add all modules to allowlist exceptions

sei-protocol · Nov 1, 2024 · 6cc6fc9 · 6cc6fc9
1 parent 71ec704
commit 6cc6fc9
Show file tree

Hide file tree

Showing 2 changed files with 151 additions and 6 deletions.
diff --git a/x/bank/keeper/keeper_test.go b/x/bank/keeper/keeper_test.go
@@ -725,6 +725,137 @@ func (suite *IntegrationTestSuite) TestSendCoinsWithReceiverNotInAllowList() {
 	suite.Require().Equal(expected, acc2Balances)
 }
 
+// Test that creating allowlist does not block module to module transfers
+func (suite *IntegrationTestSuite) TestSendCoinsModuleToModuleWithAllowList() {
+	// add module accounts to supply keeper
+	ctx := suite.ctx
+	authKeeper, keeper := suite.initKeepersWithmAccPerms(make(map[string]bool))
+	authKeeper.SetModuleAccount(ctx, multiPermAcc)
+	authKeeper.SetModuleAccount(ctx, randomPermAcc)
+	app := suite.app
+	app.BankKeeper = keeper
+
+	addr1 := sdk.AccAddress("addr1_______________")
+	acc1 := app.AccountKeeper.NewAccountWithAddress(ctx, addr1)
+	app.AccountKeeper.SetAccount(ctx, acc1)
+	factoryCoin := newFactoryFooCoin(addr1, 100)
+	balances := sdk.NewCoins(factoryCoin, newBarCoin(50))
+	app.BankKeeper.SetDenomAllowList(ctx, factoryCoin.Denom, types.AllowList{
+		Addresses: []string{addr1.String()}})
+
+	// set up bank balances
+	suite.Require().NoError(simapp.FundAccount(app.BankKeeper, ctx, multiPermAcc.GetAddress(), balances))
+
+	sendCoins := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(20))
+	suite.Require().NoError(app.BankKeeper.SendCoinsFromModuleToModule(ctx, multiPerm, randomPerm, sendCoins))
+	expectedBankBalances := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(30))
+	// assert module balances correct
+	bals := app.BankKeeper.GetAllBalances(ctx, multiPermAcc.GetAddress())
+	suite.Require().Equal(expectedBankBalances, bals)
+	// assert receiver balances correct
+	userBals := app.BankKeeper.GetAllBalances(ctx, randomPermAcc.GetAddress())
+	suite.Require().Equal(sendCoins, userBals)
+}
+
+// Test that creating allowlist does not block sending from module to account even though we are not explicitly adding
+// the module account to the allowlist
+func (suite *IntegrationTestSuite) TestSendCoinsModuleToAccountWithAllowList() {
+	// add module accounts to supply keeper
+	ctx := suite.ctx
+	authKeeper, keeper := suite.initKeepersWithmAccPerms(make(map[string]bool))
+	authKeeper.SetModuleAccount(ctx, multiPermAcc)
+	app := suite.app
+	app.BankKeeper = keeper
+
+	addr1 := sdk.AccAddress("addr1_______________")
+	acc1 := app.AccountKeeper.NewAccountWithAddress(ctx, addr1)
+	app.AccountKeeper.SetAccount(ctx, acc1)
+	factoryCoin := newFactoryFooCoin(addr1, 100)
+	balances := sdk.NewCoins(factoryCoin, newBarCoin(50))
+	app.BankKeeper.SetDenomAllowList(ctx, factoryCoin.Denom, types.AllowList{
+		Addresses: []string{addr1.String()}})
+
+	// set up bank balances
+	suite.Require().NoError(simapp.FundAccount(app.BankKeeper, ctx, multiPermAcc.GetAddress(), balances))
+
+	sendCoins := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(20))
+	suite.Require().NoError(app.BankKeeper.SendCoinsFromModuleToAccount(ctx, multiPerm, addr1, sendCoins))
+
+	expectedBankBalances := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(30))
+	// assert module balances correct
+	bals := app.BankKeeper.GetAllBalances(ctx, multiPermAcc.GetAddress())
+	suite.Require().Equal(expectedBankBalances, bals)
+	// assert receiver balances correct
+	userBals := app.BankKeeper.GetAllBalances(ctx, addr1)
+	suite.Require().Equal(sendCoins, userBals)
+}
+
+// Test that creating allowlist does not block sending from account to module even though we are not explicitly adding
+// the module account to the allowlist
+func (suite *IntegrationTestSuite) TestSendCoinsAccountToModuleWithAllowList() {
+	// add module accounts to supply keeper
+	ctx := suite.ctx
+	authKeeper, keeper := suite.initKeepersWithmAccPerms(make(map[string]bool))
+	authKeeper.SetModuleAccount(ctx, multiPermAcc)
+	app := suite.app
+	app.BankKeeper = keeper
+
+	addr1 := sdk.AccAddress("addr1_______________")
+	acc1 := app.AccountKeeper.NewAccountWithAddress(ctx, addr1)
+	app.AccountKeeper.SetAccount(ctx, acc1)
+	factoryCoin := newFactoryFooCoin(addr1, 100)
+	balances := sdk.NewCoins(factoryCoin, newBarCoin(50))
+	app.BankKeeper.SetDenomAllowList(ctx, factoryCoin.Denom, types.AllowList{
+		Addresses: []string{addr1.String()}})
+
+	// set up bank balances
+	suite.Require().NoError(simapp.FundAccount(app.BankKeeper, ctx, addr1, balances))
+
+	sendCoins := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(20))
+	suite.Require().NoError(app.BankKeeper.SendCoinsFromAccountToModule(ctx, addr1, multiPerm, sendCoins))
+	expectedBankBalances := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(30))
+	// assert account balances correct
+	bals := app.BankKeeper.GetAllBalances(ctx, addr1)
+	suite.Require().Equal(expectedBankBalances, bals)
+	// assert module balances correct
+	userBals := app.BankKeeper.GetAllBalances(ctx, multiPermAcc.GetAddress())
+	suite.Require().Equal(sendCoins, userBals)
+}
+
+// Test that creating allowlist does not block sending from account to module even though we are not explicitly adding
+// the module account to the allowlist
+func (suite *IntegrationTestSuite) TestDeferredSendCoinsAccountToModuleWithAllowList() {
+	// add module accounts to supply keeper
+	ctx := suite.ctx
+	authKeeper, keeper := suite.initKeepersWithmAccPerms(make(map[string]bool))
+	authKeeper.SetModuleAccount(ctx, multiPermAcc)
+	app := suite.app
+	app.BankKeeper = keeper
+
+	addr1 := sdk.AccAddress("addr1_______________")
+	acc1 := app.AccountKeeper.NewAccountWithAddress(ctx, addr1)
+	app.AccountKeeper.SetAccount(ctx, acc1)
+	factoryCoin := newFactoryFooCoin(addr1, 100)
+	balances := sdk.NewCoins(factoryCoin, newBarCoin(50))
+	app.BankKeeper.SetDenomAllowList(ctx, factoryCoin.Denom, types.AllowList{
+		Addresses: []string{addr1.String()}})
+
+	// set up bank balances
+	suite.Require().NoError(simapp.FundAccount(app.BankKeeper, ctx, addr1, balances))
+
+	sendCoins := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(20))
+	suite.Require().NoError(app.BankKeeper.DeferredSendCoinsFromAccountToModule(ctx, addr1, multiPerm, sendCoins))
+	app.BankKeeper.WriteDeferredBalances(ctx)
+
+	expectedBankBalances := sdk.NewCoins(newFactoryFooCoin(addr1, 50), newBarCoin(30))
+	// assert account balances correct
+	bals := app.BankKeeper.GetAllBalances(ctx, addr1)
+	suite.Require().Equal(expectedBankBalances, bals)
+	// assert module balances correct
+	userBals := app.BankKeeper.GetAllBalances(ctx, multiPermAcc.GetAddress())
+	suite.Require().Equal(sendCoins, userBals)
+}
+
 func (suite *IntegrationTestSuite) TestSendCoinsModuleToAccount() {
 	// add module accounts to supply keeper
 	ctx := suite.ctx

