From 213c46bb17dd7ab07208d888affc24f9f03a0b0a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 12 May 2021 04:49:50 -0400 Subject: [PATCH 1/2] build(deps): bump actions/stale from 3 to 3.0.18 (#9311) Bumps [actions/stale](https://github.com/actions/stale) from 3 to 3.0.18. - [Release notes](https://github.com/actions/stale/releases) - [Commits](https://github.com/actions/stale/compare/v3...v3.0.18) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 79b54186eef1..b4a20fa2cda1 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v3 + - uses: actions/stale@v3.0.18 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-pr-message: "This pull request has been automatically marked as stale because it has not had From b4125d1f0c9eb2c65f48c220406189e437b45ae4 Mon Sep 17 00:00:00 2001 From: Marie Gauthier Date: Wed, 12 May 2021 11:10:11 +0200 Subject: [PATCH 2/2] Update x/auth AnteHandler Spec (#9298) * Update auth antehandler spec * Update x/auth/spec/03_antehandlers.md Co-authored-by: Ryan Christoffersen <12519942+ryanchrypto@users.noreply.github.com> * Update x/auth/spec/03_antehandlers.md Co-authored-by: Ryan Christoffersen <12519942+ryanchrypto@users.noreply.github.com> * Update x/auth/spec/03_antehandlers.md Co-authored-by: Ryan Christoffersen <12519942+ryanchrypto@users.noreply.github.com> * Use 1 line * Use backticks * Use consistent tx naming * Fix grammar * Update module naming * Update x/auth/spec/03_antehandlers.md Co-authored-by: Tyler <48813565+technicallyty@users.noreply.github.com> Co-authored-by: Tyler <48813565+technicallyty@users.noreply.github.com> Co-authored-by: Ryan Christoffersen <12519942+ryanchrypto@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- x/auth/spec/03_antehandlers.md | 72 ++++++++++++++++------------------ 1 file changed, 34 insertions(+), 38 deletions(-) diff --git a/x/auth/spec/03_antehandlers.md b/x/auth/spec/03_antehandlers.md index 7e0ffdba21e2..851005162d78 100644 --- a/x/auth/spec/03_antehandlers.md +++ b/x/auth/spec/03_antehandlers.md @@ -4,41 +4,37 @@ order: 3 # AnteHandlers -## Handlers - -The auth module presently has no transaction handlers of its own, but does expose -the special `AnteHandler`, used for performing basic validity checks on a transaction, -such that it could be thrown out of the mempool. Note that the ante handler is called on -`CheckTx`, but _also_ on `DeliverTx`, as Tendermint proposers presently have the ability -to include in their proposed block transactions which fail `CheckTx`. - -### Ante Handler - -```go -anteHandler(ak AccountKeeper, fck FeeCollectionKeeper, tx sdk.Tx) - if !tx.(StdTx) - fail with "not a StdTx" - - if isCheckTx and tx.Fee < config.SubjectiveMinimumFee - fail with "insufficient fee for mempool inclusion" - - if tx.ValidateBasic() != nil - fail with "tx failed ValidateBasic" - - if tx.Fee > 0 - account = GetAccount(tx.GetSigners()[0]) - coins := acount.GetCoins() - if coins < tx.Fee - fail with "insufficient fee to pay for transaction" - account.SetCoins(coins - tx.Fee) - fck.AddCollectedFees(tx.Fee) - - for index, signature in tx.GetSignatures() - account = GetAccount(tx.GetSigners()[index]) - bytesToSign := StdSignBytes(chainID, acc.GetAccountNumber(), - acc.GetSequence(), tx.Fee, tx.Msgs, tx.Memo) - if !signature.Verify(bytesToSign) - fail with "invalid signature" - - return -``` +The `x/auth` module presently has no transaction handlers of its own, but does expose the special `AnteHandler`, used for performing basic validity checks on a transaction, such that it could be thrown out of the mempool. +The `AnteHandler` can be seen as a set of decorators that check transactions within the current context, per [ADR 010](https://github.com/cosmos/cosmos-sdk/blob/v0.43.0-alpha1/docs/architecture/adr-010-modular-antehandler.md). + +Note that the `AnteHandler` is called on both `CheckTx` and `DeliverTx`, as Tendermint proposers presently have the ability to include in their proposed block transactions which fail `CheckTx`. + +## Decorators + +The auth module provides `AnteDecorator`s that are recursively chained together into a single `AnteHandler` in the following order: + +- `SetUpContextDecorator`: Sets the `GasMeter` in the `Context` and wraps the next `AnteHandler` with a defer clause to recover from any downstream `OutOfGas` panics in the `AnteHandler` chain to return an error with information on gas provided and gas used. + +- `RejectExtensionOptionsDecorator`: Rejects all extension options which can optionally be included in protobuf transactions. + +- `MempoolFeeDecorator`: Checks if the `tx` fee is above local mempool `minFee` parameter during `CheckTx`. + +- `ValidateBasicDecorator`: Calls `tx.ValidateBasic` and returns any non-nil error. + +- `TxTimeoutHeightDecorator`: Check for a `tx` height timeout. + +- `ValidateMemoDecorator`: Validates `tx` memo with application parameters and returns any non-nil error. + +- `ConsumeGasTxSizeDecorator`: Consumes gas proportional to the `tx` size based on application parameters. + +- `DeductFeeDecorator`: Deducts the `FeeAmount` from first signer of the `tx`. If the `x/feegrant` module is enabled and a fee granter is set, it will deduct fees from the fee granter account. + +- `SetPubKeyDecorator`: Sets the pubkey from a `tx`'s signers that does not already have its corresponding pubkey saved in the state machine and in the current context. + +- `ValidateSigCountDecorator`: Validates the number of signatures in `tx` based on app-parameters. + +- `SigGasConsumeDecorator`: Consumes parameter-defined amount of gas for each signature. This requires pubkeys to be set in context for all signers as part of `SetPubKeyDecorator`. + +- `SigVerificationDecorator`: Verifies all signatures are valid. This requires pubkeys to be set in context for all signers as part of `SetPubKeyDecorator`. + +- `IncrementSequenceDecorator`: Increments the account sequence for each signer to prevent replay attacks.