Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parser/interpreter access within rholang #49

Open
Bill-Kunj opened this issue Apr 21, 2022 · 2 comments
Open

Parser/interpreter access within rholang #49

Bill-Kunj opened this issue Apr 21, 2022 · 2 comments
Labels
enhancement New feature or request

Comments

@Bill-Kunj
Copy link

Introduction/Motivation/Abstract

Users need to be able to see the rholang code they are executing, even when the rholang contract has already been stored on-chain. In support of this, the rholang source code can be stored alongside the actual contract. This leaves a security hole, since the rholang source code can be maliciously different from the stored contract.
Access to the interpreter/parser would allow execution to validate the stored rholang code against the stored contract to resolve malicious activity.

Examples

I would like to be able to do something like

new interpreter(`rho:rholang:interpreter`), someBugger(`someBugger`), compare, theSame in {
  for (@bugger <- "new i in for () { i!(\"blah\") }") {
    interpreter!(bugger, *compare) |
    compare!(*someBugger, *theSame) |
    match theSame {
      true => { blah | blah | blah }
      false => { blah | blah | blah }
    }
  }
}

Where someBugger is a previously stored contract.
@Bill-Kunj Bill-Kunj added the enhancement New feature or request label Apr 21, 2022
@fabcotech
Copy link

Yes very cool feature ! A must-have feature that Ethereum has is the capability to verify the source code of a contract.

See the "contract" tab here with Contract Source Code Verified (Exact Match) https://etherscan.io/address/0xB8c77482e45F1F44dE1745F52C74426C631bDD52#code

Maybe in RChain it could ressemble a pattern match of the internal channels structures instead of a source code stored aside the contract (is that even possible in rholang ?).

@dckc
Copy link

dckc commented Apr 22, 2022
edited
Loading

By way of precedent, see E(zoe).install(bundle) ; and from a Zoe installation, one can get the source bundle back.

In fact, perhaps the ability to "pretty print" a quoted process to rholang is the necessary and sufficient feature?
Folks that want a parser can...

  1. deploy their code, using the parser there, but keep the resulting process in quoted form,
  2. call the pretty print method to get the source if they want it on chain

This produces a canonicalized version of the source, not the code as the developer wrote it, with comments and such. In Zoe, the comments and such are considered important, so we support it. (We support it also because JavaScript doesn't have another ubiquitous quoted form such as a a monte AST or rholang has with quoted processes.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dckc @fabcotech @Bill-Kunj