efdevcon · mikulas-mrva · May 20, 2022 · May 22, 2022 · May 30, 2022 · May 30, 2022
diff --git a/pretix_eth/exporter.py b/pretix_eth/exporter.py
@@ -7,7 +7,6 @@
     OrderPayment,
     OrderRefund,
 )
-from pretix_eth.models import WalletAddress
 
 import pytz
 
@@ -27,7 +26,7 @@ def payment_to_row(payment):
     fiat_amount = payment.amount
     token_amount = payment.info_data.get("amount", "")
 
-    wallet_address = WalletAddress.objects.filter(order_payment=payment).first()
+    wallet_address = None # todo WalletAddress.objects.filter(order_payment=payment).first()
     hex_wallet_address = wallet_address.hex_address if wallet_address else ""
 
     row = [
@@ -57,7 +56,7 @@ def refund_to_row(refund):
     fiat_amount = refund.amount
     token_amount = refund.info_data.get("amount", "")
 
-    wallet_address = WalletAddress.objects.filter(order_payment=refund.payment).first()
+    wallet_address = None  # todo WalletAddress.objects.filter(order_payment=refund.payment).first()
     hex_wallet_address = wallet_address.hex_address if wallet_address else ""
 
     row = [

diff --git a/pretix_eth/management/commands/confirm_payments.py b/pretix_eth/management/commands/confirm_payments.py
@@ -6,18 +6,21 @@
 )
 from django_scopes import scope
 
-from pretix.base.models.event import (
-    Event,
-)
+from web3 import Web3
+from web3.providers.auto import load_provider_from_uri
+from web3.exceptions import TransactionNotFound
 
-from pretix_eth.models import (
-    WalletAddress,
-)
-from pretix_eth.network.tokens import IToken, all_token_and_network_ids_to_tokens
+from pretix.base.models import OrderPayment
+from pretix.base.models.event import Event
+
+from pretix_eth.network.tokens import IToken, all_token_and_network_ids_to_tokens, TOKEN_ABI
 
 logger = logging.getLogger(__name__)
 
 
+SAFETY_BLOCK_COUNT = 5
+
+
 class Command(BaseCommand):
     help = (
         "Verify pending orders from on-chain payments. Performs a dry run by default."
@@ -33,64 +36,127 @@ def add_arguments(self, parser):
 
     def handle(self, *args, **options):
         no_dry_run = options["no_dry_run"]
+        log_verbosity = int(options.get('verbosity', 0))
 
         with scope(organizer=None):
+            # todo change to events where pending payments are expected only?
             events = Event.objects.all()
 
         for event in events:
-            self.confirm_payments_for_event(event, no_dry_run)
+            self.confirm_payments_for_event(event, no_dry_run, log_verbosity)
 
-    def confirm_payments_for_event(self, event: Event, no_dry_run):
+    def confirm_payments_for_event(self, event: Event, no_dry_run, log_verbosity=0):
         logger.info(f"Event name - {event.name}")
 
