I have a simple contract using Serum Anchor (on Solana) that transfers tokens from one party to another. It is currently failing with:
Error: failed to send transaction: Transaction simulation failed: Error processing Instruction 0: Cross-program invocation with unauthorized signer or writable account
Full code from snippets below at: https://gist.github.com/h4rkl/700400f515ab0736fd6d9318d44b2dca
I'm setting up 4 accounts for the transaction:
let mint = null; // key for token mint
let god = null; // main program account to pay from and sign
let creatorAcc = anchor.web3.Keypair.generate(); // account to pay to
let creatorTokenAcc = null; // token account for payment
I'm setting them up as follows:
const [_mint, _god] = await serumCmn.createMintAndVault(
program.provider,
new anchor.BN(MINT_TOKENS),
undefined,
MINT_DECIMALS
);
mint = _mint;
god = _god;
creatorTokenAcc =await serumCmn.createTokenAccount(
program.provider,
mint,
creatorAcc.publicKey
);
And then I make the payment with the following method:
const INTERACTION_FEE = 200000000000000;
await program.rpc.interaction(new anchor.BN(INTERACTION_FEE), {
accounts: {
from: god,
to: creatorTokenAcc,
owner: program.provider.wallet.publicKey,
tokenProgram: TOKEN_PROGRAM_ID,
},
});
In the contract that the method is triggering my interaction process is as follows:
pub fn interaction(ctx: Context<Interaction>, interaction_fee: u64) -> ProgramResult {
let cpi_accounts = Transfer {
from: ctx.accounts.from.to_account_info().clone(),
to: ctx.accounts.to.to_account_info().clone(),
authority: ctx.accounts.owner.clone(),
};
let cpi_program = ctx.accounts.token_program.clone();
let cpi_ctx = CpiContext::new(cpi_program, cpi_accounts);
token::transfer(cpi_ctx, interaction_fee)?;
Ok(())
}
I have setup the Interaction pub struct with the following params:
#[derive(Accounts)]
pub struct Interaction<'info> {
#[account(mut, has_one = owner)]
from: CpiAccount<'info, TokenAccount>,
#[account("from.mint == to.mint")]
to: CpiAccount<'info, TokenAccount>,
#[account(signer)]
owner: AccountInfo<'info>,
token_program: AccountInfo<'info>,
}
As far as I can tell the params are correct, and the god account owns the wallet as the payer and is the signer. Why is this failing, and what am I missing? I'm completely out of ideas.
Answered here by the legendary Armani Ferrante:
Your to account isn't marked mutable.
Related
I have a Java application using the Microsoft Graph SDK to read from Azure AD. I am supposed to translate that application to Rust. In Java, i use code similar to this:
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.identity.TokenCachePersistenceOptions;
import com.microsoft.graph.authentication.TokenCredentialAuthProvider;
import com.microsoft.graph.requests.GraphServiceClient;
import java.util.List;
public class GraphSdkClient {
public static void testApplicationClient() {
TokenCachePersistenceOptions options = new TokenCachePersistenceOptions()
.setName("ILM-Demo")
.setUnencryptedStorageAllowed(false);
ClientSecretCredentialBuilder builder = new ClientSecretCredentialBuilder()
.clientId("<MyClientId>")
.tenantId("<MyTenantId>")
.clientSecret("<MyClientSecret>")
.tokenCachePersistenceOptions(options);
TokenCredentialAuthProvider provider = new TokenCredentialAuthProvider(
List.of("Calendars.Read", "Calendars.ReadBasic.All"),
builder.build()
);
GraphServiceClient<?> client = GraphServiceClient
.builder()
.authenticationProvider(provider)
.buildClient();
client.me().calendar().calendarView().buildRequest().get();
}
}
It authenticates as an application, using only the client secret. The permission was given half a year ago and as long as the three values from the ClientSecretCredentialBuilder are correct, it works perfectly fine. Now i tried using a similar conecpt in Rust, taken from the graph-rs-sdk crate:
#[cfg(test)]
mod test {
use graph_rs_sdk::oauth::OAuth;
use warp::Filter;
use crate::{CLIENT_ID, CLIENT_SECRET, TENANT_ID};
use serde::{Deserialize, Serialize};
#[derive(Default, Debug, Clone, Serialize, Deserialize)]
pub struct ClientCredentialsResponse {
admin_consent: bool,
tenant: String,
}
#[tokio::test]
async fn ut_client_credentials() {
let query = warp::query::<ClientCredentialsResponse>()
.map(Some)
.or_else(|_| async {
Ok::<(Option<ClientCredentialsResponse>,), std::convert::Infallible>((None,))
});
let routes = warp::get()
.and(warp::path("redirect"))
.and(query)
.and_then(handle_redirect);
// Get the oauth client and request a browser sign in
let mut oauth = get_oauth_client();
let mut request = oauth.build_async().client_credentials();
request.browser_authorization().open().unwrap();
warp::serve(routes).run(([127, 0, 0, 1], 8300)).await;
}
async fn handle_redirect(client_credential_option: Option<ClientCredentialsResponse>)
-> Result<Box<dyn warp::Reply>, warp::Rejection> {
match client_credential_option {
Some(client_credential_response) => {
// Print out for debugging purposes.
println!("{:#?}", client_credential_response);
// Request an access token.
request_access_token().await;
// Generic login page response.
