
             let module_id = self.get_runtime_module_id(module);
             self.output
                 .entry(module_id)
@@ -479,7 +479,7 @@ impl<'a> ExtendedChecker<'a> {
                 .fun_attributes
                 .entry(fun.get_simple_name_string().to_string())
                 .or_default()
-                .push(KnownAttribute::unbiasable());
+                .push(KnownAttribute::randomness());
         }
     }
 }
diff --git a/aptos-move/framework/src/module_metadata.rs b/aptos-move/framework/src/module_metadata.rs
index 06294551e5187..64033a114e19c 100644
--- a/aptos-move/framework/src/module_metadata.rs
+++ b/aptos-move/framework/src/module_metadata.rs
@@ -84,7 +84,7 @@ pub enum KnownAttributeKind {
     ResourceGroup = 2,
     ResourceGroupMember = 3,
     Event = 4,
-    Unbiasable = 5,
+    Randomness = 5,
 }
 
 impl KnownAttribute {
@@ -149,15 +149,15 @@ impl KnownAttribute {
         self.kind == KnownAttributeKind::Event as u8
     }
 
-    pub fn unbiasable() -> Self {
+    pub fn randomness() -> Self {
         Self {
-            kind: KnownAttributeKind::Unbiasable as u8,
+            kind: KnownAttributeKind::Randomness as u8,
             args: vec![],
         }
     }
 
-    pub fn is_unbiasable(&self) -> bool {
-        self.kind == KnownAttributeKind::Unbiasable as u8
+    pub fn is_randomness(&self) -> bool {
+        self.kind == KnownAttributeKind::Randomness as u8
     }
 }
 
@@ -359,7 +359,7 @@ pub fn is_valid_unbiasable_function(
 
     Err(AttributeValidationError {
         key: fun.to_string(),
-        attribute: KnownAttributeKind::Unbiasable as u8,
+        attribute: KnownAttributeKind::Randomness as u8,
     })
 }
 
@@ -448,7 +448,7 @@ pub fn verify_module_metadata(
         for attr in attrs {
             if attr.is_view_function() {
                 is_valid_view_function(&functions, fun)?;
-            } else if attr.is_unbiasable() {
+            } else if attr.is_randomness() {
                 is_valid_unbiasable_function(&functions, fun)?;
             } else {
                 return Err(AttributeValidationError {
diff --git a/aptos-move/framework/src/natives/randomness.rs b/aptos-move/framework/src/natives/randomness.rs
index f18a5ee1b4c3b..8d4b524c5a8f5 100644
--- a/aptos-move/framework/src/natives/randomness.rs
+++ b/aptos-move/framework/src/natives/randomness.rs
@@ -17,7 +17,7 @@ pub struct RandomnessContext {
     // blob is requested.
     txn_local_state: Vec,
     // True if the current transaction's payload was a public(friend) or
-    // private entry function, which also had `#[unbiasable]` annotation.
+    // private entry function, which also has `#[randomness]` annotation.
     unbiasable: bool,
 }