chore: Tx Tips API audit (#11641)
## Description ref: https://github.com/cosmos/cosmos-sdk/issues/11087 --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [x] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [x] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [x] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable)
This commit is contained in:
parent
91fae32751
commit
0dbf7dce06
|
@ -2738,7 +2738,13 @@ const (
|
||||||
// SIGN_MODE_EIP_191 specifies the sign mode for EIP 191 signing on the Cosmos
|
// SIGN_MODE_EIP_191 specifies the sign mode for EIP 191 signing on the Cosmos
|
||||||
// SDK. Ref: https://eips.ethereum.org/EIPS/eip-191
|
// SDK. Ref: https://eips.ethereum.org/EIPS/eip-191
|
||||||
//
|
//
|
||||||
// Since: cosmos-sdk 0.45
|
// Currently, SIGN_MODE_EIP_191 is registered as a SignMode enum variant,
|
||||||
|
// but is not implemented on the SDK by default. To enable EIP-191, you need
|
||||||
|
// to pass a custom `TxConfig` that has an implementation of
|
||||||
|
// `SignModeHandler` for EIP-191. The SDK may decide to fully support
|
||||||
|
// EIP-191 in the future.
|
||||||
|
//
|
||||||
|
// Since: cosmos-sdk 0.45.2
|
||||||
SignMode_SIGN_MODE_EIP_191 SignMode = 191
|
SignMode_SIGN_MODE_EIP_191 SignMode = 191
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -8814,11 +8814,11 @@ type AuxSignerData struct {
|
||||||
// AuxSignerData across different chains, the bech32 prefix of the target
|
// AuxSignerData across different chains, the bech32 prefix of the target
|
||||||
// chain (where the final transaction is broadcasted) should be used.
|
// chain (where the final transaction is broadcasted) should be used.
|
||||||
Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
|
Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
|
||||||
// sign_doc is the SIGN_MOD_DIRECT_AUX sign doc that the auxiliary signer
|
// sign_doc is the SIGN_MODE_DIRECT_AUX sign doc that the auxiliary signer
|
||||||
// signs. Note: we use the same sign doc even if we're signing with
|
// signs. Note: we use the same sign doc even if we're signing with
|
||||||
// LEGACY_AMINO_JSON.
|
// LEGACY_AMINO_JSON.
|
||||||
SignDoc *SignDocDirectAux `protobuf:"bytes,2,opt,name=sign_doc,json=signDoc,proto3" json:"sign_doc,omitempty"`
|
SignDoc *SignDocDirectAux `protobuf:"bytes,2,opt,name=sign_doc,json=signDoc,proto3" json:"sign_doc,omitempty"`
|
||||||
// mode is the signing mode of the single signer
|
// mode is the signing mode of the single signer.
|
||||||
Mode v1beta1.SignMode `protobuf:"varint,3,opt,name=mode,proto3,enum=cosmos.tx.signing.v1beta1.SignMode" json:"mode,omitempty"`
|
Mode v1beta1.SignMode `protobuf:"varint,3,opt,name=mode,proto3,enum=cosmos.tx.signing.v1beta1.SignMode" json:"mode,omitempty"`
|
||||||
// sig is the signature of the sign doc.
|
// sig is the signature of the sign doc.
|
||||||
Sig []byte `protobuf:"bytes,4,opt,name=sig,proto3" json:"sig,omitempty"`
|
Sig []byte `protobuf:"bytes,4,opt,name=sig,proto3" json:"sig,omitempty"`
|
||||||
|
|
|
@ -121,14 +121,14 @@ func (b *AuxTxBuilder) SetSignMode(mode signing.SignMode) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetTip sets an optional tip.
|
// SetTip sets an optional tip in the AuxSignerData.
|
||||||
func (b *AuxTxBuilder) SetTip(tip *tx.Tip) {
|
func (b *AuxTxBuilder) SetTip(tip *tx.Tip) {
|
||||||
b.checkEmptyFields()
|
b.checkEmptyFields()
|
||||||
|
|
||||||
b.auxSignerData.SignDoc.Tip = tip
|
b.auxSignerData.SignDoc.Tip = tip
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetSignature sets the aux signer's signature.
|
// SetSignature sets the aux signer's signature in the AuxSignerData.
