-
Notifications
You must be signed in to change notification settings - Fork 409
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix message representation for signing #658
Conversation
Happy if @webmaster128 takes a look here - he understands the issue better than I |
Codecov Report
@@ Coverage Diff @@
## master #658 +/- ##
==========================================
+ Coverage 59.95% 60.11% +0.16%
==========================================
Files 48 48
Lines 5324 5346 +22
==========================================
+ Hits 3192 3214 +22
+ Misses 1906 1904 -2
- Partials 226 228 +2
|
x/wasm/types/tx.go
Outdated
if a == nil { | ||
return errors.New("unmarshalJSON on nil pointer") | ||
} | ||
*a = append((*a)[0:0], b...) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using this type rather than json.RawMessage everywhere gives flexibility.
What about doing ValidateBasic()
in UnmarshalJSON()
? Then we guarantee it is always valid
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was thinking about this as well but then ended with not adding it here. My main driver was not mixing concerns.
In the sdk message ValidateBasic functions we would need to call RawContractMessage.ValidateBasic anyway for the cases when we initialize the objects not from json sources like protobuf or in the handler_plugin_encoders.
We are in good company here as the stdlib json type has separated this as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Some safety measures and we're good to go.
x/wasm/types/tx.go
Outdated
if r == nil { | ||
return []byte("null"), nil | ||
} | ||
return r, nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if this is what Ethan actually meant, but I think we need JSON validation here. An RawContractMessage
instance should hold valid JSON but may or may not have corrupted data. Even if the current flow calls ValidateBasic
first, the type itself should not make assumtions how it is used. The use cases change and I can imagine use cases such as client signing where ValidateBasic
is not called before the JSON representation is created.
Now in order to avoid the Cosmos logic in here, I'd use two funtions:
RawContractMessage#IsValidJSON
that is called hereRawContractMessage#ValidateBasic
that calls 1. but could also implement additional checks such as length limits.
This should address the separation of concerns mentioned in the other comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool
* Introduce RawContractMessage type * Add json signbytes test for proposals * No assumptions on MsgIBCSend.data content * Smart query uses RawContractMessage * Revert method signature change to be consistent * Review comment * Update after discussions (cherry picked from commit dfba139)
* Introduce RawContractMessage type * Add json signbytes test for proposals * No assumptions on MsgIBCSend.data content * Smart query uses RawContractMessage * Revert method signature change to be consistent * Review comment * Update after discussions
Resolves #642
This PR introduces the
RawContractMessage
type for incoming and outgoing data to a contract.I have also revisited some other places where we were using
json.RawMessage
currently or before the change:The protobuf diffs describe the changes best