diff --git a/x/bank/keeper/send.go b/x/bank/keeper/send.go
@@ -1,6 +1,7 @@
 package keeper
 
 import (
+	authtypes "github.com/cosmos/cosmos-sdk/x/auth/types"
 	"strings"
 
 	"github.com/cosmos/cosmos-sdk/codec"
@@ -13,8 +14,7 @@ import (
 )
 
 const (
-	TokenFactoryPrefix     = "factory"
-	TokenFactoryModuleName = "tokenfactory"
+	TokenFactoryPrefix = "factory"
 )
 
 // SendKeeper defines a module interface that facilitates the transfer of coins
@@ -517,11 +517,12 @@ func (k BaseSendKeeper) IsAllowedToSendCoins(ctx sdk.Context, addr sdk.AccAddres
 		// process only if denom does contain token factory prefix
 		if strings.HasPrefix(coin.Denom, TokenFactoryPrefix) {
 			allowedAddresses := k.getAllowedAddresses(ctx, cache, coin.Denom)
+			// Print all module names
 			if len(allowedAddresses.set) > 0 {
-				// Add token factory module address to allowlist for minting tokens if allowlist is not empty
-				tokenFactoryAddr := k.ak.GetModuleAddress(TokenFactoryModuleName)
-				if tokenFactoryAddr != nil {
-					allowedAddresses.set[tokenFactoryAddr.String()] = struct{}{}
+				// Add all module addresses as allowed addresses
+				moduleAddresses := k.getAllModuleAddresses(ctx)
+				for _, moduleAddr := range moduleAddresses {
+					allowedAddresses.set[moduleAddr] = struct{}{}
 				}
 
 				if !allowedAddresses.contains(addr) {
@@ -533,6 +534,19 @@ func (k BaseSendKeeper) IsAllowedToSendCoins(ctx sdk.Context, addr sdk.AccAddres
 	return true
 }
 
+func (k BaseSendKeeper) getAllModuleAddresses(ctx sdk.Context) []string {
+	var moduleAddresses []string
+
+	k.ak.IterateAccounts(ctx, func(account authtypes.AccountI) bool {
+		if moduleAcc, ok := account.(authtypes.ModuleAccountI); ok {
+			moduleAddresses = append(moduleAddresses, moduleAcc.GetAddress().String())
+		}
+		return false
+	})
+
+	return moduleAddresses
+}
+
 func (k BaseSendKeeper) getAllowedAddresses(ctx sdk.Context, cache map[string]AllowedAddresses, denom string) AllowedAddresses {
 	allowedAddresses, exists := cache[denom]
 	if !exists {