certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

docs: quit the spelling spam typo fix PRs with cspell magic (#3845) 

* Add cspell configuration and custom dictionary

The goal is to cut down on both incoming tyops, and well meaning but
spammy tyop fix PRs.

To run cspell locally install it and run:

    cspell '**/*.md' \
        --config cspell.config.yaml \
        --words-only \
        --unique \
        --quiet | sort --ignore-case

* docs: cspell updates

* wormchain: cspell updates

* aptos: cspell updates

* node: cspell updates

* algorand: cspell updates

* whitepapers: cspell updates

* near: cspell updates

* solana: cspell updates

* terra: cspell updates

* cosmwasm: cspell updates

* ethereum: cspell updates

* clients: cspell updates

* cspell updates for DEVELOP document

* github: run cspell github action

* sdk: cspell updates

* github: only run cspell on markdown files

* algorand: EMMITTER --> EMITTER

Suggested-by: @evan-gray

* cspell: removed from dictionary

Suggested-by: @evan-gray

* aptos and node: cspell updates

Suggested-by: @evan-gray

* cosmowasm: doc updates for terra2

Suggested-by: @evan-gray

* algorand: cspell updates

Suggested-by: @evan-gray

* algorand: cspell updates

Suggested-by: @evan-gray

* cspell: updated custom word dictionary

This resorts the dictionary and adds a few new words from the
algorand/MEMORY.md document around varints and integers.

* cspell: sort the dictionary how vscode does it

On macOS the sorting is locale dependent. To do this on macOS, you have
to invert the case, do a character insensitive sort, and then invert the
case again:

    LC_COLLATE="en_US.UTF-8" cspell '**/*.md' --config cspell.config.yaml \
        --words-only \
        --unique \
        --no-progress \
        --quiet \
    | tr 'a-zA-Z' 'A-Za-z' \
    | sort --ignore-case \
    | tr 'a-zA-Z' 'A-Za-z'

This requires the `LC_COLLATE` variable to be set to `en_US.UTF-8`, or it
will not do the right thing.

* docs: grammar clean up

---------

Co-authored-by: Evan Gray <battledingo@gmail.com>
This commit is contained in:
Jeff Schroeder 2024-03-20 15:40:02 -04:00 committed by GitHub
parent 21eea8c2ed
commit b175dd43c8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
32 changed files with 333 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/build.yml vendored
View File

@ -308,6 +308,19 @@ jobs:
docker build --target go-export -f Dockerfile.proto -o type=local,dest=node .
git diff --name-only --exit-code && echo "✅ Generated proto matches committed proto" || (echo "❌ Generated proto differs from committed proto, run \`rm -rf node/pkg/proto && docker build --target go-export -f Dockerfile.proto -o type=local,dest=node .\` and commit the result" >&2 && exit 1)
spellcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# Pinned version of the v6 tag, which is a lightweight and hence mutable tag
- uses: streetsidesoftware/cspell-action@214db1e3138f326d33b7a6a51c92852e89ab0618
with:
# For now, only lint markdown files
files: '**/*.md'
inline: warning
# Only check files in the PR or push
incremental_files_only: true
# Run Go tests
node-tests:
# The tests are slow enough that we want to run it on the self-hosted runner

4
DEVELOP.md
View File

@ -140,10 +140,12 @@ To re-generate these files run `rm -rf node/pkg/proto && docker build --target g
### Call gRPC services
<!-- cspell:disable-next-line -->
tools/bin/grpcurl -protoset <(tools/bin/buf build -o -) -plaintext localhost:7072 spy.v1.SpyRPCService/SubscribeSignedVAA
With parameters (using proto json encoding):
<!-- cspell:disable-next-line -->
tools/bin/grpcurl -protoset <(tools/bin/buf build -o -) \
-d '{"filters": [{"emitter_filter": {"emitter_address": "574108aed69daf7e625a361864b1f74d13702f2ca56de9660e566d1d8691848d", "chain_id": "CHAIN_ID_SOLANA"}}]}' \
-plaintext localhost:7072 spy.v1.SpyRPCService/SubscribeSignedVAA
@ -152,10 +154,12 @@ With parameters (using proto json encoding):
To Solana:
<!-- cspell:disable-next-line -->
kubectl exec solana-devnet-0 -c setup -- client post-message Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o 1 confirmed ffff
To Solana as CPI instruction:
<!-- cspell:disable-next-line -->
kubectl exec solana-devnet-0 -c setup -- client post-message --proxy CP1co2QMMoDPbsmV7PGcUTLFwyhgCgTXt25gLQ5LewE1 Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o 1 confirmed ffff
### Observation Requests

2
SECURITY.md
View File

@ -100,7 +100,7 @@ It's important to remember this is an iterative process and to stay positive. If
## Chain Integrators
As the list of chains connected to Wormhole increases, so does the risk that a given connected could introduce risks to the Wormhole network. As a result, Wormhole does have built-in safety features (e.g.: [Governor white-paper](https://github.com/wormhole-foundation/wormhole/blob/main/whitepapers/0007_governor.md)) to reduce the "blast radius" of such case. That said, a defense in depth strategy is required to do as much as possible to secure the network. As part of this methodology, the Wormhole project recommends that all connected chains current and future implement robust security programs of their own to do their part in managing chain compromise risk to the wormhole network.
As the list of chains connected to Wormhole increases, so does the risk that a given connection could introduce risks to the Wormhole network. As a result, Wormhole does have built-in safety features (e.g.: [Governor white-paper](https://github.com/wormhole-foundation/wormhole/blob/main/whitepapers/0007_governor.md)) to reduce the "blast radius" of such case. That said, a defense in depth strategy is required to do as much as possible to secure the network. As part of this methodology, the Wormhole project recommends that all connected chains current and future implement robust security programs of their own to do their part in managing chain compromise risk to the Wormhole network.
Here are a few ways in which connected chains can maintain high security standards:

