Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Check blocked addresses before sending tokenize shares rewards #22718

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions x/distribution/keeper/keeper.go
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,11 @@ func (k Keeper) WithdrawSingleShareRecordReward(ctx context.Context, recordID ui
}
owner := sdk.AccAddress(ownerAddr)

// This check is necessary to prevent sending rewards to a blacklisted address
if k.bankKeeper.BlockedAddr(owner) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a bit confused why some logic is in the msg_server and parts on the keeper? It makes more sense to me to do it all in the keeper functions.

Am I missing something here?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i've initially put the checks right after the address is extracted. for WithdrawTokenizeShareRecordReward and WithdrawAllTokenizeShareRecordReward is in msg server (same as already existed for for CommunityPoolSpend), and here is in keeper to avoid extracting address twice but yes probably better to move it all in one place keeper or msg server. I move all in keeper as suggested (this comment is applicable to above two comments because it refers to the same thing)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fix 47b290d

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stana-miric Could you move the checks before the SendCoins calls? It will make it easier to understand later why they are necessary.

Copy link
Contributor

@MSalopek MSalopek Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That would do unnecessary work since there's a bunch of store access that happens before the send invocation.

What do you think about adding a comment annotation explaining why?

(Personal opinion: functions that exit as early as possible using guards are a lot easier to read and understand).

Copy link

@mpoke mpoke Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added comment f5eb1d3

return errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive funds", owner.String())
}

valAddr, err := k.stakingKeeper.ValidatorAddressCodec().StringToBytes(record.Validator)
if err != nil {
return err
Expand Down Expand Up @@ -293,6 +298,11 @@ func (k Keeper) WithdrawTokenizeShareRecordReward(ctx sdk.Context, ownerAddr sdk
return nil, err
}

// This check is necessary to prevent sending rewards to a blacklisted address
if k.bankKeeper.BlockedAddr(ownerAddr) {
return nil, errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive funds", ownerAddr)
}

if record.Owner != ownerAddr.String() {
return nil, types.ErrNotTokenizeShareRecordOwner
}
Expand Down Expand Up @@ -340,6 +350,11 @@ func (k Keeper) WithdrawTokenizeShareRecordReward(ctx sdk.Context, ownerAddr sdk

// withdraw reward for all owning TokenizeShareRecord
func (k Keeper) WithdrawAllTokenizeShareRecordReward(ctx sdk.Context, ownerAddr sdk.AccAddress) (sdk.Coins, error) {
// This check is necessary to prevent sending rewards to a blacklisted address
if k.bankKeeper.BlockedAddr(ownerAddr) {
return nil, errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive external funds", ownerAddr)
}

totalRewards := sdk.Coins{}

records := k.stakingKeeper.GetTokenizeShareRecordsByOwner(ctx, ownerAddr)
Expand Down
2 changes: 2 additions & 0 deletions x/distribution/keeper/msg_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -243,6 +243,7 @@ func (k msgServer) WithdrawTokenizeShareRecordReward(goCtx context.Context, msg
if err != nil {
return nil, err
}

amount, err := k.Keeper.WithdrawTokenizeShareRecordReward(ctx, ownerAddr, msg.RecordId)
if err != nil {
return nil, err
Expand Down Expand Up @@ -271,6 +272,7 @@ func (k msgServer) WithdrawAllTokenizeShareRecordReward(goCtx context.Context, m
if err != nil {
return nil, err
}

amount, err := k.Keeper.WithdrawAllTokenizeShareRecordReward(ctx, ownerAddr)
if err != nil {
return nil, err
Expand Down
Loading