Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hardening overrule proposals with additional checks #NTRN-325 #32

Merged
merged 59 commits into from
Apr 14, 2023
Merged

Hardening overrule proposals with additional checks #NTRN-325 #32

merged 59 commits into from
Apr 14, 2023

Conversation

oldremez
Copy link
Contributor

@oldremez oldremez commented Jan 17, 2023
edited
Loading

The changes made in this PR:

  1. Added more checks to the pre-propose overrule module. It is mostly done to avoid spam proposals. The checks are:
    1. Is the subdao in the DAO's subdao list
    2. Do subdao and timelock point to each other
    3. Is the proposal we're to create overrule proposal for in the timelocked state
    4. Is the overrule proposal is already created (to avoid duplication)
  2. Overrule proposal name/description are improved and contain subdao name and proposal id
  3. Added query to get information about wich overrule proposal corresponds to this particular subdao proposal
  4. Added more error results for overrule pre proposal module
  5. The query interface of all the pre-proposal modules changed in a way to be compatible. It used Base() enum wrapper before, which made it impossible to make base queries to those modules as-is. Now, the model with templates implemented.
  6. Timelock contract now automatically creates the overrule proposal when the subdao proposal is to be timelocked
  7. Timelock contract init message changed. Instead of receiving the timelock duration, it receives the overrule pre proposal module.
  8. Instead of checking if time passed for allowing the proposal execution, the timelock contract now queries if the respective overrule proposal of the main DAO is rejected.

Genesis changes: neutron-org/neutron#201
Integration tests: neutron-org/neutron-integration-tests#131

@oldremez
wip
92ba326
@oldremez
wip
6413f49
@oldremez
wip
7d40f0c
@oldremez
messages refactoring
ee32d0a
@oldremez
temp commit
b73035f
@oldremez
query and config fixes
99603e3
@oldremez
Merge branch 'neutron_audit_informal_17_01_2023' into feat/subdao-reg…
3257032 
…istry

# Conflicts:
#	artifacts/checksums.txt
#	artifacts/checksums_intermediate.txt
#	artifacts/cwd_core.wasm
#	artifacts/cwd_pre_propose_overrule.wasm
#	artifacts/cwd_pre_propose_single.wasm
#	artifacts/cwd_proposal_single.wasm
#	artifacts/cwd_subdao_core.wasm
#	artifacts/cwd_subdao_pre_propose_single.wasm
#	artifacts/cwd_subdao_proposal_single.wasm
#	artifacts/cwd_subdao_timelock_single.wasm
@oldremez
wip
959bd60
@oldremez oldremez changed the base branch from main to neutron_audit_informal_17_01_2023 March 13, 2023 23:03
@oldremez oldremez mentioned this pull request Apr 10, 2023
Merged
@oldremez oldremez mentioned this pull request Apr 10, 2023
Merged
zavgorodnii
zavgorodnii reviewed Apr 13, 2023
View reviewed changes
contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs Outdated

let mut start_after: Option<SubDao> = None;

// unfortunately, there is no way to get the total subdao number so we do infinite loop here
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i would consider adding another state value to the main dao with the counter of currently registered proposals. you can then query for this value to avoid the weirdness below

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do you mean add a query to check is the subdao exist?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think @oopcode means the query for a number of listed subdaos. So there would be not an "infinite" loop with checking "does it returns something, if not then we probably reached the end of the list" but just loop through the predicted number of items.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, it makes perfect sense, but my point was, if we are modifying main dao query interface, we can create a more helpful query for this especially case

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did what @swelf19 proposed because it makes things much cleaner

swelf19
swelf19 reviewed Apr 13, 2023
View reviewed changes
Copy link
Contributor

@swelf19 swelf19 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Minor issues found only

contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs Outdated
Comment on lines 198 to 203
if proposal_modules.is_empty() {
return Err(PreProposeOverruleError::SubdaoMisconfigured {});
}

let prop_policy: ProposalCreationPolicy = deps.querier.query_wasm_smart(
proposal_modules.first().unwrap().address.clone(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe it's easy to refactor these lines without unwrap()

