feat: add ContractClient for easy contract interaction #929
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…raction (stellar#891) * feat: spec.generateContractClient; AssembledTx - new e2e tests copied from cli `ts-tests` for the generated bindings, but with TypeScript removed because the ContractClient is generated here dynamically at run time, so we cannot know the types at compile time in the tests. - generate JSON specs from local .wasm files during initiaze.sh instead of generating TS bindings. As explained in the new wasms/specs/README, this is a bummer, but is temporary * chore: rollback test/contract_spec changes ContractClient is now fully tested in `tests/e2e` rather than in this file Keeping this in a separate commit in case we decide it's better to go back and do things "The tests/unit way" instead of the new tests/e2e way. It feels maybe silly to have both.
* Update examples to use new module and package structure. (stellar#900) * Bump follow-redirects from 1.15.3 to 1.15.4 (stellar#906) * Export the individual event response instance (stellar#904) * Add support for new `sendTransaction` response field (stellar#905) * Update README to flow better (stellar#907) * Prepare v11.2.0 for release (stellar#908) --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: George <Shaptic@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update examples to use new module and package structure. (stellar#900) * Fixup deprecation to specify exact version * Upgrade references to use latest modules * Bump follow-redirects from 1.15.3 to 1.15.4 (stellar#906) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.3 to 1.15.4. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.3...v1.15.4) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Export the individual event response instance (stellar#904) * Add support for new `sendTransaction` response field (stellar#905) * Add checks to ensure incorrect fields don't sneak in * Update README to flow better (stellar#907) * Prepare v11.2.0 for release (stellar#908) * Upgrade all dependencies besides chai * Add changelog entries * Eliminating `utility-types` dependency entirely (stellar#912) Eliminated the 'utility-types' package since its functionalities are likely replaced by native TypeScript features. This change includes cleaning up imports and references in the codebase and updating the package.json and yarn.lock accordingly, resulting in a leaner dependency graph and potentially reducing installation times and package size. Co-authored-by: Sérgio Luis <sergiocl@airtm.io> * Release v11.2.1 (stellar#913) * Upgrade dependencies and stellar-base * fix: stop using TimeoutInfinite * optional simulate & wallet, editable TransactionBuilder - Can now pass an `account` OR `wallet` when constructing the ContractClient, or none! If you pass none, you can still make view calls, since they don't need a signer. You will need to pass a `wallet` when calling things that need it, like `signAndSend`. - You can now pass `simulate: false` when first creating your transaction to skip simulation. You can then modify the transaction using the TransactionBuilder at `tx.raw` before manually calling `simulate`. Example: const tx = await myContract.myMethod( { args: 'for', my: 'method', ... }, { simulate: false } ); tx.raw.addMemo(Memo.text('Nice memo, friend!')) await tx.simulate(); - Error types are now collected under `AssembledTransaction.Errors` and `SentTransaction.Errors`. * Ensure that event streaming tests write a valid stream (stellar#917) * Release v11.2.2 (stellar#918) * export ExampleNodeWallet from lib Tyler van der Hoeven thought this would be useful. The current place it's exported from is surpassingly silly. But it functions properly and the tests fail the same way they failed before. * Drop all usage of array-based passing (stellar#924) * feat(e2e-tests): new account & contract per test - New `clientFor` that instantiates a ContractClient for given contract, as well as initializes a new account, funding it with friendbot - Can also use `generateFundedKeypair` directly, as with test-swap - Stop generating anything in initialize.sh. Just check that the network is running and the pinned binary is installed, and fund the `$SOROBAN_ACCOUNT`. Ideally we wouldn't use the binary at all, but for now the tests are still shelling out to the CLI, so it's worth keeping the pinning around * wallet/signer only needs three methods * feat: no more `Wallet` interface Instead, just accept the things that Wallet contained. This avoids the conundrum of what to call the thing. - `Wallet` seems too high-level. Too high-level to be the concern of stellar-sdk, and too high-level for the thing being described here. It's really just two functions: `signTransaction` and `signAuthEntry`. - No need for this thing to defined `getPublicKey`, let alone any of the more complicated wrappers around it that it used to. Just have people pass in a `publicKey`. For convenience' sake, I also allowed this to be a Promise of a string, so that you don't need to instantiate ContractClient asynchronously, instead doing something like: new ContractClient({ publicKey: asyncPublicKeyLookupFromWallet(), ... }) This helps when getting public keys in a browser environment, where public key lookup is async, and adds little complexity to the logic here. * rm getAccount from exposed interface * make simulation public; wrap comments * explicit allowHttp * test(ava): set timeout to 2m * build: move ExampleNodeWallet to own entrypoint No need to pollute the global API or bundle size with this. * build: move ContractClient & AssembledTransaction These are a bit higher-level and experimental, at this point, so let's not clutter the global API or the bundle size unless people really want it. * fix: allow overriding 'publicKey' for 'signAuthEntries' * feat(contract-client): require publicKey * fix: use Networks from