fix: make IDL/Candid decoding of options spec compliant (#981)

* add backtracking to opt decoding

* basic tests of variant defaulting under opt

* implement remaining variant decoding edge cases

* test opt parsing of null and any edge cases

* add test for non-opt cases

Co-authored-by: Kaia Peacock <[email protected]>

Author: crusso

docs/CHANGELOG.md

@@ -1,7 +1,22 @@
 # Changelog
 
+
 ## [Unreleased]
 
+- fix:  Bring Candid decoding of `opt` types up to Candid spec:
+  In particular, when decoding at an `opt` type:
+  - If the wire type is an `opt` type, decode its payload at the expected content type
+    (as before).
+  - Allow decoding `null` wire type as IDL value `null` (i.e. JS `[]`).
+  - Allow decoding of value of `reserved` wire type, defaulting to IDL value `null` (i.e. JS `[]`).
+  - Allow decoding of wider variant type on the wire at narrower expected variant type,
+    provided the decoded value is valid at the expected variant type. Otherwise, default to `null` (i.e. JS `[]`).
+  - Otherwise:
+    - If the expected content type is `null` or `reserved` or (nested) `opt`, return IDL value `null` (i.e. JS `[]`).
+    - The expected content type is neither `null`, `reserved` or nested `opt`:
+      allow decoding of the non-optioned value `v` as `opt v` (JS `[v*]`) if compatible with
+      the expected content type; if incompatible, return IDL value `null` (JS `[]`).
+
 ### Added
 
 - test: added e2e test for CanisterStatus requesting a subnet path, as a reference for getting the subnet id of a given canister id

