feat: add iota_account2

Author: valeriyr

examples/move/iota_account2/Move.toml

@@ -0,0 +1,37 @@
+[package]
+name = "iota_account2"
+edition = "2024.beta" # edition = "legacy" to use legacy (pre-2024) Move
+# license = ""           # e.g., "MIT", "GPL", "Apache 2.0"
+# authors = ["..."]      # e.g., ["Joe Smith ([email protected])", "John Snow ([email protected])"]
+
+[dependencies]
+Iota = { local = "../../../crates/iota-framework/packages/iota-framework" }
+
+# For remote import, use the `{ git = "...", subdir = "...", rev = "..." }`.
+# Revision can be a branch, a tag, and a commit hash.
+# MyRemotePackage = { git = "https://some.remote/host.git", subdir = "remote/path", rev = "main" }
+
+# For local dependencies use `local = path`. Path is relative to the package root
+# Local = { local = "../path/to" }
+
+# To resolve a version conflict and force a specific version for dependency
+# override use `override = true`
+# Override = { local = "../conflicting/version", override = true }
+
+[addresses]
+iota_account2 = "0x0"
+
+# Named addresses will be accessible in Move as `@name`. They're also exported:
+# for example, `std = "0x1"` is exported by the Standard Library.
+# alice = "0xA11CE"
+
+[dev-dependencies]
+# The dev-dependencies section allows overriding dependencies for `--test` and
+# `--dev` modes. You can introduce test-only dependencies here.
+# Local = { local = "../path/to/dev-build" }
+
+[dev-addresses]
+# The dev-addresses section allows overwriting named addresses for the `--test`
+# and `--dev` modes.
+# alice = "0xB0B"
+

examples/move/iota_account2/sources/iota_account.move

@@ -0,0 +1,137 @@
+module iota_account2::iota_account;
+
+use iota::account::{Self, AuthenticatorInfoV1};
+use iota::auth_context::AuthContext;
+use iota::dynamic_field;
+use iota::ecdsa_k1;
+use iota::ecdsa_r1;
+use iota::ed25519;
+
+/// A dynamic field name for the account owner public key.
+const IOTACCOUNT_OWNER_PUBKEY: vector<u8> = b"IOTACCOUNT_OWNER_PUBKEY";
+
+/// This struct represents an IOTA account on-chain.
+/// It holds all the related data as dynamic fields to simplify updates and migrations.
+public struct IOTAccount has key {
+    id: UID,
+}
+
+// --------------------------------------- Creation ---------------------------------------
+
+/// Creates a new `IOTAccount`  as a shared object with the given authenticator.
+/// 
+/// `authenticator` is expect to have the following signature:
+///
+/// public fun authenticate(self: &IOTAccount, signature: vector<u8>, _: &AuthContext, _: &TxContext) { ... }
+/// 
+/// And it is expected to verify the `signature` against the public key stored in the account.
+/// 
+/// There are several ready-made authenticators available in this module:
+/// - `authenticate_ed25519`
+/// - `authenticate_secp256k1`
+/// - `authenticate_secp256r1`
+public fun create(pubkey: vector<u8>, authenticator: AuthenticatorInfoV1, ctx: &mut TxContext) {
+    let mut account = IOTAccount { id: object::new(ctx) };
+
+    // Check the flag in `pubkey` is the same as the input scheme.
+    //assert!(check_scheme(pubkey, scheme));
+
+    let account_id = &mut account.id;
+
+    // Add the account owner public key as a dynamic field.
+    dynamic_field::add(account_id, IOTACCOUNT_OWNER_PUBKEY, pubkey);
+
+    // Add the authenticator info as a dynamic field.
+    dynamic_field::add(account_id, account::authenticator_df_name(), authenticator);
+
+    // Turn the account object into a mutable shared object.
+    iota::transfer::share_object(account);
+}
+
+// --------------------------------------- Field Operations ---------------------------------------
+
+/// Adds a new dynamic field to the account.
+public fun add_field<Name: copy + drop + store, Value: store>(
+    self: &mut IOTAccount,
+    name: Name,
+    value: Value,
+    ctx: &TxContext,
+) {
+    // Check that the sender of this TX is the account.
+    assert!(self.id.uid_to_address() == ctx.sender());
+
+    // Add a new field.
+    dynamic_field::add(&mut self.id, name, value);
+}
+
+/// Removes a dynamic field from the account.
+public fun remove_field<Name: copy + drop + store, Value: store>(
+    self: &mut IOTAccount,
+    name: Name,
+    ctx: &TxContext,
+): Value {
+    // Check that the sender of this TX is the account.
+    assert!(self.id.uid_to_address() == ctx.sender());
+
+    // Remove a new field.
+    dynamic_field::remove(&mut self.id, name)
+}
+
+public fun borrow_field<Name: copy + drop + store, Value: store>(
+    self: &IOTAccount,
+    name: Name,
+    ctx: &TxContext,
+): &Value {
+    let id = &self.id;
+    // Check that the sender of this TX is the account.
+    assert!(id.uid_to_address() == ctx.sender());
+
+    dynamic_field::borrow(&self.id, name)
+}
+
+public fun borrow_field_mut<Name: copy + drop + store, Value: store>(
+    self: &mut IOTAccount,
+    name: Name,
+    ctx: &TxContext,
+): &mut Value {
+    let id = &self.id;
+    // Check that the sender of this TX is the account.
+    assert!(id.uid_to_address() == ctx.sender());
+
+    dynamic_field::borrow_mut(&mut self.id, name)
+}
+
+// --------------------------------------- Authentication ---------------------------------------
+
+/// Ed25519 signature authenticator.
+public fun authenticate_ed25519(
+    self: &IOTAccount,
+    signature: vector<u8>,
+    _: &AuthContext,
+    ctx: &TxContext,
+) {
+    let pubkey: &vector<u8> = borrow_field(self, IOTACCOUNT_OWNER_PUBKEY, ctx);
+    assert!(ed25519::ed25519_verify(&signature, pubkey, ctx.digest()));
+}
+
+/// Secp256k1 signature authenticator.
+public fun authenticate_secp256k1(
+    self: &IOTAccount,
+    signature: vector<u8>,
+    _: &AuthContext,
+    ctx: &TxContext,
+) {
+    let pubkey: &vector<u8> = borrow_field(self, IOTACCOUNT_OWNER_PUBKEY, ctx);
+    assert!(ecdsa_k1::secp256k1_verify(&signature, pubkey, ctx.digest(), 0));
+}
+
+/// Secp256r1 signature authenticator.
+public fun authenticate_secp256r1(
+    self: &IOTAccount,
+    signature: vector<u8>,
+    _: &AuthContext,
+    ctx: &TxContext,
+) {
+    let pubkey: &vector<u8> = borrow_field(self, IOTACCOUNT_OWNER_PUBKEY, ctx);
+    assert!(ecdsa_r1::secp256r1_verify(&signature, pubkey, ctx.digest(), 0));
+}