patches over v0.28.0

README.md

@@ -1,3 +1,5 @@
+**WARNING**: This is a fork of wasmd for the purposes of Wormhole.
+
 # Wasm Zone
 
 [![CircleCI](https://circleci.com/gh/CosmWasm/wasmd/tree/main.svg?style=shield)](https://circleci.com/gh/CosmWasm/wasmd/tree/main)

SECURITY.md

@@ -1,13 +1,16 @@
-# Security Policy
+# Security
 
-This repository is maintained by Confio as part of the CosmWasm stack.
-Please see https://github.com/CosmWasm/advisories/blob/main/SECURITY.md
-for our security policy.
+> **IMPORTANT**: If you find a security issue in the upstream version of the cosmos-sdk, you should refer to the upstream [SECURITY.md](https://github.com/CosmWasm/wasmd).
 
-## Supported Versions
+## Bug Bounty Program
 
-This is alpha software, do not run on a production system. Notably, we currently provide no migration path not even "dump state and restart" to move to future versions.
+This repository and it's changes from the upstream wasmd are not currently included in the [Wormhole bug bounty program](https://immunefi.com/bounty/wormhole/), but may be added in the future.
 
-We will have a stable v0.x version before the final v1.0.0 version with the same API as the v1.0 version in order to run last testnets and manual testing on it. We have not yet committed to that version number. wasmd 0.25 will support Cosmos SDK 0.44/0.45 and should be quite close to a final API, minus some minor details.
+In the mean-time, if you find a security issue, we ask that you reach out to our team via [Discord](https://discord.gg/wormholecrypto).
+
+## 3rd Party Security Audits
+
+We engage 3rd party firms to conduct independent security audits of Wormhole.  At any given time, we likely have multiple audit streams in progress.
+
+As these 3rd party audits are completed and issues are sufficiently addressed, we make those audit reports public.
 
-Our v1.0.0 release plans were also delayed by upstream release cycles, and we have continued to refine APIs while we can.

app/app.go

@@ -386,6 +386,7 @@ func NewWasmApp(
 		keys[stakingtypes.StoreKey],
 		app.AccountKeeper,
 		app.BankKeeper,
+		nil,
 		app.getSubspace(stakingtypes.ModuleName),
 	)
 	app.MintKeeper = mintkeeper.NewKeeper(
@@ -608,7 +609,7 @@ func NewWasmApp(
 		mint.NewAppModule(appCodec, app.MintKeeper, app.AccountKeeper),
 		slashing.NewAppModule(appCodec, app.SlashingKeeper, app.AccountKeeper, app.BankKeeper, app.StakingKeeper),
 		distr.NewAppModule(appCodec, app.DistrKeeper, app.AccountKeeper, app.BankKeeper, app.StakingKeeper),
-		staking.NewAppModule(appCodec, app.StakingKeeper, app.AccountKeeper, app.BankKeeper),
+		staking.NewAppModule(appCodec, app.StakingKeeper, app.AccountKeeper, app.BankKeeper, nil),
 		upgrade.NewAppModule(app.UpgradeKeeper),
 		wasm.NewAppModule(appCodec, &app.WasmKeeper, app.StakingKeeper, app.AccountKeeper, app.BankKeeper),
 		evidence.NewAppModule(app.EvidenceKeeper),
@@ -734,7 +735,7 @@ func NewWasmApp(
 		authzmodule.NewAppModule(appCodec, app.AuthzKeeper, app.AccountKeeper, app.BankKeeper, app.interfaceRegistry),
 		gov.NewAppModule(appCodec, app.GovKeeper, app.AccountKeeper, app.BankKeeper),
 		mint.NewAppModule(appCodec, app.MintKeeper, app.AccountKeeper),
-		staking.NewAppModule(appCodec, app.StakingKeeper, app.AccountKeeper, app.BankKeeper),
+		staking.NewAppModule(appCodec, app.StakingKeeper, app.AccountKeeper, app.BankKeeper, nil),
 		distr.NewAppModule(appCodec, app.DistrKeeper, app.AccountKeeper, app.BankKeeper, app.StakingKeeper),
 		slashing.NewAppModule(appCodec, app.SlashingKeeper, app.AccountKeeper, app.BankKeeper, app.StakingKeeper),
 		params.NewAppModule(app.ParamsKeeper),

