最近项目上线，数据一致性等问题已处理完，准备做使用资源上的一些优化，
考虑到普通账户CPU和net的资源有限，需要考虑下由合约方出这部分资源，减少用户反复抵押相应资源，以及了解资源相关的学习成本。
按照思路，应该是执行合约相关的动作，用户和合约账户一同多签，并指定资源消耗方为合约账户。

记得之前已经看过相关的EOSIO技术规划，有提到相关，那根下代码把
https://github.com/EOSIO/eos/blob/1418543149b7caf8fc69a23621e3db7f3c6d18ad/libraries/chain/transaction_context.cpp#L230

// Record accounts to be billed for network and CPU usage
      if( control.is_builtin_activated(builtin_protocol_feature_t::only_bill_first_authorizer) ) {
         bill_to_accounts.insert( trx.first_authorizer() );
      } else {
         for( const auto& act : trx.actions ) {
            for( const auto& auth : act.authorization ) {
               bill_to_accounts.insert( auth.actor );
            }
         }
      }

此时“侧链”代码为 V1.6.6, 预计等1.8.x稳定后，会升级到新共识协议，所以为了最小的差异，先做最小的修改支持吧。

为了简单的先实现，所以改下代码（本想放到config.ini,但是代码嵌套层较深，并且这种协议上的不会在做更新，直接放到代码里吧）
libraries\chain\include\eosio\chain\config.hpp
中增加一字段

const static bool       support_only_bill_first_authorizer           = true; // support only bill first authorizer

修改源代码为

// Record accounts to be billed for network and CPU usage
      if( config::support_only_bill_first_authorizer ) {
         bill_to_accounts.insert( trx.first_authorizer() );
      } else {
         for( const auto& act : trx.actions ) {
            for( const auto& auth : act.authorization ) {
               bill_to_accounts.insert( auth.actor );
            }
         }
      }

方案的实现建立在，客户端签名后，将数据发给后端，重新签名，并将项目方的验证授权放到第一个，这样执行的资源消耗就都算在项目方的账号上了。

更新各个节点，先支持，等待1.8.x稳定，在做共识性质的更新。

参考

https://github.com/EOSIO/spec-repo/blob/master/esr_contract_trx_auth.md
https://github.com/EOSIO/eos/issues/6332
https://github.com/EOSIO/eos/pull/7089
https://bihu.com/article/1522267629

一个老问题，编译时出现以下错误

[ 91%] �[32mBuilding CXX object libraries/chain/CMakeFiles/eosio_chain.dir/chain_id_type.cpp.o�[0m

/usr/lib/x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `fork_once_func':

(.text+0x16): undefined reference to `pthread_atfork'

clang: [0;1;31merror: [0mlinker command failed with exit code 1 (use -v to see invocation) [0m

libraries/fc/test/crypto/CMakeFiles/test_cypher_suites.dir/build.make:113: recipe for target 'libraries/fc/test/crypto/test_cypher_suites' failed

make[2]: *** [libraries/fc/test/crypto/test_cypher_suites] Error 1

CMakeFiles/Makefile2:783: recipe for target 'libraries/fc/test/crypto/CMakeFiles/test_cypher_suites.dir/all' failed

make[1]: *** [libraries/fc/test/crypto/CMakeFiles/test_cypher_suites.dir/all] Error 2

解决方案

~/eos1.6/eos/libraries/fc$ git diff
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8056cf0..efb09db 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -157,7 +157,7 @@ IF(APPLE)
   find_library(security_framework Security)
   find_library(corefoundation_framework CoreFoundation)
 ENDIF()
-target_link_libraries( fc PUBLIC ${LINK_USR_LOCAL_LIB} ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${ZLIB_LIBRARIES} ${PLATFORM_SPECIFIC_LIBS} ${RPCRT4} ${CMAKE_DL_LIBS} ${rt_library} ${readline_libraries} ${ECC_LIB} ${security_framework} ${corefoundation_framework} )
+target_link_libraries( fc PUBLIC ${LINK_USR_LOCAL_LIB} ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${ZLIB_LIBRARIES} ${PLATFORM_SPECIFIC_LIBS} ${RPCRT4} ${CMAKE_DL_LIBS} ${rt_library} ${readline_libraries} ${ECC_LIB} ${security_framework} ${corefoundation_framework} pthread )


 SET(OPENSSL_CONF_TARGET )

参考

https://github.com/EOSIO/eos/issues/7490

持续收集

由于EOS防护机制，相同的data使用相同的私钥签出的签名是一样的，避免重复交易攻击，
但由于某些需求场景，即使data一致，也想相同签名每次签的不一致，那我们跟一下代码把
根据关键词Duplicate transaction error
https://github.com/EOSIO/eos/blob/eb88d033c0abbc481b8a481485ef4218cdaa033a/libraries/chain/controller.cpp#L2990:18

bool controller::is_known_unexpired_transaction( const transaction_id_type& id) const {
   return db().find<transaction_object, by_trx_id>(id);
}

