stacks-network
diff --git a/‎clarity-types/src/errors/analysis.rs‎
Lines changed: 8 additions & 2 deletions b/‎clarity-types/src/errors/analysis.rs‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎clarity-types/src/types/signatures.rs‎
Lines changed: 3 additions & 0 deletions b/‎clarity-types/src/types/signatures.rs‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎clarity/src/vm/analysis/arithmetic_checker/mod.rs‎
Lines changed: 25 additions & 5 deletions b/‎clarity/src/vm/analysis/arithmetic_checker/mod.rs‎
Lines changed: 25 additions & 5 deletions
diff --git a/‎clarity/src/vm/analysis/read_only_checker/mod.rs‎
Lines changed: 120 additions & 17 deletions b/‎clarity/src/vm/analysis/read_only_checker/mod.rs‎
Lines changed: 120 additions & 17 deletions
diff --git a/‎clarity/src/vm/analysis/type_checker/v2_05/natives/mod.rs‎
Lines changed: 41 additions & 11 deletions b/‎clarity/src/vm/analysis/type_checker/v2_05/natives/mod.rs‎
Lines changed: 41 additions & 11 deletions
@@ -309,7 +309,10 @@ pub enum CheckErrors {
     ExecutionTimeExpired,
 
     // contract post-conditions
-    RestrictAssetsExpectedListOfAllowances,
+    ExpectedListOfAllowances(String, i32),
+    AllowanceExprNotAllowed,
+    ExpectedAllowanceExpr(String),
+    WithAllAllowanceNotAllowed,
 }
 
 #[derive(Debug, PartialEq)]
@@ -608,7 +611,10 @@ impl DiagnosableError for CheckErrors {
             CheckErrors::CostComputationFailed(s) => format!("contract cost computation failed: {s}"),
             CheckErrors::CouldNotDetermineSerializationType => "could not determine the input type for the serialization function".into(),
             CheckErrors::ExecutionTimeExpired => "execution time expired".into(),
-            CheckErrors::RestrictAssetsExpectedListOfAllowances => "restrict-assets? expects a list of asset allowances as its second argument".into(),
+            CheckErrors::ExpectedListOfAllowances(fn_name, arg_num) => format!("{fn_name} expects a list of asset allowances as argument {arg_num}"),
+            CheckErrors::AllowanceExprNotAllowed => "allowance expressions are only allowed in the context of a `restrict-assets?` or `as-contract?`".into(),
+            CheckErrors::ExpectedAllowanceExpr(got_name) => format!("expected an allowance expression, got: {got_name}"),
+            CheckErrors::WithAllAllowanceNotAllowed => "with-all-assets-unsafe is not allowed here, only in the allowance list for `as-contract?`".into(),
         }
     }
 
 
@@ -261,6 +261,9 @@ lazy_static! {
 pub const ASCII_40: TypeSignature = SequenceType(SequenceSubtype::StringType(
     StringSubtype::ASCII(BufferLength(40)),
 ));
+pub const ASCII_128: TypeSignature = SequenceType(SequenceSubtype::StringType(
+    StringSubtype::ASCII(BufferLength(128)),
+));
 pub const UTF8_40: TypeSignature = SequenceType(SequenceSubtype::StringType(StringSubtype::UTF8(
     StringUTF8Length(40),
 )));
 
@@ -173,11 +173,31 @@ impl ArithmeticOnlyChecker<'_> {
             | ContractCall | StxTransfer | StxTransferMemo | StxBurn | AtBlock | GetStxBalance
             | GetTokenSupply | BurnToken | FromConsensusBuff | ToConsensusBuff | BurnAsset
             | StxGetAccount => Err(Error::FunctionNotPermitted(function)),
-            Append | Concat | AsMaxLen | ContractOf | PrincipalOf | ListCons | Print
-            | AsContract | ElementAt | ElementAtAlias | IndexOf | IndexOfAlias | Map | Filter
-            | Fold | Slice | ReplaceAt | ContractHash | RestrictAssets => {
-                Err(Error::FunctionNotPermitted(function))
-            }
+            Append
+            | Concat
+            | AsMaxLen
+            | ContractOf
+            | PrincipalOf
+            | ListCons
+            | Print
+            | AsContract
+            | ElementAt
+            | ElementAtAlias
+            | IndexOf
+            | IndexOfAlias
+            | Map
+            | Filter
+            | Fold
+            | Slice
+            | ReplaceAt
+            | ContractHash
+            | RestrictAssets
+            | AsContractSafe
+            | AllowanceWithStx
+            | AllowanceWithFt
+            | AllowanceWithNft
+            | AllowanceWithStacking
+            | AllowanceAll => Err(Error::FunctionNotPermitted(function)),
             BuffToIntLe | BuffToUIntLe | BuffToIntBe | BuffToUIntBe => {
                 Err(Error::FunctionNotPermitted(function))
             }
 
