-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Various blocklist and pause check enhancements (#24)
This PR accomplishes the following: - Apply blocklist check to sender & recipient of every transfer event in abci - Extend pause check to `MsgGrant` and `MsgConfigureMinter` - Migrate blockibc module from [noble](https://github.com/noble-assets/noble) to fiattokenfactory module.
- Loading branch information
Showing
17 changed files
with
646 additions
and
1,518 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
package simapp | ||
|
||
import ( | ||
"github.com/cosmos/cosmos-sdk/types/errors" | ||
abci "github.com/tendermint/tendermint/abci/types" | ||
) | ||
|
||
func (app *SimApp) DeliverTx(req abci.RequestDeliverTx) abci.ResponseDeliverTx { | ||
res := app.BaseApp.DeliverTx(req) | ||
ctx := app.BaseApp.DeliverState.Context() | ||
|
||
for _, event := range res.Events { | ||
err := app.FiatTokenFactoryKeeper.HandleDeliverTxEvent(ctx, event) | ||
if err != nil { | ||
app.SetDeliverState(ctx.BlockHeader()) | ||
return errors.ResponseDeliverTxWithEvents(err, uint64(res.GasWanted), uint64(res.GasUsed), res.Events, app.Trace()) | ||
} | ||
} | ||
|
||
return res | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
package cmd | ||
|
||
import sdk "github.com/cosmos/cosmos-sdk/types" | ||
|
||
func SetPrefixes(prefix string) { | ||
accountPubKeyPrefix := prefix + "pub" | ||
validatorAddressPrefix := prefix + "valoper" | ||
validatorPubKeyPrefix := prefix + "valoperpub" | ||
consNodeAddressPrefix := prefix + "valcons" | ||
consNodePubKeyPrefix := prefix + "valconspub" | ||
|
||
config := sdk.GetConfig() | ||
config.SetBech32PrefixForAccount(prefix, accountPubKeyPrefix) | ||
config.SetBech32PrefixForValidator(validatorAddressPrefix, validatorPubKeyPrefix) | ||
config.SetBech32PrefixForConsensusNode(consNodeAddressPrefix, consNodePubKeyPrefix) | ||
config.Seal() | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,148 @@ | ||
package blockibc | ||
|
||
import ( | ||
"github.com/circlefin/noble-fiattokenfactory/x/fiattokenfactory/keeper" | ||
"github.com/circlefin/noble-fiattokenfactory/x/fiattokenfactory/types" | ||
sdk "github.com/cosmos/cosmos-sdk/types" | ||
"github.com/cosmos/cosmos-sdk/types/bech32" | ||
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" | ||
capabilitytypes "github.com/cosmos/cosmos-sdk/x/capability/types" | ||
transfertypes "github.com/cosmos/ibc-go/v4/modules/apps/transfer/types" | ||
channeltypes "github.com/cosmos/ibc-go/v4/modules/core/04-channel/types" | ||
porttypes "github.com/cosmos/ibc-go/v4/modules/core/05-port/types" | ||
ibcexported "github.com/cosmos/ibc-go/v4/modules/core/exported" | ||
) | ||
|
||
var _ porttypes.IBCModule = &IBCMiddleware{} | ||
|
||
// IBCMiddleware implements the tokenfactory keeper in order to check against blacklisted addresses. | ||
type IBCMiddleware struct { | ||
app porttypes.IBCModule | ||
keeper *keeper.Keeper | ||
} | ||
|
||
// NewIBCMiddleware creates a new IBCMiddleware given the keeper and underlying application. | ||
func NewIBCMiddleware(app porttypes.IBCModule, k *keeper.Keeper) IBCMiddleware { | ||
return IBCMiddleware{ | ||
app: app, | ||
keeper: k, | ||
} | ||
} | ||
|
||
// OnChanOpenInit implements the IBCModule interface. | ||
func (im IBCMiddleware) OnChanOpenInit( | ||
ctx sdk.Context, | ||
order channeltypes.Order, | ||
connectionHops []string, | ||
portID string, | ||
channelID string, | ||
channelCap *capabilitytypes.Capability, | ||
counterparty channeltypes.Counterparty, | ||
version string, | ||
) (string, error) { | ||
return im.app.OnChanOpenInit(ctx, order, connectionHops, portID, channelID, channelCap, counterparty, version) | ||
} | ||
|
||
// OnChanOpenTry implements the IBCModule interface. | ||
func (im IBCMiddleware) OnChanOpenTry( | ||
ctx sdk.Context, | ||
order channeltypes.Order, | ||
connectionHops []string, | ||
