chore: backport release-v0.44.2 (#10349)
* chore: Cosmos SDK v0.44.1 release notes (#10345) * v0.44.1 Release Notes * Merge pull request from GHSA-2p6r-37p9-89p2 * test: adding authz grant tests * fix TestCLITxGrantAuthorization/Invalid_expiration_time test case * comment out the test * reenable test
This commit is contained in:
parent
6079fe1888
commit
f537f99ecb
|
@ -50,6 +50,10 @@ Ref: https://keepachangelog.com/en/1.0.0/
|
||||||
|
|
||||||
* (client) [#10226](https://github.com/cosmos/cosmos-sdk/pull/10226) Fix --home flag parsing.
|
* (client) [#10226](https://github.com/cosmos/cosmos-sdk/pull/10226) Fix --home flag parsing.
|
||||||
|
|
||||||
|
## [v0.44.2](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.44.2) - 2021-10-12
|
||||||
|
|
||||||
|
Security Release. No breaking changes related to 0.44.x.
|
||||||
|
|
||||||
## [v0.44.1](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.44.1) - 2021-09-29
|
## [v0.44.1](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.44.1) - 2021-09-29
|
||||||
|
|
||||||
### Improvements
|
### Improvements
|
||||||
|
|
|
@ -1,21 +1,7 @@
|
||||||
# Cosmos SDK v0.44.1 Release Notes
|
# Cosmos SDK v0.44.2 Release Notes
|
||||||
|
|
||||||
This release introduces bug fixes and improvements on the Cosmos SDK v0.44 series.
|
Recently, the Cosmos-SDK team became aware of a high-severity security vulnerability that impacts Cosmos-SDK v0.43.x and v0.44.x and can result in a consensus halt. User funds are NOT at risk; however, the vulnerability can result in a chain halt. This vulnerability does not impact the current Cosmos Hub, though other Cosmos-SDK based blockchains using v0.43.x or v0.44.x may be affected and are advised to update to v0.44.2 immediately.
|
||||||
|
|
||||||
The main bug fix concerns all users performing in-place store migrations from v0.42 to v0.44. A source of non-determinism in the upgrade process has been [detected and fixed](https://github.com/cosmos/cosmos-sdk/pull/10189) in this release, causing consensus errors. As such, **v0.44.0 is not safe to use when performing v0.42->v0.44 in-place store upgrades**, please use this release v0.44.1 instead. This does not impact genesis JSON dump upgrades nor fresh chains starting with v0.44.
|
Nodes can update their software independently of each other (no coordinated chain restart necessary), but should do so as soon as they are able.
|
||||||
|
|
||||||
Another bug fix concerns calling the ABCI `Query` method using `client.Context`. We modified ABCI queries to use `abci.QueryRequest`'s `Height` field if it is non-zero, otherwise continue using `client.Context`'s height. This is a minor client-breaking change for users of the `client.Context`.
|
A full disclosure will be published a week after the release.
|
||||||
|
|
||||||
Some CLI fixes are also included, such as:
|
|
||||||
|
|
||||||
- using pre-configured data for the CLI `add-genesis-account` command ([\#9969](https://github.com/cosmos/cosmos-sdk/pull/9969)),
|
|
||||||
- ensuring the `init` command reads the `--home` flag value correctly ([#10104](https://github.com/cosmos/cosmos-sdk/pull/10104)),
|
|
||||||
- fixing the error message when `period` or `period-limit` flag is not set on a feegrant grant transaction [\#10049](https://github.com/cosmos/cosmos-sdk/issues/10049).
|
|
||||||
|
|
||||||
v0.44.1 also includes performance improvements, namely:
|
|
||||||
|
|
||||||
- IAVL update to v0.17.1 which includes performance improvements on a batch load [\#10040](https://github.com/cosmos/cosmos-sdk/pull/10040),
|
|
||||||
- Speedup coins.AmountOf(), by removing many intermittent regex calls [\#10021](https://github.com/cosmos/cosmos-sdk/pull/10021),
|
|
||||||
- Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions [\#10026](https://github.com/cosmos/cosmos-sdk/pull/10026).
|
|
||||||
|
|
||||||
See the [Cosmos SDK v0.44.1 milestone](https://github.com/cosmos/cosmos-sdk/milestone/56?closed=1) on our issue tracker for the exhaustive list of all changes.