查看计算trx_id的方法
https://github.com/EOSIO/eos/blob/1418543149b7caf8fc69a23621e3db7f3c6d18ad/programs/cleos/main.cpp#L1306

get_transaction_id->set_callback([&] {
         try {
            fc::variant trx_var = json_from_file_or_string(trx_to_check);
            if( trx_var.is_object() ) {
               fc::variant_object& vo = trx_var.get_object();
               // if actions.data & actions.hex_data provided, use the hex_data since only currently support unexploded data
               if( vo.contains("actions") ) {
                  if( vo["actions"].is_array() ) {
                     fc::mutable_variant_object mvo = vo;
                     fc::variants& action_variants = mvo["actions"].get_array();
                     for( auto& action_v : action_variants ) {
                        if( !action_v.is_object() ) {
                           std::cerr << "Empty 'action' in transaction" << endl;
                           return;
                        }
                        fc::variant_object& action_vo = action_v.get_object();
                        if( action_vo.contains( "data" ) && action_vo.contains( "hex_data" ) ) {
                           fc::mutable_variant_object maction_vo = action_vo;
                           maction_vo["data"] = maction_vo["hex_data"];
                           action_vo = maction_vo;
                           vo = mvo;
                        } else if( action_vo.contains( "data" ) ) {
                           if( !action_vo["data"].is_string() ) {
                              std::cerr << "get transaction_id only supports un-exploded 'data' (hex form)" << std::endl;
                              return;
                           }
                        }
                     }
                  } else {
                     std::cerr << "transaction json 'actions' is not an array" << std::endl;
                     return;
                  }
               } else {
                  std::cerr << "transaction json does not include 'actions'" << std::endl;
                  return;
               }
               auto trx = trx_var.as<transaction>();
               transaction_id_type id = trx.id();
               if( id == transaction().id() ) {
                  std::cerr << "file/string does not represent a transaction" << std::endl;
               } else {
                  std::cout << string( id ) << std::endl;
               }
            } else {
               std::cerr << "file/string does not represent a transaction" << std::endl;
            }

所以相同的data会的到相同的trx_id,以及报Duplicate transaction error

那如何解决呢，查看eos有没有相应的解决方案
查看 cleos工具

  -f,--force-unique           force the transaction to be unique. this will consume extra bandwidth and remove any protections against accidently issuing the same transaction multiple times

支持相应参数，那我们看下实现的细节
https://github.com/EOSIO/eos/blob/1418543149b7caf8fc69a23621e3db7f3c6d18ad/programs/cleos/main.cpp#L325

if (tx_force_unique) {
    trx.context_free_actions.emplace_back( generate_nonce_action() );
}

https://github.com/EOSIO/eos/blob/1418543149b7caf8fc69a23621e3db7f3c6d18ad/programs/cleos/main.cpp#L278:15

chain::action generate_nonce_action() {
   return chain::action( {}, config::null_account_name, "nonce", fc::raw::pack(fc::time_point::now().time_since_epoch().count()));
}

查看eosio.null账户执行 https://bloks.io/account/eosio.null

解决方案

每次发送相同的data时，交易体添加一个针对 eosio.null的nonce的context_free_actions

使用例子

describe('custom transactions', function () {
    const authorization = [{
      actor: 'inita',
      permission: 'active'
    }]

    const eos = Eos({
      keyProvider: wif
    })

    it('context_free_actions', async function() {
      await eos.transaction({
        context_free_actions: [{
            account: "eosio.null",
            name: 'nonce',
            data:  "652511569",
            authorization: []
        }],
        actions: [{
        account: "bcskillsurou",
        name: 'hi',
        authorization: [{
            actor: "bcskillsurou",
            permission: 'active'
        }],
        data: {
            "user": "bcskillsurou"
        }]
      })
    })

    it('nonce', async function() {
      const trx = await eos.transaction({
        actions: [ Object.assign({}, nonce, {authorization}) ],
      })
    })
  })

备注

eosio.null账户为系统默认创建账户
https://github.com/EOSIO/eos/blob/eb88d033c0abbc481b8a481485ef4218cdaa033a/libraries/chain/controller.cpp#L928

create_native_account( config::null_account_name, empty_authority, empty_authority );

