-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gnoland/gnovm: purify p/
even more
#2192
Comments
On top of this, we should disable direct calls to Gno stdlibs via @moul, I think its okay that Closing #2224 in favor of this. |
I think that p/ should be OK to contain package-level variables. While the following is off-topic: It's peculiar that you need to constantly remember that this is a p/ and that the variable isn't meant to be persisted, similar to how you must be mindful that it will be persisted when working within a Realm (comment in packages in r/). All these rules are implicit, which can be confusing. |
For Do you have examples of package-level variables that would make sense? |
I mean something like this: errXXX := errors.New("a common error shares within packages"). gno/examples/gno.land/p/demo/flow/io.gno Line 14 in 28111d9
but of course, we actually don't want to modify it. |
<!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [ ] Added new tests, or not needed, or not feasible - [ ] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [ ] Updated the official documentation or not needed - [ ] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [ ] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> Follow discussion in #2192 and [TheHowl's comment](#1538 (comment)), this PR aims to prohibit the use of `maketx call` with a `p/` entrypoint and force `maketx call` to call to a `gno.land/` pkgpath Behavior: ``` $ gnokey maketx call -broadcast -pkgpath gno.land/p/ -gas-wanted 10000000 -gas-fee 1000000ugnot -func Demo -remote localhost:26657 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` ``` $ gnokey maketx call -broadcast -pkgpath gno.land/p -gas-wanted 10000000 -gas-fee 1000000ugnot -func Demo -remote localhost: 26657 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` For `stdlibs`, force the pkgpath to begins with `gno.land/` ``` $ gnokey maketx call -broadcast -pkgpath strconv -gas-wanted 10000000 -gas-fee 1000000ugnot -func Itoa -args 11 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` --------- Co-authored-by: Morgan Bazalgette <[email protected]>
<!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [ ] Added new tests, or not needed, or not feasible - [ ] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [ ] Updated the official documentation or not needed - [ ] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [ ] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> Follow discussion in gnolang#2192 and [TheHowl's comment](gnolang#1538 (comment)), this PR aims to prohibit the use of `maketx call` with a `p/` entrypoint and force `maketx call` to call to a `gno.land/` pkgpath Behavior: ``` $ gnokey maketx call -broadcast -pkgpath gno.land/p/ -gas-wanted 10000000 -gas-fee 1000000ugnot -func Demo -remote localhost:26657 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` ``` $ gnokey maketx call -broadcast -pkgpath gno.land/p -gas-wanted 10000000 -gas-fee 1000000ugnot -func Demo -remote localhost: 26657 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` For `stdlibs`, force the pkgpath to begins with `gno.land/` ``` $ gnokey maketx call -broadcast -pkgpath strconv -gas-wanted 10000000 -gas-fee 1000000ugnot -func Itoa -args 11 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` --------- Co-authored-by: Morgan Bazalgette <[email protected]>
<!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [ ] Added new tests, or not needed, or not feasible - [ ] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [ ] Updated the official documentation or not needed - [ ] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [ ] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> Follow discussion in gnolang#2192 and [TheHowl's comment](gnolang#1538 (comment)), this PR aims to prohibit the use of `maketx call` with a `p/` entrypoint and force `maketx call` to call to a `gno.land/` pkgpath Behavior: ``` $ gnokey maketx call -broadcast -pkgpath gno.land/p/ -gas-wanted 10000000 -gas-fee 1000000ugnot -func Demo -remote localhost:26657 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` ``` $ gnokey maketx call -broadcast -pkgpath gno.land/p -gas-wanted 10000000 -gas-fee 1000000ugnot -func Demo -remote localhost: 26657 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` For `stdlibs`, force the pkgpath to begins with `gno.land/` ``` $ gnokey maketx call -broadcast -pkgpath strconv -gas-wanted 10000000 -gas-fee 1000000ugnot -func Itoa -args 11 testKey --= Error =-- Data: forbidden/bad package called Msg Traces: 0 ....... deliver transaction failed: log: --= /Error =-- ``` --------- Co-authored-by: Morgan Bazalgette <[email protected]>
Completed in #2242. We could make the error a bit more informative: |
Related to #2192 - Trigger a panic if a p/ attempts to create a banker, but allow interaction with an already instantiated banker from r/. Don't really know if this is the right approach. If you have another idea of how to implement this security check please let me know :) <!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [ ] Added new tests, or not needed, or not feasible - [ ] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [ ] Updated the official documentation or not needed - [ ] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [ ] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> --------- Co-authored-by: Manfred Touron <[email protected]>
Related: #2459 |
Only #3040 is part of the mainnet launch milestone, the rest is either already done or can wait. |
Currently,
p/
packages lack a data state (global vars)and cannot import(EDIT: they can), which is great. Yet, there are remaining ambiguities withr/
r/
to resolve for clarity and ensure they are entirely pure and stateless.Essentially,
p/
should be seen as a platform for sharing source code among developers, whiler/
is where apps (and some dependencies) reside for users to interact with.Changes to consider:
maketx call
with ap/
entrypoint. feat(sdk/vm)!: only allow using msgcall on realms #2242q_eval
for now.p/
attempts to create a banker, but allow interaction with an already instantiated banker fromr/
. feat: avoid Instantiation of banker on pure packages #2248std.DerivePkgPath
forp/
and emphasize their unique identifier,PkgPath
. Consider usingstd.GetCallerAt() Frame
to preventp/
'sstd.Address
from appearing in logs and causing confusion.cc @leohhhn
The text was updated successfully, but these errors were encountered: