oasis_contract_sdk/
env.rs

1//! Smart contract environment query interface.
2use oasis_contract_sdk_types::address::Address;
3
4use crate::types::{
5    env::{QueryRequest, QueryResponse},
6    InstanceId,
7};
8
9/// Environment query trait.
10pub trait Env {
11    /// Perform an environment query.
12    fn query<Q: Into<QueryRequest>>(&self, query: Q) -> QueryResponse;
13
14    /// Returns an address for the contract instance id.
15    fn address_for_instance(&self, instance_id: InstanceId) -> Address;
16
17    /// Prints a message to the console. Useful when debugging.
18    #[cfg(feature = "debug-utils")]
19    fn debug_print(&self, msg: &str);
20}
21
22/// Errors that can be returned from crypto functions.
23#[derive(Debug, thiserror::Error)]
24pub enum CryptoError {
25    #[error("decryption or additional data authentication failed")]
26    DecryptionFailed,
27}
28
29/// Crypto helpers trait.
30pub trait Crypto {
31    /// ECDSA public key recovery function.
32    fn ecdsa_recover(&self, input: &[u8]) -> [u8; 65];
33
34    /// Verify an ed25519 message signature.
35    fn signature_verify_ed25519(&self, key: &[u8], message: &[u8], signature: &[u8]) -> bool;
36
37    /// Verify a secp256k1 message signature.
38    fn signature_verify_secp256k1(&self, key: &[u8], message: &[u8], signature: &[u8]) -> bool;
39
40    /// Verify an sr25519 message signature.
41    fn signature_verify_sr25519(
42        &self,
43        key: &[u8],
44        context: &[u8],
45        message: &[u8],
46        signature: &[u8],
47    ) -> bool;
48
49    /// Derive a symmetric key from a public/private key pair.
50    fn x25519_derive_symmetric(&self, public_key: &[u8], private_key: &[u8]) -> [u8; 32];
51
52    /// Encrypt and authenticate a message and authenticate additional data using DeoxysII.
53    fn deoxysii_seal(
54        &self,
55        key: &[u8],
56        nonce: &[u8],
57        message: &[u8],
58        additional_data: &[u8],
59    ) -> Result<Vec<u8>, CryptoError>;
60
61    /// Decrypt and authenticate a message and authenticate additional data using DeoxysII.
62    fn deoxysii_open(
63        &self,
64        key: &[u8],
65        nonce: &[u8],
66        message: &[u8],
67        additional_data: &[u8],
68    ) -> Result<Vec<u8>, CryptoError>;
69
70    /// Fills `dst` with cryptographically secure random bytes.
71    /// Returns the number of bytes written.
72    /// If the optional personalization string (`pers`) is provided, it will be mixed into the RNG to provide additional domain separation.
73    fn random_bytes(&self, pers: &[u8], dst: &mut [u8]) -> usize;
74}