-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: (x/feegrant) update keeper logic to do not allow duplicate grant #14294
Conversation
@@ -41,6 +41,11 @@ | |||
|
|||
// GrantAllowance creates a new grant | |||
func (k Keeper) GrantAllowance(ctx sdk.Context, granter, grantee sdk.AccAddress, feeAllowance feegrant.FeeAllowanceI) error { | |||
// Checking for duplicate entry | |||
if f, _ := k.GetAllowance(ctx, granter, grantee); f != nil { |
Check warning
Code scanning / gosec
Returned error is not propagated up the stack.
Do we backport that to 0.47? I think this warrants a changelog. |
yes and yes. Please add a CL entry :) |
exp, err := feeAllowance.ExpiresAt() | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought the PR was only about moving the duplicate entry check from msg_server to keeper.
Can you explain what these changes are about?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
up
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the removed logic is for handling duplicate grant (previously we are updating the expiration with the newer grant's expiration for the duplicate grant), which is now unreachable if duplicate grant found.
Message service handlers should validate input/output. Keepers should validate the state machine transitions. So if a dup grant exists, that validation should happen in the keeper and that error should bubble up to the message service handler and be returned there IMO. |
I guess this shouldn't go in v0.47 |
[Cosmos SDK] Kudos, SonarCloud Quality Gate passed! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK, new logic is much easier to understand.
Since we already audited feegrant, I propose to leave it out of 0.47, and just include it in 0.48. Unless someones wants to do a more thorough auditing e.g. w/ manual testing, then we can also backport. In 99% of the app chains it actually won't be state-machine breaking. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor nit, utACK
Removing the backport tag as per #14294 (comment) |
Co-authored-by: Likhita Polavarapu <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK
Description
Closes: #XXXX
in x/feegrant:
msg_server
logic rejects the duplicate grants, but thekeeper
logic had the logic to update the duplicategrant
request.msg_server
tokeeper
.Author Checklist
All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.
I have...
!
to the type prefix if API or client breaking changeCHANGELOG.md
Reviewers Checklist
All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.
I have...
!
in the type prefix if API or client breaking change