From 554b2e1a2a574002b3f136fde0cef87df65ff950 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 14:34:54 -0700 Subject: [PATCH 01/14] wip --- CHANGELOG.md | 64 +++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 56 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c72d0c9a2f..9c27ae4d78 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,65 @@ # CHANGELOG +## [Unreleased] + +## v1.2.0-multiden + +The first release candidate for a fix built on top of v1.2.0, intended for consumers. This release adds a list of denoms on the consumer that are allowed to be sent to the provider as rewards. This prevents a potential DOS attack that was discovered during the audit of Replicated Security performed by Oak Security and funded by the Cosmos Hub community through Proposal 687. + +* (fix) prevent denom DOS attack [54e9852](https://github.com/cosmos/interchain-security/commit/54e9852d3c89a2513cd0170a56c6eec894fc878d) +* (fix) multisig [54e9852](https://github.com/cosmos/interchain-security/commit/54e9852d3c89a2513cd0170a56c6eec894fc878d) + +## v1.1.0-multiden + +This release combines two fixes on top of v1.1.0, that we judged were urgent to get onto the Cosmos Hub before the launch of the first ICS consumer chain. This is an emergency release intended for providers. + +The first fix is to enable the use of multisigs and Ledger devices when assigning keys for consumer chains. The second is to prevent a possible DOS vector involving the reward distribution system. + +### Multisig fix + +On April 25th (a week and a half ago), we began receiving reports that validators using multisigs and Ledger devices were getting errors reading Error: unable to resolve type URL /interchain_security.ccv.provider.v1.MsgAssignConsumerKey: tx parse error when attempting to assign consensus keys for consumer chains. + +We quickly narrowed the problem down to issues having to do with using the PubKey type directly in the MsgAssignConsumerKey transaction, and Amino (a deprecated serialization library still used in Ledger devices and multisigs) not being able to handle this. We attempted to fix this with the assistance of the Cosmos-SDK team, but after making no headway for a few days, we decided to simply use a JSON representation of the PubKey in the transaction. This is how it is usually represented anyway. We have verified that this fixes the problem. + +### Distribution fix + +The ICS distribution system works by allowing consumer chains to send rewards to a module address on the provider called the FeePoolAddress. From here they are automatically distributed to all validators and delegators through the distribution system that already exists to distribute staking rewards. The FeePoolAddress is usually blocked so that no tokens can be sent to it, but to enable ICS distribution we had to unblock it. + +We recently realized that unblocking the FeePoolAddress could enable an attacker to send a huge number of different denoms into the distribution system. The distribution system would then attempt to distribute them all, leading to out of memory errors. Fixing a similar attack vector that existed in the distribution system before ICS led us to this realization. + +To fix this problem, we have re-blocked the FeePoolAddress and created a new address called the ConsumerRewardsPool. Consumer chains now send rewards to this new address. There is also a new transaction type called RegisterConsumerRewardDenom. This transaction allows people to register denoms to be used as rewards from consumer chains. It costs 10 Atoms to run this transaction.The Atoms are transferred to the community pool. Only denoms registered with this command are then transferred to the FeePoolAddress and distributed out to delegators and validators. + +## v1.2.1 + +* (fix) Remove SPM [#812](https://github.com/cosmos/interchain-security/pull/812) +* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725) + +## v1.2.0 + +Date: April 13th, 2023 + +* (feat) Soft opt-out [#833](https://github.com/cosmos/interchain-security/pull/833) +* (fix) Correctly handle VSC packet with duplicate val updates on consumer [#846](https://github.com/cosmos/interchain-security/pull/846) +* (chore) bump: sdk v0.45.15-ics [#805](https://github.com/cosmos/interchain-security/pull/805) +* (api) add interchain security consumer QueryParams [#746](https://github.com/cosmos/interchain-security/pull/746) + +## v1.1.1 + +* (fix) Remove SPM [#812](https://github.com/cosmos/interchain-security/pull/812) +* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725) + +## v1.1.0 + +Date: March 24th, 2023 + +* (fix) StopConsumerChain not running in cachedContext [#802](https://github.com/cosmos/interchain-security/pull/802) + ## v1.0.0 Date: February 6th, 2023 -This is the first version of Interchain Security (ICS), also known as _Replicated Security_ (RS). -Replicated Security is a feature which will allow a chain -- referred to as the _provider_ -- to share security with other chains -- referred to as _consumers_. +This is the first version of Interchain Security (ICS), also known as _Replicated Security_ (RS). +Replicated Security is a feature which will allow a chain -- referred to as the _provider_ -- to share security with other chains -- referred to as _consumers_. This means that the provider's validator set will be granted the right to validate consumer chains. The communication between the provider and the consumer chains is done through the IBC protocol over a unique, ordered channel (one for each consumer chain). Thus, RS is an IBC application. @@ -26,9 +80,3 @@ In addition, RS has the following features: - **Key Assignment**: Enables validator operators to use different consensus keys for each consumer chain validator node that they operate. - **Jail Throttling**: Enables the provider to slow down a "worst case scenario" attack where a malicious consumer binary attempts to jail a significant amount (> 2/3) of the voting power, effectively taking control of the provider. - -### Dependencies - -- [ibc-go](https://github.com/cosmos/ibc-go): [v4.2.0](https://github.com/cosmos/ibc-go/blob/release/v4.2.x/CHANGELOG.md) -- [cosmos-sdk](https://github.com/cosmos/cosmos-sdk): [v0.45.12-ics](https://github.com/cosmos/cosmos-sdk/tree/v0.45.13-ics) -- [tendermint](https://github.com/informalsystems/tendermint): [0.34.24](https://github.com/informalsystems/tendermint/tree/v0.34.24) From 9222abb6f7bda9a9a3721b9c51821ff291c6454a Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 14:38:42 -0700 Subject: [PATCH 02/14] Update CHANGELOG.md --- CHANGELOG.