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

like

proposal_modules
        .first()
        .ok_or(PreProposeOverruleError::Std(
            cosmwasm_std::StdError::GenericErr {
                msg: "No modules or smth".to_string(),
            },
        ))?
        .address
        .clone()

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs Outdated
Comment on lines 241 to 245
if subdao_list.is_empty() {
return Ok(false);
}

start_after = Some(subdao_list.last().unwrap().clone());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The same about unwrap

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code doesn't exists anymore fortunately

contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs Outdated

if !is_proposal_timelocked(
&deps,
&Addr::unchecked(timelock_contract_addr.clone()),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

timelock_contract_addr is an Addr type, you no need to wrap it

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs Outdated

if subdao_list
.into_iter()
.any(|subdao| subdao.addr == subdao_core.clone().into_string())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addr implements PartialEq for String, you can just dereference &Addr subdao.addr == *subdao_core

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

ratik
ratik reviewed Apr 13, 2023
View reviewed changes
contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs Outdated
Comment on lines 102 to 108
if !is_proposal_timelocked(
&deps,
&Addr::unchecked(timelock_contract_addr.clone()),
proposal_id,
)? {
return Err(PreProposeOverruleError::ProposalWrongState {});
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if !is_proposal_timelocked(
&deps,
&Addr::unchecked(timelock_contract_addr.clone()),
proposal_id,
)? {
return Err(PreProposeOverruleError::ProposalWrongState {});
}
if !is_proposal_timelocked(&deps, &timelock_contract_addr, proposal_id)? {
return Err(PreProposeOverruleError::ProposalWrongState {});
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

ratik
ratik reviewed Apr 13, 2023
View reviewed changes
contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/contract.rs
timelock_contract: &String,
) -> Result<Addr, PreProposeOverruleError> {
let timelock_config: TimelockTypes::Config = deps.querier.query_wasm_smart(
timelock_contract.to_string(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

already &String

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed the argument type to Addr for consistency reasons

zavgorodnii
zavgorodnii reviewed Apr 13, 2023
View reviewed changes
contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/error.rs Outdated
@@ -12,4 +12,16 @@ pub enum PreProposeOverruleError {

#[error("Base pre propose messages aren't supported.")]
MessageUnsupported {},

#[error("Subdao is wrongly configured.")]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

misconfigured?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

zavgorodnii
zavgorodnii reviewed Apr 13, 2023
View reviewed changes
contracts/dao/pre-propose/cwd-pre-propose-single-overrule/src/error.rs Outdated
#[error("Subdao is wrongly configured.")]
SubdaoMisconfigured {},

#[error("Subdao isn't in the list.")]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove the full stop

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@oldremez
Copy link
Contributor Author

Important notice: after making fixes according to review comments, the mysterious error with "Invalid relocation" on my m1 mac disappeared 🤷‍♂️ will see if it will appear again

@oldremez
Copy link
Contributor Author

https://github.com/neutron-org/neutron-tests/actions/runs/4694337259

@oldremez
Copy link
Contributor Author

https://github.com/neutron-org/neutron-tests/actions/runs/4699297637

@zavgorodnii zavgorodnii added the trigger-tests Apply this label to PRs to trigger tests in the neutron-tests repository. label Apr 14, 2023
@zavgorodnii zavgorodnii merged commit 376cd05 into main Apr 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@swelf19 swelf19 swelf19 approved these changes

@zavgorodnii zavgorodnii zavgorodnii approved these changes

@ratik ratik ratik approved these changes

Assignees
No one assigned
Labels
trigger-tests Apply this label to PRs to trigger tests in the neutron-tests repository.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@oldremez @ratik @zavgorodnii @swelf19