-
Notifications
You must be signed in to change notification settings - Fork 382
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(stdlibs/std): Banker should only send coins owned by the calling realm #1787
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #1787 +/- ##
==========================================
+ Coverage 44.79% 47.49% +2.69%
==========================================
Files 459 388 -71
Lines 67642 61310 -6332
==========================================
- Hits 30300 29117 -1183
+ Misses 34808 29755 -5053
+ Partials 2534 2438 -96 ☔ View full report in Codecov by Sentry. |
@r3v4s could you rebase please? Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for noticing and fixing this bug! 🙏
8885a31
to
c9d0a9b
Compare
did rebase, nothing conflicts at all |
Hey, it seems there is an example test failing in the CI. Please fix it and then we can merge 🙏 |
Fixed :D |
51e86b5
to
fd94473
Compare
note, I think that it would be better if after we created a Banker, In any case, this fixes current behaviour and we can implement the above in another PR. Merging. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should not modify this testing case.
@@ -40,7 +40,7 @@ func Deposit(returnDenom string, returnAmount int64) string { | |||
// return if any. | |||
if returnAmount > 0 { | |||
banker := std.GetBanker(std.BankerTypeOrigSend) | |||
pkgaddr := std.GetOrigPkgAddr() | |||
pkgaddr := std.CurrentRealm().Addr() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why do we modify this testing case?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -21,7 +21,6 @@ func main() { | |||
println("main before:", mainbal) // plus OrigSend equals 300. | |||
|
|||
// simulate a Deposit call. | |||
std.TestSetOrigPkgAddr(banktestAddr) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a valid testing case, why do we remove this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
// simulate a Deposit call. | ||
std.TestSetOrigPkgAddr(banktestAddr) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a valid testing case, why do we modify this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -43,7 +43,7 @@ func Transfer(to std.Address, send int64) string { | |||
gTotalTransfers++ | |||
|
|||
banker := std.GetBanker(std.BankerTypeRealmSend) | |||
pkgaddr := std.GetOrigPkgAddr() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we make this change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
banker type used here is 'RealmSend', not 'OrigSend'
I think it should be CurrentRealm()
# XXX without patching anything it will panic | ||
# panic msg: insufficient coins error | ||
# XXX with pathcing only wugnot.gnot it will panic | ||
# panic msg: RealmSendBanker can only send from the realm package address "g1fndyg0we60rdfchyy5dwxzkfmhl5u34j932rg3", but got "g1pf6dv9fjk3rn0m4jjcne306ga4he3mzmupfjl6" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems opposite.
g1fndyg0we60rdfchyy5dwxzkfmhl5u34j932rg3 is the address of gno.land/r/demo/proxywugnot
g1pf6dv9fjk3rn0m4jjcne306ga4he3mzmupfjl6 is the address of gno.land/r/demo/wugnot
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Above msg happens(panics) when calling 'proxywugnot.Unwrap()' without patching banker.go
So we expect 'proxywugnot' (g1f) to send its own coin, not from 'wugnot' (g1p)
if bt == btOrigSend || bt == btRealmSend { | ||
if from != ctx.OrigPkgAddr { | ||
if from != pkgAddr { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The earlier code checks against the package address for SendCoins() in the OrigSendBanker and RealmSendBanker separately.
gno/gnovm/stdlibs/std/banker.go
Line 97 in 6c5b4cf
if from != osb.pkgAddr { |
gno/gnovm/stdlibs/std/banker.go
Line 144 in 6c5b4cf
if from != rsb.pkgAddr { |
The code is the same, but the state of the package address in different banker instances could be different. In the current code, it is merged into one logic, where it checks either OrigPkgAddr or m.Realm.Path for SendCoin() of both OrigSendBanker and RealmSendBanker together. However, these should be checked separately. If not, other places that require checking OriginSendBanker's OrigPkgAddr might fail when ctx.OrignPkgAddr and m.Realm.PathAddr have different values.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looking into this
(seems this logic is also related to your another comments about test cases).
// UPDATE
Thanks for pointing this out. I missed internal behavior.
Separated verification logic 9907a3c
@r3v4s can you check out the comments and questions here? Thanks! |
Hello piux2, just checked all of your comments and fixed few things that need to be fix. BTW since 'this' PR is merged, I think I have to create another pr to merge new changes. WDYT? |
Yes please |
@r3v4s please, in the new PR, make this change as well. I suggest to do this you move the check into the Gno code of the banker (banker.gno). When creating the banker struct, it should contain the address of the realm that created it. Thanks! |
Yes, let's create new pr to merge the new changes. Thanks! |
UPDATE: Ignore it, seems to be vm keeper heavily relies on |
…er (#1921) related pr #1787 There was bit of extra conversion in previous pr after merged. 1) revert test cases 2) allow `Send` from realm that created banker rather the one calling <!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [x] Added new tests, or not needed, or not feasible - [x] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [x] Updated the official documentation or not needed - [x] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [x] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> --------- Co-authored-by: Morgan <[email protected]>
…er (gnolang#1921) related pr gnolang#1787 There was bit of extra conversion in previous pr after merged. 1) revert test cases 2) allow `Send` from realm that created banker rather the one calling <!-- please provide a detailed description of the changes made in this pull request. --> <details><summary>Contributors' checklist...</summary> - [x] Added new tests, or not needed, or not feasible - [x] Provided an example (e.g. screenshot) to aid review or the PR is self-explanatory - [x] Updated the official documentation or not needed - [x] No breaking changes were made, or a `BREAKING CHANGE: xxx` message was included in the description - [x] Added references to related issues and PRs - [ ] Provided any useful hints for running manual tests - [ ] Added new benchmarks to [generated graphs](https://gnoland.github.io/benchmarks), if any. More info [here](https://github.com/gnolang/gno/blob/master/.benchmarks/README.md). </details> --------- Co-authored-by: Morgan <[email protected]>
BREAKING CHANGE: changes native banker behavior
It closes #1786
realm that uses banker should only send coins owned by itself, not by others
Contributors' checklist...
BREAKING CHANGE: xxx
message was included in the description