18
algorand/MEMORY.md
View File

@ -41,6 +41,7 @@ if __name__ == '__main__':
If we run this program, it will generate a file called `sig.tmpl.teal` based on whatever `get_sig_tmpl()` returns from the `TmplSig` class. The first few lines of `sig.tmpl.teal` look like this:
<!-- cspell:disable -->
```
#pragma version 6
intcblock 1
@ -79,6 +80,7 @@ assert
intc_0 // 1
return
```
<!-- cspell:enable -->
Well examine this file more carefully soon. For now, the key takeaway is that it contains TEAL bytecode, which is a stack-based programming language. Whats curious is that right at the beginning, we push `TMPL_ADDR_IDX` and `TMPL_EMITTER_ID`, only to immediately pop them from the stack, which seems redundant. Indeed, as we will see, these four lines of code are here just for the sake of being here, and we dont actually expect them to do anything useful. This will make more sense soon.
@ -115,7 +117,7 @@ Here are the two pop statements we looked at in the TEAL code. The pyTEAL compil
`Tmpl.Int("TMPL_ADDR_IDX")` and `Tmpl.Bytes("TMPL_EMITTER_ID")` are _template variables_. Normally, they can be thought of as variables in a TEAL program that get replaced at compile time by the compiler, sort of like CPP macros. In fact, this already hints at how the LogicSig is going to be used: these variables will be programmatically replaced (albeit not just at compile time, but more on that later) with distinct values to generate distinct LogicSigs, with deterministic addresses. The wormhole contract will then be able to use the memory of the associated accounts of these LogicSigs. To see how, well first go through what the LogicSig does in the first place.
When using a LogicSig to sign a transaction (like in our case), the LogicSig program can query information about the transaction from the Algorand runtime. If the LogicSig doesn't revert, then the transaction will be executed on-chain. It is the LogicSigs responsibility to decide whether it wants to approve this transaction, so it will perform a number of checks to ensure the transaction does whats expected. Importantly, anyone can pass in their own transactions and use the LogicSig to sign it, so forgetting a check here could result in hijacking the LogicSigs associated account. That's because (by default), transactions that are signed (that is, approved) by the LogicSig can acces the LogicSigs account. In fact, that's what LogicSigs were designed for in the first place: to implement arbitrary logic for deciding who can spend money out of some account.
When using a LogicSig to sign a transaction (like in our case), the LogicSig program can query information about the transaction from the Algorand runtime. If the LogicSig doesn't revert, then the transaction will be executed on-chain. It is the LogicSigs responsibility to decide whether it wants to approve this transaction, so it will perform a number of checks to ensure the transaction does whats expected. Importantly, anyone can pass in their own transactions and use the LogicSig to sign it, so forgetting a check here could result in hijacking the LogicSigs associated account. That's because (by default), transactions that are signed (that is, approved) by the LogicSig can access the LogicSigs account. In fact, that's what LogicSigs were designed for in the first place: to implement arbitrary logic for deciding who can spend money out of some account.
The first instruction after the two `Pop`s above is
@ -128,14 +130,16 @@ The first instruction after the two `Pop`s above is
Which asserts that the transaction being signed is an application call.
Note that `==` here is an overloaded operator, and it doesnt compare two python values. Instead, it generates a piece of pyTEAL abstract syntax that represents an equality operation. In TEALs concrete syntax, this looks like:
<!-- cspell:disable -->
```
txn TypeEnum
pushint 6 // appl
==
assert
```
<!-- cspell:enable -->
The `txn` opcode pushes a transaction field variable to the stack, in this case its type, which is made avaiable by the AVM runtime.
The `txn` opcode pushes a transaction field variable to the stack, in this case its type, which is made available by the AVM runtime.
`pushint` pushes an integer to the stack, here the number 6, which corresponds to application call. `==` pops the top two elements from the stack and pushes 1 if they are equal, or 0 if they are not. Finally, `assert` pops the top of the stack, and reverts the transaction if its 0 (or if the stack is empty).
Application calls are one of the built-in transaction types defined by Algorand, another one is Payment. We require that this one is an application call, because of the next check, opting in:
@ -179,7 +183,7 @@ Approve()
[/algorand/TmplSig.py#L152](https://github.com/wormhole-foundation/wormhole/blob/0af600ddde4f507b30ea043de66033d7383f53af/algorand/TmplSig.py#L152)
To summarize, this is how allocation works: a special program opts in to the wormhole contract, thereby allowing wormhole to write memory into the programs account, then transfers ownership of the account to wormhole. Since the address of this account is derived from the programs bytecode, the addresses are reconstructable deterministically, and a given account with such an address cannot have been created any other way than by executing that program with the expected arguments.
To summarize, this is how allocation works: a special program opts in to the wormhole contract, thereby allowing wormhole to write memory into the programs account, then transfers ownership of the account to wormhole. Since the address of this account is derived from the programs bytecode, the addresses are reconstructible deterministically, and a given account with such an address cannot have been created any other way than by executing that program with the expected arguments.
<a id="orgf176818"></a>
@ -193,6 +197,7 @@ Instead, we turn to programmatically patching the generated binary. The LogicSig
The constructor of the `TmplSig` class starts by initializing the following data structure:
<!-- cspell:disable -->
```python
self.map = {"name":"lsig.teal","version":6,"source":"","bytecode":"BiABAYEASIAASDEQgQYSRDEZIhJEMRiBABJEMSCAABJEMQGBABJEMQkyAxJEMRUyAxJEIg==",
"template_labels":{
@ -203,6 +208,7 @@ The constructor of the `TmplSig` class starts by initializing the following data
},
}
```
<!-- cspell:enable -->
[/algorand/TmplSig.py#L39-L47](https://github.com/wormhole-foundation/wormhole/blob/0af600ddde4f507b30ea043de66033d7383f53af/algorand/TmplSig.py#L39-L47)
@ -217,6 +223,7 @@ To see what the layout looks like, lets decode the first few bytes of the byt
and the first few lines of the TEAL code as a reminder:
<!-- cspell:disable -->
```
#pragma version 6
intcblock 1
@ -225,6 +232,7 @@ pop
pushbytes TMPL_EMITTER_ID // TMPL_EMITTER_ID
pop
```
<!-- cspell:enable -->
The first byte (`0x06`) is the version identifier. This matches `#pragma version 6` in the TEAL file. `0x20` is the `intcblock` instruction. It takes a byte that represents how many ints are stored (1 here) in this section, and then a list of ints (here, its just 1). `0x81` is the `pushint` instruction, and here we push `0x0`. This means that that this program was compiled with the template variables filled with zeros. This 0 is at offset 5 in the bytecode, which agrees with the `'position': 5'` field of the above data structure for `TMPL_ADDR_IDX`. The `0x48` opcode next is the pop instruction. Next, `0x80` is a `pushbytes` instruction, which first takes the a varint for the length of the byte array, then the byte array. Here, since the length is 0, there are no bytes following, instead `0x48` pops immediately. This byte array is at position 8, which corresponds to `TMPL_EMITTER_ID` above.
@ -234,6 +242,7 @@ The first byte (`0x06`) is the version identifier. This matches `#pragma version
The python code that constructs the bytecode is defined as
<!-- cspell:disable -->
```python
def populate(self, values: Dict[str, Union[str, int]]) -> LogicSigAccount:
"""populate uses the map to fill in the variable of the bytecode and returns a logic sig with the populated bytecode"""
@ -261,6 +270,7 @@ The python code that constructs the bytecode is defined as
# Create a new LogicSigAccount given the populated bytecode,
return LogicSigAccount(bytes(contract))
```
<!-- cspell:enable -->
[/algorand/TmplSig.py#L58-L85](https://github.com/wormhole-foundation/wormhole/blob/0af600ddde4f507b30ea043de66033d7383f53af/algorand/TmplSig.py#L58-L85)
@ -285,7 +295,7 @@ The on-chain program is similar to the above, but it just concatenates the byte
tmpl_sig.get_bytecode_chunk(0),
encode_uvarint(acct_seq_start, Bytes("")),
# EMMITTER_ID
# EMITTER_ID
tmpl_sig.get_bytecode_chunk(1),
encode_uvarint(Len(emitter), Bytes("")),
emitter,

