add gov authority

Finschia · May 3, 2024 · 77959dd · 77959dd
1 parent c6ea9b8
commit 77959dd
Show file tree

Hide file tree

Showing 6 changed files with 65 additions and 17 deletions.
diff --git a/simapp/app.go b/simapp/app.go
@@ -370,7 +370,7 @@ func NewSimApp(
  fswapConfig := fswaptypes.DefaultConfig()
  app.FswapKeeper = fswapkeeper.NewKeeper(appCodec, keys[fswaptypes.StoreKey], app.AccountKeeper, app.BankKeeper, fswapConfig)
 
- app.FbridgeKeeper = fbridgekeeper.NewKeeper(appCodec, keys[fbridgetypes.StoreKey], memKeys[fbridgetypes.MemStoreKey], app.AccountKeeper, app.BankKeeper, "stake")
+ app.FbridgeKeeper = fbridgekeeper.NewKeeper(appCodec, keys[fbridgetypes.StoreKey], memKeys[fbridgetypes.MemStoreKey], app.AccountKeeper, app.BankKeeper, "stake", fbridgetypes.DefaultAuthority().String())
 
  /**** Module Options ****/
 

diff --git a/x/fbridge/keeper/auth.go b/x/fbridge/keeper/auth.go
@@ -10,8 +10,8 @@ import (
 )
 
 func (k Keeper) RegisterRoleProposal(ctx sdk.Context, proposer, target sdk.AccAddress, role types.Role) (types.RoleProposal, error) {
- if k.GetRole(ctx, proposer) != types.RoleGuardian {
- return types.RoleProposal{}, sdkerrors.ErrUnauthorized.Wrap("only guardian can submit a role proposal")
+ if k.GetRole(ctx, proposer) != types.RoleGuardian || proposer.String() != k.authority {
+ return types.RoleProposal{}, sdkerrors.ErrUnauthorized.Wrapf("only guardian or %s can execute this action", k.authority)
  }
 
  if k.GetRole(ctx, target) == role {
@@ -35,7 +35,7 @@ func (k Keeper) RegisterRoleProposal(ctx sdk.Context, proposer, target sdk.AccAd
 
 func (k Keeper) addVote(ctx sdk.Context, proposalID uint64, voter sdk.AccAddress, option types.VoteOption) error {
  if k.GetRole(ctx, voter) != types.RoleGuardian {
- return sdkerrors.ErrUnauthorized.Wrap("only guardian can vote for a role proposal")
+ return sdkerrors.ErrUnauthorized.Wrap("only guardian can execute this action")
  }
 
  _, found := k.GetRoleProposal(ctx, proposalID)
@@ -250,7 +250,7 @@ func (k Keeper) deleteRole(ctx sdk.Context, addr sdk.AccAddress) {
 
 func (k Keeper) setBridgeSwitch(ctx sdk.Context, guardian sdk.AccAddress, status types.BridgeStatus) error {
  if k.GetRole(ctx, guardian) != types.RoleGuardian {
- return sdkerrors.ErrUnauthorized.Wrap("only guardian can set bridge switch")
+ return sdkerrors.ErrUnauthorized.Wrap("only guardian can execute this action")
  }
 
  store := ctx.KVStore(k.storeKey)
@@ -268,7 +268,7 @@ func (k Keeper) deleteBridgeSwitch(ctx sdk.Context, guardian sdk.AccAddress) {
 
 func (k Keeper) GetBridgeSwitch(ctx sdk.Context, guardian sdk.AccAddress) (types.BridgeSwitch, error) {
  if k.GetRole(ctx, guardian) != types.RoleGuardian {
- return types.BridgeSwitch{}, sdkerrors.ErrUnauthorized.Wrap("only guardian can set bridge switch")
+ return types.BridgeSwitch{}, sdkerrors.ErrUnauthorized.Wrap("only guardian can execute this action")
  }
 
  store := ctx.KVStore(k.storeKey)

diff --git a/x/fbridge/keeper/keeper.go b/x/fbridge/keeper/keeper.go
@@ -3,7 +3,6 @@ package keeper
 import (
  "errors"
  "fmt"
-
  "github.com/tendermint/tendermint/libs/log"
 
  "github.com/Finschia/finschia-sdk/codec"
@@ -20,26 +19,34 @@ type Keeper struct {
 
  // the target denom for the bridge
  targetDenom string
+
+ // address that can have the same rights as a Guardian when the guardian is not registered yet
+ authority string
 }
 
 func NewKeeper(
  cdc codec.BinaryCodec,
  key, memKey sdk.StoreKey,
  authKeeper types.AccountKeeper,
  bankKeeper types.BankKeeper,
- targetDenom string,
+ targetDenom, authority string,
 ) Keeper {
  if addr := authKeeper.GetModuleAddress(types.ModuleName); addr == nil {
  panic(errors.New("fbridge module account has not been set"))
  }
 
+ if authority != types.DefaultAuthority().String() {
+ panic("x/bridge authority must be the gov module account")
+ }
+
  return Keeper{
  storeKey: key,
  memKey: memKey,
  cdc: cdc,
  authKeeper: authKeeper,
  bankKeeper: bankKeeper,
  targetDenom: targetDenom,
+ authority: authority,
  }
 }
 
