1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

use crate::types::*;
use crate::{Config, BeaconState, Error, BLSConfig, consts};
use bm_le::tree_root;
use core::cmp::max;

impl<C: Config> BeaconState<C> {
	/// Push a new `Transfer` to the state.
	pub fn process_transfer<BLS: BLSConfig>(&mut self, transfer: Transfer) -> Result<(), Error> {
		if !(self.validators.len() > transfer.sender as usize &&
			 self.validators.len() > transfer.recipient as usize)
		{
			return Err(Error::TransferInvalidPublicKey)
		}

		// Verify the amount and fee are not individually too big
		// (for anti-overflow purposes)
		if self.balances[transfer.sender as usize] < max(transfer.amount + transfer.fee, max(transfer.amount, transfer.fee)) {
			return Err(Error::TransferNoFund)
		}

		// A transfer is valid in only one slot
		if self.slot != transfer.slot {
			return Err(Error::TransferNotValidSlot)
		}

		// Sender must be not yet eligible for activation, withdrawn,
		// or transfer balance over MAX_EFFECTIVE_BALANCE
		if !(self.validators[transfer.sender as usize]
			 .activation_eligibility_epoch == consts::FAR_FUTURE_EPOCH ||
			 self.current_epoch() >=
			 self.validators[transfer.sender as usize].withdrawable_epoch ||
			 transfer.amount + transfer.fee + C::max_effective_balance() <=
			 self.balances[transfer.sender as usize])
		{
			return Err(Error::TransferNoFund)
		}

		// Verify that the pubkey is valid
		if !(self.validators[transfer.sender as usize]
			 .withdrawal_credentials[0] == C::bls_withdrawal_prefix_byte() &&
			 &self.validators[transfer.sender as usize]
			 .withdrawal_credentials[1..] ==
			 &C::hash(&[&transfer.pubkey[..]])[1..])
		{
			return Err(Error::TransferInvalidPublicKey)
		}

		// Verify that the signature is valid
		if !BLS::verify(
			&transfer.pubkey,
			&tree_root::<C::Digest, _>(&SigningTransfer::from(transfer.clone())),
			&transfer.signature,
			self.domain(C::domain_transfer(), None),
		) {
			return Err(Error::TransferInvalidSignature)
		}

		// Process the transfer
		self.decrease_balance(transfer.sender, transfer.amount + transfer.fee);
		self.increase_balance(transfer.recipient, transfer.amount);
		self.increase_balance(self.beacon_proposer_index()?, transfer.fee);

		// Verify balances are not dust
		if 0 < self.balances[transfer.sender as usize] &&
			self.balances[transfer.sender as usize] <
			C::min_deposit_amount()
		{
			return Err(Error::TransferNoFund)
		}

		if 0 < self.balances[transfer.recipient as usize] &&
			self.balances[transfer.recipient as usize] <
			C::min_deposit_amount()
		{
			return Err(Error::TransferNoFund)
		}

		Ok(())
	}
}