4
algorand/NOTES.md
View File

@ -31,7 +31,7 @@ put into dev/node.yaml
Install the algorand requirements
python3 -m pip install -r requirements.txt
python3 -m pip install -r requirements.txt
install docker-compile
@ -42,6 +42,7 @@ bring up the dev sandbox
./sandbox down; ./sandbox clean
<!-- cspell:disable -->
[jsiegel@gusc1a-ossdev-jsl1 ~/.../algorand/_sandbox]{master} git diff
diff --git a/images/indexer/start.sh b/images/indexer/start.sh
index 9e224c2..f1714ea 100755
@ -311,3 +312,4 @@ python3 test.py
echo "bring the sandbox down"
cd ..
./sandbox down
<!-- cspell:enable -->

2
algorand/token_bridge.py
View File

@ -198,7 +198,7 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
tmpl_sig.get_bytecode_chunk(0),
encode_uvarint(acct_seq_start, Bytes("")),
# EMMITTER_ID
# EMITTER_ID
tmpl_sig.get_bytecode_chunk(1),
encode_uvarint(Len(emitter), Bytes("")),
emitter,

2
algorand/wormhole_core.py
View File

@ -104,7 +104,7 @@ def getCoreContracts( genTeal, approve_name, clear_name,
tmpl_sig.get_bytecode_chunk(0),
encode_uvarint(acct_seq_start, Bytes("")),
# EMMITTER_ID
# EMITTER_ID
tmpl_sig.get_bytecode_chunk(1),
encode_uvarint(Len(emitter), Bytes("")),
emitter,

1
aptos/Docker.md
View File

@ -1,5 +1,6 @@
# first build the image
<!-- cspell:disable-next-line -->
(cd ..; DOCKER_BUILDKIT=1 docker buildx build --platform linux/amd64 -f aptos/Dockerfile.base -t aptos .)
# tag the image with the appropriate version

6
aptos/README.md
View File

@ -215,7 +215,7 @@ simpler for users and integrators.
`signer` objects can also be used for access control, because the existence of a
`signer` value with a given address proves that the address authorised that
transaction. The key observation is that a `signer` is an unforgable token of
transaction. The key observation is that a `signer` is an unforgeable token of
authority, also known as a _capability_. The issue is, as described in the above
section, is that the `signer` capability is too general, as it can authorise
arbitrary actions on behalf of the user. For this reason, we don't use `signer`s
@ -335,7 +335,3 @@ single entity having full control over the contracts, the contracts need to be
their own signing authority. For details on how this is implemented, see
[deployer.move](./deployer/sources/deployer.move) and
[contract_upgrade.move](./wormhole/sources/contract_upgrade.move).
## Newtypes
TODO

4
aptos/nft_bridge/README.md
View File

@ -50,8 +50,8 @@ to identify collections (only 20 bytes of which are used on EVM chains, for the
contract address) and another 32 bytes to identify the token within the
collection. Neither of these fields are sufficient to pack the necessary
information on Aptos, since the creator address itself is already 32 bytes, and
the collection name can be an arbitary string up to 128 bytes. Token names can
also be arbitary 128 byte strings.
the collection name can be an arbitrary string up to 128 bytes. Token names can
also be arbitrary 128 byte strings.
Thus, we store 32 byte hashes of these two fields respectively. The exact
details of how the hashes are computed are defined in

8
clients/js/README.md
View File

@ -4,7 +4,7 @@ This tool is a command line interface to Wormhole.
## Installation
Pull down the repo if you dont already have it and cd to the appropriate directory:
Pull down the repo if you don't already have it and cd to the appropriate directory:
git clone https://github.com/wormhole-foundation/wormhole
cd wormhole/clients/js
@ -28,16 +28,14 @@ Commands:
worm edit-vaa Edits or generates a VAA
worm evm EVM utilities
worm generate generate VAAs (devnet and testnet only)
worm info Contract, chain, rpc and address informatio
n utilities
worm info Contract, chain, rpc and address information utilities
worm near NEAR utilities
worm parse <vaa> Parse a VAA (can be in either hex or base64
format)
worm recover <digest> <signature> Recover an address from a signature
worm submit <vaa> Execute a VAA
worm sui Sui utilities
worm verify-vaa Verifies a VAA by querying the core contrac
t on Ethereum
worm verify-vaa Verifies a VAA by querying the core contract on Ethereum
Options:
--help Show help [boolean]

8
cosmwasm/deployment/terra2/README.md
View File

@ -7,14 +7,14 @@ This readme describes the steps for building, verifying, and deploying Terra2 sm
## Verify Tilt
Before building Terra contracts, ensure that the specific commit you will be
building from passes in tilt. This that ensures basic functionality of the
building from passes in tilt. This ensures the basic functionality of the
Terra smart contracts that you are about to build and deploy.
## Build Contracts
The following command can be used to build Terra2 contracts via Docker.
Build Target Options: [`mainnet`|`testnet`|`devnet`|
Build Target Options: [`mainnet`|`testnet`|`devnet`]
These network names correspond to the naming convention used by wormhole
elsewhere. This means that `mainnet` corresponds to Terra `mainnet`,
@ -120,9 +120,11 @@ now be shared with the guardians to vote on.
Once the guardians have reached quorum, the VAA may be submitted from any
funded wallet: TODO - make this easier and more unified
<!-- cspell:disable -->
```sh
node main.js terra execute_governance_vaa <signed VAA (hex)> --rpc "https://lcd.terra.dev" --chain_id "columbus-5" --mnemonic "..." --token_bridge "terra10nmmwe8r3g99a9newtqa7a75xfgs2e8z87r2sf"
```
<!-- cspell:enable -->
### Testnet
@ -131,6 +133,8 @@ authority, so these don't have to go through governance.
For example, to migrate the token bridge to 59614, run in `tools/`:
<!-- cspell:disable -->
```sh
node migrate_testnet.js --code_id 59614 --contract terra1pseddrv0yfsn76u4zxrjmtf45kdlmalswdv39a --mnemonic "..."
```
<!-- cspell:enable -->

