Skip to content

Commit

Permalink
feat: support blocking list of addresses in mempool and disable vesti…
Browse files Browse the repository at this point in the history
…ng messages in check tx mode (evmos#327)

* small fixes (evmos#310)

* disable vesting account messages in check tx

* Problem: don't support blocking addresses

Solution:
- support block addresses in mempool

* fix error

* put block address logic after validate basic

* fix build

* Apply suggestions from code review

Signed-off-by: yihuang <huang@crypto.com>

---------

Signed-off-by: yihuang <huang@crypto.com>

* rm IsCheckTx check

---------

Signed-off-by: yihuang <huang@crypto.com>
Co-authored-by: yihuang <huang@crypto.com>
  • Loading branch information
2 people authored and dudong2 committed Nov 15, 2023
1 parent 2ac0e19 commit 1533fc1
Show file tree
Hide file tree
Showing 4 changed files with 67 additions and 7 deletions.
33 changes: 29 additions & 4 deletions app/ante/ante.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
"github.com/cosmos/cosmos-sdk/types/tx/signing"
authante "github.com/cosmos/cosmos-sdk/x/auth/ante"
authtypes "github.com/cosmos/cosmos-sdk/x/auth/types"
vestingtypes "github.com/cosmos/cosmos-sdk/x/auth/vesting/types"

"github.com/evmos/ethermint/crypto/ethsecp256k1"
)
Expand All @@ -45,27 +46,51 @@ func NewAnteHandler(options HandlerOptions) (sdk.AnteHandler, error) {
return nil, err
}

blacklist := make(map[string]struct{}, len(options.Blacklist))
for _, str := range options.Blacklist {
addr, err := sdk.AccAddressFromBech32(str)
if err != nil {
return nil, fmt.Errorf("invalid bech32 address: %s, err: %w", str, err)
}

blacklist[string(addr)] = struct{}{}
}
blockAddressDecorator := NewBlockAddressesDecorator(blacklist)

return func(
ctx sdk.Context, tx sdk.Tx, sim bool,
) (newCtx sdk.Context, err error) {
var anteHandler sdk.AnteHandler

defer Recover(ctx.Logger(), &err)

// disable vesting message types
for _, msg := range tx.GetMsgs() {
switch msg.(type) {
case *vestingtypes.MsgCreateVestingAccount,
*vestingtypes.MsgCreatePeriodicVestingAccount,
*vestingtypes.MsgCreatePermanentLockedAccount:
return ctx, errorsmod.Wrapf(
errortypes.ErrInvalidRequest,
"vesting messages are not supported",
)
}
}

txWithExtensions, ok := tx.(authante.HasExtensionOptionsTx)
if ok {
opts := txWithExtensions.GetExtensionOptions()
if len(opts) > 0 {
switch typeURL := opts[0].GetTypeUrl(); typeURL {
case "/ethermint.evm.v1.ExtensionOptionsEthereumTx":
// handle as *evmtypes.MsgEthereumTx
anteHandler = newEthAnteHandler(options)
anteHandler = newEthAnteHandler(options, blockAddressDecorator)
case "/ethermint.types.v1.ExtensionOptionsWeb3Tx":
// Deprecated: Handle as normal Cosmos SDK tx, except signature is checked for Legacy EIP712 representation
anteHandler = NewLegacyCosmosAnteHandlerEip712(options)
anteHandler = NewLegacyCosmosAnteHandlerEip712(options, blockAddressDecorator)
case "/ethermint.types.v1.ExtensionOptionDynamicFeeTx":
// cosmos-sdk tx with dynamic fee extension
anteHandler = newCosmosAnteHandler(options)
anteHandler = newCosmosAnteHandler(options, blockAddressDecorator)
default:
return ctx, errorsmod.Wrapf(
errortypes.ErrUnknownExtensionOptions,
Expand All @@ -80,7 +105,7 @@ func NewAnteHandler(options HandlerOptions) (sdk.AnteHandler, error) {
// handle as totally normal Cosmos SDK tx
switch tx.(type) {
case sdk.Tx:
anteHandler = newCosmosAnteHandler(options)
anteHandler = newCosmosAnteHandler(options, blockAddressDecorator)
default:
return ctx, errorsmod.Wrapf(errortypes.ErrUnknownRequest, "invalid transaction type: %T", tx)
}
Expand Down
31 changes: 31 additions & 0 deletions app/ante/block_address.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
package ante

import (
"fmt"

sdk "github.com/cosmos/cosmos-sdk/types"
)

