-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: refactor whitelisted_addresses #392
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- There might be a few unused funcs, are you sure the wiring is complete?
- Could we just have 1 proposal type called UpdatePerms, which has a grant/revoke bool or enum
string genesis_operator_address = 3; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is sequencer_operator_address
a better name?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This one is the original name in sequencer module, I didn't change anything about it. So if it's required, I think we will need another chores issue for that.
if !m.sequencerKeeper.HasPermission(ctx, accAddr, types.ModuleName) { | ||
return nil, sdkerrors.ErrUnauthorized | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unauthorized or noPermission?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the hub-genesis's orginally use Unauthoried from cosmos-sdk, while the denommetadata define an error called NoPermission
if len(p.Permissions) == 0 { | ||
return errors.New("permissions field cannot be empty") | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
extra branch for no reason I think
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do you think it is not needed? In this case, we can get rid of the empty proposal that happen in our chain
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's just an extra branch for no reason
let the empty proposal happen
@@ -33,7 +33,12 @@ func (k msgServer) CreateDenomMetadata( | |||
return nil, err | |||
} | |||
|
|||
if !k.IsAddressPermissioned(ctx, msg.SenderAddress) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should refactor IsAddressPermissioned
and reuse it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also make it private
@danwt @anhductn2001 @lacsomot guys, thanks for all the comments you leave. I think I solves most of them. Please help me check again one more time before we can merge them into rdk |
@@ -56,7 +56,7 @@ func (AppModuleBasic) ValidateGenesis(cdc codec.JSONCodec, config client.TxEncod | |||
if err := cdc.UnmarshalJSON(bz, &genState); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why bother unmashalling genState if it's not used?
// params are all parameters for the module | ||
Params params = 1 [ (gogoproto.nullable) = false ]; | ||
} | ||
message GenesisState {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if this is empty, why do we need it at all?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should keep it as it's the cosmos-sdk standard, and in case we need to store some states in the future
(gogoproto.nullable) = false, | ||
(gogoproto.castrepeated) = "github.com/cosmos/cosmos-sdk/types.Coins" | ||
]; | ||
// is_locked is a boolean that indicates if the genesis event has occured |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// is_locked is a boolean that indicates if the genesis event has occured | |
// is_locked is a boolean that indicates if the genesis event has occurred |
@@ -33,7 +33,12 @@ func (k msgServer) CreateDenomMetadata( | |||
return nil, err | |||
} | |||
|
|||
if !k.IsAddressPermissioned(ctx, msg.SenderAddress) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also make it private
@@ -27,7 +27,12 @@ func (m msgServer) TriggerGenesisEvent(goCtx context.Context, msg *types.MsgHubG | |||
ctx := sdk.UnwrapSDKContext(goCtx) | |||
|
|||
// Get the sender and validate they are in the Allowlist | |||
if !m.IsAddressInGenesisTriggererAllowList(ctx, msg.Address) { | |||
accAddr, err := sdk.AccAddressFromBech32(msg.Address) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these checks could indeed be moved to a separate method. no blocker though
return errors.Wrapf(err, "address format error") | ||
} | ||
|
||
res, err := queryClient.Permissions(context.Background(), &types.QueryPermissionsRequest{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
res, err := queryClient.Permissions(context.Background(), &types.QueryPermissionsRequest{ | |
res, err := queryClient.Permissions(cmd.Context(), &types.QueryPermissionsRequest{ |
// method. | ||
message QueryPermissionsResponse { | ||
// permissions defines the permissions for the given address. | ||
string permissions = 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why not repeated string permissions = 1;
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to store it in KVStore, and the repeated string
, which will be convert to []string
can not be Marshal to bytes in codec. This's the reason I make a wrapper struct for that
params := q.GetParams(ctx) | ||
return &types.QueryParamsResponse{Params: params}, nil | ||
} | ||
|
||
// IBCDenomByDenomTrace returns IBC denom base on denom trace | ||
func (q Querier) IBCDenomByDenomTrace( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know it's not related, but this should be covered by a test. Maybe leave a TODO
, this PR is already big enough.
