Merge branch 'main' into cal/nonce-handling

.github/workflows/docker-build-publish.yml

@@ -20,7 +20,7 @@ jobs:
     permissions:
       contents: write
       packages: write
-    uses: celestiaorg/.github/.github/workflows/[email protected].2
+    uses: celestiaorg/.github/.github/workflows/[email protected].3
     with:
       dockerfile: Dockerfile
     secrets: inherit
@@ -29,7 +29,7 @@ jobs:
     permissions:
       contents: write
       packages: write
-    uses: celestiaorg/.github/.github/workflows/[email protected].2
+    uses: celestiaorg/.github/.github/workflows/[email protected].3
     with:
       dockerfile: docker/Dockerfile_txsim
       packageName: txsim

.github/workflows/lint.yml

@@ -29,10 +29,10 @@ jobs:
 
   # hadolint lints the Dockerfile
   hadolint:
-    uses: celestiaorg/.github/.github/workflows/[email protected].2
+    uses: celestiaorg/.github/.github/workflows/[email protected].3
 
   yamllint:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: celestiaorg/.github/.github/actions/[email protected].2
+      - uses: celestiaorg/.github/.github/actions/[email protected].3

.github/workflows/pr-review-requester.yml

@@ -11,7 +11,7 @@ on:
 jobs:
   auto-request-review:
     name: Auto request reviews
-    uses: celestiaorg/.github/.github/workflows/[email protected].2
+    uses: celestiaorg/.github/.github/workflows/[email protected].3
     secrets: inherit
     # write access for issues and pull requests is needed because the called
     # workflow requires write access to issues and pull requests and the

Dockerfile

@@ -1,9 +1,19 @@
-# stage 1 Generate celestia-appd Binary
-FROM --platform=$BUILDPLATFORM docker.io/golang:1.22.0-alpine3.18 as builder
-
+# This Dockerfile performs a multi-stage build. BUILDER_IMAGE is the image used
+# to compile the celestia-appd binary. RUNTIME_IMAGE is the image that will be
+# returned with the final celestia-appd binary.
+#
+# Separating the builder and runtime image allows the runtime image to be
+# considerably smaller because it doesn't need to have Golang installed.
+ARG BUILDER_IMAGE=docker.io/golang:1.22.1-alpine3.18
+ARG RUNTIME_IMAGE=docker.io/alpine:3.19.1
 ARG TARGETOS
 ARG TARGETARCH
 
+# Stage 1: Build the celestia-appd binary inside a builder image that will be discarded later.
+# Ignore hadolint rule because hadolint can't parse the variable.
+# See https://github.com/hadolint/hadolint/issues/339
+# hadolint ignore=DL3006
+FROM --platform=$BUILDPLATFORM ${BUILDER_IMAGE} AS builder
 ENV CGO_ENABLED=0
 ENV GO111MODULE=on
 # hadolint ignore=DL3018
@@ -20,15 +30,16 @@ RUN uname -a &&\
     CGO_ENABLED=${CGO_ENABLED} GOOS=${TARGETOS} GOARCH=${TARGETARCH} \
     make build
 
-# stage 2
-FROM docker.io/alpine:3.19.1
-
-# Read here why UID 10001: https://github.com/hexops/dockerfile/blob/main/README.md#do-not-use-a-uid-below-10000
+# Stage 2: Create a minimal image to run the celestia-appd binary
+# Ignore hadolint rule because hadolint can't parse the variable.
+# See https://github.com/hadolint/hadolint/issues/339
+# hadolint ignore=DL3006
+FROM ${RUNTIME_IMAGE} AS runtime
+# Use UID 10,001 because UIDs below 10,000 are a security risk.
+# Ref: https://github.com/hexops/dockerfile/blob/main/README.md#do-not-use-a-uid-below-10000
 ARG UID=10001
 ARG USER_NAME=celestia
-
 ENV CELESTIA_HOME=/home/${USER_NAME}
-
 # hadolint ignore=DL3018
 RUN apk update && apk add --no-cache \
     bash \
@@ -40,15 +51,17 @@ RUN apk update && apk add --no-cache \
     -h ${CELESTIA_HOME} \
     -s /sbin/nologin \
     -u ${UID}
-
-# Copy in the binary
+# Copy the celestia-appd binary from the builder into the final image.
 COPY --from=builder /celestia-app/build/celestia-appd /bin/celestia-appd
-
+# Copy the entrypoint script into the final image.
 COPY --chown=${USER_NAME}:${USER_NAME} docker/entrypoint.sh /opt/entrypoint.sh
-
+# Set the user to celestia.
 USER ${USER_NAME}
-
-# p2p, rpc,  prometheus, api and grpc ports
-EXPOSE 26656 26657 26660 1317 9090
-
+# Expose ports:
+# 1317 is the default API server port.
+# 9090 is the default GRPC server port.
+# 26656 is the default node p2p port.
+# 26657 is the default RPC port.
+# 26660 is the port used for Prometheus.
+EXPOSE 1317 9090 26656 26657 26660
 ENTRYPOINT [ "/bin/bash", "/opt/entrypoint.sh" ]

