feat: Port x/wasm module #92

i-norden · 2023-02-28T09:02:13Z

aleem1314 commented

2023-02-28 09:02:13 +00:00

(Migrated from github.com)

Ref: #25

Description

For contributor use:

Targeted PR against correct branch (see CONTRIBUTING.md)
Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
Code follows the module structure standards.
Wrote unit and integration tests
Updated relevant documentation (docs/) or specification (x/<module>/spec/)
Added relevant godoc comments.
Added a relevant changelog entry to the Unreleased section in CHANGELOG.md
Re-reviewed Files changed in the Github PR explorer

For admin use:

Added appropriate labels to PR (ex. WIP, R4R, docs, etc)
Reviewers assigned
Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

Ref: #25 ## Description  ______ For contributor use: - [ ] Targeted PR against correct branch (see [CONTRIBUTING.md](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] Linked to Github issue with discussion and accepted design OR link to spec that describes this work. - [ ] Code follows the [module structure standards](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules/structure.md). - [ ] Wrote unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] Updated relevant documentation (`docs/`) or specification (`x/<module>/spec/`) - [ ] Added relevant `godoc` [comments](https://blog.golang.org/godoc-documenting-go-code). - [ ] Added a relevant changelog entry to the `Unreleased` section in `CHANGELOG.md` - [ ] Re-reviewed `Files changed` in the Github PR explorer ______ For admin use: - [ ] Added appropriate labels to PR (ex. `WIP`, `R4R`, `docs`, etc) - [ ] Reviewers assigned - [ ] Squashed all commits, uses message "Merge pull request #XYZ: [title]" ([coding standards](https://github.com/tendermint/coding/blob/master/README.md#merging-a-pr))

github-code-scanning[bot] (Migrated from github.com) reviewed 2023-02-28 09:37:26 +00:00

x/wasm/client/cli/gov_tx.go

						
				@ -0,0 +813,4 @@

					proposalTitle, err := cmd.Flags().GetString(cli.FlagTitle)

					if err != nil {

						return clientCtx, proposalTitle, "", nil, err

					}

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:25 +00:00

Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Variable proposalTitle is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Show more details

## Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference Variable `proposalTitle` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/612)

x/wasm/client/cli/gov_tx.go

						
				@ -0,0 +818,4 @@

					proposalDescr, err := cmd.Flags().GetString(cli.FlagDescription)

					if err != nil {

						return client.Context{}, proposalTitle, proposalDescr, nil, err

					}

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:25 +00:00

Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Variable proposalDescr is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Show more details

## Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference Variable `proposalDescr` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/613)

x/wasm/client/cli/gov_tx.go

						
				@ -0,0 +828,4 @@

					deposit, err := sdk.ParseCoinsNormalized(depositArg)

					if err != nil {

						return client.Context{}, proposalTitle, proposalDescr, deposit, err

					}

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:25 +00:00

Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Variable deposit is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Show more details

## Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference Variable `deposit` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/614)

x/wasm/ibctesting/endpoint.go

						
				@ -0,0 +120,4 @@

						return err

					}

					endpoint.ClientID, err = ibctesting.ParseClientIDFromEvents(res.GetEvents())

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:24 +00:00

Should `$X` be modified when an error could be returned?

Should endpoint be modified when an error could be returned?

Show more details

## Should `$X` be modified when an error could be returned? Should `endpoint` be modified when an error could be returned? [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/602)

x/wasm/ibctesting/endpoint.go

						
				@ -0,0 +167,4 @@

						return err

					}

					endpoint.ConnectionID, err = ibctesting.ParseConnectionIDFromEvents(res.GetEvents())

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:24 +00:00

Should `$X` be modified when an error could be returned?

Should endpoint be modified when an error could be returned?

Show more details

## Should `$X` be modified when an error could be returned? Should `endpoint` be modified when an error could be returned? [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/603)

x/wasm/ibctesting/endpoint.go

						
				@ -0,0 +194,4 @@

					}

					if endpoint.ConnectionID == "" {

						endpoint.ConnectionID, err = ibctesting.ParseConnectionIDFromEvents(res.GetEvents())

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:24 +00:00

Should `$X` be modified when an error could be returned?

Should endpoint be modified when an error could be returned?

Show more details

## Should `$X` be modified when an error could be returned? Should `endpoint` be modified when an error could be returned? [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/604)

x/wasm/ibctesting/endpoint.go

						
				@ -0,0 +278,4 @@

						return err

					}

					endpoint.ChannelID, err = ibctesting.ParseChannelIDFromEvents(res.GetEvents())

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:25 +00:00

Should `$X` be modified when an error could be returned?

Should endpoint be modified when an error could be returned?

Show more details

## Should `$X` be modified when an error could be returned? Should `endpoint` be modified when an error could be returned? [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/605)

x/wasm/ibctesting/endpoint.go

						
				@ -0,0 +310,4 @@

					}

					if endpoint.ChannelID == "" {

						endpoint.ChannelID, err = ibctesting.ParseChannelIDFromEvents(res.GetEvents())

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:25 +00:00

Should `$X` be modified when an error could be returned?

Should endpoint be modified when an error could be returned?

