-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Check blocked addresses before sending tokenize shares rewards #22718
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -231,6 +231,11 @@ func (k Keeper) WithdrawSingleShareRecordReward(ctx context.Context, recordID ui | |
} | ||
owner := sdk.AccAddress(ownerAddr) | ||
|
||
// This check is necessary to prevent sending rewards to a blacklisted address | ||
if k.bankKeeper.BlockedAddr(owner) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @stana-miric Could you move the checks before the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. That would do unnecessary work since there's a bunch of store access that happens before the send invocation. What do you think about adding a comment annotation explaining why? (Personal opinion: functions that exit as early as possible using guards are a lot easier to read and understand). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Sounds good. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. added comment f5eb1d3 |
||
return errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive funds", owner.String()) | ||
} | ||
|
||
valAddr, err := k.stakingKeeper.ValidatorAddressCodec().StringToBytes(record.Validator) | ||
if err != nil { | ||
return err | ||
|
@@ -293,6 +298,11 @@ func (k Keeper) WithdrawTokenizeShareRecordReward(ctx sdk.Context, ownerAddr sdk | |
return nil, err | ||
} | ||
|
||
// This check is necessary to prevent sending rewards to a blacklisted address | ||
if k.bankKeeper.BlockedAddr(ownerAddr) { | ||
return nil, errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive funds", ownerAddr) | ||
} | ||
|
||
if record.Owner != ownerAddr.String() { | ||
return nil, types.ErrNotTokenizeShareRecordOwner | ||
} | ||
|
@@ -340,6 +350,11 @@ func (k Keeper) WithdrawTokenizeShareRecordReward(ctx sdk.Context, ownerAddr sdk | |
|
||
// withdraw reward for all owning TokenizeShareRecord | ||
func (k Keeper) WithdrawAllTokenizeShareRecordReward(ctx sdk.Context, ownerAddr sdk.AccAddress) (sdk.Coins, error) { | ||
// This check is necessary to prevent sending rewards to a blacklisted address | ||
if k.bankKeeper.BlockedAddr(ownerAddr) { | ||
return nil, errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive external funds", ownerAddr) | ||
} | ||
|
||
totalRewards := sdk.Coins{} | ||
|
||
records := k.stakingKeeper.GetTokenizeShareRecordsByOwner(ctx, ownerAddr) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a bit confused why some logic is in the msg_server and parts on the keeper? It makes more sense to me to do it all in the keeper functions.
Am I missing something here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i've initially put the checks right after the address is extracted. for WithdrawTokenizeShareRecordReward and WithdrawAllTokenizeShareRecordReward is in msg server (same as already existed for for CommunityPoolSpend), and here is in keeper to avoid extracting address twice but yes probably better to move it all in one place keeper or msg server. I move all in keeper as suggested (this comment is applicable to above two comments because it refers to the same thing)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fix 47b290d
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!