go.mod

@@ -138,4 +138,6 @@ replace (
 	// the following version across all dependencies.
 	github.com/gogo/protobuf => github.com/regen-network/protobuf v1.3.3-alpha.regen.1
 	google.golang.org/grpc => google.golang.org/grpc v1.33.2
+	github.com/cosmos/cosmos-sdk => github.com/wormhole-foundation/cosmos-sdk v0.45.7-wormhole
+
 )

x/wasm/keeper/msg_server.go

@@ -20,99 +20,102 @@ func NewMsgServerImpl(k types.ContractOpsKeeper) types.MsgServer {
 }
 
 func (m msgServer) StoreCode(goCtx context.Context, msg *types.MsgStoreCode) (*types.MsgStoreCodeResponse, error) {
-	if err := msg.ValidateBasic(); err != nil {
-		return nil, err
-	}
-	ctx := sdk.UnwrapSDKContext(goCtx)
-	senderAddr, err := sdk.AccAddressFromBech32(msg.Sender)
-	if err != nil {
-		return nil, sdkerrors.Wrap(err, "sender")
-	}
-
-	ctx.EventManager().EmitEvent(sdk.NewEvent(
-		sdk.EventTypeMessage,
-		sdk.NewAttribute(sdk.AttributeKeyModule, types.ModuleName),
-		sdk.NewAttribute(sdk.AttributeKeySender, msg.Sender),
-	))
-
-	codeID, checksum, err := m.keeper.Create(ctx, senderAddr, msg.WASMByteCode, msg.InstantiatePermission)
-	if err != nil {
-		return nil, err
-	}
-
-	return &types.MsgStoreCodeResponse{
-		CodeID:   codeID,
-		Checksum: checksum,
-	}, nil
+	return nil, sdkerrors.Wrapf(sdkerrors.ErrNotSupported, "must use x/wormhole")
+	// if err := msg.ValidateBasic(); err != nil {
+	// 	return nil, err
+	// }
+	// ctx := sdk.UnwrapSDKContext(goCtx)
+	// senderAddr, err := sdk.AccAddressFromBech32(msg.Sender)
+	// if err != nil {
+	// 	return nil, sdkerrors.Wrap(err, "sender")
+	// }
+
+	// ctx.EventManager().EmitEvent(sdk.NewEvent(
+	// 	sdk.EventTypeMessage,
+	// 	sdk.NewAttribute(sdk.AttributeKeyModule, types.ModuleName),
+	// 	sdk.NewAttribute(sdk.AttributeKeySender, msg.Sender),
+	// ))
+
+	// codeID, checksum, err := m.keeper.Create(ctx, senderAddr, msg.WASMByteCode, msg.InstantiatePermission)
+	// if err != nil {
+	// 	return nil, err
+	// }
+
+	// return &types.MsgStoreCodeResponse{
+	// 	CodeID:   codeID,
+	// 	Checksum: checksum,
+	// }, nil
 }
 