Ok(Box::new(
"Successfully Logged In! You can close your browser.",
))
}
None => Err(warp::reject()),
}
}
async fn request_access_token() {
let mut oauth = get_oauth_client();
let mut request = oauth.build_async().client_credentials();
let access_token = request.access_token().send().await.unwrap();
println!("{:#?}", access_token);
oauth.access_token(access_token);
}
fn get_oauth_client() -> OAuth {
let mut oauth = OAuth::new();
oauth
.client_id(CLIENT_ID)
.client_secret(CLIENT_SECRET)
.tenant_id(TENANT_ID)
.add_scope("https://graph.microsoft.com/User.Invite.All")
.redirect_uri("http://localhost:8300/redirect")
// .authorize_url("https://login.microsoftonline.com/common/adminconsent")
.access_token_url("https://login.microsoftonline.com/common/oauth2/v2.0/token");
oauth
}
}
Note that i commented out the authorize url. If this url exits, a browser window opens, requesting an admin to log in. This must not happen. When it is commented out, it sends the request directly to <tenantId>/oauth2/v2.0/authorize instead of <tenantId>/oauth2/v2.0/adminconsent, which is what i want, it instead complains: AADSTS900144: The request body must contain the following parameter: 'scope'.. The scope is given though.
I already tried fiddling with urls for hours and also tried every other authentication concept in the crate, but it doesn't seem to work without interaction, which is not possible in my use case. Does someone know how to achieve that? (All permissions are granted as application permissions, not deligated)
Edit request: Please create and add the tag "graph-rs-sdk". I cannot create it myself but knowing the crate being used would be useful.
I'm building a Tauri app and would like to set up OAuth integration with Google. To do so, I will need a URI for the oauth callback, but Tauri is unclear how to configure the schema possibly using this method or with the WindowUrl?
How can I add a URI to my Tauri app so I could like to it like the following example:
myapp://callback
I think it could look something like the following:
fn main() {
tauri::Builder::default()
.invoke_handler(tauri::generate_handler![greet])
.register_uri_scheme_protocol("myapp", move |app, request| {
# protocol logic here
})
.run(tauri::generate_context!())
.expect("error while running tauri application");
}
Tauri currently doesn't directly support deep linking. A good alternative that I found was this rust project. After installation you can do something like the following:
#[tauri::command]
async fn start_oauth_server(window: Window) -> Result<u16, String> {
println!("Starting server");
start(None, move |url| {
// Because of the unprotected localhost port, you must verify the URL here.
// Preferebly send back only the token, or nothing at all if you can handle everything else in Rust.
// convert the string to a url
let url = url::Url::parse(&url).unwrap();
// get the code query parameter
let code = url
.query_pairs()
.find(|(k, _)| k == "code")
.unwrap_or_default()
.1;
// get the state query parameter
let state = url
.query_pairs()
.find(|(k, _)| k == "state")
.unwrap_or_default()
.1;
// create map of query parameters
let mut query_params = HashMap::new();
query_params.insert("code".to_string(), code.to_string());
query_params.insert("state".to_string(), state.to_string());
query_params.insert(String::from("redirect_uri"), url.to_string());
if window.emit("redirect_uri", query_params).is_ok() {
println!("Sent redirect_uri event");
} else {
println!("Failed to send redirect_uri event");
}
})
.map_err(|err| err.to_string())
}
I simply tried transferring token from account A (vault_account) to account B (receiver_account) using both traditional method and anchor method. In both of the methods i used receiver_account as signer. But the anchor method is throwing Error: failed to send transaction: Transaction simulation failed: Error processing Instruction 0: Cross-program invocation with unauthorized signer or writable account. This error was solved if i use vault_account as signer. Can anyone explain why is this happening because
As far as i know both of these method does the same thing under the hood.
