65453e4aa0
* rpc, evm: secure signing * evm, ante: test signer * tests
191 lines
6.9 KiB
Go
191 lines
6.9 KiB
Go
package ante
|
|
|
|
import (
|
|
"fmt"
|
|
"runtime/debug"
|
|
|
|
log "github.com/xlab/suplog"
|
|
|
|
"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
|
|
"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
|
|
"github.com/cosmos/cosmos-sdk/crypto/types/multisig"
|
|
sdk "github.com/cosmos/cosmos-sdk/types"
|
|
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
|
|
"github.com/cosmos/cosmos-sdk/types/tx/signing"
|
|
authante "github.com/cosmos/cosmos-sdk/x/auth/ante"
|
|
authsigning "github.com/cosmos/cosmos-sdk/x/auth/signing"
|
|
authtypes "github.com/cosmos/cosmos-sdk/x/auth/types"
|
|
|
|
"github.com/cosmos/ethermint/crypto/ethsecp256k1"
|
|
)
|
|
|
|
const (
|
|
// TODO: Use this cost per byte through parameter or overriding NewConsumeGasForTxSizeDecorator
|
|
// which currently defaults at 10, if intended
|
|
// memoCostPerByte sdk.Gas = 3
|
|
secp256k1VerifyCost uint64 = 21000
|
|
)
|
|
|
|
// AccountKeeper defines an expected keeper interface for the auth module's AccountKeeper
|
|
type AccountKeeper interface {
|
|
authante.AccountKeeper
|
|
NewAccountWithAddress(ctx sdk.Context, addr sdk.AccAddress) authtypes.AccountI
|
|
GetAccount(ctx sdk.Context, addr sdk.AccAddress) authtypes.AccountI
|
|
SetAccount(ctx sdk.Context, account authtypes.AccountI)
|
|
}
|
|
|
|
// BankKeeper defines an expected keeper interface for the bank module's Keeper
|
|
type BankKeeper interface {
|
|
authtypes.BankKeeper
|
|
GetBalance(ctx sdk.Context, addr sdk.AccAddress, denom string) sdk.Coin
|
|
SetBalance(ctx sdk.Context, addr sdk.AccAddress, balance sdk.Coin) error
|
|
}
|
|
|
|
// NewAnteHandler returns an ante handler responsible for attempting to route an
|
|
// Ethereum or SDK transaction to an internal ante handler for performing
|
|
// transaction-level processing (e.g. fee payment, signature verification) before
|
|
// being passed onto it's respective handler.
|
|
func NewAnteHandler(
|
|
ak AccountKeeper,
|
|
bankKeeper BankKeeper,
|
|
evmKeeper EVMKeeper,
|
|
signModeHandler authsigning.SignModeHandler,
|
|
) sdk.AnteHandler {
|
|
return func(
|
|
ctx sdk.Context, tx sdk.Tx, sim bool,
|
|
) (newCtx sdk.Context, err error) {
|
|
var anteHandler sdk.AnteHandler
|
|
|
|
defer Recover(&err)
|
|
|
|
txWithExtensions, ok := tx.(authante.HasExtensionOptionsTx)
|
|
if ok {
|
|
opts := txWithExtensions.GetExtensionOptions()
|
|
if len(opts) > 0 {
|
|
switch typeURL := opts[0].GetTypeUrl(); typeURL {
|
|
case "/ethermint.evm.v1alpha1.ExtensionOptionsEthereumTx":
|
|
// handle as *evmtypes.MsgEthereumTx
|
|
|
|
anteHandler = sdk.ChainAnteDecorators(
|
|
NewEthSetupContextDecorator(), // outermost AnteDecorator. EthSetUpContext must be called first
|
|
NewEthMempoolFeeDecorator(evmKeeper),
|
|
NewEthValidateBasicDecorator(),
|
|
authante.TxTimeoutHeightDecorator{},
|
|
NewEthSigVerificationDecorator(evmKeeper),
|
|
NewEthAccountSetupDecorator(ak),
|
|
NewEthAccountVerificationDecorator(ak, bankKeeper, evmKeeper),
|
|
NewEthNonceVerificationDecorator(ak),
|
|
NewEthGasConsumeDecorator(ak, bankKeeper, evmKeeper),
|
|
NewEthIncrementSenderSequenceDecorator(ak), // innermost AnteDecorator.
