fix(stdlibs/std): Banker should only send coins owned by the calling realm #1787
Conversation
github-actions
bot
added
🧾 package/realm
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #1787 +/- ##
==========================================
+ Coverage 44.79% 47.49% +2.69%
==========================================
Files 459 388 -71
Lines 67642 61310 -6332
==========================================
- Hits 30300 29117 -1183
+ Misses 34808 29755 -5053
+ Partials 2534 2438 -96 ☔ View full report in Codecov by Sentry. |
|
@r3v4s could you rebase please? Thanks! |
r3v4s
force-pushed
the
fix/banker-permission
branch
from
8885a31
to
c9d0a9b
Compare
did rebase, nothing conflicts at all |
|
Hey, it seems there is an example test failing in the CI. Please fix it and then we can merge 🙏 |
Fixed :D |
r3v4s
force-pushed
the
fix/banker-permission
branch
from
51e86b5
to
fd94473
Compare
thehowl
changed the title
|
note, I think that it would be better if after we created a Banker, In any case, this fixes current behaviour and we can implement the above in another PR. Merging. |
| @@ -40,7 +40,7 @@ func Deposit(returnDenom string, returnAmount int64) string { | |||
| // return if any. | |||
| if returnAmount > 0 { | |||
| banker := std.GetBanker(std.BankerTypeOrigSend) | |||
| pkgaddr := std.GetOrigPkgAddr() | |||
| pkgaddr := std.CurrentRealm().Addr() | |||
There was a problem hiding this comment.
why do we modify this testing case?
| @@ -21,7 +21,6 @@ func main() { | |||
| println("main before:", mainbal) // plus OrigSend equals 300. | |||
|
|
|||
| // simulate a Deposit call. | |||
| std.TestSetOrigPkgAddr(banktestAddr) | |||
There was a problem hiding this comment.
This is a valid testing case, why do we remove this?
|
|
||
| // simulate a Deposit call. | ||
| std.TestSetOrigPkgAddr(banktestAddr) |
There was a problem hiding this comment.
This is a valid testing case, why do we modify this?
| @@ -43,7 +43,7 @@ func Transfer(to std.Address, send int64) string { | |||
| gTotalTransfers++ | |||
|
|
|||
| banker := std.GetBanker(std.BankerTypeRealmSend) | |||
| pkgaddr := std.GetOrigPkgAddr() | |||
There was a problem hiding this comment.
Why do we make this change?
There was a problem hiding this comment.
banker type used here is 'RealmSend', not 'OrigSend'
I think it should be CurrentRealm()
| # XXX without patching anything it will panic | ||
| # panic msg: insufficient coins error | ||
| # XXX with pathcing only wugnot.gnot it will panic | ||
| # panic msg: RealmSendBanker can only send from the realm package address "g1fndyg0we60rdfchyy5dwxzkfmhl5u34j932rg3", but got "g1pf6dv9fjk3rn0m4jjcne306ga4he3mzmupfjl6" |
There was a problem hiding this comment.
It seems opposite.
g1fndyg0we60rdfchyy5dwxzkfmhl5u34j932rg3 is the address of gno.land/r/demo/proxywugnot
g1pf6dv9fjk3rn0m4jjcne306ga4he3mzmupfjl6 is the address of gno.land/r/demo/wugnot
There was a problem hiding this comment.
Above msg happens(panics) when calling 'proxywugnot.Unwrap()' without patching banker.go
So we expect 'proxywugnot' (g1f) to send its own coin, not from 'wugnot' (g1p)
| if bt == btOrigSend || bt == btRealmSend { | ||
| if from != ctx.OrigPkgAddr { | ||
| if from != pkgAddr { |
There was a problem hiding this comment.
The earlier code checks against the package address for SendCoins() in the OrigSendBanker and RealmSendBanker separately.
gno/gnovm/stdlibs/std/banker.go
Line 97 in 6c5b4cf
gno/gnovm/stdlibs/std/banker.go
Line 144 in 6c5b4cf
The code is the same, but the state of the package address in different banker instances could be different. In the current code, it is merged into one logic, where it checks either OrigPkgAddr or m.Realm.Path for SendCoin() of both OrigSendBanker and RealmSendBanker together. However, these should be checked separately. If not, other places that require checking OriginSendBanker's OrigPkgAddr might fail when ctx.OrignPkgAddr and m.Realm.PathAddr have different values.
There was a problem hiding this comment.
looking into this
(seems this logic is also related to your another comments about test cases).
// UPDATE
Thanks for pointing this out. I missed internal behavior.
Separated verification logic 9907a3c
|
@r3v4s can you check out the comments and questions here? Thanks! |
Hello piux2, just checked all of your comments and fixed few things that need to be fix. BTW since 'this' PR is merged, I think I have to create another pr to merge new changes. WDYT? |
Yes please |
@r3v4s please, in the new PR, make this change as well. I suggest to do this you move the check into the Gno code of the banker (banker.gno). When creating the banker struct, it should contain the address of the realm that created it. Thanks! |
Yes, let's create new pr to merge the new changes. Thanks! |
UPDATE: Ignore it, seems to be vm keeper heavily relies on |
…er (#1921) related pr #1787 There was bit of extra conversion in previous pr after merged. 1) revert test cases 2) allow `Send` from realm that created banker rather the one calling <!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [x] Added new tests, or not needed, or not feasible - [x] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [x] Updated the official documentation or not needed - [x] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [x] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> --------- Co-authored-by: Morgan <[email protected]>
…er (gnolang#1921) related pr gnolang#1787 There was bit of extra conversion in previous pr after merged. 1) revert test cases 2) allow `Send` from realm that created banker rather the one calling <!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [x] Added new tests, or not needed, or not feasible - [x] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [x] Updated the official documentation or not needed - [x] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [x] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> --------- Co-authored-by: Morgan <[email protected]>
BREAKING CHANGE: changes native banker behavior
It closes #1786
realm that uses banker should only send coins owned by itself, not by others
Contributors' checklist...
BREAKING CHANGE: xxxmessage was included in the description