From 697b6b7b9232e43c9b7e68971c5375be9c1d497a Mon Sep 17 00:00:00 2001
From: Denis Angell <dangell@transia.co>
Date: Wed, 11 Dec 2024 14:28:28 +0100
Subject: [PATCH] add feature

---
 src/ripple/app/tx/impl/SetAccount.cpp | 17 +++++++++++++++++
 src/ripple/app/tx/impl/Transactor.cpp | 14 +++++++++++++-
 src/ripple/protocol/Feature.h         |  3 ++-
 src/ripple/protocol/LedgerFormats.h   |  1 +
 src/ripple/protocol/TxFlags.h         |  1 +
 src/ripple/protocol/impl/Feature.cpp  |  1 +
 6 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/src/ripple/app/tx/impl/SetAccount.cpp b/src/ripple/app/tx/impl/SetAccount.cpp
index 085e364222..ed21ebd620 100644
--- a/src/ripple/app/tx/impl/SetAccount.cpp
+++ b/src/ripple/app/tx/impl/SetAccount.cpp
@@ -587,6 +587,23 @@ SetAccount::doApply()
         }
     }
 
+    //
+    // QuantumSignature
+    //
+    if (ctx_.view().rules().enabled(featureQuantumSigning))
+    {
+        if (uSetFlag == asfForceQuantum)
+        {
+            JLOG(j_.trace()) << "Set lsfForceQuantum.";
+            uFlagsOut |= lsfForceQuantum;
+        }
+        else if (uClearFlag == asfForceQuantum)
+        {
+            JLOG(j_.trace()) << "Clear lsfForceQuantum.";
+            uFlagsOut &= ~lsfForceQuantum;
+        }
+    }
+
     if (uFlagsIn != uFlagsOut)
         sle->setFieldU32(sfFlags, uFlagsOut);
 
diff --git a/src/ripple/app/tx/impl/Transactor.cpp b/src/ripple/app/tx/impl/Transactor.cpp
index 7c2734f208..d57bbba2b5 100644
--- a/src/ripple/app/tx/impl/Transactor.cpp
+++ b/src/ripple/app/tx/impl/Transactor.cpp
@@ -40,6 +40,13 @@
 #include <ripple/protocol/UintTypes.h>
 #include <limits>
 #include <set>
+extern "C" {
+#include "api.h"
+}
+
+#ifndef DILITHIUM_PK_SIZE
+#define DILITHIUM_PK_SIZE pqcrystals_dilithium2_PUBLICKEYBYTES 
+#endif
 
 namespace ripple {
 
@@ -857,13 +864,18 @@ Transactor::checkSingleSign(PreclaimContext const& ctx)
     }
 
     // Look up the account.
-    auto const idSigner = calcAccountID(PublicKey(makeSlice(pkSigner)));
+    PublicKey pubKey = PublicKey(makeSlice(pkSigner));
+    auto const idSigner = calcAccountID(pubKey);
     auto const idAccount = ctx.tx.getAccountID(sfAccount);
     auto const sleAccount = ctx.view.read(keylet::account(idAccount));
 
     if (!sleAccount)
         return terNO_ACCOUNT;
 
+    if (ctx.view.rules().enabled(featureQuantumSigning) &&
+        sleAccount->isFlag(lsfForceQuantum) && pubKey.size() != DILITHIUM_PK_SIZE)
+        return telBAD_PUBLIC_KEY;
+
     bool const isMasterDisabled = sleAccount->isFlag(lsfDisableMaster);
 
     if (ctx.view.rules().enabled(fixMasterKeyAsRegularKey))
diff --git a/src/ripple/protocol/Feature.h b/src/ripple/protocol/Feature.h
index 43d510c636..a4752cd2cd 100644
--- a/src/ripple/protocol/Feature.h
+++ b/src/ripple/protocol/Feature.h
@@ -74,7 +74,7 @@ namespace detail {
 // Feature.cpp. Because it's only used to reserve storage, and determine how
 // large to make the FeatureBitset, it MAY be larger. It MUST NOT be less than
 // the actual number of amendments. A LogicError on startup will verify this.
-static constexpr std::size_t numFeatures = 74;
+static constexpr std::size_t numFeatures = 75;
 
 /** Amendments that this server supports and the default voting behavior.
    Whether they are enabled depends on the Rules defined in the validated
@@ -362,6 +362,7 @@ extern uint256 const fix240819;
 extern uint256 const fixPageCap;
 extern uint256 const fix240911;
 extern uint256 const fixFloatDivide;
+extern uint256 const featureQuantumSigning;
 
 }  // namespace ripple
 
diff --git a/src/ripple/protocol/LedgerFormats.h b/src/ripple/protocol/LedgerFormats.h
index 6134a8f339..b0c0c0eeae 100644
--- a/src/ripple/protocol/LedgerFormats.h
+++ b/src/ripple/protocol/LedgerFormats.h
@@ -275,6 +275,7 @@ enum LedgerSpecificFlags {
         0x00800000,                 // True, trust lines allow rippling by default
     lsfDepositAuth = 0x01000000,    // True, all deposits require authorization
     lsfTshCollect = 0x02000000,     // True, allow TSH collect-calls to acc hooks
+    lsfForceQuantum = 0x04000000, // True, force quantum-resistant signature
     lsfDisallowIncomingNFTokenOffer =
         0x04000000,               // True, reject new incoming NFT offers
     lsfDisallowIncomingCheck =
diff --git a/src/ripple/protocol/TxFlags.h b/src/ripple/protocol/TxFlags.h
index b125582005..68aef97f72 100644
--- a/src/ripple/protocol/TxFlags.h
+++ b/src/ripple/protocol/TxFlags.h
@@ -92,6 +92,7 @@ enum AccountFlags : uint32_t {
     asfDisallowIncomingPayChan = 14,
     asfDisallowIncomingTrustline = 15,
     asfDisallowIncomingRemit = 16,
+    asfForceQuantum = 17,
 };
 
 // OfferCreate flags:
diff --git a/src/ripple/protocol/impl/Feature.cpp b/src/ripple/protocol/impl/Feature.cpp
index 23cbe236df..f5ef6cdaf1 100644
--- a/src/ripple/protocol/impl/Feature.cpp
+++ b/src/ripple/protocol/impl/Feature.cpp
@@ -468,6 +468,7 @@ REGISTER_FIX    (fix240819,                     Supported::yes, VoteBehavior::De
 REGISTER_FIX    (fixPageCap,                    Supported::yes, VoteBehavior::DefaultYes);
 REGISTER_FIX    (fix240911,                     Supported::yes, VoteBehavior::DefaultYes);
 REGISTER_FIX    (fixFloatDivide,                Supported::yes, VoteBehavior::DefaultYes);
+REGISTER_FEATURE(QuantumSigning,                Supported::yes, VoteBehavior::DefaultYes);
 
 // The following amendments are obsolete, but must remain supported
 // because they could potentially get enabled.