194
cspell-custom-words.txt Normal file
View File

@ -0,0 +1,194 @@
acala
Acala
Acks
Alertmanager
algod
Algorand
algosdk
alist
Aptos
authorisation
authorise
authorised
backdoors
bech
Bech
behaviour
bigset
Bigtable
borsh
bscscan
BUILDKIT
bytecodes
callstack
CCTP
celestia
Celestia
certusone
Chainlink
Coinspect
collateralization
colour
Concat
conftest
Cosm
cosmoshub
cosmwasm
Cosmwasm
counterparty
cpus
crosschain
Cyfrin
datagram
denoms
devnet
dymension
Dymension
ethcrypto
ethersproject
ETHRPC
evmos
forgeable
FQTs
frontends
funder
gogoproto
goimports
gossipv
guardiand
GUARDIAND
guardiand's
Hacken
hashdump
hexdump
holesky
Holesky
ICCO
incentivized
incentivizing
initialisation
initialised
initialiser
injective
Injective
inotify
intcblock
ints
Ints
IPFS
journalctl
karura
Karura
Keccak
kevm
KEVM
keymap
keytool
klaytn
Klaytn
kompiled
kompiles
Kudelski
kujira
Kujira
lamports
lastrun
libp
localterra
lockfiles
merkle
Metaplex
mindshare
mlock
moby
moonscan
moretags
Neodyme
nhooyr
obsv
Obsv
optimisation
optin
Optin
parachain
pdas
permissionless
permissionlessly
Polkachu
Polkadot
Positionals
prefunded
promauto
proto
Proto
protobuf
protos
prototxt
pubkey
pushbytes
pushint
pytest
Pytest
pythnet
QUIC
ramfs
readyz
regen
reinit
reobservation
repoint
rustup
satoshi
secp
seda
serde
setcap
solana
Solana
Solana's
spydk
Starport
statesync
struct
structs
subdenom
subdenoms
Subdenoms
supermajority
superminority
tendermint
Tendermint
terrad
tokenbridge
tokenfactory
trustlessly
tsig
tsproto
TWAP
uatom
uluna
unbond
Uncompromised
undercollateralization
unforgeable
unnormalize
untampered
utest
uusd
uvarint
varint
varints
vimdiff
vphash
wasmhooks
wasms
WORKDIR
wormchain
Wormchain
wormchaind
Wormholescan
wormscan
wormscanurl
xpla
XPLA
Zellic

24
cspell.config.yaml Normal file
View File

@ -0,0 +1,24 @@
---
$schema: https://raw.githubusercontent.com/streetsidesoftware/cspell/main/cspell.schema.json
version: '0.2'
dictionaryDefinitions:
- name: wormhole-dictionary
path: './cspell-custom-words.txt'
addWords: true
dictionaries:
- wormhole-dictionary
ignorePaths:
# go modules for the guardian node
- '/pkg/mod/**'
- '**/node_modules/**'
- '**/requirements.txt'
- '/cspell-custom-words.txt'
# tilt extensions
- '/tilt_modules/**'
# build artifacts
- '/clients/js/build/**'
- '/wormchain/build/**'
# cosmos* and cosmwasm* autogenerated
- '/wormchain/ts-sdk/src/modules/cosm.*/**'
# osmosis* autogenerated
- '/wormchain/ts-sdk/src/modules/osmosis*/**'

4
docs/assumptions.md
View File

@ -75,7 +75,7 @@ strongly align with the Solana ecosystem - large token holders, ecosystem projec
would risk damage to their reputation, token values, and ecosystem growth by attacking the network or neglecting their
duties.
We assume that at the present time, such incentive alignment is easy to bootstrap and get right than a separate chain,
We assume that, at the present time, such incentive alignment is easier to bootstrap and get right than a separate chain,
which requires carefully-designed token economy and slashing criteria. In particular, it attracts operators who care
about the ecosystem beyond short-term validation rewards, resulting in a high-quality, resilient guardian set.
@ -120,7 +120,7 @@ known for its robustness - and go-ethereum, both of which have been exhaustively
## Safe handling of crashes in the Solana eBPF VM
Due to the instruction count limitations in the Solana runtime, the Solana contracts makes liberal use of unsafe blocks
Due to the instruction count limitations in the Solana runtime, the Solana contracts make liberal use of unsafe blocks
to serialize and deserialize data without incurring the overhead of a memory-safe approach.
This follows current best practices for Solana contract development. It assumes that invalid operations or out-of-bounds

