chore: simplify ADR-028 and address.Module

[robert-zaremba]

Description

Closes: #13910
Closes: #13782

---

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

• included the correct type prefix in the PR title
• added ! to the type prefix if API or client breaking change
• targeted the correct branch (see PR Targeting)
• provided a link to the relevant issue or specification
• followed the guidelines for building modules
• included the necessary unit and integration tests
• added a changelog entry to CHANGELOG.md
• included comments for documenting Go code
• updated the relevant documentation or specification
• reviewed "Files changed" and left comments if necessary
• confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

• confirmed the correct type prefix in the PR title
• confirmed ! in the type prefix if API or client breaking change
• confirmed all author checklist items have been addressed
• reviewed state machine logic
• reviewed API design and naming
• reviewed documentation is accurate
• reviewed tests and test coverage
• manually tested (if applicable)

[robert-zaremba]

I was thinking to "merge" derivationKey into derivationKeys, but then we would need to panic if someone will provide an empty list.

[odeke-em]

I think as is is great, requires at least 1 derivationKey implicitly which is communicated to the caller.

[aaronc]

I don't see any reason to require at least one derivation key for modules. This is inconsistent with what we've discussed for ADR 033. There is always the root module address with no derivation keys.

Suggested change

	func Module(moduleName string, derivationKey []byte, derivationKeys ...[]byte) []byte {
	func Module(moduleName string, derivationKeys ...[]byte) []byte {

[robert-zaremba]

wouldn't this conflict with the existing authtypes.NewModuleAddress?

[aaronc]

No. That uses 20 byte addresses

[amaury1093]

My preference is to keep backwards compatibility of existing root module accounts.

func Module(moduleName string, derivationKeys ...[]byte) []byte {
  if len(derivationKeys) == 0 { return authtypes.NewModuleAddress() }
  else { /* do like current code with successive derivations */ }
}

so it's:

• 20 byte address for root module accounts
• 32 byte addresses for sub/derived module accounts

[robert-zaremba]

So we need to make decision.

[robert-zaremba]

up

[robert-zaremba]

Up again, I'm going to update this PR by implementing #14017 (comment) (which is what @AmauryM seconded: #14017 (comment))

[amaury1093]

SGTM

[julienrbrt]

Lgtm!

[robert-zaremba]

Adding 0.47 backport.

[odeke-em]

Thank you for this change @robert-zaremba, just some suggestions, please take a look. Thank you Julien for the co-review.

[odeke-em]

I think as is is great, requires at least 1 derivationKey implicitly which is communicated to the caller.

[aaronc]

I don't see any reason to require at least one derivation key for modules. This is inconsistent with what we've discussed for ADR 033. There is always the root module address with no derivation keys.

Suggested change

	func Module(moduleName string, derivationKey []byte, derivationKeys ...[]byte) []byte {
	func Module(moduleName string, derivationKeys ...[]byte) []byte {

[aaronc]

@AmauryM would be great to get your review of this too.

[robert-zaremba]

I'm fine with address.Module reverting to the pre-ADR 028 20-byte addresses (compatible with existing module accounts) when there are no derivation keys.

Personally, I would prefer to have only the "full" ADR-28 addresses for root module accounts. But simplification and compatibility is more important here.

[aaronc]

I'm fine with address.Module reverting to the pre-ADR 028 20-byte addresses (compatible with existing module accounts) when there are no derivation keys.

Personally, I would prefer to have only the "full" ADR-28 addresses for root module accounts. But simplification and compatibility is more important here.

For security purposes? All root accounts should be initialized on startup

[robert-zaremba]

For security purposes?

Mostly for having one general solution (with clear domains - what ADR-028 is mostly about).

I think security is OK here, because we have that module name hash. The concern is if someone is doing something weird and creating a module name which is a hash and could collide with an existing public key hash. Or generates multiple module accounts rather than deriving.

[sonarcloud]

[Cosmos SDK] Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
1 Code Smell

No Coverage information
No Duplication information

[aaronc]

Happy to give my pre-approval on this now but I think we should sort out what to do for the root module hash. Maybe on the next community call as you mentioned @robert-zaremba

[julienrbrt]

I believe it closes #13782 too right?

[julienrbrt]

Can we add a changelog? Then, given the discussion from the community call, we can add automerge.

[adu-crypto]

It seems a little late to see this pr since it would be merged soon.
After reading through the pr, I think this is mainly talking about the derivation of module type accounts. But I got some questions about the change and would appreciate it if anyone could explain to me:

1. Could this possibly bring any consensus-breaking change?
2. what are the main benefits of this new pattern of module account derivation change

[adu-crypto]

so currently we are not using this function to generate root module account, instead we are using authtypes.NewModuleAddress(modulenName), right?

[julienrbrt]

Exactly, now authtypes.NewModuleAddress(modulenName) falls back to address.Module now, but, the behavior stays the same as authtypes.NewModuleAddress(modulenName): https://github.com/cosmos/cosmos-sdk/pull/14017/files#diff-6cfded83a08be06034f746e83ffa6bbd6c35430cd8ac05015e6bd942c7da1030R73-R76