Show more details

## Should `$X` be modified when an error could be returned? Should `endpoint` be modified when an error could be returned? [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/606)

x/wasm/keeper/keeper.go

						
				@ -0,0 +157,4 @@

					checksum, err = k.wasmVM.Create(wasmCode)

					if err != nil {

						return 0, checksum, sdkerrors.Wrap(types.ErrCreateFailed, err.Error())

					}

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:37:25 +00:00

Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Variable checksum is likely modified and later used on error. In some cases this could result in panics due to a nil dereference

Show more details

## Variable `$X` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference Variable `checksum` is likely modified and later used on error. In some cases this could result in panics due to a nil dereference [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/615)

github-code-scanning[bot] (Migrated from github.com) reviewed 2023-02-28 09:56:29 +00:00

x/wasm/ibctesting/coordinator.go

						
				@ -0,0 +71,4 @@

				func (coord *Coordinator) UpdateTime() {

					for _, chain := range coord.Chains {

						coord.UpdateTimeForChain(chain)

					}

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:56:28 +00:00

Iteration over map

Iteration over map may be a possible source of non-determinism

Show more details

## Iteration over map Iteration over map may be a possible source of non-determinism [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/624)

x/wasm/keeper/keeper.go

						
				@ -0,0 +7,4 @@

					"encoding/hex"

					"fmt"

					"math"

					"reflect"

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:56:28 +00:00

Sensitive package import

Certain system packages contain functions which may be a possible source of non-determinism

Show more details

## Sensitive package import Certain system packages contain functions which may be a possible source of non-determinism [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/630)

x/wasm/keeper/legacy_querier.go

						
				@ -0,0 +2,4 @@

				import (

					"encoding/json"

					"reflect"

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:56:29 +00:00

Sensitive package import

Certain system packages contain functions which may be a possible source of non-determinism

Show more details

## Sensitive package import Certain system packages contain functions which may be a possible source of non-determinism [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/631)

x/wasm/keeper/legacy_querier.go

						
				@ -0,0 +73,4 @@

						if err != nil {

							return nil, err

						}

						if rsp == nil || reflect.ValueOf(rsp).IsNil() {

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:56:28 +00:00

Impossible interface nil check

This value can never be nil, since it is a wrapped interface value.

Show more details

## Impossible interface nil check This value can never be nil, since it is a wrapped interface value. [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/634)

x/wasm/keeper/options.go

						
				@ -0,0 +2,4 @@

				import (

					"fmt"

					"reflect"

github-code-scanning[bot] (Migrated from github.com) commented

2023-02-28 09:56:29 +00:00

Sensitive package import

Certain system packages contain functions which may be a possible source of non-determinism

Show more details

## Sensitive package import Certain system packages contain functions which may be a possible source of non-determinism [Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/632)

i-norden reviewed 2023-03-02 21:08:58 +00:00

i-norden left a comment

Thanks @aleem1314! I am wondering if we can get away with using WASM tooling as dependencies rather than internalizing a stateful module for them.

Background here is relevant here too. WASM execution environment is another piece necessary to fulfill the goal of "On-chain watcher fraud proof evaluation", it is this environment that we will need to provide access to the Postgres IPLD blockstore through the package discussed there.

Tagging @AFDudley here to discuss too.

Based on my current understanding the WASM execution environment we will use in laconicd will not need to write state into the Tendermint/Cosmos state commitment (IAVL). Service providers will usually run watcher WASM "off-chain", in watcher groups, and only when someone submits a fraud proof to Laconic does the laconicd state machine execute WASM to evaluate the fraud proof by re-running the challenged watcher state transitions to see if the result matches the result provided. But, are the state changes affected during this evaluation committed back to Tendermint? Or are they executed in a sort of speculative manner and the only thing committed is a signed attestation to the result of the evaluation?

Thanks @aleem1314! I am wondering if we can get away with using WASM tooling as dependencies rather than internalizing a stateful module for them. Background [here](https://github.com/cerc-io/laconicd/issues/24#issuecomment-1450330909) is relevant here too. WASM execution environment is another piece necessary to fulfill the goal of "On-chain watcher fraud proof evaluation", it is this environment that we will need to provide access to the Postgres IPLD blockstore through the package discussed there. Tagging @AFDudley here to discuss too. Based on my current understanding the WASM execution environment we will use in laconicd will not need to write state into the Tendermint/Cosmos state commitment (IAVL). Service providers will usually run watcher WASM "off-chain", in watcher groups, and only when someone submits a fraud proof to Laconic does the laconicd state machine execute WASM to evaluate the fraud proof by re-running the challenged watcher state transitions to see if the result matches the result provided. But, are the state changes affected during this evaluation committed back to Tendermint? Or are they executed in a sort of speculative manner and the only thing committed is a signed attestation to the result of the evaluation?

AFDudley commented

2023-03-03 17:21:01 +00:00

I think the result needs to be written to the chain, but we will need to use IPLD and probably make some other changes so that it's efficient to store.

aleem1314 commented

2023-03-07 12:11:29 +00:00

(Migrated from github.com)

Based on my current understanding the WASM execution environment we will use in laconicd will not need to write state into the Tendermint/Cosmos state commitment (IAVL).

The CosmWasmVM Instantiate and Execute ref methods requires access to the KVStore. If we keep wasm not as a stateful module, which module store we are going to use in the wasm?

> Based on my current understanding the WASM execution environment we will use in laconicd will not need to write state into the Tendermint/Cosmos state commitment (IAVL). The CosmWasmVM `Instantiate` and `Execute` [ref](https://github.com/CosmWasm/wasmvm/blob/main/spec/Specification.md#function-definitions) methods requires access to the `KVStore`. If we keep wasm not as a stateful module, which module store we are going to use in the `wasm`?

👀 1

gitea-actions commented

2023-11-25 00:00:38 +00:00

First-time contributor

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days-before-close if no further activity occurs.

zramsay closed this pull request

2024-04-03 11:53:33 +00:00