-
Notifications
You must be signed in to change notification settings - Fork 610
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: prevent blocked addresses from sending ICS 20 transfers #1907
Changes from 9 commits
e4ee61d
58bd0f7
baf8f2c
6a8e27c
47c3efa
021b927
28c4e5b
be09f47
8640e78
0b298af
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
package keeper_test | ||
|
||
import ( | ||
sdk "github.com/cosmos/cosmos-sdk/types" | ||
|
||
"github.com/cosmos/ibc-go/v5/modules/apps/transfer/types" | ||
) | ||
|
||
func (suite *KeeperTestSuite) TestMsgTransfer() { | ||
var msg *types.MsgTransfer | ||
|
||
testCases := []struct { | ||
name string | ||
malleate func() | ||
expPass bool | ||
}{ | ||
{ | ||
"success", | ||
func() {}, | ||
true, | ||
}, | ||
{ | ||
"invalid sender", | ||
func() { | ||
msg.Sender = "address" | ||
}, | ||
false, | ||
}, | ||
{ | ||
"sender is a blocked address", | ||
func() { | ||
msg.Sender = suite.chainA.GetSimApp().AccountKeeper.GetModuleAddress(types.ModuleName).String() | ||
}, | ||
false, | ||
}, | ||
{ | ||
"channel does not exist", | ||
func() { | ||
msg.SourceChannel = "channel-100" | ||
}, | ||
false, | ||
}, | ||
} | ||
|
||
for _, tc := range testCases { | ||
suite.SetupTest() | ||
|
||
path := NewTransferPath(suite.chainA, suite.chainB) | ||
suite.coordinator.Setup(path) | ||
|
||
coin := sdk.NewCoin(sdk.DefaultBondDenom, sdk.NewInt(100)) | ||
msg = types.NewMsgTransfer( | ||
path.EndpointA.ChannelConfig.PortID, | ||
path.EndpointA.ChannelID, | ||
coin, suite.chainA.SenderAccount.GetAddress().String(), suite.chainB.SenderAccount.GetAddress().String(), | ||
suite.chainB.GetTimeoutHeight(), 0, // only use timeout height | ||
) | ||
|
||
tc.malleate() | ||
|
||
res, err := suite.chainA.GetSimApp().TransferKeeper.Transfer(sdk.WrapSDKContext(suite.chainA.GetContext()), msg) | ||
|
||
if tc.expPass { | ||
suite.Require().NoError(err) | ||
suite.Require().NotNil(res) | ||
} else { | ||
suite.Require().Error(err) | ||
suite.Require().Nil(res) | ||
} | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -48,6 +48,8 @@ import ( | |
// 4. A -> C : sender chain is sink zone. Denom upon receiving: 'C/B/denom' | ||
// 5. C -> B : sender chain is sink zone. Denom upon receiving: 'B/denom' | ||
// 6. B -> A : sender chain is sink zone. Denom upon receiving: 'denom' | ||
// | ||
// Note: An IBC Transfer must be initiated using a MsgTransfer via the Transfer rpc handler | ||
func (k Keeper) SendTransfer( | ||
ctx sdk.Context, | ||
sourcePort, | ||
|
@@ -62,6 +64,10 @@ func (k Keeper) SendTransfer( | |
return types.ErrSendDisabled | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is a nit and no need to block the PR on this, but now that you added tests for the msg server, maybe we can also had a test case for the situation where send is disabled. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. looks like this test case is missing for receive as well. Would prefer it be done in a separate pr |
||
} | ||
|
||
if k.bankKeeper.BlockedAddr(sender) { | ||
return sdkerrors.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to send funds", sender) | ||
} | ||
|
||
sourceChannelEnd, found := k.channelKeeper.GetChannel(ctx, sourcePort, sourceChannel) | ||
if !found { | ||
return sdkerrors.Wrapf(channeltypes.ErrChannelNotFound, "port ID (%s) channel ID (%s)", sourcePort, sourceChannel) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will do a followup pr to make this private for the next major release