cosmos · seantking · Mar 28, 2022 · Mar 15, 2022 · Mar 21, 2022 · Mar 22, 2022
diff --git a/modules/light-clients/07-tendermint/types/misbehaviour_handle.go b/modules/light-clients/07-tendermint/types/misbehaviour_handle.go
@@ -58,37 +58,8 @@ func (cs ClientState) CheckMisbehaviourAndUpdateState(
 		}
 	}
 
-	// Regardless of the type of misbehaviour, ensure that both headers are valid and would have been accepted by light-client
-
-	// Retrieve trusted consensus states for each Header in misbehaviour
-	// and unmarshal from clientStore
-
-	// Get consensus bytes from clientStore
-	tmConsensusState1, err := GetConsensusState(clientStore, cdc, tmMisbehaviour.Header1.TrustedHeight)
-	if err != nil {
-		return nil, sdkerrors.Wrapf(err, "could not get trusted consensus state from clientStore for Header1 at TrustedHeight: %s", tmMisbehaviour.Header1)
-	}
-
-	// Get consensus bytes from clientStore
-	tmConsensusState2, err := GetConsensusState(clientStore, cdc, tmMisbehaviour.Header2.TrustedHeight)
-	if err != nil {
-		return nil, sdkerrors.Wrapf(err, "could not get trusted consensus state from clientStore for Header2 at TrustedHeight: %s", tmMisbehaviour.Header2)
-	}
-
-	// Check the validity of the two conflicting headers against their respective
-	// trusted consensus states
-	// NOTE: header height and commitment root assertions are checked in
-	// misbehaviour.ValidateBasic by the client keeper and msg.ValidateBasic
-	// by the base application.
-	if err := checkMisbehaviourHeader(
-		&cs, tmConsensusState1, tmMisbehaviour.Header1, ctx.BlockTime(),
-	); err != nil {
-		return nil, sdkerrors.Wrap(err, "verifying Header1 in Misbehaviour failed")
-	}
-	if err := checkMisbehaviourHeader(
-		&cs, tmConsensusState2, tmMisbehaviour.Header2, ctx.BlockTime(),
-	); err != nil {
-		return nil, sdkerrors.Wrap(err, "verifying Header2 in Misbehaviour failed")
+	if err := cs.VerifyClientMessage(ctx, clientStore, cdc, misbehaviour); err != nil {
+		return nil, err
 	}
 
 	cs.FrozenHeight = FrozenHeight

diff --git a/modules/light-clients/07-tendermint/types/update.go b/modules/light-clients/07-tendermint/types/update.go
@@ -65,15 +65,7 @@ func (cs ClientState) CheckHeaderAndUpdateState(
 		conflictingHeader = true
 	}
 
-	// get consensus state from clientStore
-	trustedConsState, err := GetConsensusState(clientStore, cdc, tmHeader.TrustedHeight)
-	if err != nil {
-		return nil, nil, sdkerrors.Wrapf(
-			err, "could not get consensus state from clientstore at TrustedHeight: %s", tmHeader.TrustedHeight,
-		)
-	}
-
-	if err := checkValidity(&cs, trustedConsState, tmHeader, ctx.BlockTime()); err != nil {
+	if err := cs.VerifyClientMessage(ctx, clientStore, cdc, tmHeader); err != nil {
 		return nil, nil, err
 	}
 
@@ -126,12 +118,74 @@ func checkTrustedHeader(header *Header, consState *ConsensusState) error {
 	return nil
 }
 