 // InstantiateContract instantiate a new contract with classic sequence based address generation
 func (m msgServer) InstantiateContract(goCtx context.Context, msg *types.MsgInstantiateContract) (*types.MsgInstantiateContractResponse, error) {
-	if err := msg.ValidateBasic(); err != nil {
-		return nil, err
-	}
-	ctx := sdk.UnwrapSDKContext(goCtx)
-
-	senderAddr, err := sdk.AccAddressFromBech32(msg.Sender)
-	if err != nil {
-		return nil, sdkerrors.Wrap(err, "sender")
-	}
-	var adminAddr sdk.AccAddress
-	if msg.Admin != "" {
-		if adminAddr, err = sdk.AccAddressFromBech32(msg.Admin); err != nil {
-			return nil, sdkerrors.Wrap(err, "admin")
-		}
-	}
-
-	ctx.EventManager().EmitEvent(sdk.NewEvent(
-		sdk.EventTypeMessage,
-		sdk.NewAttribute(sdk.AttributeKeyModule, types.ModuleName),
-		sdk.NewAttribute(sdk.AttributeKeySender, msg.Sender),
-	))
-
-	contractAddr, data, err := m.keeper.Instantiate(ctx, msg.CodeID, senderAddr, adminAddr, msg.Msg, msg.Label, msg.Funds)
-	if err != nil {
-		return nil, err
-	}
-
-	return &types.MsgInstantiateContractResponse{
-		Address: contractAddr.String(),
-		Data:    data,
-	}, nil
+	return nil, sdkerrors.Wrapf(sdkerrors.ErrNotSupported, "must use x/wormhole")
+	// if err := msg.ValidateBasic(); err != nil {
+	// 	return nil, err
+	// }
+	// ctx := sdk.UnwrapSDKContext(goCtx)
+
+	// senderAddr, err := sdk.AccAddressFromBech32(msg.Sender)
+	// if err != nil {
+	// 	return nil, sdkerrors.Wrap(err, "sender")
+	// }
+	// var adminAddr sdk.AccAddress
+	// if msg.Admin != "" {
+	// 	if adminAddr, err = sdk.AccAddressFromBech32(msg.Admin); err != nil {
+	// 		return nil, sdkerrors.Wrap(err, "admin")
+	// 	}
+	// }
+
+	// ctx.EventManager().EmitEvent(sdk.NewEvent(
+	// 	sdk.EventTypeMessage,
+	// 	sdk.NewAttribute(sdk.AttributeKeyModule, types.ModuleName),
+	// 	sdk.NewAttribute(sdk.AttributeKeySender, msg.Sender),
+	// ))
+
+	// contractAddr, data, err := m.keeper.Instantiate(ctx, msg.CodeID, senderAddr, adminAddr, msg.Msg, msg.Label, msg.Funds)
+	// if err != nil {
+	// 	return nil, err
+	// }
+
+	// return &types.MsgInstantiateContractResponse{
+	// 	Address: contractAddr.String(),
+	// 	Data:    data,
+	// }, nil
 }
 
 // InstantiateContract2 instantiate a new contract with predicatable address generated
 func (m msgServer) InstantiateContract2(goCtx context.Context, msg *types.MsgInstantiateContract2) (*types.MsgInstantiateContract2Response, error) {
-	if err := msg.ValidateBasic(); err != nil {
-		return nil, err
-	}
-	ctx := sdk.UnwrapSDKContext(goCtx)
-
-	senderAddr, err := sdk.AccAddressFromBech32(msg.Sender)
-	if err != nil {
-		return nil, sdkerrors.Wrap(err, "sender")
-	}
-	var adminAddr sdk.AccAddress
-	if msg.Admin != "" {
-		if adminAddr, err = sdk.AccAddressFromBech32(msg.Admin); err != nil {
-			return nil, sdkerrors.Wrap(err, "admin")
-		}
-	}
-
-	ctx.EventManager().EmitEvent(sdk.NewEvent(
-		sdk.EventTypeMessage,
-		sdk.NewAttribute(sdk.AttributeKeyModule, types.ModuleName),
-		sdk.NewAttribute(sdk.AttributeKeySender, msg.Sender),
-	))
-	contractAddr, data, err := m.keeper.Instantiate2(ctx, msg.CodeID, senderAddr, adminAddr, msg.Msg, msg.Label, msg.Funds, msg.Salt, msg.FixMsg)
-	if err != nil {
-		return nil, err
-	}
-
-	return &types.MsgInstantiateContract2Response{
-		Address: contractAddr.String(),
-		Data:    data,
-	}, nil
+	return nil, sdkerrors.Wrapf(sdkerrors.ErrNotSupported, "must use x/wormhole")
+	// if err := msg.ValidateBasic(); err != nil {
+	// 	return nil, err
+	// }
+	// ctx := sdk.UnwrapSDKContext(goCtx)
+
+	// senderAddr, err := sdk.AccAddressFromBech32(msg.Sender)
+	// if err != nil {
+	// 	return nil, sdkerrors.Wrap(err, "sender")
+	// }
+	// var adminAddr sdk.AccAddress
+	// if msg.Admin != "" {
+	// 	if adminAddr, err = sdk.AccAddressFromBech32(msg.Admin); err != nil {
+	// 		return nil, sdkerrors.Wrap(err, "admin")
+	// 	}
+	// }
+
+	// ctx.EventManager().EmitEvent(sdk.NewEvent(
+	// 	sdk.EventTypeMessage,
+	// 	sdk.NewAttribute(sdk.AttributeKeyModule, types.ModuleName),
+	// 	sdk.NewAttribute(sdk.AttributeKeySender, msg.Sender),
+	// ))
+	// contractAddr, data, err := m.keeper.Instantiate2(ctx, msg.CodeID, senderAddr, adminAddr, msg.Msg, msg.Label, msg.Funds, msg.Salt, msg.FixMsg)
+	// if err != nil {
+	// 	return nil, err
+	// }
+
+	// return &types.MsgInstantiateContract2Response{
+	// 	Address: contractAddr.String(),
+	// 	Data:    data,
+	// }, nil
 }
 