12
docs/devnet.md
View File

@ -1,5 +1,6 @@
## Addresses
<!-- spell-checker: disable -->
| Label | Network | Address | Note |
| ------------------ | :-------: | ----------------------------------------------------------------------------------------------------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| Test Wallet | ETH | 0x90F8bf6A479f320ead074411a4B0e7944Ea8c9C1 | Key: `0x4f3edf983ac636a65a842ce7c78d9aa706d3b113bce9c46f30d7d21715b23b1d` Mnemonic `myth like bonus scare over problem client lizard pioneer submit female collect` |
@ -29,6 +30,7 @@
| Bridge Core | Terra2 | terra14hj2tavq8fpesdwxxcu44rty3hh90vhujrvcmstl4zr3txmfvw9ssrc8au | |
| Token Bridge | Terra2 | terra1nc5tatafv6eyq7llkr2gv50ff9e22mnf70qgjlv737ktmt4eswrquka9l6 | |
| Governance Emitter | Universal | 0x0000000000000000000000000000000000000000000000000000000000000004 / 11111111111111111111111111111115 | Emitter Chain: 0x01 |
<!-- spell-checker: enable -->
### Terra
@ -38,19 +40,19 @@ The terra testnet can be used just like a normal localterra network (can be sele
The `admin.py` deployment tool can be used to generate a set of five prefunded accounts using the `--fundDevAccounts` option, with the following addresses and mnemonics:
DEV7AREMQSPWWDDFFJ3A5OIMMDCZN4YT5U2MQBN76Y4J5ERQQ3MWPIHUYA 800M ALGO
DEV7AREMQSPWWDDFFJ3A5OIMMDCZN4YT5U2MQBN76Y4J5ERQQ3MWPIHUYA 800M ALGO <!-- cspell:disable-line -->
provide warfare better filter glory civil help jacket alpha penalty van fiber code upgrade web more curve sauce merit bike satoshi blame orphan absorb modify
DEVBE5BIDJV6SWV7E3XPLB5DXZG2JYCWHGXBAQH6WNBZA3G7SQQ5HUJQII
DEVBE5BIDJV6SWV7E3XPLB5DXZG2JYCWHGXBAQH6WNBZA3G7SQQ5HUJQII <!-- cspell:disable-line -->
album neglect very nasty input trick annual arctic spray task candy unfold letter drill glove sword flock omit dial rather session mesh slow abandon slab
DEV3AURNEWR5TRFXIOBP2VTCTZIS52Q3XJHNJ57M4IZLMNZ5ABQ6M7AL6E
DEV3AURNEWR5TRFXIOBP2VTCTZIS52Q3XJHNJ57M4IZLMNZ5ABQ6M7AL6E <!-- cspell:disable-line -->
blue spring teach silent cheap grace desk crack agree leave tray lady chair reopen midnight lottery glove congress lounge arrow fine junior mirror above purchase
DEVKKFRWGS4EX2GP5PLMFOXAH5TBBSWFD6G2D564FHVDXH55QSPXJKAHIU
DEVKKFRWGS4EX2GP5PLMFOXAH5TBBSWFD6G2D564FHVDXH55QSPXJKAHIU <!-- cspell:disable-line -->
front rifle urge write push dynamic oil vital section blast protect suffer shoulder base address teach sight trap trial august mechanic border leaf absorb attract
DEVKPY5JA6IJED3KBS7Z6J2ZXAUVWIJLABNAYVVLOXXIVSBH32FA2Z4BWY
DEVKPY5JA6IJED3KBS7Z6J2ZXAUVWIJLABNAYVVLOXXIVSBH32FA2Z4BWY <!-- cspell:disable-line -->
fat pet option agree father glue range ancient curtain pottery search raven club save crane sting gift seven butter decline image toward kidney above balance
### devnet guardian addresses

14
docs/operations.md
View File

@ -52,6 +52,7 @@ Be aware that these require extra disk space!
If you use the same RPC node for Wormhole v1, you also need the following additional parameters to speed up
`getProgramAccount` queries:
<!-- cspell:disable -->
```
[... see above for other required parameters ...]
@ -59,6 +60,7 @@ If you use the same RPC node for Wormhole v1, you also need the following additi
--account-index-include-key WormT3McKhFJ2RkiGpdw9GKvNCrB2aB54gb2uV9MfQC # for mainnet
--account-index-include-key 5gQf5AUhAgWYgUCt9ouShm9H7dzzXUsLdssYwe5krKhg # for testnet
```
<!-- cspell:enable -->
Alternatively, if you want to run a general-purpose RPC node with indexes for all programs instead of only Wormhole,
leave out the filtering:
@ -69,10 +71,12 @@ leave out the filtering:
On mainnet, we strongly recommend blacklisting KIN and the token program to speed up catchup:
<!-- cspell:disable -->
```
--account-index-exclude-key kinXdEcpDQeHPEuQnqmUgtYykqKGVFq6CeVX5iAHJq6 # Mainnet only
--account-index-exclude-key TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA # Mainnet only
```
<!-- cspell:enable -->
Note that these indexes require extra disk space and may slow down catchup. The first startup after
adding these parameters will be slow since Solana needs to recreate all indexes.
@ -261,19 +265,23 @@ The following bootstrap peers are available in each environment.
### Mainnet
<!-- cspell:disable -->
```bash
--bootstrap "/dns4/wormhole-v2-mainnet-bootstrap.xlabs.xyz/udp/8999/quic/p2p/12D3KooWNQ9tVrcb64tw6bNs2CaNrUGPM7yRrKvBBheQ5yCyPHKC,/dns4/wormhole.mcf.rocks/udp/8999/quic/p2p/12D3KooWDZVv7BhZ8yFLkarNdaSWaB43D6UbQwExJ8nnGAEmfHcU,/dns4/wormhole-v2-mainnet-bootstrap.staking.fund/udp/8999/quic/p2p/12D3KooWG8obDX9DNi1KUwZNu9xkGwfKqTp2GFwuuHpWZ3nQruS1"
--ccqP2pBootstrap "/dns4/wormhole-v2-mainnet-bootstrap.xlabs.xyz/udp/8996/quic/p2p/12D3KooWNQ9tVrcb64tw6bNs2CaNrUGPM7yRrKvBBheQ5yCyPHKC,/dns4/wormhole.mcf.rocks/udp/8996/quic/p2p/12D3KooWDZVv7BhZ8yFLkarNdaSWaB43D6UbQwExJ8nnGAEmfHcU,/dns4/wormhole-v2-mainnet-bootstrap.staking.fund/udp/8996/quic/p2p/12D3KooWG8obDX9DNi1KUwZNu9xkGwfKqTp2GFwuuHpWZ3nQruS1"
```
<!-- cspell:enable -->
### Testnet
<!-- cspell:disable -->
```bash
--bootstrap "/dns4/t-guardian-01.nodes.stable.io/udp/8999/quic/p2p/12D3KooWCW3LGUtkCVkHZmVSZHzL3C4WRKWfqAiJPz1NR7dT9Bxh,/dns4/t-guardian-02.nodes.stable.io/udp/8999/quic/p2p/12D3KooWJXA6goBCiWM8ucjzc4jVUBSqL9Rri6UpjHbkMPErz5zK,/dns4/p2p-guardian-testnet-1.solana.p2p.org/udp/8999/quic/p2p/12D3KooWE4dmZwxhfjCKHLUqSaww96Cf7kmq1ZuKmzPz3MrJgZxp"
--ccqP2pBootstrap "/dns4/t-guardian-01.nodes.stable.io/udp/8996/quic/p2p/12D3KooWCW3LGUtkCVkHZmVSZHzL3C4WRKWfqAiJPz1NR7dT9Bxh,/dns4/t-guardian-02.nodes.stable.io/udp/8996/quic/p2p/12D3KooWJXA6goBCiWM8ucjzc4jVUBSqL9Rri6UpjHbkMPErz5zK,/dns4/p2p-guardian-testnet-1.solana.p2p.org/udp/8996/quic/p2p/12D3KooWE4dmZwxhfjCKHLUqSaww96Cf7kmq1ZuKmzPz3MrJgZxp"
```
<!-- cspell:enable -->
## Run the Guardian Spy
@ -281,6 +289,7 @@ The spy connects to the wormhole guardian peer to peer network and listens for n
Start the spy against the testnet wormhole guardian:
<!-- cspell:disable -->
```bash
docker run \
--platform=linux/amd64 \
@ -289,9 +298,11 @@ docker run \
ghcr.io/wormhole-foundation/guardiand:latest \
spy --nodeKey /node.key --spyRPC "[::]:7073" --network /wormhole/testnet/2/1 --bootstrap "/dns4/t-guardian-01.nodes.stable.io/udp/8999/quic/p2p/12D3KooWCW3LGUtkCVkHZmVSZHzL3C4WRKWfqAiJPz1NR7dT9Bxh,/dns4/t-guardian-02.nodes.stable.io/udp/8999/quic/p2p/12D3KooWJXA6goBCiWM8ucjzc4jVUBSqL9Rri6UpjHbkMPErz5zK,/dns4/p2p-guardian-testnet-1.solana.p2p.org/udp/8999/quic/p2p/12D3KooWE4dmZwxhfjCKHLUqSaww96Cf7kmq1ZuKmzPz3MrJgZxp"
```
<!-- cspell:enable -->
To run the spy against mainnet:
<!-- cspell:disable -->
```bash
docker run \
--platform=linux/amd64 \
@ -300,6 +311,7 @@ docker run \
ghcr.io/wormhole-foundation/guardiand:latest \
spy --nodeKey /node.key --spyRPC "[::]:7073" --network /wormhole/mainnet/2 --bootstrap /dns4/wormhole-v2-mainnet-bootstrap.xlabs.xyz/udp/8999/quic/p2p/12D3KooWNQ9tVrcb64tw6bNs2CaNrUGPM7yRrKvBBheQ5yCyPHKC,/dns4/wormhole.mcf.rocks/udp/8999/quic/p2p/12D3KooWDZVv7BhZ8yFLkarNdaSWaB43D6UbQwExJ8nnGAEmfHcU,/dns4/wormhole-v2-mainnet-bootstrap.staking.fund/udp/8999/quic/p2p/12D3KooWG8obDX9DNi1KUwZNu9xkGwfKqTp2GFwuuHpWZ3nQruS1
```
<!-- cspell:enable -->
## Guardian Configurations
@ -313,12 +325,14 @@ Configuration files, environment variables and flags are all supported.
**Example**:
<!-- cspell:disable -->
```yaml
ethRPC: "ws://eth-devnet:8545"
ethContract: "0xC89Ce4735882C9F0f0FE26686c53074E09B0D550"
solanaRPC: "http://solana-devnet:8899"
solanaContract: "Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o"
```
<!-- cspell:enable -->
### Environment Variables