Makefile

@@ -8,7 +8,7 @@ DOCKER_PROTO_BUILDER := docker run -v $(shell pwd):/workspace --workdir /workspa
 PROJECTNAME=$(shell basename "$(PWD)")
 HTTPS_GIT := https://github.com/celestiaorg/celestia-app.git
 PACKAGE_NAME          := github.com/celestiaorg/celestia-app
-GOLANG_CROSS_VERSION  ?= v1.22.0
+GOLANG_CROSS_VERSION  ?= v1.22.1
 
 # process linker flags
 ldflags = -X github.com/cosmos/cosmos-sdk/version.Name=celestia-app \
@@ -37,7 +37,7 @@ install: go.sum
 	@go install $(BUILD_FLAGS) ./cmd/celestia-appd
 .PHONY: install
 
-## Update go.mod
+## mod: Update all go.mod files.
 mod:
 	@echo "--> Syncing workspaces"
 	@go work sync
@@ -71,7 +71,7 @@ proto-check-breaking:
 	@$(DOCKER_BUF) breaking --against $(HTTPS_GIT)#branch=main
 .PHONY: proto-check-breaking
 
-## proto-format: Format protobuf files. Requires docker.
+## proto-format: Format protobuf files. Requires Docker.
 proto-format:
 	@echo "--> Formatting Protobuf files"
 	@$(DOCKER_PROTO_BUILDER) find . -name '*.proto' -path "./proto/*" -exec clang-format -i {} \;
@@ -90,8 +90,8 @@ build-ghcr-docker:
 .PHONY: build-ghcr-docker
 
 ## publish-ghcr-docker: Publish the celestia-appd docker image. Requires docker.
-## Make sure you are logged in and authenticated to the ghcr.io registry.
 publish-ghcr-docker:
+# Make sure you are logged in and authenticated to the ghcr.io registry.
 	@echo "--> Publishing Docker image"
 	$(DOCKER) push ghcr.io/celestiaorg/celestia-app:$(GH_COMMIT)
 .PHONY: publish-ghcr-docker
@@ -185,7 +185,7 @@ txsim-build-docker:
 	docker build -t ghcr.io/celestiaorg/txsim -f docker/Dockerfile_txsim  .
 .PHONY: txsim-build-docker
 
-## adr-gen: Download the ADR template from the celestiaorg/.github repo. Ex. `make adr-gen`
+## adr-gen: Download the ADR template from the celestiaorg/.github repo.
 adr-gen:
 	@echo "--> Downloading ADR template"
 	@curl -sSL https://raw.githubusercontent.com/celestiaorg/.github/main/adr-template.md > docs/architecture/adr-template.md

README.md

@@ -35,7 +35,7 @@ node            |  |                               |  |
 
 ### Source
 
-1. [Install Go](https://go.dev/doc/install) 1.22.0
+1. [Install Go](https://go.dev/doc/install) 1.22.1
 1. Clone this repo
 1. Install the celestia-app CLI
 
@@ -118,7 +118,7 @@ This repo attempts to conform to [conventional commits](https://www.conventional
 
 ### Tools
 
-1. Install [golangci-lint](https://golangci-lint.run/usage/install/) 1.55.2
+1. Install [golangci-lint](https://golangci-lint.run/welcome/install) 1.55.2
 1. Install [markdownlint](https://github.com/DavidAnson/markdownlint)
 1. Install [hadolint](https://github.com/hadolint/hadolint)
 1. Install [yamllint](https://yamllint.readthedocs.io/en/stable/quickstart.html)

app/ante/ante.go

@@ -19,10 +19,14 @@ func NewAnteHandler(
 	signModeHandler signing.SignModeHandler,
 	sigGasConsumer ante.SignatureVerificationGasConsumer,
 	channelKeeper *ibckeeper.Keeper,
+	msgVersioningGateKeeper *MsgVersioningGateKeeper,
 ) sdk.AnteHandler {
 	return sdk.ChainAnteDecorators(
 		// Wraps the panic with the string format of the transaction
 		NewHandlePanicDecorator(),
+		// Prevents messages that don't belong to the correct app version
+		// from being executed
+		msgVersioningGateKeeper,
 		// Set up the context with a gas meter.
 		// Must be called before gas consumption occurs in any other decorator.
 		ante.NewSetUpContextDecorator(),

