Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

imp: represent unlimited approvals with MaxUint256 value #3454

Merged
merged 31 commits into from
May 15, 2023
Merged

imp: represent unlimited approvals with MaxUint256 value #3454

merged 31 commits into from
May 15, 2023

Conversation

Vvaradinov
Copy link
Contributor

@Vvaradinov Vvaradinov commented Apr 13, 2023

Description

This PR implements the changes proposed in #3452

closes: #3452

Commit Message / Changelog Entry

imp(statemachine)!: represent unlimited approvals with a the MaxInt256 value

see the guidelines for commit messages. (view raw markdown for examples)


Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.

  • Targeted PR against correct branch (see CONTRIBUTING.md).
  • Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
  • Code follows the module structure standards and Go style guide.
  • Wrote unit and integration tests.
  • Updated relevant documentation (docs/) or specification (x/<module>/spec/).
  • Added relevant godoc comments.
  • Provide a commit message to be used for the changelog entry in the PR description for review.
  • Re-reviewed Files changed in the Github PR explorer.
  • Review Codecov Report in the comment section below once CI passes.

Copy link
Contributor

@chatton chatton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @Vvaradinov!

My concern about giving a special value to nil here means that it because easier to accidentally configure unlimited spending if the field is omitted.

I think I would lean towards creating a named sentinel value to pass in explicitly as the SpendLimit.

e.g.

allocation.SpendLimit = UnlimitedSpending()

What do you think?

@crodriguezvega
Copy link
Contributor

I agree with the risk described above by @chatton.

And besides that, and after discussing also with @womensrights, we think that it is risky to not specify the unlimited spending for a particular denomination. With the approach of using nil (or even the sentinel value) the authorisation would grant the grantee the possibility to spend without any limits any denomination. We think that it would be safer to follow an approach closer to what Ethereum does and use the maximum Int value for Amount in sdk.Coin to indicate unlimited spending for a particular denomination. What do you think?

@Vvaradinov Vvaradinov changed the title imp: represent unlimited approvals with a nil value imp: represent unlimited approvals with MaxInt64 value Apr 25, 2023
@codecov-commenter
Copy link

codecov-commenter commented Apr 25, 2023

Codecov Report

Merging #3454 (aab8b18) into main (3882830) will increase coverage by 0.00%.
The diff coverage is 100.00%.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #3454   +/-   ##
=======================================
  Coverage   78.79%   78.79%           
=======================================
  Files         182      182           
  Lines       12683    12688    +5     
=======================================
+ Hits         9993     9998    +5     
  Misses       2258     2258           
  Partials      432      432           
Impacted Files Coverage Δ
...ules/apps/transfer/types/transfer_authorization.go 92.04% <100.00%> (+0.47%) ⬆️

modules/apps/transfer/types/transfer_authorization.go Outdated Show resolved Hide resolved
modules/apps/transfer/types/transfer_authorization.go Outdated Show resolved Hide resolved
CHANGELOG.md Outdated Show resolved Hide resolved
@fedekunze fedekunze added 20-transfer type: refactor Architecture, code or CI improvements that may or may not tackle technical debt. labels Apr 30, 2023
@damiannolan
Copy link
Member

Looks like some unit test is failing 👀 Will take a closer look later today

Copy link
Contributor

@fedekunze fedekunze left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK! Great work @Vvaradinov

modules/apps/transfer/types/transfer_authorization.go Outdated Show resolved Hide resolved
CHANGELOG.md Outdated Show resolved Hide resolved
@crodriguezvega crodriguezvega removed 20-transfer type: refactor Architecture, code or CI improvements that may or may not tackle technical debt. labels May 12, 2023
@crodriguezvega
Copy link
Contributor

Thanks for all the work on this one, @Vvaradinov! I opened a PR with an idea suggested by @damiannolan and @colin-axner (making maxUint256 un-exported and adding an exported function to retrieve it) and updating the documentation.

