mirror of
https://github.com/0glabs/0g-chain.git
synced 2024-12-29 17:55:19 +00:00
240 lines
5.8 KiB
Go
240 lines
5.8 KiB
Go
package ante_test
|
|
|
|
import (
|
|
"math/rand"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/0glabs/0g-chain/chaincfg"
|
|
|
|
"github.com/cosmos/cosmos-sdk/testutil/sims"
|
|
sdk "github.com/cosmos/cosmos-sdk/types"
|
|
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
|
|
"github.com/cosmos/cosmos-sdk/x/authz"
|
|
banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
|
|
stakingtypes "github.com/cosmos/cosmos-sdk/x/staking/types"
|
|
evmtypes "github.com/evmos/ethermint/x/evm/types"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/0glabs/0g-chain/app"
|
|
"github.com/0glabs/0g-chain/app/ante"
|
|
)
|
|
|
|
func newMsgGrant(granter sdk.AccAddress, grantee sdk.AccAddress, a authz.Authorization, expiration time.Time) *authz.MsgGrant {
|
|
msg, err := authz.NewMsgGrant(granter, grantee, a, &expiration)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return msg
|
|
}
|
|
|
|
func newMsgExec(grantee sdk.AccAddress, msgs []sdk.Msg) *authz.MsgExec {
|
|
msg := authz.NewMsgExec(grantee, msgs)
|
|
return &msg
|
|
}
|
|
|
|
func TestAuthzLimiterDecorator(t *testing.T) {
|
|
testPrivKeys, testAddresses := app.GeneratePrivKeyAddressPairs(5)
|
|
distantFuture := time.Date(9000, 1, 1, 0, 0, 0, 0, time.UTC)
|
|
|
|
validator := sdk.ValAddress(testAddresses[4])
|
|
stakingAuthDelegate, err := stakingtypes.NewStakeAuthorization([]sdk.ValAddress{validator}, nil, stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE, nil)
|
|
require.NoError(t, err)
|
|
stakingAuthUndelegate, err := stakingtypes.NewStakeAuthorization([]sdk.ValAddress{validator}, nil, stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_UNDELEGATE, nil)
|
|
require.NoError(t, err)
|
|
|
|
decorator := ante.NewAuthzLimiterDecorator(
|
|
sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
|
|
sdk.MsgTypeURL(&stakingtypes.MsgUndelegate{}),
|
|
)
|
|
|
|
testCases := []struct {
|
|
name string
|
|
msgs []sdk.Msg
|
|
checkTx bool
|
|
expectedErr error
|
|
}{
|
|
{
|
|
name: "a non blocked msg is not blocked",
|
|
msgs: []sdk.Msg{
|
|
banktypes.NewMsgSend(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
sdk.NewCoins(sdk.NewInt64Coin(chaincfg.DisplayDenom, 100)),
|
|
),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "a blocked msg is not blocked when not wrapped in MsgExec",
|
|
msgs: []sdk.Msg{
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a non blocked msg, it passes",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
authz.NewGenericAuthorization(sdk.MsgTypeURL(&banktypes.MsgSend{})),
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a non blocked msg, it passes",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
stakingAuthDelegate,
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a blocked msg, it is blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
authz.NewGenericAuthorization(sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{})),
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "when a MsgGrant contains a blocked msg, it is blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
stakingAuthUndelegate,
|
|
distantFuture,
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "when a MsgExec contains a non blocked msg, it passes",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{banktypes.NewMsgSend(
|
|
testAddresses[0],
|
|
testAddresses[3],
|
|
sdk.NewCoins(sdk.NewInt64Coin(chaincfg.DisplayDenom, 100)),
|
|
)}),
|
|
},
|
|
checkTx: false,
|
|
},
|
|
{
|
|
name: "when a MsgExec contains a blocked msg, it is blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "blocked msg surrounded by valid msgs is still blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
stakingAuthDelegate,
|
|
distantFuture,
|
|
),
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
banktypes.NewMsgSend(
|
|
testAddresses[0],
|
|
testAddresses[3],
|
|
sdk.NewCoins(sdk.NewInt64Coin(chaincfg.DisplayDenom, 100)),
|
|
),
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "a nested MsgExec containing a blocked msg is still blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[2],
|
|
[]sdk.Msg{
|
|
&evmtypes.MsgEthereumTx{},
|
|
},
|
|
),
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
{
|
|
name: "a nested MsgGrant containing a blocked msg is still blocked",
|
|
msgs: []sdk.Msg{
|
|
newMsgExec(
|
|
testAddresses[1],
|
|
[]sdk.Msg{
|
|
newMsgGrant(
|
|
testAddresses[0],
|
|
testAddresses[1],
|
|
authz.NewGenericAuthorization(sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{})),
|
|
distantFuture,
|
|
),
|
|
},
|
|
),
|
|
},
|
|
checkTx: false,
|
|
expectedErr: sdkerrors.ErrUnauthorized,
|
|
},
|
|
}
|
|
|
|
txConfig := app.MakeEncodingConfig().TxConfig
|
|
|
|
for _, tc := range testCases {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
tx, err := sims.GenSignedMockTx(
|
|
rand.New(rand.NewSource(time.Now().UnixNano())),
|
|
txConfig,
|
|
tc.msgs,
|
|
sdk.NewCoins(),
|
|
sims.DefaultGenTxGas,
|
|
"testing-chain-id",
|
|
[]uint64{0},
|
|
[]uint64{0},
|
|
testPrivKeys[0],
|
|
)
|
|
require.NoError(t, err)
|
|
mmd := MockAnteHandler{}
|
|
ctx := sdk.Context{}.WithIsCheckTx(tc.checkTx)
|
|
_, err = decorator.AnteHandle(ctx, tx, false, mmd.AnteHandle)
|
|
if tc.expectedErr != nil {
|
|
require.ErrorIs(t, err, tc.expectedErr)
|
|
} else {
|
|
require.NoError(t, err)
|
|
}
|
|
})
|
|
}
|
|
}
|