packages/candid/src/idl.test.ts

@@ -698,3 +698,214 @@ test('should decode matching optional fields if wire type contains additional fi
     b: ['123'],
   });
 });
+
+
+describe('IDL opt variant decoding', () => {
+  it('should handle matching expected and wire type variants', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null, z: IDL.Null })) }),
+      { a: [{ x: null }] },
+      '4449444c036c0161016e026b03787f797f7a7f01000100', // Motoko: {a = ?#x} : {a : ?{#x;#y;#z}},
+      'same variant under opt x',
+    );
+  });
+  it('should handle matching expected and wire type variants', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null, z: IDL.Null })) }),
+      { a: [{ z: null }] },
+      '4449444c036c0161016e026b03787f797f7a7f01000102', // Motoko: {a = ?#z} : {a : ?{#x;#y;#z}}
+      'same variant under opt z',
+    );
+  });
+  it('should handle wider variant with expected tag', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })) }),
+      { a: [{ x: null }] },
+      '4449444c036c0161016e026b03787f797f7a7f01000100', // Motoko: {a = ?#x} : {a : ?{#x;#y;#z}}
+      'extended variant under opt expected tag',
+    );
+  });
+  it('should handle wider variant with unexpected tag', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })) }),
+      { a: [] },
+      '4449444c036c0161016e026b03787f797f7a7f01000102', // Motoko: {a = ?#z} : {a : ?{#x;#y;#z}}
+      'extended variant under opt unexpected tag - defaulting',
+    );
+  });
+});
+
+describe('IDL opt edge cases', () => {
+  it('should handle the option when the wire type is null type', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null }))}),
+    {a: []},
+    '4449444c016c01617f0100',
+     // Motoko: {a = null} : {a : null}
+    'opt expected type null on wire',
+  )});
+  it('should handle the option when the wire type is reserved', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null }))}),
+    {a: []},
+    '4449444c016c0161700100',
+    // Motoko: {a = (): Any} : {a : Any}
+    'opt expected type reserved on wire',
+  )});
+  it('should handle the option when the wire typ is non-optioned', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null }))}),
+    {a: [{x: null}]},
+    `4449444c026c0161016b02787f797f010000`,
+    // Motoko: {a = #x } : {a : {#x;#y}}
+    'opt expected type non-opt on wire',
+  )});
+  it('should handle the option when the wire typ is an non-optioned wider variant with expected tag', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null }))}),
+    {a: [{x: null}]},
+    `4449444c026c0161016b03787f797f7a7f010000`,
+    // Motoko: {a = #x } : {a : {#x;#y;#z}}
+    'opt expected, wire type non-opt, extended, with expected tag',
+  )});
+  it('should handle the option when the wire typ is an non-optioned wider variant with unexpected tag, defaulting', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null }))}),
+    {a: []},
+    `4449444c026c0161016b03787f797f7a7f010002`,
+    // Motoko: {a = #z} : {a : {#x;#y;#z}}
+    'opt expected, wire type non-opt, extended, with unexpected tag, defaulting',
+  )});
+  it('should handle the option when the expected type is opt null, wire type is non-opt', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ a: IDL.Opt(IDL.Null) }))}),
+    {a: []},
+    `4449444c016c01617d010001`,
+    // Motoko: {a = 1} : {a : Nat }
+    'opt expected, wire type non-opt, other type - defaulting',
+  )});
+  it('should handle the option when the expected type is opt opt Nat, wire type is non-opt', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ a: IDL.Opt(IDL.Opt(IDL.Nat)) }))}),
+    {a: []},
+    `4449444c016c01617d010001`,
+    // Motoko: {a = 1} : {a : Nat }
+    'opt expected, wire type non-opt, other type - defaulting',
+  )});
+  it('should handle the option when the expected type is opt reserved, wire type is non-opt', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Reserved)}),
+    {a: []},
+    `4449444c016c01617d010001`,
+    // Motoko: {a = 1} : {a : Nat }
+    'opt expected, wire type non-opt, other type - defaulting',
+  )});
+});
+
+
+
+/* The following suites are similar to the previous two but require more decoding of a Text value following the optional value.
+   Tests decoding resumed correctly after any skip
+*/
+
+describe('IDL opt variant decoding (embedded)', () => {
+  it('should handle matching expected and wire type variants', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null, z: IDL.Null })), b : IDL.Text }),
+      { a: [{ x: null }], b: "abc" },
+      '4449444c036c02610162716e026b03787f797f7a7f0100010003616263', // Motoko: {a = ?#x; b = "abc"} : {a : ?{#x;#y;#z}; b :Text},
+      'same variant under opt x',
+    );
+  });
+  it('should handle matching expected and wire type variants', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null, z: IDL.Null })), b : IDL.Text }),
+      { a: [{ z: null }], b: "abc" },
+      '4449444c036c02610162716e026b03787f797f7a7f0100010203616263', // Motoko: {a = ?#z; b = "abc"} : {a : ?{#x;#y;#z}; b : Text}
+      'same variant under opt z',
+    );
+  });
+  it('should handle wider variant with expected tag', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b: IDL.Text }),
+      { a: [{ x: null }], b: "abc" },
+      '4449444c036c02610162716e026b03787f797f7a7f0100010003616263', // Motoko: {a = ?#x; b = "abc"} : {a : ?{#x;#y;#z}; b : Text}
+      'extended variant under opt expected tag',
+    );
+  });
+  it('should handle wider variant with unexpected tag', () => {
+    testDecode(
+      IDL.Record({ a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b: IDL.Text }),
+      { a: [], b: "abc" },
+      '4449444c036c02610162716e026b03787f797f7a7f0100010203616263', // Motoko: {a = ?#z; b = "abc"} : {a : ?{#x;#y;#z}; b : Text}
+      'extended variant under opt unexpected tag - defaulting',
+    );
+  });
+});
+
+describe('IDL opt edge cases (embedded)', () => {
+  it('should handle the option when the wire type is null type', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b : IDL.Text}),
+    {a: [], b: "abc"},
+    '4449444c016c02617f6271010003616263',
+     // Motoko: {a = null; b = "abc"} : {a : null; b: Text}
+    'opt expected type null on wire',
+  )});
+  it('should handle the option when the wire type is reserved', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b : IDL.Text}),
+    {a: [], b: "abc"},
+    '4449444c016c0261706271010003616263',
+    // Motoko: {a = (): Any; b = "abc"} : {a : Any; b : Text}
+    'opt expected type reserved on wire',
+  )});
+  it('should handle the option when the wire typ is non-optioned', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b : IDL.Text}),
+    {a: [{x: null}], b: "abc"},
+    `4449444c026c02610162716b02787f797f01000003616263`,
+    // Motoko: {a = #x; b = "abc" } : {a : {#x;#y}; b : Text}
+    'opt expected type non-opt on wire',
+  )});
+  it('should handle the option when the wire typ is an non-optioned wider variant with expected tag', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b : IDL.Text}),
+    {a: [{x: null}], b: "abc"},
+    `4449444c026c02610162716b03787f797f7a7f01000003616263`,
+    // Motoko: {a = #x; b = "abc" } : {a : {#x;#y;#z}; b  : Text}
+    'opt expected, wire type non-opt, extended, with expected tag',
+  )});
+  it('should handle the option when the wire typ is an non-optioned wider variant with unexpected tag, defaulting', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ x: IDL.Null, y: IDL.Null })), b : IDL.Text}),
+    {a: [], b: "abc"},
+    `4449444c026c02610162716b03787f797f7a7f01000203616263`,
+    // Motoko: {a = #z; b = "abc"} : {a : Nat; b : Text}
+    'opt expected, wire type non-opt, extended, with unexpected tag - defaulting',
+  )});
+  it('should handle the option when the expected type is opt null, wire type is non-opt', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ a: IDL.Opt(IDL.Null) })), b : IDL.Text}),
+    {a: [], b: "abc"},
+    `4449444c036c02610162716e026b03787f797f7a7f0100010203616263`,
+    // Motoko: {a = 1; b = "abc"} : {a : Nat; b : Text }
+    'opt expected, wire type non-opt, other type - defaulting',
+  )});
+  it('should handle the option when the expected type is opt opt Nat, wire type is non-opt', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Variant({ a: IDL.Opt(IDL.Opt(IDL.Nat)) })), b : IDL.Text}),
+    {a: [], b: "abc"},
+    `4449444c016c02617d627101000103616263`,
+    // Motoko: {a = 1; b = "abc"} : {a : Nat; b : Text }
+    'opt expected, wire type non-opt, other type - defaulting',
+  )});
+  it('should handle the option when the expected type is opt reserved, wire type is non-opt', () => {
+  testDecode(
+    IDL.Record({a: IDL.Opt(IDL.Reserved), b: IDL.Text}),
+    {a: [], b: "abc"},
+    `4449444c016c02617d627101000103616263`,
+    // Motoko: {a = 1; b = "abc"} : {a : Nat; b : Text }
+    'opt expected, wire type non-opt, other type - defaulting',
+  )});
+});