@Vvaradinov Vvaradinov requested a review from srdtrk as a code owner May 15, 2023 07:10
Copy link
Member

@damiannolan damiannolan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK, thanks @crodriguezvega

modules/apps/transfer/types/transfer_authorization.go Outdated Show resolved Hide resolved
Copy link
Contributor

@crodriguezvega crodriguezvega left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK. Thanks a lot for all this work, @Vvaradinov!

modules/apps/transfer/types/transfer_authorization.go Outdated Show resolved Hide resolved
Copy link
Contributor

@crodriguezvega crodriguezvega left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK. Thanks a lot for all this work, @Vvaradinov!

@fedekunze fedekunze merged commit 7e6eb4c into cosmos:main May 15, 2023
mergify bot pushed a commit that referenced this pull request May 15, 2023
* imp: represent unlimited approvals with a nil value

* CHANGELOG

* Update CHANGELOG.md

* fix: updated unlimited spending limit to be represented with the MaxInt64

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* Update CHANGELOG.md

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* fix: lint

* Update modules/apps/transfer/types/transfer_authorization.go

* fix: update failing test and add test case suggested in review

* fix: moved isAllowedAddress check before coin loop

* fix: use maxUint256 case so it aligns with what's being passed from the EVM extension

* refactor transfer authz to remove coins iteration in favour of explicit amount checking

* make format

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* fix: add the Authorization to Updated.

* moving allowlist check to before spend limit logic

* Apply suggestions from code review

* fix: add comment to spend limit check

* review feedback

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* Update docs/apps/transfer/authorizations.md

* fix: changed to new sentinel value name

---------

Co-authored-by: Carlos Rodriguez <[email protected]>
Co-authored-by: Federico Kunze Küllmer <[email protected]>
Co-authored-by: Damian Nolan <[email protected]>
(cherry picked from commit 7e6eb4c)

# Conflicts:
#	CHANGELOG.md
#	e2e/tests/core/client_test.go
#	e2e/testsuite/grpc_query.go
#	modules/apps/transfer/types/transfer_authorization.go
#	modules/apps/transfer/types/transfer_authorization_test.go
mergify bot pushed a commit that referenced this pull request May 15, 2023
* imp: represent unlimited approvals with a nil value

* CHANGELOG

* Update CHANGELOG.md

* fix: updated unlimited spending limit to be represented with the MaxInt64

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* Update CHANGELOG.md

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* fix: lint

* Update modules/apps/transfer/types/transfer_authorization.go

* fix: update failing test and add test case suggested in review

* fix: moved isAllowedAddress check before coin loop

* fix: use maxUint256 case so it aligns with what's being passed from the EVM extension

* refactor transfer authz to remove coins iteration in favour of explicit amount checking

* make format

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* fix: add the Authorization to Updated.

* moving allowlist check to before spend limit logic

* Apply suggestions from code review

* fix: add comment to spend limit check

* review feedback

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* Update docs/apps/transfer/authorizations.md

* fix: changed to new sentinel value name

---------

Co-authored-by: Carlos Rodriguez <[email protected]>
Co-authored-by: Federico Kunze Küllmer <[email protected]>
Co-authored-by: Damian Nolan <[email protected]>
(cherry picked from commit 7e6eb4c)

# Conflicts:
#	CHANGELOG.md
#	e2e/tests/core/client_test.go
#	e2e/testsuite/grpc_query.go
#	modules/apps/transfer/types/transfer_authorization.go
crodriguezvega pushed a commit that referenced this pull request May 15, 2023
) (#3580)

* imp: represent unlimited approvals with MaxUint256 value (#3454)

* imp: represent unlimited approvals with a nil value

* CHANGELOG

* Update CHANGELOG.md

* fix: updated unlimited spending limit to be represented with the MaxInt64

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* Update CHANGELOG.md

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* fix: lint

* Update modules/apps/transfer/types/transfer_authorization.go

* fix: update failing test and add test case suggested in review

* fix: moved isAllowedAddress check before coin loop

* fix: use maxUint256 case so it aligns with what's being passed from the EVM extension

* refactor transfer authz to remove coins iteration in favour of explicit amount checking

* make format

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* fix: add the Authorization to Updated.