stellar-base * doc: explain 'errorTypes' param * build: ContractClient-related things in one dir * typo * move primitive type defs to contractclient * rm ContractClient.generate; do it in constructor * feat: separate rust_types to own import path * feat: don't make people import and use Networks enum I personally find TS enums a little surprising to work with, and my own codebases already have network passphrases littered throughout. I think we can upgrade to use the enum later, after more discussion about the exact interface. Let's not tangle that up in this change. * doc: include rust_types readme info in build the README.md file is not included in the `lib/rust_types` built version, so it's better to include it in a file that people can find by using the go-to-definition function in their editor, such as a `rust_types.ts` file directly, which gets built as `lib/rust_types.d.ts`. * build: make it easier to import rust_types * feat: basicNodeSigner as a plain-object factory Our suggested approach of spreading `signer` into `ContractClient` constructors causes typing issues, since `networkPassphrase` is a private field inside BasicNodeSigner. This means the `signer` needs to be spread in before the inclusion of `networkPassphrase`, otherwise it gets overwritten with `undefined` (or maybe TypeScript just thinks it will get overwritten). --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: George <Shaptic@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sérgio Luis <sergiolclem@gmail.com> Co-authored-by: Sérgio Luis <sergiocl@airtm.io>
This implementation needs to match what is done in the TS Bindings in Rust. Keeping "JSification" logic consistent in both is not worth the slight nicety of allowing people to type camelCaseMethodNames in JS. Additionally, having camelCaseMethodNames in one context when the real method name is probably_snake_case could lead to confusion. If someone types a camelCaseName in their CLI, the CLI will complain, and they might not know what's going on.
* master: Move TypeScript to devDependencies to reduce bundle size (stellar#926) Drop all usage of array-based passing (stellar#924) Release v11.2.2 (stellar#918) Ensure that event streaming tests write a valid stream (stellar#917) Release v11.2.1 (stellar#913) Eliminating `utility-types` dependency entirely (stellar#912) Prepare v11.2.0 for release (stellar#908) Update README to flow better (stellar#907) Add support for new `sendTransaction` response field (stellar#905) Export the individual event response instance (stellar#904) Bump follow-redirects from 1.15.3 to 1.15.4 (stellar#906) Update examples to use new module and package structure. (stellar#900)
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
|
|
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎ To accept the risk, merge this PR and you will not be notified again.
Next stepsWhat is debug access?Uses debug, reflection and dynamic code execution features. Removing the use of debug will reduce the risk of any reflection and dynamic code execution. What is filesystem access?Accesses the file system, and could potentially read sensitive data. If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Take a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with
|
chadoh
commented
Mar 14, 2024
| @@ -28,12 +28,13 @@ | |||
| "build:prod": "cross-env NODE_ENV=production yarn _build", | |||
| "build:node": "yarn _babel && yarn build:ts", | |||
| "build:ts": "tsc -p ./config/tsconfig.json", | |||
| "build:test": "tsc -p ./test/tsconfig.json", | |||
| "build:test": "tsc -p ./test/unit/tsconfig.json", | |||
There was a problem hiding this comment.
This was added as part of an early-on change when the new AVA tests compiled with a separate tsconfig. They no longer use TS at all, for now. So I could put this back. Is it worth it?
chadoh
force-pushed
the
feat/contract-client
branch
from
e5c524e
to
f173ad1
Compare
Yes, a whole book about AssembledTransaction. It needed documentation; why not make it useful. This also removes an obsolute method, marks a couple as private, adds detail to other comments, fixes the `fee` type, updates SentTransaction docs, and organizes the code a bit.
chadoh
force-pushed
the
feat/contract-client
branch
from
f173ad1
to
ba458c6
Compare
piyalbasu
approved these changes
Mar 18, 2024
Shaptic
reviewed
Mar 20, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a port of the bulk of the TS Bindings logic to stellar-sdk. It is used by stellar/stellar-cli#1258, which you can see removes about the same number of lines from soroban-cli that this adds to stellar-sdk.
This allows similar argument- and result-parsing logic to dynamic frontend contexts that TS Bindings have enjoyed in TS contexts, while also delivering significant cleanup to the interfaces. It helps to put TS code in a TS codebase!
There are many things we would still like to do here:
specto be passed to theContractClient, which still more-or-less forces a dependency on the CLI to generate this spec. Instead, we would like to provide the option to initialize a ContractClient from a contract ID. It can then fetch the on-chain contract, extract the XDR from the wasm's custom section, and parse the spec on the fly.tests/e2eand use AVA, whereas the old tests use Mocha. It's kind of silly to have both. AVA and thedotenvsetup it uses is also the main cause of the Socket Security reports below. I believe that this causes no real security issue for stellar-sdk users, since these are devDependencies.However, none of these are blockers. Right now, we have an out-of-date developer experience in the TS Bindings, as well as largely-duplicate codebases between the CLI and this PR. This change avoids bloating the bundle size or exposed API of stellar-sdk by putting ContractClient in its own entrypoint, which makes it a safe starting point to merge. We can ship further improvements from here.