@@ -282,20 +282,101 @@ impl<'a, 'b> ReadOnlyChecker<'a, 'b> {
         use crate::vm::functions::NativeFunctions::*;
 
         match function {
-            Add | Subtract | Divide | Multiply | CmpGeq | CmpLeq | CmpLess | CmpGreater
-            | Modulo | Power | Sqrti | Log2 | BitwiseXor | And | Or | Not | Hash160 | Sha256
-            | Keccak256 | Equals | If | Sha512 | Sha512Trunc256 | Secp256k1Recover
-            | Secp256k1Verify | ConsSome | ConsOkay | ConsError | DefaultTo | UnwrapRet
-            | UnwrapErrRet | IsOkay | IsNone | Asserts | Unwrap | UnwrapErr | Match | IsErr
-            | IsSome | TryRet | ToUInt | ToInt | BuffToIntLe | BuffToUIntLe | BuffToIntBe
-            | BuffToUIntBe | IntToAscii | IntToUtf8 | StringToInt | StringToUInt | IsStandard
-            | ToConsensusBuff | PrincipalDestruct | PrincipalConstruct | Append | Concat
-            | AsMaxLen | ContractOf | PrincipalOf | ListCons | GetBlockInfo | GetBurnBlockInfo
-            | GetStacksBlockInfo | GetTenureInfo | TupleGet | TupleMerge | Len | Print
-            | AsContract | Begin | FetchVar | GetStxBalance | StxGetAccount | GetTokenBalance
-            | GetAssetOwner | GetTokenSupply | ElementAt | IndexOf | Slice | ReplaceAt
-            | BitwiseAnd | BitwiseOr | BitwiseNot | BitwiseLShift | BitwiseRShift | BitwiseXor2
-            | ElementAtAlias | IndexOfAlias | ContractHash | ToAscii => {
+            Add
+            | Subtract
+            | Divide
+            | Multiply
+            | CmpGeq
+            | CmpLeq
+            | CmpLess
+            | CmpGreater
+            | Modulo
+            | Power
+            | Sqrti
+            | Log2
+            | BitwiseXor
+            | And
+            | Or
+            | Not
+            | Hash160
+            | Sha256
+            | Keccak256
+            | Equals
+            | If
+            | Sha512
+            | Sha512Trunc256
+            | Secp256k1Recover
+            | Secp256k1Verify
+            | ConsSome
+            | ConsOkay
+            | ConsError
+            | DefaultTo
+            | UnwrapRet
+            | UnwrapErrRet
+            | IsOkay
+            | IsNone
+            | Asserts
+            | Unwrap
+            | UnwrapErr
+            | Match
+            | IsErr
+            | IsSome
+            | TryRet
+            | ToUInt
+            | ToInt
+            | BuffToIntLe
+            | BuffToUIntLe
+            | BuffToIntBe
+            | BuffToUIntBe
+            | IntToAscii
+            | IntToUtf8
+            | StringToInt
+            | StringToUInt
+            | IsStandard
+            | ToConsensusBuff
+            | PrincipalDestruct
+            | PrincipalConstruct
+            | Append
+            | Concat
+            | AsMaxLen
+            | ContractOf
+            | PrincipalOf
+            | ListCons
+            | GetBlockInfo
+            | GetBurnBlockInfo
+            | GetStacksBlockInfo
+            | GetTenureInfo
+            | TupleGet
+            | TupleMerge
+            | Len
+            | Print
+            | AsContract
+            | Begin
+            | FetchVar
+            | GetStxBalance
+            | StxGetAccount
+            | GetTokenBalance
+            | GetAssetOwner
+            | GetTokenSupply
+            | ElementAt
+            | IndexOf
+            | Slice
+            | ReplaceAt
+            | BitwiseAnd
+            | BitwiseOr
+            | BitwiseNot
+            | BitwiseLShift
+            | BitwiseRShift
+            | BitwiseXor2
+            | ElementAtAlias
+            | IndexOfAlias
+            | ContractHash
+            | ToAscii
+            | AllowanceWithStx
+            | AllowanceWithFt
+            | AllowanceWithNft
+            | AllowanceWithStacking
+            | AllowanceAll => {
                 // Check all arguments.
                 self.check_each_expression_is_read_only(args)
             }
@@ -434,16 +515,38 @@ impl<'a, 'b> ReadOnlyChecker<'a, 'b> {
                 let asset_owner_read_only = self.check_read_only(&args[0])?;
 
