From 9798f436c970817cc4cfcaaf05e69014c2112ea6 Mon Sep 17 00:00:00 2001
From: Antonio Pitasi <antonio@pitasi.dev>
Date: Fri, 31 May 2024 17:42:13 +0200
Subject: [PATCH] feat(x/intent): add sanity check to Action.Msg signer

---
 warden/x/intent/keeper/actions.go | 22 ++++++++++++++++++++++
 warden/x/intent/keeper/keeper.go  |  4 ++--
 warden/x/intent/types/errors.go   |  5 +++--
 3 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/warden/x/intent/keeper/actions.go b/warden/x/intent/keeper/actions.go
index 4392f0648..2bbc16b2b 100644
--- a/warden/x/intent/keeper/actions.go
+++ b/warden/x/intent/keeper/actions.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"runtime/debug"
 
+	errorsmod "cosmossdk.io/errors"
 	"github.com/cosmos/cosmos-sdk/baseapp"
 	codectypes "github.com/cosmos/cosmos-sdk/codec/types"
 	sdk "github.com/cosmos/cosmos-sdk/types"
@@ -145,6 +146,10 @@ type actionCreatorKey struct{}
 // The action is created with the provided creator as the first approver.
 // This function also tries to execute the action immediately if it's ready.
 func (k Keeper) AddAction(ctx context.Context, creator string, msg sdk.Msg, intent types.Intent, timeoutHeight uint64) (*types.Action, error) {
+	if err := k.validateActionMsgSigners(msg); err != nil {
+		return nil, err
+	}
+
 	wrappedMsg, err := codectypes.NewAnyWithValue(msg)
 	if err != nil {
 		return nil, err
@@ -197,3 +202,20 @@ func (k Keeper) AddAction(ctx context.Context, creator string, msg sdk.Msg, inte
 
 	return act, nil
 }
+
+// assert that the x/intent module account is the only signer of the message
+func (k Keeper) validateActionMsgSigners(msg sdk.Msg) error {
+	signers, _, err := k.cdc.GetMsgV1Signers(msg)
+	if err != nil {
+		return err
+	}
+	if len(signers) != 1 {
+		return types.ErrInvalidSigner
+	}
+
+	if sdk.AccAddress(signers[0]).String() != k.GetAuthority() {
+		return errorsmod.Wrapf(types.ErrInvalidActionMsgSigner, sdk.AccAddress(signers[0]).String())
+	}
+
+	return nil
+}
diff --git a/warden/x/intent/keeper/keeper.go b/warden/x/intent/keeper/keeper.go
index b4fd29fa4..3b179e2dd 100644
--- a/warden/x/intent/keeper/keeper.go
+++ b/warden/x/intent/keeper/keeper.go
@@ -19,7 +19,7 @@ import (
 
 type (
 	Keeper struct {
-		cdc          codec.BinaryCodec
+		cdc          codec.Codec
 		storeService store.KVStoreService
 		logger       log.Logger
 		router       baseapp.MessageRouter
@@ -44,7 +44,7 @@ var (
 )
 
 func NewKeeper(
-	cdc codec.BinaryCodec,
+	cdc codec.Codec,
 	storeService store.KVStoreService,
 	logger log.Logger,
 	router baseapp.MessageRouter,
diff --git a/warden/x/intent/types/errors.go b/warden/x/intent/types/errors.go
index e1dcd5cd8..ca457a268 100644
--- a/warden/x/intent/types/errors.go
+++ b/warden/x/intent/types/errors.go
@@ -8,6 +8,7 @@ import (
 
 // x/intent module sentinel errors
 var (
-	ErrInvalidSigner = sdkerrors.Register(ModuleName, 1100, "expected gov account as only signer for proposal message")
-	ErrSample        = sdkerrors.Register(ModuleName, 1101, "sample error")
+	ErrInvalidSigner          = sdkerrors.Register(ModuleName, 1100, "expected gov account as only signer for proposal message")
+	ErrSample                 = sdkerrors.Register(ModuleName, 1101, "sample error")
+	ErrInvalidActionMsgSigner = sdkerrors.Register(ModuleName, 1102, "expected x/intent account as only signer for action message")
 )