packages/candid/src/idl.ts

@@ -215,6 +215,7 @@ export abstract class Type<T = any> {
   public abstract encodeType(typeTable: TypeTable): ArrayBuffer;
 
   public abstract checkType(t: Type): Type;
+
   public abstract decodeValue(x: Pipe, t: Type): T;
 
   protected abstract _buildTypeTableImpl(typeTable: TypeTable): void;
@@ -227,6 +228,7 @@ export abstract class PrimitiveType<T = any> extends Type<T> {
     }
     return t;
   }
+
   // eslint-disable-next-line @typescript-eslint/no-unused-vars
   public _buildTypeTableImpl(typeTable: TypeTable): void {
     // No type table encoding for Primitive types.
@@ -914,17 +916,68 @@ export class OptClass<T> extends ConstructType<[T] | []> {
   }
 
   public decodeValue(b: Pipe, t: Type): [T] | [] {
-    const opt = this.checkType(t);
-    if (!(opt instanceof OptClass)) {
-      throw new Error('Not an option type');
+    if (t instanceof NullClass) {
+      return []
     }
-    switch (safeReadUint8(b)) {
-      case 0:
+
+    if (t instanceof ReservedClass) {
+      return []
+    }
+
+    let wireType = t;
+    // unfold wireType, if needed
+    if (t instanceof RecClass) {
+      const ty = t.getType();
+      if (typeof ty === 'undefined') {
+        throw new Error('type mismatch with uninitialized type');
+      } else wireType = ty;
+    }
+
+    if (wireType instanceof OptClass) {
+      switch (safeReadUint8(b)) {
+        case 0:
+          return [];
+        case 1: {
+          // Save the current state of the Pipe `b` to allow rollback in case of an error
+          const checkpoint = b.save();
+          try {
+            // Attempt to decode a value using the `_type` of the current instance
+            const v = this._type.decodeValue(b, wireType._type);
+            return [v];
+          } catch (e : any) {
+            // If an error occurs during decoding, restore the Pipe `b` to its previous state
+            b.restore(checkpoint);
+            // Skip the value at the current wire type to advance the Pipe `b` position
+            const skipped = wireType._type.decodeValue(b, wireType._type);
+            // Return an empty array to indicate a `none` value
+            return [];
+          }
+        }
+        default:
+          throw new Error('Not an option value');
+      }
+    } else if
+      // this check corresponds to `not (null <: <t>)` in the spec
+      (this._type instanceof NullClass || this._type instanceof OptClass || this._type instanceof ReservedClass) {
+      // null <: <t> :
+      // skip value at wire type (to advance b) and return "null", i.e. []
+      const skipped = wireType.decodeValue(b, wireType);
+      return [];
+    } else {
+      // not (null <: t) :
+      // try constituent type
+      const checkpoint = b.save();
+      try {
+        const v = this._type.decodeValue(b, t)
+        return [v];
+      } catch (e : any) {
+        // decoding failed, but this is opt, so return "null", i.e. []
+        b.restore(checkpoint);
+        // skip value at wire type (to advance b)
+        const skipped = wireType.decodeValue(b, t)
+        // return "null"
         return [];
-      case 1:
-        return [this._type.decodeValue(b, opt._type)];
-      default:
-        throw new Error('Not an option value');
+      }
     }
   }
 

packages/candid/src/utils/buffer.ts

@@ -38,6 +38,21 @@ export class PipeArrayBuffer {
    */
   private _view: Uint8Array;
 
+  /**
+   * Save a checkpoint of the reading view (for backtracking)
+   */
+  public save() : Uint8Array {
+     return this._view
+  }
+
+  /**
+   * Restore a checkpoint of the reading view (for backtracking)
+   * @param checkPoint a previously saved checkpoint
+   */
+  public restore(checkPoint: Uint8Array) {
+     this._view = checkPoint
+  }
+
   /**
    * The actual buffer containing the bytes.
    * @private