Traditional method:
let (_account_address, bump) = Pubkey::find_program_address(
&[&sender_account.key.to_bytes()],
program_id
);
let pda_signer_seeds: &[&[_]] = &[&sender_account.key.to_bytes(), &[bump]];
//transfering token to receiver_associated_info
invoke_signed(
&spl_token::instruction::transfer(
token_program_info.key,
vault_associated_info.key,
receiver_associated_info.key,
vault.key,
&[vault.key],
amount,
)?,
&[
token_program_info.clone(),
vault_associated_info.clone(),
receiver_associated_info.clone(),
vault.clone(),
system_program.clone()
],&[&pda_signer_seeds],
)?;
Anchor method:
let (_account_address, bump) = Pubkey::find_program_address(
&[&ctx.accounts.sender_account.key.to_bytes()],
ctx.program_id
);
let pda_signer_seeds: &[&[&[_]]] = &[&[&ctx.accounts.vault.key.to_bytes(), &[bump]]];
let transfer_ix = Token_Transfer{
from: ctx.accounts.vault_associated_info.to_account_info(),
to: ctx.accounts.receiver_associated_info.to_account_info(),
authority: ctx.accounts.vault.to_account_info()
};
let cpi_ctx = CpiContext::new_with_signer(
ctx.accounts.system_program.to_account_info(),
transfer_ix,
pda_signer_seeds,
);
token_transfer(cpi_ctx, amount)?;
For the traditional method, you need to pass in the accounts in the correct order, and specify the arguments correctly:
invoke_signed(
&spl_token::instruction::transfer(
token_program_info.key,
vault_associated_info.key,
receiver_associated_info.key,
vault.key,
&[],
amount,
)?,
[
vault_associated_info.clone(),
receiver_associated_info.clone(),
vault.clone(),
token_program_info.clone()
],&[&pda_signer_seeds],
)?;
This is assuming that vault.key == _account_address derived earlier, otherwise you may get an error.
For Anchor, you'll need to specify the correct program that you're invoking:
let cpi_ctx = CpiContext::new_with_signer(
ctx.accounts.token_program.to_account_info(),
transfer_ix,
pda_signer_seeds,
);
Separate note: in the case of an SPL token transfer, you don't need the receiver to sign, only the authority of the sender account.
I am developing NFT marketplace with terra and I use CW721.
And I noticed on mint function if the sender and minter is not equal it returns "Unauthorized" error.
I can ignore this condition but is this required?
pub fn mint(
&self,
deps: DepsMut,
_env: Env,
info: MessageInfo,
msg: MintMsg<T>,
) -> Result<Response<C>, ContractError> {
let minter = self.minter.load(deps.storage)?;
if info.sender != minter {
return Err(ContractError::Unauthorized {});
}
...
}
In Javascript with Terra.js I sent request with my wallet address.
But if the sender and minter must be same, I have to send request with minter's wallet address.
And that means NFT creator should know the password of minter's wallet.
What's the difference between token_uri and image url?
I think they are same.
Hello I'm trying to mint an NFT using Polygon and it works just fine on Mumbai but as soon as i switch over to the mainnet the transaction doesn't go through instead of going through in 5 seconds on mumbai. Even though im using the exact same contract just deployed on the mainnet instead of Mumbai and the code is the same too. All im doing is switching the contract address and rpc url but for some reason it just doesn't work on the Polygon mainnet below is the code im using.
// Init contract
const contractABI = require('../../contract-abi.json');
const contractAddress = config.mintingContractAddress;
const contract = await new this.web3.eth.Contract(contractABI, contractAddress);
// Mint NFT
const nft = contract.methods.mintNFT(user.walletAddress, metadataUploadURL, user.paymentAddress).encodeABI();
// Get gas pricing
const priorityFees = await axios.get('https://gasstation-mainnet.matic.network');
const estBaseGas = await this.web3.eth.estimateGas({
data: nft,
to: contractAddress,
});
console.log('USING GAS: ' + estBaseGas);
// Sign NFT minting transaction
const totalGas = estBaseGas + priorityFees.data.standard;
console.log('TOTALGAS: ', Math.round(totalGas).toString());
const transaction = await this.web3.eth.accounts.signTransaction(
{
from: user.walletAddress,
to: contractAddress,
nonce: await this.web3.eth.getTransactionCount(user.walletAddress, 'pending'), // Get count of all transactions sent to the contract from this address including pending ones
data: nft,
// maxPriorityFee: priorityFees.data.average, Not supported on Polygon MATIC yet
gas: Math.round(totalGas).toString(),
gasPrice: await this.web3.eth.getGasPrice(),
},
wallet.privateKey,
);
this.logger.silly('Finished signing NFT transaction');
// Send the transaction that we signed
const mintT = await this.web3.eth.sendSignedTransaction(transaction.rawTransaction);
this.logger.silly('Sent transaction');
console.log(mintT);
Also tried this for signing
// Get gas pricing
const priorityFees = await axios.get('https://gasstation-mainnet.matic.network');
const estBaseGas = await this.web3.eth.estimateGas({
data: nft,
to: contractAddress,
});
console.log('USING GAS: ' + estBaseGas);
// Sign NFT minting transaction
const totalGas = estBaseGas + priorityFees.data.standard;
console.log('TOTALGAS: ', Math.round(totalGas).toString());
console.log('P', priorityFees.data.standard);
const gp = this.web3.utils.toWei(priorityFees.data.standard.toString(), 'Gwei').toString();
console.log('GP', gp);
const transaction = await this.web3.eth.accounts.signTransaction(
{
from: user.walletAddress,
to: contractAddress,
nonce: await this.web3.eth.getTransactionCount(user.walletAddress, 'pending'), // Get count of all transactions sent to the contract from this address including pending ones
data: nft,
// maxPriorityFee: priorityFees.data.average, Not supported on Polygon MATIC yet
gas: '1000000',
gasPrice: gp,
},
wallet.privateKey,
);
Mempool explorer for transaction that takes forever and nearly instant one.