                 // Check the allowances argument.
-                let allowances = args[1]
-                    .match_list()
-                    .ok_or(CheckErrors::RestrictAssetsExpectedListOfAllowances)?;
+                let allowances =
+                    args[1]
+                        .match_list()
+                        .ok_or(CheckErrors::ExpectedListOfAllowances(
+                            "restrict-assets?".into(),
+                            2,
+                        ))?;
                 let allowances_read_only = self.check_each_expression_is_read_only(allowances)?;
 
                 // Check the body expressions.
                 let body_read_only = self.check_each_expression_is_read_only(&args[2..])?;
 
                 Ok(asset_owner_read_only && allowances_read_only && body_read_only)
             }
+            AsContractSafe => {
+                check_arguments_at_least(2, args)?;
+
+                // Check the allowances argument.
+                let allowances =
+                    args[0]
+                        .match_list()
+                        .ok_or(CheckErrors::ExpectedListOfAllowances(
+                            "as-contract?".into(),
+                            1,
+                        ))?;
+                let allowances_read_only = self.check_each_expression_is_read_only(allowances)?;
+
+                // Check the body expressions.
+                let body_read_only = self.check_each_expression_is_read_only(&args[1..])?;
+
+                Ok(allowances_read_only && body_read_only)
+            }
         }
     }
 
 
@@ -16,15 +16,15 @@
 
 use stacks_common::types::StacksEpochId;
 
-use super::{TypeChecker, TypingContext, check_argument_count, check_arguments_at_least, no_type};
+use super::{check_argument_count, check_arguments_at_least, no_type, TypeChecker, TypingContext};
 use crate::vm::analysis::errors::{CheckError, CheckErrors, SyntaxBindingErrorType};
 use crate::vm::costs::cost_functions::ClarityCostFunction;
 use crate::vm::costs::{analysis_typecheck_cost, runtime_cost};
 use crate::vm::diagnostic::DiagnosableError;
-use crate::vm::functions::{NativeFunctions, handle_binding_list};
+use crate::vm::functions::{handle_binding_list, NativeFunctions};
 use crate::vm::types::{
-    BUFF_20, BUFF_32, BUFF_33, BUFF_64, BUFF_65, BlockInfoProperty, FixedFunction, FunctionArg,
-    FunctionSignature, FunctionType, PrincipalData, TupleTypeSignature, TypeSignature, Value,
+    BlockInfoProperty, FixedFunction, FunctionArg, FunctionSignature, FunctionType, PrincipalData,
+    TupleTypeSignature, TypeSignature, Value, BUFF_20, BUFF_32, BUFF_33, BUFF_64, BUFF_65,
 };
 use crate::vm::{ClarityName, ClarityVersion, SymbolicExpression, SymbolicExpressionType};
 
@@ -777,13 +777,43 @@ impl TypedNativeFunction {
             IsNone => Special(SpecialNativeFunction(&options::check_special_is_optional)),
             IsSome => Special(SpecialNativeFunction(&options::check_special_is_optional)),
             AtBlock => Special(SpecialNativeFunction(&check_special_at_block)),
-            ElementAtAlias | IndexOfAlias | BuffToIntLe | BuffToUIntLe | BuffToIntBe
-            | BuffToUIntBe | IsStandard | PrincipalDestruct | PrincipalConstruct | StringToInt
-            | StringToUInt | IntToAscii | IntToUtf8 | GetBurnBlockInfo | StxTransferMemo
-            | StxGetAccount | BitwiseAnd | BitwiseOr | BitwiseNot | BitwiseLShift
-            | BitwiseRShift | BitwiseXor2 | Slice | ToConsensusBuff | FromConsensusBuff
-            | ReplaceAt | GetStacksBlockInfo | GetTenureInfo | ContractHash | ToAscii
-            | RestrictAssets => {
+            ElementAtAlias
+            | IndexOfAlias
+            | BuffToIntLe
+            | BuffToUIntLe
+            | BuffToIntBe
+            | BuffToUIntBe
+            | IsStandard
+            | PrincipalDestruct
+            | PrincipalConstruct
+            | StringToInt
+            | StringToUInt
+            | IntToAscii
+            | IntToUtf8
+            | GetBurnBlockInfo
+            | StxTransferMemo
+            | StxGetAccount
+            | BitwiseAnd
+            | BitwiseOr
+            | BitwiseNot
+            | BitwiseLShift
+            | BitwiseRShift
+            | BitwiseXor2
+            | Slice
+            | ToConsensusBuff
+            | FromConsensusBuff
+            | ReplaceAt
+            | GetStacksBlockInfo
+            | GetTenureInfo
+            | ContractHash
+            | ToAscii
+            | RestrictAssets
+            | AsContractSafe
+            | AllowanceWithStx
+            | AllowanceWithFt
+            | AllowanceWithNft
+            | AllowanceWithStacking
+            | AllowanceAll => {
                 return Err(CheckErrors::Expects(
                     "Clarity 2+ keywords should not show up in 2.05".into(),
                 ));