API does not accept seed or public key for account

[drlongle]

High Level Overview of Change

This PR resolves #3329, #3330 and #4337. Currently, seeds and public keys can be used in place of accounts at several locations in the API. This increases the API's complexity because the API needs to guess whether the input is a seed, a public key or an address. This PR prevents the API from accepting a seed or a public key as account ID. Since the API does not interpret account as seed, the option strict in several API methods is no longer needed and is removed.

Context of Change

Documentation needs to be updated.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Refactor (non-breaking change that only restructures code)
• Tests (You added tests for code that already exists, or your new feature included in this PR)
• Documentation Updates
• Release

[seelabs]

This looks good, thanks. I'm not sure I would have removed the public_key methods. That isn't a security concern, but I also understand the motivation - I don't object too strongly. I left a few suggestions. Nice job on this.

[seelabs]

👍 nice job on this.

[gregtatcam]

accountID is not really an optional. It's always seated if valid. Consider something like this:

   auto const id = parseBase58<AccountID>(params[jss::account].asString());
   if (!id)
   {
       rpcError(rpcACT_MALFORMED);
   }
  AccountID const accountID{std::move(id.value())};

It also results in fewer code changes. Other handlers have a similar code.

[drlongle]

Thanks. Fixed.

[gregtatcam]

Can simplify:

visitData.raDstAccount <= (*sleCur)[sfDestination])

[drlongle]

Currently we check if DstAccount is provided or DstAccount == (*sleCur)[sfDestination].

Your suggestion seems to change the intention of this check. Would it work as expected?

[gregtatcam]

You are right. I'm taking back this suggestion.

[gregtatcam]

Can simplify: visitData.raPeerAccount <= line->getAccountIDPeer()

[drlongle]

Currently, we check if peerAccount is not provided or peerAccount == line->getAccountIDPeer().

Your suggestion seems to change the intention of this check. Would it work as expected?

[gregtatcam]

You are right. I'm taking back this suggestion.

[gregtatcam]

Don't need to check id.

[drlongle]

This check currently exists. If we don't check, would we accept malformed accountID?

[gregtatcam]

The original code is:

auto const id = parseBase58<AccountID>(j.asString());

                if (id)
                {
                    hotWallets.insert(*id);
                    return true;
                }

In this case it does need to be checked. In case of if with initializer it's checked if there is no other condition.

[intelliot]

@drlongle it isn't necessary to rebase and force-push (though you can if you prefer - it's just a little trickier for reviewers to follow the changes). Using merge commits is fine if we're going to squash this PR when merging it.

[intelliot]

(Status: I believe drlongle still needs to respond to gregtatcam's suggestions)

[gregtatcam]

AccountID is not really optional. Please consider the updated suggested in AccountChannels.cpp comment. I will not repeat this comment for other files. All changed files under rpc/handlers have a similar code block: AccountInfo.cpp, AccountLines.cpp, AccountObjects.cpp, AccountOffers.cpp, DepositAuthorized.cpp, GatewayBalances.cpp, NoRipplecheck.cpp, OwnerInfo.cpp.

[drlongle]

I have applied your suggested changes across the board. Let me know if you find any further issues.

[gregtatcam]

👍 LGTM