-        unconfirmed_addresses = (
-            WalletAddress.objects.all().for_event(event).unconfirmed_orders()
-        )
-
-        for wallet_address in unconfirmed_addresses:
-            hex_address = wallet_address.hex_address
-
-            order_payment = wallet_address.order_payment
-            rpc_urls = json.loads(
-                order_payment.payment_provider.settings.NETWORK_RPC_URL
+        with scope(organizer=event.organizer):
+            unconfirmed_order_payments = OrderPayment.objects.filter(
+                order__event=event,
+                state__in=(
+                    OrderPayment.PAYMENT_STATE_CREATED,
+                    OrderPayment.PAYMENT_STATE_PENDING,
+                    OrderPayment.PAYMENT_STATE_CANCELED,
+                )
             )
-            full_id = order_payment.full_id
-
-            info = order_payment.info_data
-            token: IToken = all_token_and_network_ids_to_tokens[info["currency_type"]]
-            expected_network_id = token.NETWORK_IDENTIFIER
-            expected_network_rpc_url_key = f"{expected_network_id}_RPC_URL"
-            network_rpc_url = None
-
-            if expected_network_rpc_url_key in rpc_urls:
-                network_rpc_url = rpc_urls[expected_network_rpc_url_key]
-            else:
-                logger.warning(
-                    f"No RPC URL configured for {expected_network_id}. Skipping..."
+            if log_verbosity > 0:
+                logger.info(f" * Found {unconfirmed_order_payments.count()} unconfirmed order payments")
+
+        for order_payment in unconfirmed_order_payments:
+            if log_verbosity > 0:
+                logger.info(f" * trying to confirm payment: {order_payment} (has {order_payment.signed_messages.all().count()} signed messages)")
+            # it is tempting to put .filter(invalid=False) here, but remember
+            # there is still a chance that low-gas txs are mined later on.
+            for signed_message in order_payment.signed_messages.all():
+                rpc_urls = json.loads(
+                    order_payment.payment_provider.settings.NETWORK_RPC_URL
                 )
-                continue
-
-            expected_amount = info["amount"]
+                full_id = order_payment.full_id
 
-            # Get balance.
-            balance = token.get_balance_of_address(hex_address, network_rpc_url)
+                info = order_payment.info_data
+                token: IToken = all_token_and_network_ids_to_tokens[info["currency_type"]]
+                expected_network_id = token.NETWORK_IDENTIFIER
+                expected_network_rpc_url_key = f"{expected_network_id}_RPC_URL"
 
