-
Notifications
You must be signed in to change notification settings - Fork 586
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: making changes based on nits from 02-client refactor audit #1585
Changes from 2 commits
be977e8
798012f
fae6cba
52d37d8
5faddd7
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,8 @@ | ||
package keeper | ||
|
||
import ( | ||
"encoding/hex" | ||
"github.com/cosmos/cosmos-sdk/codec" | ||
"strings" | ||
|
||
sdk "github.com/cosmos/cosmos-sdk/types" | ||
chatton marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
@@ -26,7 +28,13 @@ func EmitCreateClientEvent(ctx sdk.Context, clientID string, clientState exporte | |
} | ||
|
||
// EmitUpdateClientEvent emits an update client event | ||
func EmitUpdateClientEvent(ctx sdk.Context, clientID string, clientType string, consensusHeights []exported.Height, clientMsgStr string) { | ||
func EmitUpdateClientEvent(ctx sdk.Context, clientID string, clientType string, consensusHeights []exported.Height, cdc codec.BinaryCodec, clientMsg exported.ClientMessage) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
|
||
// Marshal the ClientMessage as an Any and encode the resulting bytes to hex. | ||
// This prevents the event value from containing invalid UTF-8 characters | ||
// which may cause data to be lost when JSON encoding/decoding. | ||
clientMsgStr := hex.EncodeToString(types.MustMarshalClientMessage(cdc, clientMsg)) | ||
|
||
var consensusHeightAttr string | ||
if len(consensusHeights) != 0 { | ||
consensusHeightAttr = consensusHeights[0].String() | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,26 +17,6 @@ import ( | |
"github.com/cosmos/ibc-go/v3/modules/core/exported" | ||
) | ||
|
||
// checkTrustedHeader checks that consensus state matches trusted fields of Header | ||
func checkTrustedHeader(header *Header, consState *ConsensusState) error { | ||
tmTrustedValidators, err := tmtypes.ValidatorSetFromProto(header.TrustedValidators) | ||
if err != nil { | ||
return sdkerrors.Wrap(err, "trusted validator set in not tendermint validator set type") | ||
} | ||
|
||
// assert that trustedVals is NextValidators of last trusted header | ||
// to do this, we check that trustedVals.Hash() == consState.NextValidatorsHash | ||
tvalHash := tmTrustedValidators.Hash() | ||
if !bytes.Equal(consState.NextValidatorsHash, tvalHash) { | ||
return sdkerrors.Wrapf( | ||
ErrInvalidValidatorSet, | ||
"trusted validators %s, does not hash to latest trusted validators. Expected: %X, got: %X", | ||
header.TrustedValidators, consState.NextValidatorsHash, tvalHash, | ||
) | ||
} | ||
return nil | ||
} | ||
|
||
// VerifyClientMessage checks if the clientMessage is of type Header or Misbehaviour and verifies the message | ||
func (cs *ClientState) VerifyClientMessage( | ||
ctx sdk.Context, cdc codec.BinaryCodec, clientStore sdk.KVStore, | ||
|
@@ -198,6 +178,9 @@ func (cs ClientState) pruneOldestConsensusState(ctx sdk.Context, cdc codec.Binar | |
// this error should never occur | ||
if !found { | ||
pruneError = sdkerrors.Wrapf(clienttypes.ErrConsensusStateNotFound, "failed to retrieve consensus state at height: %s", height) | ||
if pruneError != nil { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I guess we can safely remove the |
||
panic(pruneError) | ||
} | ||
return true | ||
} | ||
|
||
|
@@ -209,9 +192,6 @@ func (cs ClientState) pruneOldestConsensusState(ctx sdk.Context, cdc codec.Binar | |
} | ||
|
||
IterateConsensusStateAscending(clientStore, pruneCb) | ||
if pruneError != nil { | ||
panic(pruneError) | ||
} | ||
|
||
// if pruneHeight is set, delete consensus state and metadata | ||
if pruneHeight != nil { | ||
|
@@ -230,11 +210,11 @@ func (cs ClientState) CheckForMisbehaviour(ctx sdk.Context, cdc codec.BinaryCode | |
// Check if the Client store already has a consensus state for the header's height | ||
// If the consensus state exists, and it matches the header then we return early | ||
// since header has already been submitted in a previous UpdateClient. | ||
prevConsState, _ := GetConsensusState(clientStore, cdc, tmHeader.GetHeight()) | ||
if prevConsState != nil { | ||
existingConsState, _ := GetConsensusState(clientStore, cdc, tmHeader.GetHeight()) | ||
if existingConsState != nil { | ||
// This header has already been submitted and the necessary state is already stored | ||
// in client store, thus we can return early without further validation. | ||
if reflect.DeepEqual(prevConsState, tmHeader.ConsensusState()) { | ||
if reflect.DeepEqual(existingConsState, tmHeader.ConsensusState()) { | ||
return false | ||
} | ||
|
||
|
@@ -272,3 +252,23 @@ func (cs ClientState) UpdateStateOnMisbehaviour(ctx sdk.Context, cdc codec.Binar | |
|
||
clientStore.Set(host.ClientStateKey(), clienttypes.MustMarshalClientState(cdc, &cs)) | ||
} | ||
|
||
// checkTrustedHeader checks that consensus state matches trusted fields of Header | ||
func checkTrustedHeader(header *Header, consState *ConsensusState) error { | ||
tmTrustedValidators, err := tmtypes.ValidatorSetFromProto(header.TrustedValidators) | ||
if err != nil { | ||
return sdkerrors.Wrap(err, "trusted validator set in not tendermint validator set type") | ||
} | ||
|
||
// assert that trustedVals is NextValidators of last trusted header | ||
// to do this, we check that trustedVals.Hash() == consState.NextValidatorsHash | ||
tvalHash := tmTrustedValidators.Hash() | ||
if !bytes.Equal(consState.NextValidatorsHash, tvalHash) { | ||
return sdkerrors.Wrapf( | ||
ErrInvalidValidatorSet, | ||
"trusted validators %s, does not hash to latest trusted validators. Expected: %X, got: %X", | ||
header.TrustedValidators, consState.NextValidatorsHash, tvalHash, | ||
) | ||
} | ||
return nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this was not mentioned in the audit however we are wrapping these calls with an anonymous function which is not required unless we want to not evaluate
clientState.ClientType()
until function execution for some reason.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, nice catch. I think then this improvement could be applied to other places of the codebase as well.