app/ante/msg_gatekeeper.go

@@ -0,0 +1,57 @@
+package ante
+
+import (
+	"context"
+
+	"github.com/cosmos/cosmos-sdk/baseapp"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+)
+
+var (
+	_ sdk.AnteDecorator      = MsgVersioningGateKeeper{}
+	_ baseapp.CircuitBreaker = MsgVersioningGateKeeper{}
+)
+
+// MsgVersioningGateKeeper dictates which transactions are accepted for an app version
+type MsgVersioningGateKeeper struct {
+	// acceptedMsgs is a map from appVersion -> msgTypeURL -> struct{}.
+	// If a msgTypeURL is present in the map it should be accepted for that appVersion.
+	acceptedMsgs map[uint64]map[string]struct{}
+}
+
+func NewMsgVersioningGateKeeper(acceptedList map[uint64]map[string]struct{}) *MsgVersioningGateKeeper {
+	return &MsgVersioningGateKeeper{
+		acceptedMsgs: acceptedList,
+	}
+}
+
+// AnteHandle implements the ante.Decorator interface
+func (mgk MsgVersioningGateKeeper) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (newCtx sdk.Context, err error) {
+	acceptedMsgs, exists := mgk.acceptedMsgs[ctx.BlockHeader().Version.App]
+	if !exists {
+		return ctx, sdkerrors.ErrNotSupported.Wrapf("app version %d is not supported", ctx.BlockHeader().Version.App)
+	}
+	for _, msg := range tx.GetMsgs() {
+		msgTypeURL := sdk.MsgTypeURL(msg)
+		_, exists := acceptedMsgs[msgTypeURL]
+		if !exists {
+			return ctx, sdkerrors.ErrNotSupported.Wrapf("message type %s is not supported in version %d", msgTypeURL, ctx.BlockHeader().Version.App)
+		}
+	}
+
+	return next(ctx, tx, simulate)
+}
+
+func (mgk MsgVersioningGateKeeper) IsAllowed(ctx context.Context, msgName string) (bool, error) {
+	appVersion := sdk.UnwrapSDKContext(ctx).BlockHeader().Version.App
+	acceptedMsgs, exists := mgk.acceptedMsgs[appVersion]
+	if !exists {
+		return false, sdkerrors.ErrNotSupported.Wrapf("app version %d is not supported", appVersion)
+	}
+	_, exists = acceptedMsgs[msgName]
+	if !exists {
+		return false, nil
+	}
+	return true, nil
+}

app/ante/msg_gatekeeper_test.go

@@ -0,0 +1,70 @@
+package ante_test
+
+import (
+	"testing"
+
+	"github.com/celestiaorg/celestia-app/app"
+	"github.com/celestiaorg/celestia-app/app/ante"
+	"github.com/celestiaorg/celestia-app/app/encoding"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
+	"github.com/stretchr/testify/require"
+	tmproto "github.com/tendermint/tendermint/proto/tendermint/types"
+	version "github.com/tendermint/tendermint/proto/tendermint/version"
+)
+
+func TestMsgGateKeeperAnteHandler(t *testing.T) {
+	// Define test cases
+	tests := []struct {
+		name      string
+		msg       sdk.Msg
+		acceptMsg bool
+		version   uint64
+	}{
+		{
+			name:      "Accept MsgSend",
+			msg:       &banktypes.MsgSend{},
+			acceptMsg: true,
+			version:   1,
+		},
+		{
+			name:      "Reject MsgMultiSend",
+			msg:       &banktypes.MsgMultiSend{},
+			acceptMsg: false,
+			version:   1,
+		},
+		{
+			name:      "Reject MsgSend with version 2",
+			msg:       &banktypes.MsgSend{},
+			acceptMsg: false,
+			version:   2,
+		},
+	}
+
+	msgGateKeeper := ante.NewMsgVersioningGateKeeper(map[uint64]map[string]struct{}{
+		1: {
+			"/cosmos.bank.v1beta1.MsgSend": {},
+		},
+		2: {},
+	})
+	cdc := encoding.MakeConfig(app.ModuleEncodingRegisters...)
+	anteHandler := sdk.ChainAnteDecorators(msgGateKeeper)
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			ctx := sdk.NewContext(nil, tmproto.Header{Version: version.Consensus{App: tc.version}}, false, nil)
+			txBuilder := cdc.TxConfig.NewTxBuilder()
+			require.NoError(t, txBuilder.SetMsgs(tc.msg))
+			_, err := anteHandler(ctx, txBuilder.GetTx(), false)
+			allowed, err2 := msgGateKeeper.IsAllowed(ctx, sdk.MsgTypeURL(tc.msg))
+			require.NoError(t, err2)
+			if tc.acceptMsg {
+				require.NoError(t, err, "expected message to be accepted")
+				require.True(t, allowed)
+			} else {
+				require.Error(t, err, "expected message to be rejected")
+				require.False(t, allowed)
+			}
+		})
+	}
+}