 func (m msgServer) ExecuteContract(goCtx context.Context, msg *types.MsgExecuteContract) (*types.MsgExecuteContractResponse, error) {

x/wasm/keeper/test_common.go

@@ -303,6 +303,7 @@ func createTestInput(
 		keys[stakingtypes.StoreKey],
 		accountKeeper,
 		bankKeeper,
+		nil, // TODO initialize wormhole keeper
 		subspace(stakingtypes.ModuleName),
 	)
 	stakingKeeper.SetParams(ctx, TestingStakeParams)
@@ -398,7 +399,8 @@ func createTestInput(
 
 	am := module.NewManager( // minimal module set that we use for message/ query tests
 		bank.NewAppModule(appCodec, bankKeeper, accountKeeper),
-		staking.NewAppModule(appCodec, stakingKeeper, accountKeeper, bankKeeper),
+		// TODO initialize wormhole keeper
+		staking.NewAppModule(appCodec, stakingKeeper, accountKeeper, bankKeeper, nil),
 		distribution.NewAppModule(appCodec, distKeeper, accountKeeper, bankKeeper, stakingKeeper),
 	)
 	am.RegisterServices(module.NewConfigurator(appCodec, msgRouter, querier))

x/wasm/simulation/sim_utils.go

@@ -1,7 +1,6 @@
 package simulation
 
 import (
-	"github.com/cosmos/cosmos-sdk/simapp/helpers"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	simtypes "github.com/cosmos/cosmos-sdk/types/simulation"
 	"github.com/cosmos/cosmos-sdk/x/simulation"
@@ -29,25 +28,25 @@ func GenAndDeliverTxWithRandFees(txCtx simulation.OperationInput, gas uint64) (s
 
 // GenAndDeliverTx generates a transactions and delivers it.
 func GenAndDeliverTx(txCtx simulation.OperationInput, fees sdk.Coins, gas uint64) (simtypes.OperationMsg, []simtypes.FutureOperation, error) {
-	account := txCtx.AccountKeeper.GetAccount(txCtx.Context, txCtx.SimAccount.Address)
-	tx, err := helpers.GenTx(
-		txCtx.TxGen,
-		[]sdk.Msg{txCtx.Msg},
-		fees,
-		gas,
-		txCtx.Context.ChainID(),
-		[]uint64{account.GetAccountNumber()},
-		[]uint64{account.GetSequence()},
-		txCtx.SimAccount.PrivKey,
-	)
-	if err != nil {
-		return simtypes.NoOpMsg(txCtx.ModuleName, txCtx.MsgType, "unable to generate mock tx"), nil, err
-	}
-
-	_, _, err = txCtx.App.Deliver(txCtx.TxGen.TxEncoder(), tx)
-	if err != nil {
-		return simtypes.NoOpMsg(txCtx.ModuleName, txCtx.MsgType, "unable to deliver tx"), nil, err
-	}
+	// account := txCtx.AccountKeeper.GetAccount(txCtx.Context, txCtx.SimAccount.Address)
+	// tx, err := helpers.GenTx(
+	// 	txCtx.TxGen,
+	// 	[]sdk.Msg{txCtx.Msg},
+	// 	fees,
+	// 	gas,
+	// 	txCtx.Context.ChainID(),
+	// 	[]uint64{account.GetAccountNumber()},
+	// 	[]uint64{account.GetSequence()},
+	// 	txCtx.SimAccount.PrivKey,
+	// )
+	// if err != nil {
+	// 	return simtypes.NoOpMsg(txCtx.ModuleName, txCtx.MsgType, "unable to generate mock tx"), nil, err
+	// }
+
+	// _, _, err = txCtx.App.Deliver(txCtx.TxGen.TxEncoder(), tx)
+	// if err != nil {
+	// 	return simtypes.NoOpMsg(txCtx.ModuleName, txCtx.MsgType, "unable to deliver tx"), nil, err
+	// }
 
 	return simtypes.NewOperationMsg(txCtx.Msg, true, "", txCtx.Cdc), nil, nil
 }