-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: has relayer permission #279
Conversation
Important Review skippedReview was skipped due to path filters ⛔ Files ignored due to path filters (2)
CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including You can disable this status message by setting the 📝 Walkthrough📝 WalkthroughWalkthroughThe pull request introduces an update to the Changes
Possibly related PRs
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Dependency ReviewThe following issues were found:
License Issuesgo.mod
Denied Licenses: GPL-1.0-or-later, LGPL-2.0-or-later OpenSSF Scorecard
Scanned Manifest Filesgo.mod
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #279 +/- ##
=======================================
Coverage 40.59% 40.59%
=======================================
Files 267 267
Lines 25400 25400
=======================================
Hits 10310 10310
Misses 13503 13503
Partials 1587 1587
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
🧹 Outside diff range and nitpick comments (2)
app/upgrade.go (2)
Line range hint
29-45
: LGTM: Module decoding and publishing processThe implementation for decoding and publishing the modules looks correct and includes proper error handling. The use of
vmtypes.NewModule
,vmtypes.NewModuleBundle
, andmovetypes.UpgradePolicy_COMPATIBLE
is appropriate.Consider adding some logging statements to provide more visibility into the upgrade process. For example:
for i, code := range codes { codeBz, err := base64.StdEncoding.DecodeString(code) if err != nil { return nil, errors.Wrap(err, "failed to decode module code") } + app.Logger().Info("Successfully decoded module", "index", i) modules[i] = vmtypes.NewModule(codeBz) } err := app.MoveKeeper.PublishModuleBundle(ctx, vmtypes.StdAddress, vmtypes.NewModuleBundle(modules...), movetypes.UpgradePolicy_COMPATIBLE) if err != nil { return nil, errors.Wrap(err, "failed to publish module bundle") } +app.Logger().Info("Successfully published module bundle", "module_count", len(modules))These log statements can help with debugging and monitoring the upgrade process.
Line range hint
18-49
: Consider adding pre and post-upgrade checksThe overall structure of the upgrade handler is correct, with appropriate error handling. However, to ensure a smoother upgrade process, consider adding pre and post-upgrade checks.
Here are some suggestions:
Pre-upgrade checks:
- Verify that the current state is compatible with the upgrade.
- Check if there are any pending operations that need to be completed before the upgrade.
Post-upgrade checks:
- Verify that the new modules are correctly installed and accessible.
- Run a simple operation using the new modules to ensure they're functioning as expected.
Example implementation:
func (app *InitiaApp) RegisterUpgradeHandlers(cfg module.Configurator) { app.UpgradeKeeper.SetUpgradeHandler( upgradeName, func(ctx context.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { // Pre-upgrade checks if err := preUpgradeChecks(ctx, app); err != nil { return nil, errors.Wrap(err, "pre-upgrade checks failed") } // Existing upgrade logic // ... // Post-upgrade checks if err := postUpgradeChecks(ctx, app); err != nil { return nil, errors.Wrap(err, "post-upgrade checks failed") } return vm, nil }, ) } func preUpgradeChecks(ctx context.Context, app *InitiaApp) error { // Implement pre-upgrade checks return nil } func postUpgradeChecks(ctx context.Context, app *InitiaApp) error { // Implement post-upgrade checks return nil }These additional checks can help ensure a more robust upgrade process.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (2)
- app/upgrade.go (1 hunks)
- x/ibc/perm/keeper/keeper.go (1 hunks)
🧰 Additional context used
🔇 Additional comments (2)
app/upgrade.go (2)
15-15
: LGTM: Version bump for upgrade nameThe
upgradeName
constant has been updated to "0.5.6", indicating a new version for the upgrade process. This minor version bump suggests backward compatibility.
Line range hint
24-27
: Verify the contents of base64-encoded modulesThe upgrade handler includes two base64-encoded module codes: "cosmos.move" and "coin.move". While using base64 encoding is appropriate for embedding binary data, it makes the content difficult to review directly in this format.
Please ensure that:
- These modules have been thoroughly reviewed and tested separately.
- The encoded content matches the expected module versions for this upgrade.
You can use the following script to decode and verify the module contents:
This script will decode the base64 content and display it in hexadecimal format for easier verification.
if (err != nil && errors.Is(err, collections.ErrNotFound)) || (err == nil && len(permRelayers.Relayers) == 0) { | ||
// if no permissioned relayers are set, all relayers are allowed | ||
return true, nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💡 Codebase verification
Add specific tests and documentation for the updated relayer permission logic
The current test coverage for HasRelayerPermission
does not include scenarios where permRelayers
exists but has no relayers. Additionally, the documentation lacks detailed explanations of this new conditional logic.
-
Tests Needed:
- Verify that when
permRelayers
exists butlen(permRelayers.Relayers) == 0
, all relayers are allowed.
- Verify that when
-
Documentation Enhancements:
- Explain the reasoning behind allowing all relayers when
permRelayers
is empty. - Detail the implications of this condition to prevent potential security concerns.
- Explain the reasoning behind allowing all relayers when
🔗 Analysis chain
Clarify the intention behind broadening relayer permission conditions
The conditional logic for determining relayer permissions has been expanded. Now, all relayers are allowed not only when no permissioned relayers are found (error case) but also when the permRelayers
object exists but has no relayers.
This change has the following implications:
- It broadens the conditions under which all relayers are allowed.
- It treats an empty list of permissioned relayers the same as having no permissioned relayers set.
Please clarify:
- Is this the intended behavior?
- Does this align with the module's specifications or requirements?
Consider adding a comment to explain this logic, for example:
// Allow all relayers if no permissioned relayers are set or if the list of permissioned relayers is empty
if (err != nil && errors.Is(err, collections.ErrNotFound)) || (err == nil && len(permRelayers.Relayers) == 0) {
return true, nil
}
To ensure this change aligns with the module's intended behavior, please run the following verification script:
This script will help us understand the test coverage, usage, and documentation around the HasRelayerPermission
method, which can provide context for whether this change aligns with the overall module design.
🏁 Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Description: Verify the usage and impact of HasRelayerPermission
# Test 1: Check for any tests related to HasRelayerPermission
echo "Checking for tests related to HasRelayerPermission:"
rg --type go -i "test.*hasrelayerpermission" -A 10
# Test 2: Look for other usages of HasRelayerPermission in the codebase
echo "Checking for other usages of HasRelayerPermission:"
rg --type go "HasRelayerPermission" -A 5
# Test 3: Search for any documentation or comments related to relayer permissions
echo "Searching for documentation or comments about relayer permissions:"
rg --type go -i "relayer.*permission" -A 5
Length of output: 24688
Description
Closes: #XXXX
Author Checklist
All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.
I have...
!
in the type prefix if API or client breaking changeReviewers Checklist
All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.
I have...