@@ -0,0 +1,57 @@ | |||
package sequencers | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
be nice to write a test for these
func NewUpdatePermissionProposalHandler(k *keeper.Keeper) govtypes.Handler { | ||
return func(ctx sdk.Context, content govtypes.Content) error { | ||
switch c := content.(type) { | ||
case *types.GrantPermissionsProposal: | ||
return HandleGrantPermissionsProposal(ctx, k, c) | ||
case *types.RevokePermissionsProposal: | ||
return HandleRevokePermissionsProposal(ctx, k, c) | ||
default: | ||
return errorsmod.Wrapf(sdkerrors.ErrUnknownRequest, "unrecognized permissions proposal content type: %T", c) | ||
} | ||
} | ||
} | ||
|
||
// HandleGrantPermissionsProposal is a handler for executing a grant permissions proposal | ||
func HandleGrantPermissionsProposal(ctx sdk.Context, k *keeper.Keeper, p *types.GrantPermissionsProposal) error { | ||
if err := p.ValidateBasic(); err != nil { | ||
return err | ||
} | ||
|
||
for _, addrPerms := range p.AddressPermissions { | ||
accAddr, err := sdk.AccAddressFromBech32(addrPerms.Address) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
k.GrantPermissions(ctx, accAddr, addrPerms.PermissionList) | ||
} | ||
return nil | ||
} | ||
|
||
// HandleRevokePermissionsProposal is a handler for executing a revoke permissions proposal | ||
func HandleRevokePermissionsProposal(ctx sdk.Context, k *keeper.Keeper, p *types.RevokePermissionsProposal) error { | ||
if err := p.ValidateBasic(); err != nil { | ||
return err | ||
} | ||
|
||
for _, addrPerms := range p.AddressPermissions { | ||
accAddr, err := sdk.AccAddressFromBech32(addrPerms.Address) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
k.RevokePermissions(ctx, accAddr, addrPerms.PermissionList) | ||
} | ||
return nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is some repetition here - could make it DRYer like so:
func NewUpdatePermissionProposalHandler(k *keeper.Keeper) govtypes.Handler { | |
return func(ctx sdk.Context, content govtypes.Content) error { | |
switch c := content.(type) { | |
case *types.GrantPermissionsProposal: | |
return HandleGrantPermissionsProposal(ctx, k, c) | |
case *types.RevokePermissionsProposal: | |
return HandleRevokePermissionsProposal(ctx, k, c) | |
default: | |
return errorsmod.Wrapf(sdkerrors.ErrUnknownRequest, "unrecognized permissions proposal content type: %T", c) | |
} | |
} | |
} | |
// HandleGrantPermissionsProposal is a handler for executing a grant permissions proposal | |
func HandleGrantPermissionsProposal(ctx sdk.Context, k *keeper.Keeper, p *types.GrantPermissionsProposal) error { | |
if err := p.ValidateBasic(); err != nil { | |
return err | |
} | |
for _, addrPerms := range p.AddressPermissions { | |
accAddr, err := sdk.AccAddressFromBech32(addrPerms.Address) | |
if err != nil { | |
return err | |
} | |
k.GrantPermissions(ctx, accAddr, addrPerms.PermissionList) | |
} | |
return nil | |
} | |
// HandleRevokePermissionsProposal is a handler for executing a revoke permissions proposal | |
func HandleRevokePermissionsProposal(ctx sdk.Context, k *keeper.Keeper, p *types.RevokePermissionsProposal) error { | |
if err := p.ValidateBasic(); err != nil { | |
return err | |
} | |
for _, addrPerms := range p.AddressPermissions { | |
accAddr, err := sdk.AccAddressFromBech32(addrPerms.Address) | |
if err != nil { | |
return err | |
} | |
k.RevokePermissions(ctx, accAddr, addrPerms.PermissionList) | |
} | |
return nil | |
} | |
func NewUpdatePermissionProposalHandler(k *keeper.Keeper) govtypes.Handler { | |
return func(ctx sdk.Context, content govtypes.Content) error { | |
if err := content.ValidateBasic(); err != nil { | |
return err | |
} | |
switch c := content.(type) { | |
case *types.GrantPermissionsProposal: | |
return HandlePermissionsProposal(ctx, c.AddressPermissions, k.GrantPermissions) | |
case *types.RevokePermissionsProposal: | |
return HandlePermissionsProposal(ctx, c.AddressPermissions, k.RevokePermissions) | |
default: | |
return errorsmod.Wrapf(sdkerrors.ErrUnknownRequest, "unrecognized permissions proposal content type: %T", c) | |
} | |
} | |
} | |
// action can be grant or revoke | |
type actionFn func(ctx sdk.Context, accAddr sdk.AccAddress, permList types.PermissionList) | |
// HandlePermissionsProposal is a handler for executing a permissions proposal | |
func HandlePermissionsProposal(ctx sdk.Context, perms []types.AddressPermissions, action actionFn) error { | |
for _, perm := range perms { | |
accAddr, err := sdk.AccAddressFromBech32(perm.Address) | |
if err != nil { | |
return err | |
} | |
action(ctx, accAddr, perm.PermissionList) | |
} | |
return nil | |
} | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good work. Just a couple of minor things that could maybe be either resolved now, or left as TODO
s
newPerms := slices.DeleteFunc(permissionList.Permissions, func(perm string) bool { | ||
return slices.Contains(revokePermList.Permissions, perm) | ||
}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
n^2 dos vector?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this could make the chain receive dos attack, currently we just have vesting, hubgenesis, and denommetadata module that require permissions. This won't affect anything
if !p.Equal(NewPermissionsList(perms)) { | ||
return fmt.Errorf("PermissionList is not sorted yet") | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why do we require sorted? should have a comment explaining
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can remove sorting, thank you
Closes #390