MarketTakers/arbiter
5
0
Fork 0
Code Issues 27 Pull Requests 4 Packages Projects Releases Wiki Activity

feat(server::evm): more criterion types

Browse Source
This commit is contained in:
hdbg
2026-03-02 22:02:06 +01:00
parent 191b126462
commit 67fce6f06a
21 changed files with 14105 additions and 485 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
server/crates/arbiter-server/migrations/2026-02-14-171124-0000_init/up.sql
View File

@@ -68,6 +68,12 @@ create table if not exists evm_wallet (
create unique index if not exists uniq_evm_wallet_address on evm_wallet (address);
create unique index if not exists uniq_evm_wallet_aead on evm_wallet (aead_encrypted_id);
create table if not exists evm_ether_transfer_limit (
id integer not null primary key,
window_secs integer not null, -- window duration in seconds
max_volume blob not null -- big-endian 32-byte U256
) STRICT;
-- Shared grant properties: client scope, timeframe, fee caps, and rate limit
create table if not exists evm_basic_grant (
id integer not null primary key,
@@ -84,24 +90,29 @@ create table if not exists evm_basic_grant (
created_at integer not null default(unixepoch('now'))
) STRICT;
-- Shared transaction log for all EVM grants, used for rate limit tracking and auditing
create table if not exists evm_transaction_log (
id integer not null primary key,
grant_id integer not null references evm_basic_grant(id) on delete restrict,
client_id integer not null references program_client(id) on delete restrict,
wallet_id integer not null references evm_wallet(id) on delete restrict,
chain_id integer not null,
eth_value blob not null, -- always present on any EVM tx
signed_at integer not null default(unixepoch('now'))
) STRICT;
create index if not exists idx_evm_basic_grant_wallet_chain on evm_basic_grant(client_id, wallet_id, chain_id);
-- ===============================
-- ERC20 token transfer grant
-- ===============================
create table if not exists evm_token_transfer_grant (
id integer not null primary key,
basic_grant_id integer not null unique references evm_basic_grant(id) on delete cascade,
token_contract blob not null -- 20-byte ERC20 contract address
token_contract blob not null, -- 20-byte ERC20 contract address
receiver blob -- 20-byte recipient address or null if every recipient allowed
) STRICT;
-- Specific recipient addresses for a token transfer grant (only used when target_all = 0)
create table if not exists evm_token_transfer_grant_target (
id integer not null primary key,
grant_id integer not null references evm_token_transfer_grant(id) on delete cascade,
address blob not null -- 20-byte recipient address
) STRICT;
create unique index if not exists uniq_token_transfer_target on evm_token_transfer_grant_target(grant_id, address);
-- Per-window volume limits for token transfer grants
create table if not exists evm_token_transfer_volume_limit (
id integer not null primary key,
@@ -110,76 +121,11 @@ create table if not exists evm_token_transfer_volume_limit (
max_volume blob not null -- big-endian 32-byte U256
) STRICT;
-- ERC20 token approval grant
create table if not exists evm_token_approval_grant (
id integer not null primary key,
basic_grant_id integer not null unique references evm_basic_grant(id) on delete cascade,
token_contract blob not null, -- 20-byte ERC20 contract address
max_total_approval blob not null -- big-endian 32-byte U256; max cumulative approval value
) STRICT;
-- Specific spender addresses for a token approval grant (only used when target_all = 0)
create table if not exists evm_token_approval_grant_target (
id integer not null primary key,
grant_id integer not null references evm_token_approval_grant(id) on delete cascade,
address blob not null -- 20-byte spender address
) STRICT;
create unique index if not exists uniq_token_approval_target on evm_token_approval_grant_target(grant_id, address);
-- Plain ether transfer grant
create table if not exists evm_ether_transfer_grant (
id integer not null primary key,
basic_grant_id integer not null unique references evm_basic_grant(id) on delete cascade
) STRICT;
-- Specific recipient addresses for an ether transfer grant (only used when target_all = 0)
create table if not exists evm_ether_transfer_grant_target (
id integer not null primary key,
grant_id integer not null references evm_ether_transfer_grant(id) on delete cascade,
address blob not null -- 20-byte recipient address
) STRICT;
create unique index if not exists uniq_ether_transfer_target on evm_ether_transfer_grant_target(grant_id, address);
-- Per-window volume limits for ether transfer grants
create table if not exists evm_ether_transfer_volume_limit (
id integer not null primary key,
grant_id integer not null references evm_ether_transfer_grant(id) on delete cascade,
window_secs integer not null,
max_volume blob not null -- big-endian 32-byte U256
) STRICT;
-- Unknown / opaque contract call grant