-            if balance > 0:
-                logger.info(f"Payments found for {full_id} at {hex_address}:")
-                if balance < expected_amount:
+                if expected_network_rpc_url_key in rpc_urls:
+                    network_rpc_url = rpc_urls[expected_network_rpc_url_key]
+                else:
                     logger.warning(
-                        f"  * Expected payment of at least {expected_amount} {token.TOKEN_SYMBOL}"
+                        f"No RPC URL configured for {expected_network_id}. Skipping..."
                     )
+                    continue
+
+                expected_amount = info["amount"]
+
+                # Get balance
+                w3 = Web3(load_provider_from_uri(network_rpc_url))
+                if log_verbosity > 0:
+                    logger.info(f"   * Looking for a receip for a transaction with hash={signed_message.transaction_hash}")
+                try:
+                    receipt = w3.eth.getTransactionReceipt(signed_message.transaction_hash)
+                except TransactionNotFound:
+                    if log_verbosity > 0:
+                        logger.info(f"   * Transaction hash={signed_message.transaction_hash} not found, skipping.")
+                    if signed_message.age > 30*60:
+                        signed_message.invalidate()
+                    continue
+
+                if receipt.status == 0:
+                    if log_verbosity > 0:
+                        logger.info(f"   * Transaction hash={signed_message.transaction_hash} was has status=0, invalidating.")
+                    signed_message.invalidate()
+                    continue
+
+                block_number = receipt.blockNumber
+
+                if block_number is None or block_number + SAFETY_BLOCK_COUNT > w3.eth.get_block_number():
+                    logger.warning(f"  * Transfer found in a block that is too young, waiting until at least {SAFETY_BLOCK_COUNT} more blocks are confirmed.")
+                    continue
+
+                if token.IS_NATIVE_ASSET:
+                    # ETH
+                    payment_amount = w3.eth.getTransaction(signed_message.transaction_hash).value
+                    receipt_reciever = receipt.to.lower()
+                    correct_recipient = receipt_reciever == signed_message.recipient_address.lower()
+
+                else:
+                    # DAI
+                    contract = w3.eth.contract(address=token.ADDRESS, abi=TOKEN_ABI)
+                    transaction_details = contract.events.Transfer().processReceipt(receipt)[0].args
+                    payment_amount = transaction_details.value
+                    # check that the payment happened on the right contract address
+                    correct_contract = token.ADDRESS.lower() == receipt.to.lower()
+                    # take recipient address from the topics, not from the "from" field, as that's the contract address
+                    receipt_reciever = receipt.logs[0].topics[2][12:].hex().lower()
+                    correct_recipient = correct_contract and (receipt_reciever == signed_message.recipient_address.lower())
+
+
+                receipt_sender = getattr(receipt, 'from').lower()
+                correct_sender = receipt_sender == signed_message.sender_address.lower()
+
+                if not (correct_sender and correct_recipient):
                     logger.warning(
-                        f"  * Given payment was {balance} {token.TOKEN_SYMBOL}"
+                        f"  * Transaction hash provided does not match correct sender and recipient"
                     )
-                    logger.warning(f"  * Skipping")  # noqa: F541
+                    if log_verbosity > 0:
+                        logger.info(f"receipt sender={receipt_sender}, expected sender={signed_message.sender_address.lower()}")
+                        logger.info(f"receipt recipient={receipt_reciever}, expected recipient={signed_message.recipient_address.lower()}")
                     continue
-                if no_dry_run:
-                    logger.info(f"  * Confirming order payment {full_id}")
-                    with scope(organizer=None):
-                        order_payment.confirm()
+
+                if payment_amount > 0:
+                    logger.info(f"Payments found for {full_id} at {signed_message.sender_address}:")
+                    if payment_amount < expected_amount:
+                        logger.warning(
+                            f"  * Expected payment of at least {expected_amount} {token.TOKEN_SYMBOL}"
+                        )
+                        logger.warning(
+                            f"  * Given payment was {payment_amount} {token.TOKEN_SYMBOL}"
+                        )
+                        logger.warning(f"  * Skipping")  # noqa: F541
+                        continue
+                    if no_dry_run:
+                        logger.info(f"  * Confirming order payment {full_id}")
+                        with scope(organizer=None):
+                            order_payment.confirm()
+                    else:
+                        logger.info(f"  * DRY RUN: Would confirm order payment {full_id}")
                 else:
-                    logger.info(f"  * DRY RUN: Would confirm order payment {full_id}")
-            else:
-                logger.info(f"No payments found for {full_id}")
+                    logger.info(f"No payments found for {full_id}")
diff --git a/pretix_eth/management/commands/confirm_refunds.py b/pretix_eth/management/commands/confirm_refunds.py
diff --git a/pretix_eth/migrations/0002_auto_20220529_2332.py b/pretix_eth/migrations/0002_auto_20220529_2332.py
@@ -0,0 +1,30 @@
+# Generated by Django 3.2.12 on 2022-05-29 23:32
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pretixbase', '0208_auto_20220214_1632'),
+        ('pretix_eth', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='SignedMessage',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False)),
+                ('signature', models.CharField(max_length=132)),
+                ('raw_message', models.CharField(max_length=256)),
+                ('sender_address', models.CharField(max_length=42)),
+                ('recipient_address', models.CharField(max_length=42)),
+                ('chain_id', models.SmallIntegerField()),
+                ('order_payment', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='signed_messages', to='pretixbase.orderpayment')),
+            ],
+        ),
+        migrations.DeleteModel(
+            name='WalletAddress',
+        ),
+    ]
diff --git a/pretix_eth/migrations/0003_signedmessage_transaction_hash.py b/pretix_eth/migrations/0003_signedmessage_transaction_hash.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.12 on 2022-07-03 14:50
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pretix_eth', '0002_auto_20220529_2332'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='signedmessage',
+            name='transaction_hash',
+            field=models.CharField(max_length=66, null=True),
+        ),
+    ]
diff --git a/pretix_eth/migrations/0004_alter_signedmessage_raw_message.py b/pretix_eth/migrations/0004_alter_signedmessage_raw_message.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.12 on 2022-07-08 20:08
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pretix_eth', '0003_signedmessage_transaction_hash'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='signedmessage',
+            name='raw_message',
+            field=models.TextField(),
+        ),
+    ]