mirror of
https://github.com/0glabs/0g-chain.git
synced 2024-12-26 08:15:19 +00:00
614d4e40fe
* Update cometbft, cosmos, ethermint, and ibc-go * Replace github.com/tendermint/tendermint by github.com/cometbft/cometbft * Replace github.com/tendermint/tm-db by github.com/cometbft/cometbft-db * Replace gogo/protobuf with cosmos/gogoproto & simapp replacement * Replace cosmos-sdk/simapp/helpers with cosmos-sdk/testutil/sims * Remove no longer used simulations * Replace ibchost with ibcexported See https://github.com/cosmos/ibc-go/blob/v7.2.2/docs/migrations/v6-to-v7.md#ibc-module-constants * Add new consensus params keeper * Add consensus keeper to blockers * Fix keeper and module issues in app.go * Add IsSendEnabledCoins and update SetParams interface changes * Fix protobuf build for cosmos 47 (#1800) * fix cp errors by using -f; fix lint by only linting our proto dir; and use proofs.proto directly from ics23 for ibc-go v7 * run proto-all; commit updated third party deps and swagger changes * regenerate proto files * use correct gocosmos build plugin for buf * re-gen all protobuf files to update paths for new gocosmos plugin * update protoc and buf to latest versions * fix staking keeper issues in app.go * update tally handler for gov changes * chain id fix and flag fixes * update deps for cometbft 47.7 upgrade * remove all module legacy queriers * update stakingKeeper to pointer * Replace ModuleCdc from govv1beta1 to govcodec * remove simulations * abci.LastCommitInfo → abci.CommitInfo * Remove unused code in keys.go * simapp.MakeTestEncodingConfig -> moduletestutil.MakeTestEncodingConfi * Fix chain id issues in tests * Fix remaining unit test issues * Update changelog for upgrade * Fix e2e tests using updated kvtool * Update protonet to v47 compatible genesis * Bump cometbft-db to v0.9.1-kava.1 * Update kvtool * Remove extra changelog * Fix merged rocksdb issues * go mod cleanup * Bump cometbft-db to v9 and go to 1.21 * Bump rocksdb version to v8.10.0 * Update kvtool to latest version * Update gin to v1.9.0 * Use ibctm.ModuleName in app_test * Fallback to genesis chain id instead of client toml * Remove all simulations * Fix cdp migrations issue with v47 * Update dependencies to correct tags --------- Co-authored-by: Nick DeLuca <nickdeluca08@gmail.com>
238 lines
5.7 KiB
Go
238 lines
5.7 KiB
Go
package ante_test
|
|
|
|
import (
|
|
"math/rand"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/cosmos/cosmos-sdk/testutil/sims"
|
|
sdk "github.com/cosmos/cosmos-sdk/types"
|
|
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
|
|
"github.com/cosmos/cosmos-sdk/x/authz"
|
|
banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
|
|
stakingtypes "github.com/cosmos/cosmos-sdk/x/staking/types"
|
|
evmtypes "github.com/evmos/ethermint/x/evm/types"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/kava-labs/kava/app"
|
|
"github.com/kava-labs/kava/app/ante"
|
|
)
|
|
|
|
func newMsgGrant(granter sdk.AccAddress, grantee sdk.AccAddress, a authz.Authorization, expiration time.Time) *authz.MsgGrant {
|
|
msg, err := authz.NewMsgGrant(granter, grantee, a, &expiration)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return msg
|
|
}
|
|
|
|
func newMsgExec(grantee sdk.AccAddress, msgs []sdk.Msg) *authz.MsgExec {
|
|
msg := authz.NewMsgExec(grantee, msgs)
|
|
return &msg
|
|
}
|
|
|
|
func TestAuthzLimiterDecorator(t *testing.T) {
|
|
testPrivKeys, testAddresses := app.GeneratePrivKeyAddressPairs(5)
|
|
distantFuture := time.Date(9000, 1, 1, 0, 0, 0, 0, time.UTC)
|
|
|
|
validator := sdk.ValAddress(testAddresses[4])
|
|
stakingAuthDelegate, err := stakingtypes.NewStakeAuthorization([]sdk.ValAddress{validator}, nil, stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE, nil)
|
|
require.NoError(t, err)
|
|
stakingAuthUndelegate, err := stakingtypes.NewStakeAuthorization([]sdk.ValAddress{validator}, nil, stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_UNDELEGATE, nil)
|
|
require.NoError(t, err)
|
|
|
|
decorator := ante.NewAuthzLimiterDecorator(
|
|
sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
|
|
sdk.MsgTypeURL(&stakingtypes.MsgUndelegate{}),
|
|
)
|
|
|
|
testCases := []struct {
|
|
name string
|
|
msgs []sdk.Msg
|
|
checkTx bool
|
|
expectedErr error
|
|
}{
|
|
{
|
|
name: "a non blocked msg is not blocked",
|
|
msgs: []sdk.Msg{
|
|
banktypes.NewMsgSend(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
sdk.NewCoins(sdk.NewInt64Coin("ukava", 100e6)),
|
|
),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "a blocked msg is not blocked when not wrapped in MsgExec",
|
|
msgs: []sdk.Msg{
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a non blocked msg, it passes",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
authz.NewGenericAuthorization(sdk.MsgTypeURL(&banktypes.MsgSend{})),
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a non blocked msg, it passes",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
stakingAuthDelegate,
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a blocked msg, it is blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
authz.NewGenericAuthorization(sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{})),
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a blocked msg, it is blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
stakingAuthUndelegate,
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "when a MsgExec contains a non blocked msg, it passes",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{banktypes.NewMsgSend(
|
|
testAddresses[0],
|
|
testAddresses[3],
|
|
sdk.NewCoins(sdk.NewInt64Coin("ukava", 100e6)),
|
|
)}),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgExec contains a blocked msg, it is blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "blocked msg surrounded by valid msgs is still blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
stakingAuthDelegate,
|
|
distantFuture,
|
|
),
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
banktypes.NewMsgSend(
|
|
testAddresses[0],
|
|
testAddresses[3],
|
|
sdk.NewCoins(sdk.NewInt64Coin("ukava", 100e6)),
|
|
),
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "a nested MsgExec containing a blocked msg is still blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[2],
|
|
[]sdk.Msg{
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
),
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "a nested MsgGrant containing a blocked msg is still blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
authz.NewGenericAuthorization(sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{})),
|
|
distantFuture,
|
|
),
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
}
|
|
|
|
txConfig := app.MakeEncodingConfig().TxConfig
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
tx, err := sims.GenSignedMockTx(
|
|
rand.New(rand.NewSource(time.Now().UnixNano())),
|
|
txConfig,
|
|
tc.msgs,
|
|
sdk.NewCoins(),
|
|
sims.DefaultGenTxGas,
|
|
"testing-chain-id",
|
|
[]uint64{0},
|
|
[]uint64{0},
|
|
testPrivKeys[0],
|
|
)
|
|
require.NoError(t, err)
|
|
mmd := MockAnteHandler{}
|
|
ctx := sdk.Context{}.WithIsCheckTx(tc.checkTx)
|
|
_, err = decorator.AnteHandle(ctx, tx, false, mmd.AnteHandle)
|
|
if tc.expectedErr != nil {
|
|
require.ErrorIs(t, err, tc.expectedErr)
|
|
} else {
|
|
require.NoError(t, err)
|
|
}
|
|
})
|
|
}
|
|
}
|