portID, channelID string, | ||
chanCap *capabilitytypes.Capability, | ||
counterparty channeltypes.Counterparty, | ||
counterpartyVersion string, | ||
) (version string, err error) { | ||
return im.app.OnChanOpenTry(ctx, order, connectionHops, portID, channelID, chanCap, counterparty, counterpartyVersion) | ||
} | ||
|
||
// OnChanOpenAck implements the IBCModule interface. | ||
func (im IBCMiddleware) OnChanOpenAck( | ||
ctx sdk.Context, | ||
portID, channelID string, | ||
counterpartyChannelID string, | ||
counterpartyVersion string, | ||
) error { | ||
return im.app.OnChanOpenAck(ctx, portID, channelID, counterpartyChannelID, counterpartyVersion) | ||
} | ||
|
||
// OnChanOpenConfirm implements the IBCModule interface. | ||
func (im IBCMiddleware) OnChanOpenConfirm(ctx sdk.Context, portID, channelID string) error { | ||
return im.app.OnChanOpenConfirm(ctx, portID, channelID) | ||
} | ||
|
||
// OnChanCloseInit implements the IBCModule interface. | ||
func (im IBCMiddleware) OnChanCloseInit(ctx sdk.Context, portID, channelID string) error { | ||
return im.app.OnChanCloseInit(ctx, portID, channelID) | ||
} | ||
|
||
// OnChanCloseConfirm implements the IBCModule interface. | ||
func (im IBCMiddleware) OnChanCloseConfirm(ctx sdk.Context, portID, channelID string) error { | ||
return im.app.OnChanCloseConfirm(ctx, portID, channelID) | ||
} | ||
|
||
// OnRecvPacket intercepts the packet data and checks the sender and receiver address against | ||
// the blacklisted addresses held in the tokenfactory keeper. If the address is found in the blacklist, an | ||
// acknowledgment error is returned. | ||
func (im IBCMiddleware) OnRecvPacket( | ||
ctx sdk.Context, | ||
packet channeltypes.Packet, | ||
relayer sdk.AccAddress, | ||
) ibcexported.Acknowledgement { | ||
var data transfertypes.FungibleTokenPacketData | ||
var ackErr error | ||
if err := types.ModuleCdc.UnmarshalJSON(packet.GetData(), &data); err != nil { | ||
ackErr = sdkerrors.Wrapf(sdkerrors.ErrInvalidType, "cannot unmarshal ICS-20 transfer packet data") | ||
return channeltypes.NewErrorAcknowledgement(ackErr) | ||
} | ||
|
||
denomTrace := transfertypes.ParseDenomTrace(data.Denom) | ||
|
||
mintingDenom := im.keeper.GetMintingDenom(ctx) | ||
if denomTrace.BaseDenom != mintingDenom.Denom { | ||
return im.app.OnRecvPacket(ctx, packet, relayer) | ||
} | ||
|
||
if im.keeper.GetPaused(ctx).Paused { | ||
return channeltypes.NewErrorAcknowledgement(types.ErrPaused) | ||
} | ||
|
||
_, addressBz, err := bech32.DecodeAndConvert(data.Receiver) | ||
if err != nil { | ||
return channeltypes.NewErrorAcknowledgement(err) | ||
} | ||
|
||
_, found := im.keeper.GetBlacklisted(ctx, addressBz) | ||
if found { | ||
ackErr = sdkerrors.Wrapf(sdkerrors.ErrUnauthorized, "receiver address is blacklisted") | ||
return channeltypes.NewErrorAcknowledgement(ackErr) | ||
} | ||
|
||
_, addressBz, err = bech32.DecodeAndConvert(data.Sender) | ||
if err != nil { | ||
return channeltypes.NewErrorAcknowledgement(err) | ||
} | ||
|
||
_, found = im.keeper.GetBlacklisted(ctx, addressBz) | ||
if found { | ||
ackErr = sdkerrors.Wrapf(sdkerrors.ErrUnauthorized, "sender address is blacklisted") | ||
return channeltypes.NewErrorAcknowledgement(ackErr) | ||
} | ||
|
||
return im.app.OnRecvPacket(ctx, packet, relayer) | ||
} | ||
|
||
// OnAcknowledgementPacket implements the IBCModule interface. | ||
func (im IBCMiddleware) OnAcknowledgementPacket( | ||
ctx sdk.Context, | ||
packet channeltypes.Packet, | ||
acknowledgement []byte, | ||
relayer sdk.AccAddress, | ||
) error { | ||
return im.app.OnAcknowledgementPacket(ctx, packet, acknowledgement, relayer) | ||
} | ||
|
||
// OnTimeoutPacket implements the IBCModule interface. | ||
func (im IBCMiddleware) OnTimeoutPacket(ctx sdk.Context, packet channeltypes.Packet, relayer sdk.AccAddress) error { | ||
return im.app.OnTimeoutPacket(ctx, packet, relayer) | ||
} |
Oops, something went wrong.