From 3763dc9693aad85b91e77c6f80bf2efcfc8ac51c Mon Sep 17 00:00:00 2001
From: "hinto.janai" <hinto.janai@protonmail.com>
Date: Tue, 17 Dec 2024 18:23:09 -0500
Subject: [PATCH] rpc-interface: add restricted invariant comments

---
 rpc/interface/src/route/bin.rs      | 7 ++++++-
 rpc/interface/src/route/json_rpc.rs | 7 +++++++
 rpc/interface/src/route/other.rs    | 7 +++++++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/rpc/interface/src/route/bin.rs b/rpc/interface/src/route/bin.rs
index 4d7d3fd..1e3b202 100644
--- a/rpc/interface/src/route/bin.rs
+++ b/rpc/interface/src/route/bin.rs
@@ -71,7 +71,12 @@ macro_rules! generate_endpoints_inner {
     ($variant:ident, $handler:ident, $request:expr_2021) => {
         paste::paste! {
             {
-                // Check if restricted.
+                // INVARIANT:
+                // The handler functions in `cuprated` depend on this line existing,
+                // the functions themselves do not check if they are being called
+                // from an (un)restricted context.
+                //
+                // This line must be here or all methods will be allowed to be called freely.
                 if [<$variant Request>]::IS_RESTRICTED && $handler.is_restricted() {
                     // TODO: mimic `monerod` behavior.
                     return Err(StatusCode::FORBIDDEN);
diff --git a/rpc/interface/src/route/json_rpc.rs b/rpc/interface/src/route/json_rpc.rs
index bb86586..1ef5722 100644
--- a/rpc/interface/src/route/json_rpc.rs
+++ b/rpc/interface/src/route/json_rpc.rs
@@ -37,6 +37,13 @@ pub(crate) async fn json_rpc<H: RpcHandler>(
 
     // Return early if this RPC server is restricted and
     // the requested method is only for non-restricted RPC.
+    //
+    // INVARIANT:
+    // The handler functions in `cuprated` depend on this line existing,
+    // the functions themselves do not check if they are being called
+    // from an (un)restricted context.
+    //
+    // This line must be here or all methods will be allowed to be called freely.
     if request.body.is_restricted() && handler.is_restricted() {
         let error_object = ErrorObject {
             code: ErrorCode::ServerError(-1 /* TODO */),
diff --git a/rpc/interface/src/route/other.rs b/rpc/interface/src/route/other.rs
index 3455c6f..2b7c14b 100644
--- a/rpc/interface/src/route/other.rs
+++ b/rpc/interface/src/route/other.rs
@@ -75,6 +75,13 @@ macro_rules! generate_endpoints_inner {
         paste::paste! {
             {
                 // Check if restricted.
+                //
+                // INVARIANT:
+                // The handler functions in `cuprated` depend on this line existing,
+                // the functions themselves do not check if they are being called
+                // from an (un)restricted context.
+                //
+                // This line must be here or all methods will be allowed to be called freely.
                 if [<$variant Request>]::IS_RESTRICTED && $handler.is_restricted() {
                     // TODO: mimic `monerod` behavior.
                     return Err(StatusCode::FORBIDDEN);