$signed = $fromGroup . '/' . $fromAddress . '-' . $toGroup . '/' . $toAddress . '-' . $amount . '-' . $fromBalance;
// Verify the signature:
if (!verify($signature, $signed, $publicKey)) {
// Invalid.
error('signature/invalid');
}
// Next, check if the sending root did receive a majority.
// Get its signature set:
$results = safe('challenges', VALID_ARRAY);
// Test for a majority in that sending root:
testMajority($results, $signed, null, $fromGroup);
// Ok! So far we're convinced that this is a valid transaction request and the from root obtained a successful majority.
// We're now going to receive that amount locked as we'll need a majority here too.
// Lock the given amount into the given receiving address. This happens first because it fails
// if the commodities do not match:
receiveLocked($toAddress, $amount, $commodity);
// Ok! We've locked $amount. This half-transaction is now in progress.
// Generate some random challenge data:
$challenge = randomString(45);
// Sign the challenge data along with the data that was signed earlier:
$rootSignature = sign($challenge . $signed);
// Build my signature JSON:
$myPair = '{"challenge":"' . $challenge . '","signature":"' . base64_encode($rootSignature) . '"}';
// Is this already forwarded? If so, just return my signature.
if ($forwardedFromRoot != 0) {
// Some other root forwarded the request here. Just output the signature and stop:
echo $myPair;
exit;
}
// Forward to the group:
$results = forward();
$signature = safe('signature', VALID_BASE64);
// The signed data is as follows:
$signed = $fromGroup . '/' . $fromAddress . '-' . $toGroup . '/' . $toAddress . '-' . $amount . '-' . $fromBalance;
// Verify the signature:
if (!verify($signature, $signed, hex2bin($fromAddress))) {
// Invalid.
error('signature/invalid');
}
// Ok! So far we're convinced that this is a valid transaction request.
// Now we need to try and lock the amount but *only* if the balance matches fromBalance.
// If we're successful, the request is forwarded.
$tag = $balanceRow['Commodity'];
if (!$outbound) {
// Lock the given amount into the given receiving address. This happens first because it fails
// if the commodities do not match:
receiveLocked($toAddress, $amount, $tag);
}
$success = $dz->query('update `Root.Balances` set `LockedBalance`=`LockedBalance`+' . $amount . ',`Balance`=`Balance`-' . $amount . ' where `Key`=UNHEX("' . $fromAddress . '") and `Balance`=' . $fromBalance);
if (!$success) {
// Note that this has a side effect of leaving 'amount' in the locked balance of the to address.
// We can completely ignore this as it's harmless (as implementations MUST NOT restore
// Locked amounts in the event of a fatal crash), but we'll tidy it up anyway:
$dz->query('update `Root.Balances` set LockedBalance=LockedBalance-' . $amount . ' where `Key`=UNHEX("' . $toAddress . '")');
// Invalid balance.
error('balance/invalid');
}
// Ok! We've locked $amount. This transaction is now in progress.
// Generate some random challenge data:
$challenge = randomString(45);
// Sign the challenge data along with the data that was signed earlier:
$rootSignature = sign($challenge . $signed);
// Is the entity that signed this request the issuer of this commodity?
if ($verifiedEntity != $issuerID) {
// Not signed by the current issuer.
error('entity/notissuer');
}
// Amount must be a positive non-zero number:
$amount = safe('amount', VALID_NUMBER);
$amount = (int) $amount;
if ($amount == 0) {
// They specified 0 - this isn't valid:
error('field/invalid', 'amount');
}
// Get the address to issue into:
$hexAddress = safe('address', VALID_HEX);
// Lock the given amount into the given receiving address:
receiveLocked($hexAddress, $amount, $tag, $issuerID);
// Generate some random challenge data:
$challenge = randomString(45);
// Sign the challenge data along with the hex public key and amount:
$signature = sign($challenge . $hexAddress . $amount);
// Build my signature JSON:
$myPair = '{"challenge":"' . $challenge . '","signature":"' . base64_encode($signature) . '"}';
// Is this already forwarded? If so, just return my signature.
if ($forwardedFromRoot != 0) {
// Some other root forwarded the request here. Just output the signature and stop:
echo $myPair;
exit;
}
// Forward to the group:
$results = forward();
// Next, verify all the signatures. If we have a valid majority, forward it to the group.