4
docs/updating_testnet.md
View File

@ -47,9 +47,11 @@ cd cosmwasm
node deployment/terra2/tools/deploy_single.js --network testnet --artifact artifacts/cw_token_bridge.wasm --mnemonic "<testnetDeployerSeedPhrase>"
```
2. The admin of the Terra2 token bridge in testnet has not been transferred to the contract itself, so you cannot use the standard contract upgrade VAA to complete the upgrade. Instead, do the following:
<!-- cspell:disable -->
```bash
node deployment/terra2/tools/migrate_testnet.js --network testnet --code_id <codeIdFromDeploy> --contract terra1c02vds4uhgtrmcw7ldlg75zumdqxr8hwf7npseuf2h58jzhpgjxsgmwkvk --mnemonic "<testnetDeployerSeedPhrase>"
```
<!-- cspell:enable -->
### Resetting the Registration on XPLA
1. Deploy the new code to XPLA by doing the following. This should give you the `code_id`.
@ -80,4 +82,4 @@ worm submit $VAA --network testnet --chain <chainName>
To verify that the registrations are all correct for a given chain, you can do the following. This command currently works for Solana, EVM, Terra2, XPLA, Aptos, Sui and Sei.
```bash
worm info registrations testnet acala TokenBridge --verify
```
```

4
ethereum/VERIFY.md
View File

@ -7,8 +7,8 @@ that's actually deployed. This enables the explorer to properly parse the
transaction payloads according to the contract ABI.
This document outlines the process of verification. In general, you will need an
API key for the relevant explorer (this can be obtained by creating an account),
and also know which address the contract code lives. The API key is expected to
API key for the relevant explorer (this can be obtained by creating an account)
and to know at which address the contract code lives. The API key is expected to
be set in the `ETHERSCAN_KEY` environment variable for all APIs (not just
etherscan, bit of a misnomer).

2
ethereum/ts-scripts/relayer/README.md
View File

@ -36,4 +36,4 @@ ENV=tilt ts-node ./ts-scripts/relayer/deliveryProvider/upgradeDeliveryProvider.t
The ./shell directory contains shell scripts which combine commonly chained actions together.
For example, ./shell/deployConfigureTest.sh will deploy the DeliveryProvider, WormholeRelayer, and MockIntegration contracts. Configure them all to point at eachother, and then run messageTest to test that everything worked. Note: useLastRun in contracts.json needs to be set to "true" in order for this script to work.
For example, ./shell/deployConfigureTest.sh will deploy the DeliveryProvider, WormholeRelayer, and MockIntegration contracts. Configure them all to point at each other, and then run messageTest to test that everything worked. Note: useLastRun in contracts.json needs to be set to "true" in order for this script to work.

1
near/Docker.md
View File

@ -1,5 +1,6 @@
# first build the image
<!-- cspell:disable-next-line -->
DOCKER_BUILDKIT=1 docker build -f Dockerfile.base -t near .
# tag the image with the appropriate version

2
node/pkg/watchers/README.md
View File

@ -82,6 +82,7 @@ The Run function is what is called by the guardian to start this watcher. It sho
The following is an outline in go. Notice that each go routine is encapsulated by RunWithScissors(). What this function does is wrap the go routine to make sure that any panic or error gets reported to an error channel. Other go routines use this as a mechanism to determine degraded performance of the watcher and exit.
<!-- cspell:disable -->
```go
func (e *Watcher) Run(ctx context.Context) error {
// Setup a logger
@ -178,6 +179,7 @@ func (e *Watcher) Run(ctx context.Context) error {
} // end select
} // end Run()
```
<!-- cspell:enable -->
### Other thoughts / directions:

4
node/pkg/watchers/near/README.md
View File

@ -8,7 +8,7 @@ There are multiple supervised runners:
* *BlockPoll*: Polls the NEAR RPC API for finalized blocks and generates transactionProcessingJobs for every single transaction
* *ChunkFetcher*: Fetches chunks for each block in parallel
* *TxProcessor*: Processes `transactionProcessingJob`, going through all receipt outcomes, searching for Wormhole messages, and checking that they have been finalized. If there are Wormhole messages in any receipts from this transaction but those receipts are not in finalized blocks, the `transactionProcessingJob` will be put in the back of the queue.
* *ObsvReqProcessor*: Process observation requests. An observation request is a way of kindly asking the Guardian to go back in time and look at a particular transaction and try to identify wormhole events in it. Observation requests are received from other Guardians or injected through the admin API. Eventhough they are signed, they should not be trusted.
* *ObsvReqProcessor*: Process observation requests. An observation request is a way of kindly asking the Guardian to go back in time and look at a particular transaction and try to identify wormhole events in it. Observation requests are received from other Guardians or injected through the admin API. Even though they are signed, they should not be trusted.
* chunkProcessingQueue gets new chunk hashes.
@ -52,7 +52,7 @@ There is a RPC API EXPERIMENTAL_changes_in_block which would tell you if the blo
* tx_hash: Transaction hash
* error_type (enum)
* invalid_hash: Program encountered a hash that is not well-formed, i.e. not 32 bytes long.
* nearapi_inconsistent: NEAR RPC returned data that doesn't make sense.
* nearapi_inconsistent: NEAR RPC returned data that doesn't make sense.<!-- cspell:disable-line -->
* malformed_wormhole_event: The wormhole log emission is malformed. This should never happen. If it does, that'd be indicative of a big problem.
* startup_fail: Something went wrong during watcher startup.

2
sdk/README.md
View File

@ -6,7 +6,7 @@ wormhole.
# Directory Structure
* [sdk/](./): Go SDK. This package must live in this directory so that clients can use the
`gitub.com/wormhole-foundation/wormhole/sdk` import path.
`github.com/wormhole-foundation/wormhole/sdk` import path.
* [vaa/](./vaa/): Go package for using VAAs (Verifiable Action Approval).
* [js/](./js/README.md): Javascript SDK.
* [js-proto-node/](./js-proto-node/README.md): NodeJS client protobuf.

9
solana/README.md
View File

@ -6,14 +6,14 @@ This readme describes the steps for building, verifying, and deploying Solana sm
## Verify Tilt
Before building Solana contracts, ensure that the specific commit you will be building from passes in tilt. This that ensures basic functionality of the Solana smart contracts that you are about to build and deploy.
Before building Solana contracts, ensure that the specific commit you will be building from passes in tilt. This ensures the basic functionality of the Solana smart contracts that you are about to build and deploy.
## Build Contracts
The following command can be used to build contracts for Solana contracts via Docker.
Build Target Options: [`mainnet`|`testnet`|`devnet`|
Build Target Options: [`mainnet`|`testnet`|`devnet`]
These network names correspond to the naming convention used by wormhole
elsewhere. This means that `mainnet` corresponds to Solana `mainnet-beta`,
@ -77,22 +77,27 @@ Now that you have deployed one or more contracts on-chain, you can verify the on
For each contract you wish to verify on-chain, you will need the following elements:
- Path to the contracts bytecode (eg. `artifacts-testnet/bridge.so`)
<!-- cspell:disable-next-line -->
- Solana account address for the relevant contract (eg. `9GRbmSbdrWGNf9z27YrhPbWnL7zZ3doeQAq2LrkmCB4Y`)
- A network to verify on (`mainnet`, `testnet`, or `devnet`)
Below is how to verify all three contracts on testnet:
<!-- cspell:disable -->
```console
wormhole/solana $ verify -n testnet artifacts-testnet/bridge.so NEW_BRIDGE_ACCOUNT_ADDRESS
wormhole/solana $ verify -n testnet artifacts-testnet/token_bridge.so NEW_TOKEN_BRIDGE_ACCOUNT_ADDRESS
wormhole/solana $ verify -n testnet artifacts-testnet/nft_bridge.so NEW_NFT_BRIDGE_ACCOUNT_ADDRESS
```
Example: `verify -n testnet artifacts-testnet/bridge.so 9GRbmSbdrWGNf9z27YrhPbWnL7zZ3doeQAq2LrkmCB4Y`
<!-- cspell:enable -->
Again, if you have the NETWORK environment variable set, then the `-n` flag is optional:
<!-- cspell:disable -->
```console
verify artifacts-testnet/bridge.so 9GRbmSbdrWGNf9z27YrhPbWnL7zZ3doeQAq2LrkmCB4Y
```
<!-- cspell:enable -->
For each contract, you should expect a `Successfully verified` output message. If all contracts can be successfully verified, you can engage in Wormhole protocol governance to obtain an authorized VAA for the contract upgrade(s).

6
terra/README.md
View File

@ -7,14 +7,14 @@ This readme describes the steps for building, verifying, and deploying Terra sma
## Verify Tilt
Before building Terra contracts, ensure that the specific commit you will be
building from passes in tilt. This that ensures basic functionality of the
building from passes in tilt. This ensures the basic functionality of the
Terra smart contracts that you are about to build and deploy.
## Build Contracts
The following command can be used to build Terra contracts via Docker.
Build Target Options: [`mainnet`|`testnet`|`devnet`|
Build Target Options: [`mainnet`|`testnet`|`devnet`]
These network names correspond to the naming convention used by wormhole
elsewhere. This means that `mainnet` corresponds to Terra `mainnet`,
@ -141,6 +141,8 @@ authority, so these don't have to go through governance.
For example, to migrate the token bridge to 59614, run in `tools/`:
<!-- cspell:disable -->
``` sh
node migrate_testnet.js --code_id 59614 --contract terra1pseddrv0yfsn76u4zxrjmtf45kdlmalswdv39a --mnemonic "..."
```
<!-- cspell:enable -->

2
whitepapers/0004_message_publishing.md
View File

@ -80,7 +80,7 @@ Proposed bridge interface:
`setFees(VAA fee_payload)` - Update the fees using a `SetMessageFee` VAA
`transferFees(VAA transfer_payload)` - Transfer fees using a `TransderFees` VAA
`transferFees(VAA transfer_payload)` - Transfer fees using a `TransferFees` VAA
---

2
whitepapers/0007_governor.md
View File

@ -8,7 +8,7 @@ Limit the impact of certain exploits by giving Guardians the option to delay Wor
## Background
A single integrity failure of the core messaging bridge can have disastrous consequences for users of token bridges built ontop of Wormhole, if no additional safety mitigations are in place. For example, on Feb 2, 2022 [a vulnerability in the Solana core smart contract was exploited](https://wormholecrypto.medium.com/wormhole-incident-report-02-02-22-ad9b8f21eec6) to maliciously mint wETH on Solana and it was subsequently bridged back to Ethereum.
A single integrity failure of the core messaging bridge can have disastrous consequences for users of token bridges built on top of Wormhole, if no additional safety mitigations are in place. For example, on Feb 2, 2022 [a vulnerability in the Solana core smart contract was exploited](https://wormholecrypto.medium.com/wormhole-incident-report-02-02-22-ad9b8f21eec6) to maliciously mint wETH on Solana and it was subsequently bridged back to Ethereum.
There are multiple potential failure modes of the bridge:
* In scope of the Wormhole security program:

2
wormchain/design/design.md
View File

@ -64,7 +64,7 @@ in the new guardian set are already registered.
At present, Guardian Set upgrade VAAs are signed by the Guardians off-chain. This can stay off-chain for as long as needed, but should eventually be moved on-chain.
## TODO Bootstraping the PoA Network
## TODO Bootstrapping the PoA Network
At time of writing, the Guardian Network is currently at Guardian Set 2, but will possibly be at set 3 or 4 by the time of launch.

2
wormchain/devnet/client/README.md
View File

@ -5,5 +5,5 @@ This folder contains config for running `wormchaind` against the devnet (Tilt) w
### examples
transfer `utest` from the account used by `wormchain-0` to the account used by `wormchain-1`, to smoke-test wormchain - make sure we can connect to the RPC port, the accounts exist, and wormchain is producing blocks.
<!-- cspell:disable-next-line -->
./build/wormchaind --home build tx bank send wormhole1cyyzpxplxdzkeea7kwsydadg87357qna3zg3tq wormhole1wqwywkce50mg6077huy4j9y8lt80943ks5udzr 1utest --from wormchain-0 --yes --broadcast-mode block --keyring-backend test

2
wormchain/docs/registration.md
View File

@ -2,9 +2,11 @@
The wormhole (core module) address is:
<!-- cspell:disable -->
```
wormhole1ap5vgur5zlgys8whugfegnn43emka567dtq0jl
```
<!-- cspell:enable -->
This is deterministically generated from the module.

26
wormchain/x/ibc-hooks/README.md
View File

@ -3,8 +3,8 @@
## Wasm Hooks
The wasm hook is an IBC middleware which is used to allow ICS-20 token transfers to initiate contract calls.
This allows cross-chain contract calls, that involve token movement.
This is useful for a variety of usecases.
This allows cross-chain contract calls, that involve token movement.
This is useful for a variety of use cases.
One of primary importance is cross-chain swaps, which is an extremely powerful primitive.
The mechanism enabling this is a `memo` field on every ICS20 transfer packet as of [IBC v3.4.0](https://medium.com/the-interchain-foundation/moving-beyond-simple-token-transfers-d42b2b1dc29b).
@ -31,10 +31,10 @@ type MsgExecuteContract struct {
So we detail where we want to get each of these fields from:
* Sender: We cannot trust the sender of an IBC packet, the counterparty chain has full ability to lie about it.
* Sender: We cannot trust the sender of an IBC packet, the counterparty chain has full ability to lie about it.
We cannot risk this sender being confused for a particular user or module address on Osmosis.
So we replace the sender with an account to represent the sender prefixed by the channel and a wasm module prefix.
This is done by setting the sender to `Bech32(Hash("ibc-wasm-hook-intermediary" || channelID || sender))`, where the channelId is the channel id on the local chain.
This is done by setting the sender to `Bech32(Hash("ibc-wasm-hook-intermediary" || channelID || sender))`, where the channelId is the channel id on the local chain.
* Contract: This field should be directly obtained from the ICS-20 packet metadata
* Msg: This field should be directly obtained from the ICS-20 packet metadata.
* Funds: This field is set to the amount of funds being sent over in the ICS 20 packet. One detail is that the denom in the packet is the counterparty chains representation of the denom, so we have to translate it to Osmosis' representation.
@ -58,7 +58,7 @@ msg := MsgExecuteContract{
So given the details above, we propagate the implied ICS20 packet data structure.
ICS20 is JSON native, so we use JSON for the memo format.
```json
```json
{
//... other ibc fields that we don't care about
"data":{
@ -94,13 +94,13 @@ We consider an ICS20 packet as directed towards wasmhooks iff all of the followi
* `memo` has at least one key, with name `"wasm"`
If an ICS20 packet is not directed towards wasmhooks, wasmhooks doesn't do anything.
If an ICS20 packet is directed towards wasmhooks, and is formated incorrectly, then wasmhooks returns an error.
If an ICS20 packet is directed towards wasmhooks, and is formatted incorrectly, then wasmhooks returns an error.
### Execution flow
Pre wasm hooks:
* Ensure the incoming IBC packet is cryptogaphically valid
* Ensure the incoming IBC packet is cryptographically valid
* Ensure the incoming IBC packet is not timed out.
In Wasm hooks, pre packet execution:
@ -118,20 +118,20 @@ In wasm hooks, post packet execution:
## Ack callbacks
A contract that sends an IBC transfer, may need to listen for the ACK from that packet. To allow
contracts to listen on the ack of specific packets, we provide Ack callbacks.
contracts to listen on the ack of specific packets, we provide Ack callbacks.
### Design
The sender of an IBC transfer packet may specify a callback for when the ack of that packet is received in the memo
field of the transfer packet.
The sender of an IBC transfer packet may specify a callback for when the ack of that packet is received in the memo
field of the transfer packet.
Crucially, _only_ the IBC packet sender can set the callback.
### Use case
The crosschain swaps implementation sends an IBC transfer. If the transfer were to fail, we want to allow the sender
to be able to retrieve their funds (which would otherwise be stuck in the contract). To do this, we allow users to
retrieve the funds after the timeout has passed, but without the ack information, we cannot guarantee that the send
to be able to retrieve their funds (which would otherwise be stuck in the contract). To do this, we allow users to
retrieve the funds after the timeout has passed, but without the ack information, we cannot guarantee that the send
hasn't failed (i.e.: returned an error ack notifying that the receiving change didn't accept it)
### Implementation
@ -182,4 +182,4 @@ pub enum SudoMsg {
# Testing strategy
See go tests.
See go tests.