|
||||||
func (b *AuxTxBuilder) SetSignature(sig []byte) {
|
func (b *AuxTxBuilder) SetSignature(sig []byte) {
|
||||||
b.checkEmptyFields()
|
b.checkEmptyFields()
|
||||||
|
|
||||||
|
|
|
@ -66,7 +66,7 @@ As we mentioned in the flow above, the tipper signs over the `SignDocDirectAux`,
|
||||||
- The tipper MUST use `SIGN_MODE_DIRECT_AUX` or `SIGN_MODE_LEGACY_AMINO_JSON`. That is because the tipper needs to sign over the body, the tip, but not the other signers' information and not over the fee (which is unknown to the tipper).
|
- The tipper MUST use `SIGN_MODE_DIRECT_AUX` or `SIGN_MODE_LEGACY_AMINO_JSON`. That is because the tipper needs to sign over the body, the tip, but not the other signers' information and not over the fee (which is unknown to the tipper).
|
||||||
- The fee payer MUST use `SIGN_MODE_DIRECT` or `SIGN_MODE_LEGACY_AMINO_JSON`. The fee payer signs over the whole transaction.
|
- The fee payer MUST use `SIGN_MODE_DIRECT` or `SIGN_MODE_LEGACY_AMINO_JSON`. The fee payer signs over the whole transaction.
|
||||||
|
|
||||||
For example, if the fee payers signs the whole transaction with `SIGN_MODE_DIRECT_AUX`, it will be rejected by the node, as that would introduce malleability issues (`SIGN_MODE_DIRECT_AUX` doesn't sign over fees).
|
For example, if the fee payer signs the whole transaction with `SIGN_MODE_DIRECT_AUX`, it will be rejected by the node, as that would introduce malleability issues (`SIGN_MODE_DIRECT_AUX` doesn't sign over fees).
|
||||||
|
|
||||||
In both cases, using `SIGN_MODE_LEGACY_AMINO_JSON` is recommended only if hardware wallet signing is needed.
|
In both cases, using `SIGN_MODE_LEGACY_AMINO_JSON` is recommended only if hardware wallet signing is needed.
|
||||||
|
|
||||||
|
@ -98,7 +98,7 @@ If you are using the Cosmos SDK's default middleware stack `NewDefaultTxHandler(
|
||||||
|
|
||||||
The Cosmos SDK also provides some CLI tooling for the transaction tips flow, both for the tipper and for the feepayer.
|
The Cosmos SDK also provides some CLI tooling for the transaction tips flow, both for the tipper and for the feepayer.
|
||||||
|
|
||||||
For the tipper, the CLI `tx` subcommand has two new flags: `--aux` and `--tip`. The `--aux` flag is used to denote that we are creating a `AuxSignerData` instead of a , and the `--tip` is used to populate its `Tip` field.
|
For the tipper, the CLI `tx` subcommand has two new flags: `--aux` and `--tip`. The `--aux` flag is used to denote that we are creating an `AuxSignerData` instead of a `Tx`, and the `--tip` is used to populate its `Tip` field.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ simd tx gov vote 16 yes --from <tipper_address> --aux --tip 50ibcdenom
|
$ simd tx gov vote 16 yes --from <tipper_address> --aux --tip 50ibcdenom
|
||||||
|
@ -110,7 +110,7 @@ $ simd tx gov vote 16 yes --from <tipper_address> --aux --tip 50ibcdenom
|
||||||
|
|
||||||
It is useful to pipe the JSON output to a file, `> aux_signed_tx.json`
|
It is useful to pipe the JSON output to a file, `> aux_signed_tx.json`
|
||||||
|
|
||||||
For the fee payer, the Cosmos SDK added a `tx aux-to-fee` subcommand to include a `AuxSignerData` into a transaction, add fees to it, and broadcast it.
|
For the fee payer, the Cosmos SDK added a `tx aux-to-fee` subcommand to include an `AuxSignerData` into a transaction, add fees to it, and broadcast it.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ simd tx aux-to-fee aux_signed_tx.json --from <fee_payer_address> --fees 30atom
|
$ simd tx aux-to-fee aux_signed_tx.json --from <fee_payer_address> --fees 30atom
|
||||||
|
|
|
@ -238,11 +238,11 @@ message AuxSignerData {
|
||||||
// AuxSignerData across different chains, the bech32 prefix of the target
|
// AuxSignerData across different chains, the bech32 prefix of the target
|
||||||
// chain (where the final transaction is broadcasted) should be used.