create table if not exists evm_unknown_call_grant (
id integer not null primary key,
basic_grant_id integer not null unique references evm_basic_grant(id) on delete cascade,
contract blob not null, -- 20-byte target contract address
selector blob -- 4-byte function selector, null = allow any selector
) STRICT;
-- Log table for ether transfer grant usage
create table if not exists evm_ether_transfer_log (
id integer not null primary key,
grant_id integer not null references evm_ether_transfer_grant(id) on delete restrict,
client_id integer not null references program_client(id) on delete restrict,
wallet_id integer not null references evm_wallet(id) on delete restrict,
chain_id integer not null, -- EIP-155 chain ID
recipient_address blob not null, -- 20-byte recipient address
value blob not null, -- big-endian 32-byte U256
created_at integer not null default(unixepoch('now'))
) STRICT;
create index if not exists idx_ether_transfer_log_grant on evm_ether_transfer_log(grant_id);
create index if not exists idx_ether_transfer_log_client on evm_ether_transfer_log(client_id);
create index if not exists idx_ether_transfer_log_wallet on evm_ether_transfer_log(wallet_id);
-- Log table for token transfer grant usage
create table if not exists evm_token_transfer_log (
id integer not null primary key,
grant_id integer not null references evm_token_transfer_grant(id) on delete restrict,
client_id integer not null references program_client(id) on delete restrict,
wallet_id integer not null references evm_wallet(id) on delete restrict,
log_id integer not null references evm_transaction_log(id) on delete restrict,
chain_id integer not null, -- EIP-155 chain ID
token_contract blob not null, -- 20-byte ERC20 contract address
recipient_address blob not null, -- 20-byte recipient address
@@ -188,39 +134,25 @@ create table if not exists evm_token_transfer_log (
) STRICT;
create index if not exists idx_token_transfer_log_grant on evm_token_transfer_log(grant_id);
create index if not exists idx_token_transfer_log_client on evm_token_transfer_log(client_id);
create index if not exists idx_token_transfer_log_wallet on evm_token_transfer_log(wallet_id);
create index if not exists idx_token_transfer_log_log_id on evm_token_transfer_log(log_id);
create index if not exists idx_token_transfer_log_chain on evm_token_transfer_log(chain_id);
-- Log table for token approval grant usage
create table if not exists evm_token_approval_log (
-- ===============================
-- Ether transfer grant (uses base log)
-- ===============================
create table if not exists evm_ether_transfer_grant (
id integer not null primary key,
grant_id integer not null references evm_token_approval_grant(id) on delete restrict,
client_id integer not null references program_client(id) on delete restrict,
wallet_id integer not null references evm_wallet(id) on delete restrict,
chain_id integer not null, -- EIP-155 chain ID
token_contract blob not null, -- 20-byte ERC20 contract address
spender_address blob not null, -- 20-byte spender address
value blob not null, -- big-endian 32-byte U256
created_at integer not null default(unixepoch('now'))
basic_grant_id integer not null unique references evm_basic_grant(id) on delete cascade,
limit_id integer not null references evm_ether_transfer_limit(id) on delete restrict
) STRICT;
create index if not exists idx_token_approval_log_grant on evm_token_approval_log(grant_id);
create index if not exists idx_token_approval_log_client on evm_token_approval_log(client_id);
create index if not exists idx_token_approval_log_wallet on evm_token_approval_log(wallet_id);
-- Log table for unknown contract call grant usage
create table if not exists evm_unknown_call_log (
-- Specific recipient addresses for an ether transfer grant
create table if not exists evm_ether_transfer_grant_target (
id integer not null primary key,
grant_id integer not null references evm_unknown_call_grant(id) on delete restrict,
client_id integer not null references program_client(id) on delete restrict,
wallet_id integer not null references evm_wallet(id) on delete restrict,
chain_id integer not null, -- EIP-155 chain ID
contract blob not null, -- 20-byte target contract address
selector blob, -- 4-byte function selector, null if none
call_data blob, -- full call data, null if not stored
created_at integer not null default(unixepoch('now'))
grant_id integer not null references evm_ether_transfer_grant(id) on delete cascade,
address blob not null -- 20-byte recipient address
) STRICT;
create index if not exists idx_unknown_call_log_grant on evm_unknown_call_log(grant_id);
create index if not exists idx_unknown_call_log_client on evm_unknown_call_log(client_id);
create index if not exists idx_unknown_call_log_wallet on evm_unknown_call_log(wallet_id);
create unique index if not exists uniq_ether_transfer_target on evm_ether_transfer_grant_target(grant_id, address);