Authorization logic of staking module: panic when handling amounts greater than authorized #11478
Comments
## Description Closes: #11478 --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable)
|
hi, @atheeshp ! I just noticed that the issue was closed by a recent commit: could you please give some context? From what I can read from the commit, the panicking is removed by using Furthermore, the |
we have cosmos-sdk/x/staking/types/authz.go Lines 106 to 109 in 9f6f9f5 |
|
cool, thanks for the explanation! |
|
Hello @atheeshp ! When you find some time, could you please explain is there some particular reason why SafeSub func could not be implemented for sdk.Coin in order for you to skip the conversion to sdk.Coins here? It looks to me, that introducting SafeSub for sdk.Coin could be used in a same way as SafeSub for sdk.Coins: Lines 386 to 393 in 8800d2e That is: for sdk.Coin SafeSub could be called from Sub func and if it returns true for negative coin value result cosmos-sdk/x/staking/types/authz.go Line 111 in 9f6f9f5 and you could gain the necessary information for returning ErrInsufficientFunds err and the limitLeft with one function call. Since I will be working on model-based testing of authz module as well, but I'm also doing some code inspection for possible improvements, every information could be useful. Thanks in advance! |
Summary of Bug
The
Acceptfunction of staking modules'sauthz.gofile checks whether the amount to delegate is covered by the authorization. It does so by calling theSubfunction (line 106). This function will panic if the resulting amount is negative.This is in contrast to how a similar check in the
bankmodule handles the same situation: there, theSafeSubfunction is called, and theErrInsusfficientFundsis returned if the amount is negative.Wouldn't it be better if both modules were handling this situation in the same way? I believe that returning an error would be the way to go (but perhaps I am missing some context).
I ran into this issue when working on model-based testing of
authz, generating tests covering the situation in which insufficient grant was provided for an execution.Version
master (commit: 5491be2)
For Admin Use
The text was updated successfully, but these errors were encountered: