Skip to content

Commit

Permalink
Merge branch 'master' into milad/security-fix-2024-10-and-11
Browse files Browse the repository at this point in the history
  • Loading branch information
miladz68 authored Nov 30, 2024
2 parents 565ef78 + 8a6828d commit 6ef721c
Show file tree
Hide file tree
Showing 12 changed files with 369 additions and 553 deletions.
4 changes: 4 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ znet:
znet-start:
$(BUILDER) znet start --profiles=3cored

.PHONY: znet-start-ibc
znet-start-ibc:
$(BUILDER) znet start --profiles=3cored,ibc

.PHONY: znet-start-stress
znet-start-stress:
$(BUILDER) znet start --profiles=3cored,dex
Expand Down
68 changes: 67 additions & 1 deletion integration-tests/ibc/asset_extension_ft_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ const (
AmountBlockIBCTrigger = 110
)

func TestExtensionIBCFailsIfNotEnabled(t *testing.T) {
func TestExtensionIBCFailsWithIBCProhibitedAmount(t *testing.T) {
t.Parallel()

requireT := require.New(t)
Expand Down Expand Up @@ -62,6 +62,7 @@ func TestExtensionIBCFailsIfNotEnabled(t *testing.T) {
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_extension,
assetfttypes.Feature_ibc,
},
ExtensionSettings: &assetfttypes.ExtensionIssueSettings{
CodeId: codeID,
Expand Down Expand Up @@ -89,6 +90,62 @@ func TestExtensionIBCFailsIfNotEnabled(t *testing.T) {
requireT.ErrorContains(err, "IBC feature is disabled.")
}

func TestExtensionIBCFailsIfNotEnabled(t *testing.T) {
t.Parallel()

requireT := require.New(t)

ctx, chains := integrationtests.NewChainsTestingContext(t)
coreumChain := chains.Coreum
coreumIssuer := coreumChain.GenAccount()

issueFee := coreumChain.QueryAssetFTParams(ctx, t).IssueFee.Amount
coreumChain.FundAccountWithOptions(ctx, t, coreumIssuer, integration.BalancesOptions{
Amount: issueFee.
Add(sdkmath.NewInt(1_000_000)). // added one million for contract upload.
Add(sdkmath.NewInt(2 * 500_000)),
})

codeID, err := chains.Coreum.Wasm.DeployWASMContract(
ctx, chains.Coreum.TxFactory().WithSimulateAndExecute(true), coreumIssuer, testcontracts.AssetExtensionWasm,
)
requireT.NoError(err)

issueMsg := &assetfttypes.MsgIssue{
Issuer: coreumIssuer.String(),
Symbol: "mysymbol",
Subunit: "mysubunit",
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_extension,
},
ExtensionSettings: &assetfttypes.ExtensionIssueSettings{
CodeId: codeID,
Label: "testing-ibc",
},
}
_, err = client.BroadcastTx(
ctx,
coreumChain.ClientContext.WithFromAddress(coreumIssuer),
coreumChain.TxFactoryAuto(),
issueMsg,
)
require.NoError(t, err)

gaiaChain := chains.Gaia
_, err = coreumChain.ExecuteIBCTransfer(
ctx,
t,
coreumChain.TxFactory().WithGas(500_000),
coreumIssuer,
sdk.NewCoin(assetfttypes.BuildDenom(issueMsg.Subunit, coreumIssuer), sdkmath.NewInt(10)),
gaiaChain.ChainContext,
gaiaChain.GenAccount(),
)
requireT.ErrorIs(err, cosmoserrors.ErrUnauthorized)
}

func TestExtensionIBCAssetFTWhitelisting(t *testing.T) {
t.Parallel()

Expand Down Expand Up @@ -132,6 +189,7 @@ func TestExtensionIBCAssetFTWhitelisting(t *testing.T) {
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_whitelisting,
assetfttypes.Feature_extension,
},
Expand Down Expand Up @@ -396,6 +454,7 @@ func TestExtensionEscrowAddressIsResistantToFreezingAndWhitelisting(t *testing.T
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_extension,
assetfttypes.Feature_freezing,
assetfttypes.Feature_whitelisting,
Expand Down Expand Up @@ -520,6 +579,7 @@ func TestExtensionIBCAssetFTTimedOutTransfer(t *testing.T) {
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_extension,
},
ExtensionSettings: &assetfttypes.ExtensionIssueSettings{
Expand Down Expand Up @@ -655,6 +715,7 @@ func TestExtensionIBCAssetFTRejectedTransfer(t *testing.T) {
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_freezing,
assetfttypes.Feature_extension,
},
Expand Down Expand Up @@ -795,6 +856,7 @@ func TestExtensionIBCAssetFTSendCommissionAndBurnRate(t *testing.T) {
BurnRate: sdkmath.LegacyMustNewDecFromStr("0.1"),
SendCommissionRate: sdkmath.LegacyMustNewDecFromStr("0.2"),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_extension,
},
ExtensionSettings: &assetfttypes.ExtensionIssueSettings{
Expand Down Expand Up @@ -1008,6 +1070,7 @@ func TestExtensionIBCRejectedTransferWithWhitelistingAndFreezing(t *testing.T) {
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_freezing,
assetfttypes.Feature_whitelisting,
assetfttypes.Feature_extension,
Expand Down Expand Up @@ -1158,6 +1221,7 @@ func TestExtensionIBCTimedOutTransferWithWhitelistingAndFreezing(t *testing.T) {
Precision: 8,
InitialAmount: sdkmath.NewInt(1_000_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_whitelisting,
assetfttypes.Feature_freezing,
assetfttypes.Feature_extension,
Expand Down Expand Up @@ -1344,6 +1408,7 @@ func TestExtensionIBCRejectedTransferWithBurnRateAndSendCommission(t *testing.T)
Precision: 8,
InitialAmount: sdkmath.NewInt(910_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_extension,
},
ExtensionSettings: &assetfttypes.ExtensionIssueSettings{
Expand Down Expand Up @@ -1479,6 +1544,7 @@ func TestExtensionIBCTimedOutTransferWithBurnRateAndSendCommission(t *testing.T)
Precision: 8,
InitialAmount: sdkmath.NewInt(910_000),
Features: []assetfttypes.Feature{
assetfttypes.Feature_ibc,
assetfttypes.Feature_extension,
},
ExtensionSettings: &assetfttypes.ExtensionIssueSettings{
Expand Down
102 changes: 13 additions & 89 deletions integration-tests/modules/assetft_extension_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
wasmtypes "github.com/CosmWasm/wasmd/x/wasm/types"
codectypes "github.com/cosmos/cosmos-sdk/codec/types"
sdk "github.com/cosmos/cosmos-sdk/types"
cosmoserrors "github.com/cosmos/cosmos-sdk/types/errors"
authztypes "github.com/cosmos/cosmos-sdk/x/authz"
banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
"github.com/samber/lo"
Expand All @@ -29,8 +30,6 @@ import (

var (
AmountDisallowedTrigger = sdkmath.NewInt(7)
AmountIgnoreWhitelistingTrigger = sdkmath.NewInt(49)
AmountIgnoreFreezingTrigger = sdkmath.NewInt(79)
AmountBurningTrigger = sdkmath.NewInt(101)
AmountMintingTrigger = sdkmath.NewInt(105)
AmountIgnoreBurnRateTrigger = sdkmath.NewInt(108)
Expand Down Expand Up @@ -198,7 +197,6 @@ func TestAssetFTExtensionWhitelist(t *testing.T) {
clientCtx := chain.ClientContext

ftClient := assetfttypes.NewQueryClient(clientCtx)
bankClient := banktypes.NewQueryClient(clientCtx)

issuer := chain.GenAccount()
nonIssuer := chain.GenAccount()
Expand Down Expand Up @@ -290,7 +288,7 @@ func TestAssetFTExtensionWhitelist(t *testing.T) {
chain.TxFactory().WithGas(500_000),
sendMsg,
)
requireT.ErrorContains(err, "Whitelisted limit exceeded.")
requireT.ErrorIs(err, assetfttypes.ErrWhitelistedLimitExceeded)

// multi-send
multiSendMsg := &banktypes.MsgMultiSend{
Expand All @@ -300,10 +298,10 @@ func TestAssetFTExtensionWhitelist(t *testing.T) {
_, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(issuer),
chain.TxFactoryAuto(),
chain.TxFactory().WithGas(500_000),
multiSendMsg,
)
requireT.ErrorContains(err, "Whitelisted limit exceeded.")
requireT.ErrorIs(err, assetfttypes.ErrWhitelistedLimitExceeded)

// multi-send tokens with and without extension
multiSendMsg = &banktypes.MsgMultiSend{
Expand All @@ -319,10 +317,10 @@ func TestAssetFTExtensionWhitelist(t *testing.T) {
_, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(issuer),
chain.TxFactoryAuto(),
chain.TxFactory().WithGas(500_000),
multiSendMsg,
)
requireT.ErrorContains(err, "Whitelisted limit exceeded.")
requireT.ErrorIs(err, assetfttypes.ErrWhitelistedLimitExceeded)

// whitelist 400 tokens
whitelistMsg := &assetfttypes.MsgSetWhitelistedLimit{
Expand Down Expand Up @@ -353,22 +351,7 @@ func TestAssetFTExtensionWhitelist(t *testing.T) {
requireT.NoError(err)
requireT.EqualValues(sdk.NewCoins(sdk.NewCoin(denom, sdkmath.NewInt(400))), whitelistedBalances.Balances)

// try to receive more than whitelisted (600) (possible 400)
sendMsg = &banktypes.MsgSend{
FromAddress: issuer.String(),
ToAddress: recipient.String(),
Amount: sdk.NewCoins(sdk.NewCoin(denom, sdkmath.NewInt(600))),
}
_, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(issuer),
chain.TxFactoryAuto(),
sendMsg,
)
requireT.ErrorContains(err, "Whitelisted limit exceeded.")
requireT.NotEqualValues(chain.GasLimitByMsgs(sendMsg), res.GasUsed)

// try to send whitelisted balance (400)
// reverse whitelisted amount
sendMsg = &banktypes.MsgSend{
FromAddress: issuer.String(),
ToAddress: recipient.String(),
Expand All @@ -381,65 +364,6 @@ func TestAssetFTExtensionWhitelist(t *testing.T) {
sendMsg,
)
requireT.NoError(err)
requireT.NotEqualValues(chain.GasLimitByMsgs(sendMsg), res.GasUsed)
balance, err := bankClient.Balance(ctx, &banktypes.QueryBalanceRequest{
Address: recipient.String(),
Denom: denom,
})
requireT.NoError(err)
requireT.Equal(sdk.NewCoin(denom, sdkmath.NewInt(400)).String(), balance.GetBalance().String())

// try to send one more
sendMsg = &banktypes.MsgSend{
FromAddress: issuer.String(),
ToAddress: recipient.String(),
Amount: sdk.NewCoins(sdk.NewCoin(denom, sdkmath.NewInt(1))),
}
_, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(issuer),
chain.TxFactoryAuto(),
sendMsg,
)
requireT.ErrorContains(err, "Whitelisted limit exceeded.")
requireT.NotEqualValues(chain.GasLimitByMsgs(sendMsg), res.GasUsed)

// try to send trigger amount despite the whitelisted limit
sendMsg = &banktypes.MsgSend{
FromAddress: issuer.String(),
ToAddress: recipient.String(),
Amount: sdk.NewCoins(sdk.NewCoin(denom, AmountIgnoreWhitelistingTrigger)),
}
_, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(issuer),
chain.TxFactoryAuto(),
sendMsg,
)
requireT.NoError(err)
requireT.NotEqualValues(chain.GasLimitByMsgs(sendMsg), res.GasUsed)

// try to send trigger amount via Multisend
multiSendMsg = &banktypes.MsgMultiSend{
Inputs: []banktypes.Input{{Address: issuer.String(), Coins: sdk.NewCoins(
sdk.NewCoin(denom, AmountIgnoreWhitelistingTrigger),
sdk.NewCoin(denomWithoutExtension, sdkmath.NewInt(10)),
chain.NewCoin(sdkmath.NewInt(10)),
)}},
Outputs: []banktypes.Output{{Address: recipient.String(), Coins: sdk.NewCoins(
sdk.NewCoin(denom, AmountIgnoreWhitelistingTrigger),
sdk.NewCoin(denomWithoutExtension, sdkmath.NewInt(10)),
chain.NewCoin(sdkmath.NewInt(10)),
)}},
}
res, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(issuer),
chain.TxFactoryAuto(),
multiSendMsg,
)
requireT.NoError(err)
requireT.NotEqualValues(chain.GasLimitByMsgs(multiSendMsg), res.GasUsed)
}

// TestAssetFTExtensionFreeze checks extension freeze functionality of fungible tokens.
Expand Down Expand Up @@ -575,7 +499,7 @@ func TestAssetFTExtensionFreeze(t *testing.T) {
chain.TxFactory().WithGas(500_000),
sendMsg,
)
requireT.ErrorContains(err, "Requested transfer token is frozen.")
requireT.ErrorIs(err, cosmoserrors.ErrInsufficientFunds)
// multi-send
multiSendMsg := &banktypes.MsgMultiSend{
Inputs: []banktypes.Input{{Address: recipient.String(), Coins: coinsToSend}},
Expand All @@ -587,21 +511,21 @@ func TestAssetFTExtensionFreeze(t *testing.T) {
chain.TxFactory().WithGas(500_000),
multiSendMsg,
)
requireT.ErrorContains(err, "Requested transfer token is frozen.")
// send trigger amount despite frozen amount
requireT.ErrorIs(err, cosmoserrors.ErrInsufficientFunds)
// send allowed amount
coinsToSend = sdk.NewCoins(sdk.NewCoin(denom, sdkmath.NewInt(75)))
sendMsg = &banktypes.MsgSend{
FromAddress: recipient.String(),
ToAddress: recipient2.String(),
Amount: sdk.NewCoins(sdk.NewCoin(denom, AmountIgnoreFreezingTrigger)),
Amount: coinsToSend,
}
res, err = client.BroadcastTx(
_, err = client.BroadcastTx(
ctx,
chain.ClientContext.WithFromAddress(recipient),
chain.TxFactoryAuto(),
sendMsg,
)
requireT.NoError(err)
requireT.NotEqualValues(chain.GasLimitByMsgs(sendMsg), res.GasUsed)
}

// TestAssetFTExtensionBurn checks extension burn functionality of fungible tokens.
Expand Down
Loading

0 comments on commit 6ef721c

Please sign in to comment.