|
|
)
|
|
|
|
case "/ethermint.evm.v1alpha1.ExtensionOptionsWeb3Tx":
|
|
// handle as normal Cosmos SDK tx, except signature is checked for EIP712 representation
|
|
|
|
switch tx.(type) {
|
|
case sdk.Tx:
|
|
anteHandler = sdk.ChainAnteDecorators(
|
|
authante.NewSetUpContextDecorator(), // outermost AnteDecorator. SetUpContext must be called first
|
|
authante.NewMempoolFeeDecorator(),
|
|
authante.NewValidateBasicDecorator(),
|
|
authante.TxTimeoutHeightDecorator{},
|
|
authante.NewValidateMemoDecorator(ak),
|
|
authante.NewConsumeGasForTxSizeDecorator(ak),
|
|
authante.NewSetPubKeyDecorator(ak), // SetPubKeyDecorator must be called before all signature verification decorators
|
|
authante.NewValidateSigCountDecorator(ak),
|
|
authante.NewDeductFeeDecorator(ak, bankKeeper),
|
|
authante.NewSigGasConsumeDecorator(ak, DefaultSigVerificationGasConsumer),
|
|
authante.NewIncrementSequenceDecorator(ak), // innermost AnteDecorator
|
|
)
|
|
default:
|
|
return ctx, sdkerrors.Wrapf(sdkerrors.ErrUnknownRequest, "invalid transaction type: %T", tx)
|
|
}
|
|
|
|
default:
|
|
log.WithField("type_url", typeURL).Errorln("rejecting tx with unsupported extension option")
|
|
return ctx, sdkerrors.ErrUnknownExtensionOptions
|
|
}
|
|
|
|
return anteHandler(ctx, tx, sim)
|
|
}
|
|
}
|
|
|
|
// handle as totally normal Cosmos SDK tx
|
|
|
|
switch tx.(type) {
|
|
case sdk.Tx:
|
|
anteHandler = sdk.ChainAnteDecorators(
|
|
authante.NewSetUpContextDecorator(), // outermost AnteDecorator. SetUpContext must be called first
|
|
authante.NewRejectExtensionOptionsDecorator(),
|
|
authante.NewMempoolFeeDecorator(),
|
|
authante.NewValidateBasicDecorator(),
|
|
authante.TxTimeoutHeightDecorator{},
|
|
authante.NewValidateMemoDecorator(ak),
|
|
authante.NewConsumeGasForTxSizeDecorator(ak),
|
|
authante.NewSetPubKeyDecorator(ak), // SetPubKeyDecorator must be called before all signature verification decorators
|
|
authante.NewValidateSigCountDecorator(ak),
|
|
authante.NewDeductFeeDecorator(ak, bankKeeper),
|
|
authante.NewSigGasConsumeDecorator(ak, DefaultSigVerificationGasConsumer),
|
|
authante.NewSigVerificationDecorator(ak, signModeHandler),
|
|
authante.NewIncrementSequenceDecorator(ak), // innermost AnteDecorator
|
|
)
|
|
default:
|
|
return ctx, sdkerrors.Wrapf(sdkerrors.ErrUnknownRequest, "invalid transaction type: %T", tx)
|
|
}
|
|
|
|
return anteHandler(ctx, tx, sim)
|
|
}
|
|
}
|
|
|
|
func Recover(err *error) {
|
|
if r := recover(); r != nil {
|
|
*err = sdkerrors.Wrapf(sdkerrors.ErrPanic, "%v", r)
|
|
|
|
if e, ok := r.(error); ok {
|
|
log.WithError(e).Errorln("ante handler panicked with an error")
|
|
log.Debugln(string(debug.Stack()))
|
|
} else {
|
|
log.Errorln(r)
|
|
}
|
|
}
|
|
}
|
|
|
|
var _ authante.SignatureVerificationGasConsumer = DefaultSigVerificationGasConsumer
|
|
|
|
// DefaultSigVerificationGasConsumer is the default implementation of SignatureVerificationGasConsumer. It consumes gas
|
|
// for signature verification based upon the public key type. The cost is fetched from the given params and is matched
|
|
// by the concrete type.
|
|
func DefaultSigVerificationGasConsumer(
|
|
meter sdk.GasMeter, sig signing.SignatureV2, params authtypes.Params,
|
|
) error {
|
|
pubkey := sig.PubKey
|
|
switch pubkey := pubkey.(type) {
|
|
case *ed25519.PubKey:
|
|
meter.ConsumeGas(params.SigVerifyCostED25519, "ante verify: ed25519")
|
|
return nil
|
|
|
|
case *secp256k1.PubKey:
|
|
meter.ConsumeGas(params.SigVerifyCostSecp256k1, "ante verify: secp256k1")
|
|
return nil
|
|
|
|
// support for ethereum ECDSA secp256k1 keys
|
|
case *ethsecp256k1.PubKey:
|
|
meter.ConsumeGas(secp256k1VerifyCost, "ante verify: eth_secp256k1")
|
|
return nil
|
|
|
|
case multisig.PubKey:
|
|
multisignature, ok := sig.Data.(*signing.MultiSignatureData)
|
|
if !ok {
|
|
return fmt.Errorf("expected %T, got, %T", &signing.MultiSignatureData{}, sig.Data)
|
|
}
|
|
err := authante.ConsumeMultisignatureVerificationGas(meter, multisignature, pubkey, params, sig.Sequence)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
|
|
default:
|
|
return sdkerrors.Wrapf(sdkerrors.ErrInvalidPubKey, "unrecognized public key type: %T", pubkey)
|
|
}
|
|
}
|