@@ -95,6 +102,10 @@ func (k Keeper) IsInitialized(ctx sdk.Context) bool {
  return memStore.Get(types.KeyMemInitialized) != nil
 }
 
+func (k Keeper) GetAuthority() string {
+ return k.authority
+}
+
 func (k Keeper) IsBridgeHalted(ctx sdk.Context) bool {
  return k.GetBridgeStatus(ctx) == types.StatusInactive
 }
@@ -138,6 +149,9 @@ func (k Keeper) GetBridgeStatusMetadata(ctx sdk.Context) types.BridgeStatusMetad
  memStore := ctx.KVStore(k.memKey)
  bsMeta := types.BridgeStatusMetadata{}
  bz := memStore.Get(types.KeyMemBridgeStatus)
+ if bz == nil {
+ return types.BridgeStatusMetadata{}
+ }
  k.cdc.MustUnmarshal(bz, &bsMeta)
  return bsMeta
 }
diff --git a/x/fbridge/module/abci.go b/x/fbridge/module/abci.go
@@ -30,7 +30,7 @@ func EndBlocker(ctx sdk.Context, k keeper.Keeper) {
  }
  }
 
- if types.CheckTrustLevelThreshold(k.GetRoleMetadata(ctx).Guardian, voteYes, guardianTrustLevel) {
+ if types.CheckTrustLevelThreshold(k.GetRoleMetadata(ctx).Guardian, voteYes, guardianTrustLevel) || proposal.Proposer == k.GetAuthority() {
  if err := k.UpdateRole(ctx, proposal.Role, sdk.MustAccAddressFromBech32(proposal.Target)); err != nil {
  panic(err)
  }

diff --git a/x/fbridge/types/genesis.go b/x/fbridge/types/genesis.go
@@ -1,7 +1,11 @@
 package types
 
-// For testing purposes, you must not use the DummyGuardian address in production
-const DummyGuardian = "link1zmm9v8wucqecl75q22hddz0qypdgyvdpgg9a6d"
+import (
+ "errors"
+ sdk "github.com/Finschia/finschia-sdk/types"
+ authtypes "github.com/Finschia/finschia-sdk/x/auth/types"
+ govtypes "github.com/Finschia/finschia-sdk/x/gov/types"
+)
 
 func DefaultGenesisState() *GenesisState {
  return &GenesisState{
@@ -11,20 +15,24 @@ func DefaultGenesisState() *GenesisState {
  },
  ReceivingState: ReceivingState{},
  NextRoleProposalId: 1,
- // WARN: you must set your own guardian address in production
- Roles: []RolePair{{Role: RoleGuardian, Address: DummyGuardian}},
- // WARN: you must set your own guardian address in production
- BridgeSwitches: []BridgeSwitch{{Guardian: DummyGuardian, Status: StatusActive}},
  }
 }
 
+func DefaultAuthority() sdk.AccAddress {
+ return authtypes.NewModuleAddress(govtypes.ModuleName)
+}
+
 func ValidateGenesis(data GenesisState) error {
+ if err := ValidateParams(data.Params); err != nil {
+ return err
+ }
+
  if data.SendingState.NextSeq < 1 {
- panic("next sequence must be positive")
+ return errors.New("next sequence must be positive")
  }
 
  if data.NextRoleProposalId < 1 {
- panic("next role proposal ID must be positive")
+ return errors.New("next role proposal ID must be positive")
  }
 
  return nil

diff --git a/x/fbridge/types/params.go b/x/fbridge/types/params.go
@@ -11,9 +11,35 @@ func DefaultParams() Params {
  OperatorTrustLevel: Fraction{Numerator: 2, Denominator: 3},
  JudgeTrustLevel: Fraction{Numerator: 1, Denominator: 1},
  ProposalPeriod: uint64(time.Minute * 60),
+ TimelockPeriod: uint64(time.Hour * 24),
  }
 }
 
+func ValidateParams(params Params) error {
+ if err := ValidateTrustLevel(params.GuardianTrustLevel); err != nil {
+ return sdkerrors.ErrInvalidRequest.Wrap("guardian trust level: " + err.Error())
+ }
+
+ if err := ValidateTrustLevel(params.OperatorTrustLevel); err != nil {
+ return sdkerrors.ErrInvalidRequest.Wrap("operator trust level: " + err.Error())
+ }
+
+ if err := ValidateTrustLevel(params.JudgeTrustLevel); err != nil {
+ return sdkerrors.ErrInvalidRequest.Wrap("judge trust level: " + err.Error())
+ }
+
+ if params.ProposalPeriod == 0 {
+ return sdkerrors.ErrInvalidRequest.Wrap("proposal period cannot be 0")
+ }
+
+ if params.TimelockPeriod == 0 {
+ return sdkerrors.ErrInvalidRequest.Wrap("timelock period cannot be 0")
+ }
+
+ return nil
+
+}
+
 func CheckTrustLevelThreshold(total, current uint64, trustLevel Fraction) bool {
  if err := ValidateTrustLevel(trustLevel); err != nil {
  panic(err)