-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add missing validation checks for all IBC message types #650
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #650 +/- ##
==========================================
+ Coverage 72.97% 73.09% +0.12%
==========================================
Files 127 127
Lines 15696 15625 -71
==========================================
- Hits 11454 11421 -33
+ Misses 4242 4204 -38
☔ View full report in Codecov by Sentry. |
Farhad-Shabani
added
the
A: blocked
Admin: blocked by another (internal/external) issue or PR
label
Apr 26, 2023
7 tasks
Farhad-Shabani
removed
the
A: blocked
Admin: blocked by another (internal/external) issue or PR
label
May 2, 2023
plafer
reviewed
May 5, 2023
plafer
approved these changes
May 5, 2023
Farhad-Shabani
added a commit
that referenced
this pull request
Sep 9, 2024
* Add missing ClientType validation * Move ClientType verification under validate.rs to cover all needed checks * Move ClientType tests into the validate.rs * Some adjustments * Fix tests * Mend ClientId for upgrade-client tests * Rename to default_validate_identifier * Refactor for more generic functions * Revise changelog * Add missing counterparty client_id check * Remove duplicate checks and unnecessary methods * Add missing changelog * Add missing message validation checks * Adjusted counterpary init Conn/Chan id checks * Fix some nits * name changes * fmt * Fix channel state check for acknowledgement * Remove comment of connection_hops_length check * Remove previous_channel_id field from MsgChannelOpenTry * Expose verify_connection_hops_length for chan_open_init/try --------- Co-authored-by: Philippe Laferriere <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes: #233
Description
Following table represents a comprehensive list of the validations conducted on IBC domain messages in IBC-go.
It also reflects the current status of these checks and briefly outlines the measures taken to fix any erroneous or missing validation in IBC-rs. Also, it should be noted; to make some checks clearer, a few improvements are made around some of these checks and the relevant errors.
Status: ✅ Existed - ❌ Missing, wrong or partially checked -⚠️ Not Applicable
Signer
must be parsed as a valid addressClientState
decode_client_state
ClientState
ClientState
ConsensusState
validate()
ClientType
match forClientState
andConsensusState
ConsensusState
does not containClientType
ClientType
meet identifier constraintsNone
ConsensusState::try_from
CommitmentRoot
cannot be emptyConsensusState::try_from
ConsensusState::try_from
ConsensusState::try_from
ClientMessage
SignedHeader
cannot be nilTmHeader::try_from
SignedHeader
basic validationsSignedHeader::try_from
oftendermint-rs
TmHeader
cannot be nilTmHeader::try_from
Header
be a Tendermint headerTmHeader::try_from
ValidatorSet
cannot be nilTmHeader::try_from
ValidatorSet
is tendermint validator setTmHeader::try_from
Header
validate_basic
ofTmHeader
TrustedHeight
<Header.height()
for updatesvalidate_basic
ofTmHeader
validate_basic
ofTmHeader
validate_basic
ofTmHeader
Misbehaviour
headers' height > 0Misbehaviour::try_from
Misbehaviour
headers cannot be emptyMisbehaviour::try_from
Misbehaviour
trusted vals cannot be emptyMisbehaviour::try_from
Misbehaviour
headers' basic validationvalidate_basic
ofMisbehaviour
Misbehaviour
headers have same chain Idsvalidate_basic
ofMisbehaviour
Misbehaviour
header1 height > header2 heightvalidate_basic
ofMisbehaviour
Misbehaviour
ClientId be validMisbehaviour
valid BlockId, CommitHeader::try_from
oftendermint-rs
ClientState
TmClientState::try_from
ConsensusState
TmConsensusState::try_from
ClientType
match forClientState
andConsensusState
ConsensusState
does not containClientType
CommitmentProofBytes::try_from
MsgUpgradeClient::try_from
ClientId
be validClientId
s be validConnectionId
must be emptytry_from
, though internally set toNone
CommitmentPrefix::try_from
ClientId
s be validConnectionId
must be validics24_host::identifier
ClientState
validate_self_tendermint_client
CommitmentProofBytes::try_from
CommitmentProofBytes::try_from
Height::try_from
CommitmentPrefix::try_from
ConnectionId
must be validics24_host::identifier
ClientState
validate_self_tendermint_client
Version
CommitmentProofBytes::try_from
CommitmentProofBytes::try_from
Height::try_from
CommitmentPrefix::try_from
ConnectionId
must be validics24_host::identifier
CommitmentProofBytes::try_from
UNINITIALIZED
state is invalidChannelEnd::try_from
None
ordering is invalidChannelEnd::try_from
ChannelEnd::try_from
ics24_host::identifier
ics24_host::identifier
PortId
s must be validPortId::from_str
INIT
try_from
, though internally set toINIT
ChannelId
must be emptytry_from
, though internally set toNone
PortId
s must be validPortId::from_str
TRYOPEN
MsgChannelOpenTry::try_from
ChannelId
must be emptyMsgChannelOpenTry::try_from
ChannelId
s must be non-empty validics24_host::identifier
chan_end_on_a
cannot be emptyCommitmentProofBytes::try_from
PortId
s must be validPortId::from_str
ChannelId
s must be validics24_host::identifier
CommitmentProofBytes::try_from
PortId
s must be validPortId::from_str
ChannelId
s must be validics24_host::identifier
Packet::try_from
Packet::try_from
Packet::try_from
PortId
s must be validPortId::from_str
ChannelId
s must be validics24_host::identifier
CommitmentProofBytes::try_from
CommitmentProofBytes::try_from
CommitmentProofBytes::try_from
MsgTimeout::try_from
CommitmentProofBytes::try_from
MsgTimeout::try_from
CommitmentProofBytes::try_from
CommitmentProofBytes::try_from
PR author checklist:
unclog
.docs/
).Reviewer checklist:
Files changed
in the GitHub PR explorer.