Hash the solution, add basic unit tests
In the previous section, we stored the crossword solution as plain text as a String type on the smart contract. If we're trying to hide the solution from the users, this isn't a great approach as it'll be public to anyone looking at the state. Let's instead hash our crossword solution and store that instead. There are different ways to hash data, but let's use sha256 which is one of the hashing algorithms available in the Rust SDK.
Remind me about hashing
Without getting into much detail, hashing is a "one-way" function that will output a result from a given input. If you have input (in our case, the crossword puzzle solution) you can get a hash, but if you have a hash you cannot get the input. This basic idea is foundational to information theory and security.
Later on in this tutorial, we'll switch from using sha256 to using cryptographic key pairs to illustrate additional NEAR concepts.
Learn more about hashing from Evgeny Kapun's presentation on the subject. You may find other NEAR-related videos from the channel linked in the screenshot below.
Helper unit test during rapid iteration#
As mentioned in the first section of this Basics chapter, our smart contract is technically a library as defined in the manifest file. For our purposes, a consequence of writing a library in Rust is not having a "main" function that runs. You may find many online tutorials where the command cargo run is used during development. We don't have this luxury, but we can use unit tests to interact with our smart contract. This is likely more convenient than building the contract, deploying to a blockchain network, and calling a method.
We'll add a dependency to the hex crate to make things easier. As you may remember, dependencies live in the manifest file.
Let's write a unit test that acts as a helper during development. This unit test will sha256 hash the input "near nomicon ref finance" and print it in a human-readable, hex format. (We'll typically put unit tests at the bottom of the lib.rs file.)
What is that {:?} thing?
Take a look at different formatting traits that are covered in the std Rust docs regarding this. This is a Debug formatting trait and can prove to be useful during development.
Run the unit tests with the command:
You'll see this output:
This means when you sha256 the input "near nomicon ref finance" it produces the hash:
69c2feb084439956193f4c21936025f14a5a5a78979d67ae34762e18a7206a0f
Note on the test flags
You may also run tests using:
Note that the test command we ran had additional flags. Those flags told Rust not to hide the output from the tests. You can read more about this in the cargo docs. Go ahead and try running the tests using the command above, without the additional flags, and note that we won't see the debug message.
The unit test above is meant for debugging and quickly running snippets of code. Some may find this a useful technique when getting familiar with Rust and writing smart contracts. Next we'll write a real unit test that applies to this early version of our crossword puzzle contract.
Write a regular unit test#
Let's add this unit test (inside the mod tests {} block, under our previous unit test) and analyze it:
The first few lines of code will be used commonly when writing unit tests. It uses the VMContextBuilder to create some basic context for a transaction, then sets up the testing environment.
Next, an object is created representing the contract and the set_solution function is called. After that, the guess_solution function is called twice: first with the incorrect solution and then the correct one. We can check the logs to determine that the function is acting as expected.
Note on assertions
This unit test uses the assert_eq! macro. Similar macros like assert! and assert_ne! are commonly used in Rust. These are great to use in unit tests. However, these will add unnecessary overhead when added to contract logic, and it's recommended to use the require! macro. See more information on this and other efficiency tips here.
Again, we can run all the unit tests with:
Run only one test
To only run this latest test, use the command:
Modifying set_solution#
The overview section of this chapter tells us we want to have a single crossword puzzle and the user solving the puzzle should not be able to know the solution. Using a hash addresses this, and we can keep crossword_solution's field type, as String will work just fine. The overview also indicates we only want the author of the crossword puzzle to be able to set the solution. As it stands, our function set_solution can be called by anyone with a full-access key. It's trivial for someone to create a NEAR account and call this function, changing the solution. Let's fix that.
Let's have the solution be set once, right after deploying the smart contract.
Here we'll use the #[init] macro on a function called new, which is a common pattern.
Let's call this method on a fresh contract.
Now the crossword solution, as a hash, is stored instead. If you try calling the last command again, you'll get the error message, thanks to the #[init] macro:
The contract has already been initialized
First use of Batch Actions#
This is close to what we want, but what if a person deploys their smart contract and someone else quickly calls the new function before them? We want to make sure the same person who deployed the contract sets the solution, and we can do this using Batch Actions. Besides, why send two transactions when we can do it in one? (Technical details covered in the spec for a batch transaction here.)
Batch Actions in use
Batch Actions are common in this instance, where we want to deploy and call an initialization function. They're also common when using a factory pattern, where a subaccount is created, a smart contract is deployed to it, a key is added, and a function is called.
Here's a truncated snippet from a useful (though somewhat advanced) repository with a wealth of useful code:
We'll get into Actions later in this tutorial, but in the meantime here's a handy reference from the spec.
As you can from the info bubble above, we can batch Deploy and FunctionCall Actions. This is exactly what we want to do for our crossword puzzle, and luckily, NEAR CLI has a flag especially for this.
Let's run this again with the handy --initFunction and --initArgs flags:
Now that we're using Batch Actions, no one can call this new method before us.
Batch action failures
If one Action in a set of Batch Actions fails, the entire transaction is reverted. This is good to note because sharded, proof-of-stake systems do not work like proof-of-work where a complex transaction with multiple cross-contract calls reverts if one call fails. With NEAR, cross-contract calls use callbacks to ensure expected behavior, but we'll get to that later.
Get ready for our frontend#
In the previous section we showed that we could use a curl command to view the state of the contract without explicitly having a function that returns a value from state. Now that we've demonstrated that and hashed the solution, let's add a short view-only function get_solution.
In the next section we'll add a simple frontend for our single, hardcoded crossword puzzle. We'll want to easily call a function to get the final solution hash. We can use this opportunity to remove the function get_puzzle_number and the constant it returns, as these were use for informative purposes.
We'll also modify our guess_solution to return a boolean value, which will also make things easier for our frontend.
The get_solution method can be called with:
In the next section we'll add a simple frontend. Following chapters will illustrate more NEAR concepts built on top of this idea.