* moving allowlist check to before spend limit logic

* Apply suggestions from code review

* fix: add comment to spend limit check

* review feedback

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* Update docs/apps/transfer/authorizations.md

* fix: changed to new sentinel value name

---------

Co-authored-by: Carlos Rodriguez <[email protected]>
Co-authored-by: Federico Kunze Küllmer <[email protected]>
Co-authored-by: Damian Nolan <[email protected]>
(cherry picked from commit 7e6eb4c)

# Conflicts:
#	CHANGELOG.md
#	e2e/tests/core/client_test.go
#	e2e/testsuite/grpc_query.go
#	modules/apps/transfer/types/transfer_authorization.go
#	modules/apps/transfer/types/transfer_authorization_test.go

* resolving conflicts

---------

Co-authored-by: Vladislav Varadinov <[email protected]>
Co-authored-by: Damian Nolan <[email protected]>
crodriguezvega pushed a commit that referenced this pull request May 15, 2023
) (#3581)

* imp: represent unlimited approvals with MaxUint256 value (#3454)

* imp: represent unlimited approvals with a nil value

* CHANGELOG

* Update CHANGELOG.md

* fix: updated unlimited spending limit to be represented with the MaxInt64

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* Update CHANGELOG.md

Co-authored-by: Federico Kunze Küllmer <[email protected]>

* fix: lint

* Update modules/apps/transfer/types/transfer_authorization.go

* fix: update failing test and add test case suggested in review

* fix: moved isAllowedAddress check before coin loop

* fix: use maxUint256 case so it aligns with what's being passed from the EVM extension

* refactor transfer authz to remove coins iteration in favour of explicit amount checking

* make format

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* fix: add the Authorization to Updated.

* moving allowlist check to before spend limit logic

* Apply suggestions from code review

* fix: add comment to spend limit check

* review feedback

* Update modules/apps/transfer/types/transfer_authorization.go

Co-authored-by: Damian Nolan <[email protected]>

* Update docs/apps/transfer/authorizations.md

* fix: changed to new sentinel value name

---------

Co-authored-by: Carlos Rodriguez <[email protected]>
Co-authored-by: Federico Kunze Küllmer <[email protected]>
Co-authored-by: Damian Nolan <[email protected]>
(cherry picked from commit 7e6eb4c)

# Conflicts:
#	CHANGELOG.md
#	e2e/tests/core/client_test.go
#	e2e/testsuite/grpc_query.go
#	modules/apps/transfer/types/transfer_authorization.go

* resolving conflicts

---------

Co-authored-by: Vladislav Varadinov <[email protected]>
Co-authored-by: Damian Nolan <[email protected]>
Copy link
Contributor

@colin-axner colin-axner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work :) just left a small note on the updated return value

@@ -36,6 +40,10 @@ func (a TransferAuthorization) Accept(ctx sdk.Context, msg sdk.Msg) (authz.Accep
continue
}

if allocation.SpendLimit.AmountOf(msgTransfer.Token.Denom).Equal(sdk.NewIntFromBigInt(MaxUint256)) {
return authz.AcceptResponse{Accept: true, Delete: false, Updated: &a}, nil
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think updated being nil is useful for two reasons:

  • readability, in this situation no update should occur to the allocations (no undesired sideaffects, removes possibility of buggy code from causing issues)
  • less gas costs (returning an updated value causes kv store read/writes)

Is it not possible to update the tests?

@@ -3,7 +3,6 @@ package types_test
import (
sdk "github.com/cosmos/cosmos-sdk/types"
"github.com/cosmos/cosmos-sdk/x/authz"

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: import formatting

@damiannolan damiannolan mentioned this pull request May 16, 2023
9 tasks
@faddat faddat mentioned this pull request Jun 23, 2023
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

Represent unlimited ICS20 authorization amount as MaxInt256
7 participants