对于ecdsa.sign同样数据签名，然后签名一样是因为nonce为固定值。
https://github.com/EOSIO/eosjs-ecc/blob/7ec577cad54e17da6168fdfb11ec2b09d6f0e7f0/src/signature.js#L207

    nonce = 0;
    e = BigInteger.fromBuffer(dataSha256);
    while (true) {
      ecsignature = ecdsa.sign(curve, dataSha256, privateKey.d, nonce++);

context_free_actions

通过对eosio.null账户的nouce动作，可以将无签名的数据打包进入context_free_action字段，结果区块信息如下：

$ cleos --wallet-url http://127.0.0.1:6666 --url http://127.0.0.1:8000 get block 440
{
  "timestamp": "2018-08-14T08:47:09.000",
  "producer": "eosio",
  "confirmed": 0,
  "previous": "000001b760e4a6610d122c5aa5d855aa49e29f3052ac3e40b9e1ef78e0f1fd02",
  "transaction_mroot": "32cb43abd7863f162f4d8f3ab9026623ea99d3f8261d2c8b4d8bf920ab97e3d1",
  "action_mroot": "09afeaf40d6988a14e9e92817d2ccf4023b280075c99f13782a6535ccc58cbb0",
  "schedule_version": 0,
  "new_producers": null,
  "header_extensions": [],
  "producer_signature": "SIG_K1_K2eFDzbxCg3hmQzpzPuLYmiesrciPmTHdeNsQDyFgcHUMFeMC3PntXTqiup5VuNmyb7qmH18FBdMuNKsc7jgCm1TSPFbaj",
  "transactions": [{
      "status": "executed",
      "cpu_usage_us": 290,
      "net_usage_words": 16,
      "trx": {
        "id": "d74843749d1e255f13572b7a3b95af9ddd6df23d1d0ad19d88e1496091d4be2b",
        "signatures": [
          "SIG_K1_KVzwg3QRH6ZmempNsvAxpPQa42hF4tDpV5cqwqo7EY4oSU7NMrEFwG7gdSDCnUHHhmH1EwtVAmV1z9bqtTvvQNSXiSgaWG"
        ],
        "compression": "none",
        "packed_context_free_data": "",
        "context_free_data": [],
        "packed_trx": "8497725bb601973ea96f0000000100408c7a02ea3055000000000085269d000706686168616861010082c95865ea3055000000000000806b010082c95865ea305500000000a8ed3232080000000000d08cf200",
        "transaction": {
          "expiration": "2018-08-14T08:49:08",
          "ref_block_num": 438,
          "ref_block_prefix": 1873362583,
          "max_net_usage_words": 0,
          "max_cpu_usage_ms": 0,
          "delay_sec": 0,
          "context_free_actions": [{
              "account": "eosio.null",
              "name": "nonce",
              "authorization": [],
              "data": "06686168616861"
            }
          ],
          "actions": [{
              "account": "eosiotesta1",
              "name": "hi",
              "authorization": [{
                  "actor": "eosiotesta1",
                  "permission": "active"
                }
              ],
              "data": {
                "user": "yeah"
              },
              "hex_data": "0000000000d08cf2"
            }
          ],
          "transaction_extensions": []
        }
      }
    }
  ],
  "block_extensions": [],
  "id": "000001b8d299602b289a9194bd698476c5d39c5ad88235460908e9d43d04edc8",
  "block_num": 440,
  "ref_block_prefix": 2492570152
}

正常的actions的内容是hi智能合约的调用，而context_free_action中包含了无签名的data数据，是已做数字摘要后的形态。源码中的操作：

//lets also push a context free action, the multi chain test will then also include a context free action
("context_free_actions", fc::variants({
    fc::mutable_variant_object()
       ("account", name(config::null_account_name))
       ("name", "nonce")
       ("data", fc::raw::pack(v))
    })
 )

参考

https://github.com/EOSIO/eos/pull/422
https://github.com/EOSIO/eosjs-ecc/commit/01419633630da42bd76c21503cadb4298cee1ad9
https://github.com/EOSIO/eos/pull/6829
https://github.com/ganioc/eosjs3/blob/203cdae9a70198b53c86e35b18a10560a99c1c12/src/index.test.js
https://github.com/EOSIO/eosjs-ecc/issues/20

执行

cleos push action eosio init '[0,"4,SYS"]' -p eosio@active

报错

Error 3050003: eosio_assert_message assertion failure
Error Details:
assertion failure with message: owner account does not exist
pending console output:

原因

https://github.com/EOSIO/eosio.contracts/blob/52fbd4ac7e6c38c558302c48d00469a4bed35f7c/contracts/eosio.system/src/eosio.system.cpp#L365

token::open_action open_act{ token_account, { {get_self(), active_permission} } };
      open_act.send( rex_account, core, get_self() );

https://github.com/EOSIO/eosio.contracts/blob/52fbd4ac7e6c38c558302c48d00469a4bed35f7c/contracts/eosio.token/src/eosio.token.cpp#L133
没有创建 rex_account eosio.rex账户

解决方案

创建 eosio.rex 账户，在执行