Check hot and cold for tx verifier

runtime/chainx/src/lib.rs

@@ -112,7 +112,7 @@ pub const VERSION: RuntimeVersion = RuntimeVersion {
     spec_name: create_runtime_str!("chainx"),
     impl_name: create_runtime_str!("chainx-net"),
     authoring_version: 1,
-    spec_version: 15,
+    spec_version: 16,
     impl_version: 1,
     apis: RUNTIME_API_VERSIONS,
     transaction_version: 4,

runtime/dev/src/lib.rs

@@ -112,7 +112,7 @@ pub const VERSION: RuntimeVersion = RuntimeVersion {
     spec_name: create_runtime_str!("chainx"),
     impl_name: create_runtime_str!("chainx-dev"),
     authoring_version: 1,
-    spec_version: 15,
+    spec_version: 16,
     impl_version: 1,
     apis: RUNTIME_API_VERSIONS,
     transaction_version: 4,

runtime/malan/src/lib.rs

@@ -112,7 +112,7 @@ pub const VERSION: RuntimeVersion = RuntimeVersion {
     spec_name: create_runtime_str!("chainx"),
     impl_name: create_runtime_str!("chainx-malan"),
     authoring_version: 1,
-    spec_version: 15,
+    spec_version: 16,
     impl_version: 1,
     apis: RUNTIME_API_VERSIONS,
     transaction_version: 4,

xpallets/gateway/Trustee.md

@@ -30,6 +30,13 @@ To become a trust, you must first be elected as a council member or runners up.
 
 The hot public key is obtained through **Coming** and used in **Coming**, and the cold addresses are also obtained through Coming but with a different mnemonic.
 
+# Responsibility
+
+Process user withdrawals. Required for each withdrawal:
+
+- Check the correctness of the output address and amount
+- Make sure there is no op_return in the output
+
 # Reward distribution
 
 After the renewal of the trust each month, the previous trust can apply to the Treasury for pcx to the trust multi-signature account. After the pcx is received, any member of the previous trust can distribute rewards through the interface shown in the figure below. 

xpallets/gateway/TrusteeAdmin.md

@@ -26,10 +26,10 @@ Call to move out of the little black house
 
 ##### 4. Trustee administrator is required to initiate a trustee election at the end of each term. And ensuring the perfect execution of trust transition. The following trust transition process needs to be carried out in an orderly and correct manner
 
+- Council members set up trust addresses, refer to [Trustee.md](./Trustee.md)
 - Call to start trustee election![](https://cdn.jsdelivr.net/gh/hacpy/PictureBed@master/Document/16460155281231646015527278.png)
-
-- **Make sure that all the btc of the previous trust hot address is transferred to the previous cold address**
-- Finally, **ensure that all the btc of the previous cold address is transferred to the current cold address**
+- **Use Coming to initiate transactions and ensure that all btc that previously trusted the hot address are transferred to the previous cold address. There are two guarantees here, one is that the Coming Robot verifies the validity of the transaction. The other is to manually check the transaction, that is, transfer all the input amount to the last cold address**.
+- Finally,  **Use Coming to initiate transactions and ensure that all the btc of the previous cold address is transferred to the current cold address. There are two guarantees here, one is that the Coming Robot verifies the validity of the transaction. The other is to manually check the transaction, that is, transfer all the input amount to the current cold address**
 
 ##### 5. Perform general trustee operations and sign for withdrawal transactions
 

xpallets/gateway/bitcoin/src/lib.rs

@@ -806,26 +806,51 @@ pub mod pallet {
             full_amount: bool,
         ) -> Result<bool, DispatchError> {
             let tx = Self::deserialize_tx(raw_tx.as_slice())?;
+
+            let current_trustee_pair = get_current_trustee_address_pair::<T>()?;
+            let all_outputs_is_trustee = tx
+                .outputs
+                .iter()
+                .map(|output| {
+                    xp_gateway_bitcoin::extract_output_addr(output, NetworkId::<T>::get())
+                        .unwrap_or_default()
+                })
+                .all(|addr| xp_gateway_bitcoin::is_trustee_addr(addr, current_trustee_pair));
+
             // check trustee transition status
             if T::TrusteeSessionProvider::trustee_transition_state() {
                 // check trustee transition tx
                 // tx output address = new hot address
-                let last_trustee_pair = get_last_trustee_address_pair::<T>()?;
-                let all_outputs_is_cold_address = tx
+                let prev_trustee_pair = get_last_trustee_address_pair::<T>()?;
+                let all_outputs_is_current_cold_address = tx
                     .outputs
                     .iter()
                     .map(|output| {
                         xp_gateway_bitcoin::extract_output_addr(output, NetworkId::<T>::get())
                             .unwrap_or_default()
                     })
-                    .all(|addr| addr.hash == last_trustee_pair.1.hash);
-                if !all_outputs_is_cold_address {
-                    Err(Error::<T>::NoWithdrawInTrans.into())
-                } else if !full_amount {
-                    Err(Error::<T>::InvalidAmoutInTrans.into())
-                } else {
-                    Ok(true)
-                }
+                    .all(|addr| addr.hash == current_trustee_pair.1.hash);
+
+                let all_outputs_is_prev_cold_address = tx
+                    .outputs
+                    .iter()
+                    .map(|output| {
+                        xp_gateway_bitcoin::extract_output_addr(output, NetworkId::<T>::get())
+                            .unwrap_or_default()
+                    })
+                    .all(|addr| addr.hash == prev_trustee_pair.1.hash);
+
+                // Ensure that all outputs are cold addresses
+                ensure!(
+                    all_outputs_is_current_cold_address || all_outputs_is_prev_cold_address,
+                    Error::<T>::NoWithdrawInTrans
+                );
+                // Ensure that all amounts are sent
+                ensure!(full_amount, Error::<T>::InvalidAmoutInTrans);
+
+                Ok(true)
+            } else if all_outputs_is_trustee {
+                Ok(true)
             } else {
                 // check normal withdrawal tx
                 trustee::check_withdraw_tx::<T>(&tx, &withdrawal_id_list)?;