-// checkValidity checks if the Tendermint header is valid.
-// CONTRACT: consState.Height == header.TrustedHeight
-func checkValidity(
-	clientState *ClientState, consState *ConsensusState,
-	header *Header, currentTimestamp time.Time,
+// VerifyClientMessage checks if the clientMessage is of type Header or Misbehaviour and verifies the message
+func (cs *ClientState) VerifyClientMessage(
+	ctx sdk.Context, clientStore sdk.KVStore, cdc codec.BinaryCodec,
+	header exported.ClientMessage,
+) error {
+	switch header.(type) {
+	case *Header:
+		return cs.verifyHeader(ctx, clientStore, cdc, header, ctx.BlockTime())
+	case *Misbehaviour:
+		misbehaviour := header.(*Misbehaviour)
+		// Regardless of the type of misbehaviour, ensure that both headers are valid and would have been accepted by light-client
+
+		// Retrieve trusted consensus states for each Header in misbehaviour
+		// and unmarshal from clientStore
+
+		// Get consensus bytes from clientStore
+		tmConsensusState1, err := GetConsensusState(clientStore, cdc, misbehaviour.Header1.TrustedHeight)
+		if err != nil {
+			return sdkerrors.Wrapf(err, "could not get trusted consensus state from clientStore for Header1 at TrustedHeight: %s", misbehaviour.Header1)
+		}
+
+		// Get consensus bytes from clientStore
+		tmConsensusState2, err := GetConsensusState(clientStore, cdc, misbehaviour.Header2.TrustedHeight)
+		if err != nil {
+			return sdkerrors.Wrapf(err, "could not get trusted consensus state from clientStore for Header2 at TrustedHeight: %s", misbehaviour.Header2)
+		}
+
+		// Check the validity of the two conflicting headers against their respective
+		// trusted consensus states
+		// NOTE: header height and commitment root assertions are checked in
+		// misbehaviour.ValidateBasic by the client keeper and msg.ValidateBasic
+		// by the base application.
+		if err := checkMisbehaviourHeader(
+			cs, tmConsensusState1, misbehaviour.Header1, ctx.BlockTime(),
+		); err != nil {
+			return sdkerrors.Wrap(err, "verifying Header1 in Misbehaviour failed")
+		}
+		if err := checkMisbehaviourHeader(
+			cs, tmConsensusState2, misbehaviour.Header2, ctx.BlockTime(),
+		); err != nil {
+			return sdkerrors.Wrap(err, "verifying Header2 in Misbehaviour failed")
+		}
+	}
+
+	return nil
+}
+
+// verifyHeader returns an error if:
+// - the client or header provided are not parseable to tendermint types
+// - the header is invalid
+// - header height is less than or equal to the trusted header height
+// - header revision is not equal to trusted header revision
+// - header valset commit verification fails
+// - header timestamp is past the trusting period in relation to the consensus state
+// - header timestamp is less than or equal to the consensus state timestamp
+func (cs *ClientState) verifyHeader(
+	ctx sdk.Context, clientStore sdk.KVStore, cdc codec.BinaryCodec,
+	tmHeader exported.ClientMessage, currentTimestamp time.Time,
 ) error {
+	// TODO: check ok
+	header := tmHeader.(*Header)
+
+	// Retrieve trusted consensus states for each Header in misbehaviour
+	consState, err := GetConsensusState(clientStore, cdc, header.TrustedHeight)
+	if err != nil {
+		return sdkerrors.Wrapf(err, "could not get trusted consensus state from clientStore for Header at TrustedHeight: %s", header.TrustedHeight)
+	}
+
 	if err := checkTrustedHeader(header, consState); err != nil {
 		return err
 	}
@@ -169,7 +223,7 @@ func checkValidity(
 		)
 	}
 
-	chainID := clientState.GetChainID()
+	chainID := cs.GetChainID()
 	// If chainID is in revision format, then set revision number of chainID with the revision number
 	// of the header we are verifying
 	// This is useful if the update is at a previous revision rather than an update to the latest revision
@@ -200,11 +254,12 @@ func checkValidity(
 	err = light.Verify(
 		&signedHeader,
 		tmTrustedValidators, tmSignedHeader, tmValidatorSet,
-		clientState.TrustingPeriod, currentTimestamp, clientState.MaxClockDrift, clientState.TrustLevel.ToTendermint(),
+		cs.TrustingPeriod, currentTimestamp, cs.MaxClockDrift, cs.TrustLevel.ToTendermint(),
 	)
 	if err != nil {
 		return sdkerrors.Wrap(err, "failed to verify header")
 	}
+
 	return nil
 }