// BlockAddressesDecorator block addresses from sending transactions
type BlockAddressesDecorator struct {
blacklist map[string]struct{}
}

func NewBlockAddressesDecorator(blacklist map[string]struct{}) BlockAddressesDecorator {
return BlockAddressesDecorator{
blacklist: blacklist,
}
}

func (bad BlockAddressesDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (newCtx sdk.Context, err error) {
if ctx.IsCheckTx() {
for _, msg := range tx.GetMsgs() {
for _, signer := range msg.GetSigners() {
if _, ok := bad.blacklist[string(signer)]; ok {
return ctx, fmt.Errorf("signer is blocked: %s", signer.String())
}
}
}
}
return next(ctx, tx, simulate)
}
3 changes: 2 additions & 1 deletion app/ante/eip712.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,13 +50,14 @@ func init() {

// Deprecated: NewLegacyCosmosAnteHandlerEip712 creates an AnteHandler to process legacy EIP-712
// transactions, as defined by the presence of an ExtensionOptionsWeb3Tx extension.
func NewLegacyCosmosAnteHandlerEip712(options HandlerOptions) sdk.AnteHandler {
func NewLegacyCosmosAnteHandlerEip712(options HandlerOptions, extra sdk.AnteDecorator) sdk.AnteHandler {
return sdk.ChainAnteDecorators(
RejectMessagesDecorator{}, // reject MsgEthereumTxs
// disable the Msg types that cannot be included on an authz.MsgExec msgs field
NewAuthzLimiterDecorator(options.DisabledAuthzMsgs),
authante.NewSetUpContextDecorator(),
authante.NewValidateBasicDecorator(),
extra,
authante.NewTxTimeoutHeightDecorator(),
NewMinGasPriceDecorator(options.FeeMarketKeeper, options.EvmKeeper),
authante.NewValidateMemoDecorator(options.AccountKeeper),
Expand Down
7 changes: 5 additions & 2 deletions app/ante/handler_options.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ type HandlerOptions struct {
ExtensionOptionChecker ante.ExtensionOptionChecker
TxFeeChecker ante.TxFeeChecker
DisabledAuthzMsgs []string
Blacklist []string
}

func (options HandlerOptions) validate() error {
Expand All @@ -66,12 +67,13 @@ func (options HandlerOptions) validate() error {
return nil
}

func newEthAnteHandler(options HandlerOptions) sdk.AnteHandler {
func newEthAnteHandler(options HandlerOptions, extra sdk.AnteDecorator) sdk.AnteHandler {
return sdk.ChainAnteDecorators(
NewEthSetUpContextDecorator(options.EvmKeeper), // outermost AnteDecorator. SetUpContext must be called first
NewEthMempoolFeeDecorator(options.EvmKeeper), // Check eth effective gas price against minimal-gas-prices
NewEthMinGasPriceDecorator(options.FeeMarketKeeper, options.EvmKeeper), // Check eth effective gas price against the global MinGasPrice
NewEthValidateBasicDecorator(options.EvmKeeper),
extra,
NewEthSigVerificationDecorator(options.EvmKeeper),
NewEthAccountVerificationDecorator(options.AccountKeeper, options.EvmKeeper),
NewCanTransferDecorator(options.EvmKeeper),
Expand All @@ -82,14 +84,15 @@ func newEthAnteHandler(options HandlerOptions) sdk.AnteHandler {
)
}

func newCosmosAnteHandler(options HandlerOptions) sdk.AnteHandler {
func newCosmosAnteHandler(options HandlerOptions, extra sdk.AnteDecorator) sdk.AnteHandler {
return sdk.ChainAnteDecorators(
RejectMessagesDecorator{}, // reject MsgEthereumTxs
// disable the Msg types that cannot be included on an authz.MsgExec msgs field
NewAuthzLimiterDecorator(options.DisabledAuthzMsgs),
ante.NewSetUpContextDecorator(),
ante.NewExtensionOptionsDecorator(options.ExtensionOptionChecker),
ante.NewValidateBasicDecorator(),
extra,
ante.NewTxTimeoutHeightDecorator(),
NewMinGasPriceDecorator(options.FeeMarketKeeper, options.EvmKeeper),
ante.NewValidateMemoDecorator(options.AccountKeeper),
Expand Down

0 comments on commit 1533fc1

Please sign in to comment.