da36c46f3a
## Description Closes: #11092 ## TODOs I'm thinking to do the 2 todos in a separate PR, or else this PR is too big. WDYT? - [ ] #11246 This involves adding a new index ProposalsByVotingPeriodEnd, so might be better to do in another PR - [ ] #11245 Also should be done in a separate PR (as it needs the above index) ### Main change 1: Group policy proto defs have `voting_period` and `min_execution_period` For group policies: ```diff - // Within this times votes and exec messages can be submitted. - // timeout is the duration from submission of a proposal to the end of voting period - google.protobuf.Duration timeout = 2 [(gogoproto.stdduration) = true, (gogoproto.nullable) = false]; + // voting_period is the duration from submission of a proposal to the end of voting period + // Within this times votes can be submitted with MsgVote. + google.protobuf.Duration voting_period = 2 [(gogoproto.stdduration) = true, (gogoproto.nullable) = false]; + // min_execution_period is the minimum duration after the proposal submission + // where members can start sending MsgExec. This means that the window for + // sending a MsgExec transaction is: + // `[ submission + min_execution_period ; submission + voting_period + max_execution_period]` + // where max_execution_period is a app-specific config, defined in the keeper. + // If not set, min_execution_period will default to 0. + google.protobuf.Duration min_execution_period = 3 [(gogoproto.stdduration) = true, (gogoproto.nullable) = false]; ``` ### Main Change 2: We don't update proposal's FinalTallyResult result on MsgVote/MsgSubmitProposal Unless the msg has TryExec set to true, in which case the FinalTallyResult is updated ONLY if the tally is final. ### Main Change 3: Add a keeper-level `MaxExecutionPeriod` MsgExecs will be rejected if they are sent after `voting_period_end + MaxExecutionPeriod` --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable)
57 lines
2.1 KiB
Go
57 lines
2.1 KiB
Go
package keeper
|
|
|
|
import (
|
|
sdk "github.com/cosmos/cosmos-sdk/types"
|
|
"github.com/cosmos/cosmos-sdk/types/errors"
|
|
authmiddleware "github.com/cosmos/cosmos-sdk/x/auth/middleware"
|
|
"github.com/cosmos/cosmos-sdk/x/group"
|
|
grouperrors "github.com/cosmos/cosmos-sdk/x/group/errors"
|
|
)
|
|
|
|
// doExecuteMsgs routes the messages to the registered handlers. Messages are limited to those that require no authZ or
|
|
// by the account of group policy only. Otherwise this gives access to other peoples accounts as the sdk ant handler is bypassed
|
|
func (s Keeper) doExecuteMsgs(ctx sdk.Context, router *authmiddleware.MsgServiceRouter, proposal group.Proposal, groupPolicyAcc sdk.AccAddress) ([]sdk.Result, error) {
|
|
// Ensure it's not too late to execute the messages.
|
|
// After https://github.com/cosmos/cosmos-sdk/issues/11245, proposals should
|
|
// be pruned automatically, so this function should not even be called, as
|
|
// the proposal doesn't exist in state. For sanity check, we can still keep
|
|
// this simple and cheap check.
|
|
expiryDate := proposal.VotingPeriodEnd.Add(s.config.MaxExecutionPeriod)
|
|
if expiryDate.Before(ctx.BlockTime()) {
|
|
return nil, grouperrors.ErrExpired.Wrapf("proposal expired on %s", expiryDate)
|
|
}
|
|
|
|
msgs := proposal.GetMsgs()
|
|
|
|
results := make([]sdk.Result, len(msgs))
|
|
if err := ensureMsgAuthZ(msgs, groupPolicyAcc); err != nil {
|
|
return nil, err
|
|
}
|
|
for i, msg := range msgs {
|
|
handler := s.router.Handler(msg)
|
|
if handler == nil {
|
|
return nil, errors.Wrapf(grouperrors.ErrInvalid, "no message handler found for %q", sdk.MsgTypeURL(msg))
|
|
}
|
|
r, err := handler(ctx, msg)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "message %q at position %d", msg, i)
|
|
}
|
|
if r != nil {
|
|
results[i] = *r
|
|
}
|
|
}
|
|
return results, nil
|
|
}
|
|
|
|
// ensureMsgAuthZ checks that if a message requires signers that all of them are equal to the given account address of group policy.
|
|
func ensureMsgAuthZ(msgs []sdk.Msg, groupPolicyAcc sdk.AccAddress) error {
|
|
for i := range msgs {
|
|
for _, acct := range msgs[i].GetSigners() {
|
|
if !groupPolicyAcc.Equals(acct) {
|
|
return errors.Wrap(errors.ErrUnauthorized, "msg does not have group policy authorization")
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|