|
|
||||||
|
|
|
@ -10,7 +10,11 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewGrant returns new Grant
|
// NewGrant returns new Grant
|
||||||
func NewGrant(a Authorization, expiration time.Time) (Grant, error) {
|
func NewGrant( /*blockTime time.Time, */ a Authorization, expiration time.Time) (Grant, error) {
|
||||||
|
// TODO: add this for 0.45
|
||||||
|
// if !expiration.After(blockTime) {
|
||||||
|
// return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339))
|
||||||
|
// }
|
||||||
g := Grant{
|
g := Grant{
|
||||||
Expiration: expiration,
|
Expiration: expiration,
|
||||||
}
|
}
|
||||||
|
@ -51,10 +55,6 @@ func (g Grant) GetAuthorization() Authorization {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g Grant) ValidateBasic() error {
|
func (g Grant) ValidateBasic() error {
|
||||||
if g.Expiration.Unix() < time.Now().Unix() {
|
|
||||||
return sdkerrors.Wrap(ErrInvalidExpirationTime, "Time can't be in the past")
|
|
||||||
}
|
|
||||||
|
|
||||||
av := g.Authorization.GetCachedValue()
|
av := g.Authorization.GetCachedValue()
|
||||||
a, ok := av.(Authorization)
|
a, ok := av.(Authorization)
|
||||||
if !ok {
|
if !ok {
|
||||||
|
|
|
@ -0,0 +1,44 @@
|
||||||
|
package authz
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
// banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
|
)
|
||||||
|
|
||||||
|
func expecError(r *require.Assertions, expected string, received error) {
|
||||||
|
if expected == "" {
|
||||||
|
r.NoError(received)
|
||||||
|
} else {
|
||||||
|
r.Error(received)
|
||||||
|
r.Contains(received.Error(), expected)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestNewGrant(t *testing.T) {
|
||||||
|
// ba := banktypes.NewSendAuthorization(sdk.NewCoins(sdk.NewInt64Coin("foo", 123)))
|
||||||
|
a := NewGenericAuthorization("some-type")
|
||||||
|
var tcs = []struct {
|
||||||
|
title string
|
||||||
|
a Authorization
|
||||||
|
blockTime time.Time
|
||||||
|
expire time.Time
|
||||||
|
err string
|
||||||
|
}{
|
||||||
|
// {"wrong expire time (1)", a, time.Unix(10, 0), time.Unix(8, 0), "expiration must be after"},
|
||||||
|
// {"wrong expire time (2)", a, time.Unix(10, 0), time.Unix(10, 0), "expiration must be after"},
|
||||||
|
{"good expire time (1)", a, time.Unix(10, 0), time.Unix(10, 1), ""},
|
||||||
|
{"good expire time (2)", a, time.Unix(10, 0), time.Unix(11, 0), ""},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, tc := range tcs {
|
||||||
|
t.Run(tc.title, func(t *testing.T) {
|
||||||
|
// _, err := NewGrant(tc.blockTime, tc.a, tc.expire)
|
||||||
|
_, err := NewGrant(tc.a, tc.expire)
|
||||||
|
expecError(require.New(t), tc.err, err)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -127,11 +127,11 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() {
|
||||||
"send",
|
"send",
|
||||||
fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit),
|
fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit),
|
||||||
fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()),
|
fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()),
|
||||||
fmt.Sprintf("--%s=true", flags.FlagGenerateOnly),
|
fmt.Sprintf("--%s=true", flags.FlagSkipConfirmation),
|
||||||
fmt.Sprintf("--%s=%d", cli.FlagExpiration, pastHour),
|
fmt.Sprintf("--%s=%d", cli.FlagExpiration, pastHour),
|
||||||
},
|
},
|
||||||
0,
|
0xd,
|
||||||
true,
|
false, // TODO: enable in v0.45
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"fail with error invalid msg-type",
|
"fail with error invalid msg-type",
|
||||||
|
|
|
@ -10,7 +10,7 @@ import (
|
||||||
|
|
||||||
var _ authz.MsgServer = Keeper{}
|
var _ authz.MsgServer = Keeper{}
|
||||||
|
|
||||||
// GrantAuthorization implements the MsgServer.Grant method.
|
// GrantAuthorization implements the MsgServer.Grant method to create a new grant.
|
||||||
func (k Keeper) Grant(goCtx context.Context, msg *authz.MsgGrant) (*authz.MsgGrantResponse, error) {
|
func (k Keeper) Grant(goCtx context.Context, msg *authz.MsgGrant) (*authz.MsgGrantResponse, error) {
|
||||||
ctx := sdk.UnwrapSDKContext(goCtx)
|
ctx := sdk.UnwrapSDKContext(goCtx)
|
||||||
grantee, err := sdk.AccAddressFromBech32(msg.Grantee)
|
grantee, err := sdk.AccAddressFromBech32(msg.Grantee)
|
||||||
|
|
|
@ -80,7 +80,7 @@ func TestMsgGrantAuthorization(t *testing.T) {
|
||||||
{"nil granter and grantee address", nil, nil, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now(), false, false},
|
{"nil granter and grantee address", nil, nil, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now(), false, false},
|
||||||
{"nil authorization", granter, grantee, nil, time.Now(), true, false},
|
{"nil authorization", granter, grantee, nil, time.Now(), true, false},
|
||||||
{"valid test case", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 1, 0), false, true},
|
{"valid test case", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 1, 0), false, true},
|
||||||
{"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, false},
|
{"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, true}, // TODO need 0.45
|
||||||
}
|
}
|
||||||
for i, tc := range tests {
|
for i, tc := range tests {
|
||||||
msg, err := authz.NewMsgGrant(
|
msg, err := authz.NewMsgGrant(
|
||||||
|
|
Loading…
Reference in New Issue