|
// chain (where the final transaction is broadcasted) should be used.
|
||||||
string address = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
|
string address = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
|
||||||
// sign_doc is the SIGN_MOD_DIRECT_AUX sign doc that the auxiliary signer
|
// sign_doc is the SIGN_MODE_DIRECT_AUX sign doc that the auxiliary signer
|
||||||
// signs. Note: we use the same sign doc even if we're signing with
|
// signs. Note: we use the same sign doc even if we're signing with
|
||||||
// LEGACY_AMINO_JSON.
|
// LEGACY_AMINO_JSON.
|
||||||
SignDocDirectAux sign_doc = 2;
|
SignDocDirectAux sign_doc = 2;
|
||||||
// mode is the signing mode of the single signer
|
// mode is the signing mode of the single signer.
|
||||||
cosmos.tx.signing.v1beta1.SignMode mode = 3;
|
cosmos.tx.signing.v1beta1.SignMode mode = 3;
|
||||||
// sig is the signature of the sign doc.
|
// sig is the signature of the sign doc.
|
||||||
bytes sig = 4;
|
bytes sig = 4;
|
||||||
|
|
|
@ -58,7 +58,13 @@ const (
|
||||||
// SIGN_MODE_EIP_191 specifies the sign mode for EIP 191 signing on the Cosmos
|
// SIGN_MODE_EIP_191 specifies the sign mode for EIP 191 signing on the Cosmos
|
||||||
// SDK. Ref: https://eips.ethereum.org/EIPS/eip-191
|
// SDK. Ref: https://eips.ethereum.org/EIPS/eip-191
|
||||||
//
|
//
|
||||||
// Since: cosmos-sdk 0.45
|
// Currently, SIGN_MODE_EIP_191 is registered as a SignMode enum variant,
|
||||||
|
// but is not implemented on the SDK by default. To enable EIP-191, you need
|
||||||
|
// to pass a custom `TxConfig` that has an implementation of
|
||||||
|
// `SignModeHandler` for EIP-191. The SDK may decide to fully support
|
||||||
|
// EIP-191 in the future.
|
||||||
|
//
|
||||||
|
// Since: cosmos-sdk 0.45.2
|
||||||
SignMode_SIGN_MODE_EIP_191 SignMode = 191
|
SignMode_SIGN_MODE_EIP_191 SignMode = 191
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -922,11 +922,11 @@ type AuxSignerData struct {
|
||||||
// AuxSignerData across different chains, the bech32 prefix of the target
|
// AuxSignerData across different chains, the bech32 prefix of the target
|
||||||
// chain (where the final transaction is broadcasted) should be used.
|
// chain (where the final transaction is broadcasted) should be used.
|
||||||
Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
|
Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
|
||||||
// sign_doc is the SIGN_MOD_DIRECT_AUX sign doc that the auxiliary signer
|
// sign_doc is the SIGN_MODE_DIRECT_AUX sign doc that the auxiliary signer
|
||||||
// signs. Note: we use the same sign doc even if we're signing with
|
// signs. Note: we use the same sign doc even if we're signing with
|
||||||
// LEGACY_AMINO_JSON.
|
// LEGACY_AMINO_JSON.
|
||||||
SignDoc *SignDocDirectAux `protobuf:"bytes,2,opt,name=sign_doc,json=signDoc,proto3" json:"sign_doc,omitempty"`
|
SignDoc *SignDocDirectAux `protobuf:"bytes,2,opt,name=sign_doc,json=signDoc,proto3" json:"sign_doc,omitempty"`
|
||||||
// mode is the signing mode of the single signer
|
// mode is the signing mode of the single signer.
|
||||||
Mode signing.SignMode `protobuf:"varint,3,opt,name=mode,proto3,enum=cosmos.tx.signing.v1beta1.SignMode" json:"mode,omitempty"`
|
Mode signing.SignMode `protobuf:"varint,3,opt,name=mode,proto3,enum=cosmos.tx.signing.v1beta1.SignMode" json:"mode,omitempty"`
|
||||||
// sig is the signature of the sign doc.
|
// sig is the signature of the sign doc.
|
||||||
Sig []byte `protobuf:"bytes,4,opt,name=sig,proto3" json:"sig,omitempty"`
|
Sig []byte `protobuf:"bytes,4,opt,name=sig,proto3" json:"sig,omitempty"`
|
||||||
|
|
Loading…
Reference in New Issue