Forever:
Instant:
One on mainnet that used 30 gwei of gas:
Does anybody know why this is happening?
Also yes i do know that the fast one does have 2 extra gwei in gas but even setting it to that manually it still takes forever and according to https://polygonscan.com/gastracker even with one gwei it should be processed within 30 seconds. Even when using 50 Gwei it seems to take hours to process or maybe it's being dropped? The transactions don't even seem to be getting to the contract they are just stuck somewhere in the chain.
contract address: 0xa915E82285e6F82eD10b0579511F48fD716a2043
contract source code:
//SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.0;
import "#openzeppelin/contracts/token/ERC721/extensions/ERC721URIStorage.sol";
import "#openzeppelin/contracts/utils/Counters.sol";
contract MyNFT is ERC721URIStorage {
using Counters for Counters.Counter;
Counters.Counter private _tokenIds;
event MintedNFT(address recipent,string tokenURI,address artist, uint256 tokenID);
mapping(uint256 => address) private artists; // Used to store token ids => artist addresses
// mapping(uint256 => uint256) private royalties; // tokenId => royaltyPercentage
// mapping(uint256 => address) private nftMintInitators; // Used to store token ids => sender addresses
// mapping(uint256 => bool) private royaltiesSet;
constructor(string memory name_, string memory symbol_)
ERC721(name_, symbol_) {
}
// // Support for https://eips.ethereum.org/EIPS/eip-2981
// /// #notice Called with the sale price to determine how much royalty
// // is owed and to whom.
// /// #param _tokenId - the NFT asset queried for royalty information
// /// #param _salePrice - the sale price of the NFT asset specified by _tokenId
// /// #return receiver - address of who should be sent the royalty payment
// /// #return royaltyAmount - the royalty payment amount for _salePrice
// function royaltyInfo(
// uint256 _tokenId,
// uint256 _salePrice
// ) external view returns (
// address receiver,
// uint256 royaltyAmount
// ) {
// return (
// artists[_tokenId],
// _salePrice * royalties[_tokenId] // Take percentage
// );
// }
// function updateRoyaltyPercentage(
// uint256 royaltyPercentage, // In decimal like 0.5 or 0.25 (Send 0.0 for no royalties)
// uint256 tokenID
// ) public {
// if (msg.sender == nftMintInitators[tokenID] && royaltiesSet[tokenID] == false) {
// royalties[tokenID] = royaltyPercentage;
// royaltiesSet[tokenID] = true;
// }
// }
function mintNFT(address recipient,
string memory tokenURI,
address artist // Address for the artist not using _msgSender() because this transaction is sent by the users NFT holding account
)
public
returns (uint256)
{
_tokenIds.increment();
uint256 newItemId = _tokenIds.current();
_mint(recipient, newItemId);
_setTokenURI(newItemId, tokenURI);
artists[newItemId] = artist;
// nftMintInitators[newItemId] = msg.sender;
// royaltiesSet[newItemId] = false;
emit MintedNFT(recipient,tokenURI,artist,newItemId);
return newItemId;
}
}
You can test with simple code just to mint one NFT. Adding gasPrice and gasLimit parameters directly into minting function could help
const hre = require("hardhat");
async function main() {
const NFT = await hre.ethers.getContractFactory("NFTNAME");
const WALLET_ADDRESS = "0xxxxxxxxxxxxxx"
const CONTRACT_ADDRESS = "0xa915E82285e6F82eD10b0579511F48fD716a2043"
const contract = NFT.attach(CONTRACT_ADDRESS);
mintedNFT = await contract.mintNFT(WALLET_ADDRESS,{ gasLimit: 285000, gasPrice: ethers.utils.parseUnits('30', 'gwei')});
console.log("NFT minted:", mintedNFT);
}
main().then(() => process.exit(0)).catch(error => {
console.error(error);
process.exit(1);
});