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9c27ae4d78..53c3f02fbd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,10 +4,9 @@ ## v1.2.0-multiden -The first release candidate for a fix built on top of v1.2.0, intended for consumers. This release adds a list of denoms on the consumer that are allowed to be sent to the provider as rewards. This prevents a potential DOS attack that was discovered during the audit of Replicated Security performed by Oak Security and funded by the Cosmos Hub community through Proposal 687. +The first release candidate for a fix built on top of v1.2.0, intended for consumers. This release adds a list of denoms on the consumer that are allowed to be sent to the provider as rewards. This prevents a potential DOS attack that was discovered during the audit of Replicated Security performed by Oak Security and funded by the Cosmos Hub community through Proposal 687. In an effort to move quickly, this release also includes a multisig fix that is effective only for provider. It shouldn't affect the consumer module. -* (fix) prevent denom DOS attack [54e9852](https://github.com/cosmos/interchain-security/commit/54e9852d3c89a2513cd0170a56c6eec894fc878d) -* (fix) multisig [54e9852](https://github.com/cosmos/interchain-security/commit/54e9852d3c89a2513cd0170a56c6eec894fc878d) +[full diff](https://github.com/cosmos/interchain-security/compare/v1.2.0...v1.2.0-multiden-rc0) ## v1.1.0-multiden @@ -15,6 +14,10 @@ This release combines two fixes on top of v1.1.0, that we judged were urgent to The first fix is to enable the use of multisigs and Ledger devices when assigning keys for consumer chains. The second is to prevent a possible DOS vector involving the reward distribution system. +Note PRs were made in a private security repo. + +[full diff](https://github.com/cosmos/interchain-security/compare/v1.1.0...release/v1.1.0-multiden) + ### Multisig fix On April 25th (a week and a half ago), we began receiving reports that validators using multisigs and Ledger devices were getting errors reading Error: unable to resolve type URL /interchain_security.ccv.provider.v1.MsgAssignConsumerKey: tx parse error when attempting to assign consensus keys for consumer chains. From a196bf20c0549e939666a971853bc13a357e0466 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 14:52:17 -0700 Subject: [PATCH 03/14] small comment --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 53c3f02fbd..ef35ff7cf6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,8 @@ The first release candidate for a fix built on top of v1.2.0, intended for consumers. This release adds a list of denoms on the consumer that are allowed to be sent to the provider as rewards. This prevents a potential DOS attack that was discovered during the audit of Replicated Security performed by Oak Security and funded by the Cosmos Hub community through Proposal 687. In an effort to move quickly, this release also includes a multisig fix that is effective only for provider. It shouldn't affect the consumer module. +Note PRs were made in a private security repo. + [full diff](https://github.com/cosmos/interchain-security/compare/v1.2.0...v1.2.0-multiden-rc0) ## v1.1.0-multiden From 521a093c09403d7abf046afecb9aee89fe99e3b6 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 15:22:04 -0700 Subject: [PATCH 04/14] comment --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ef35ff7cf6..f0ff14f92f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ ## [Unreleased] +Note: Some PRs in the unreleased section may reappear from the released sections of some releases below. This is due to the fact that ICS v1.1.0 deviates from the commit ordering of the main branch, and all other releases thereafter are based on v1.1.0. + +The ICS v1.3.0 release will be based on the main branch, and will not have this issue. v1.3.0 will also contain all the accumulated PRs from the various releases below. After v1.3.0, we plan to revamp release practices, and how we modularize the repo for consumer/provider. + ## v1.2.0-multiden The first release candidate for a fix built on top of v1.2.0, intended for consumers. This release adds a list of denoms on the consumer that are allowed to be sent to the provider as rewards. This prevents a potential DOS attack that was discovered during the audit of Replicated Security performed by Oak Security and funded by the Cosmos Hub community through Proposal 687. In an effort to move quickly, this release also includes a multisig fix that is effective only for provider. It shouldn't affect the consumer module. From 4f82418b85be2df8ac9cb771f7c61f1c207c4774 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 15:43:47 -0700 Subject: [PATCH 05/14] progress save --- CHANGELOG.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f0ff14f92f..46fadf71b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,30 @@ Note: Some PRs in the unreleased section may reappear from the released sections The ICS v1.3.0 release will be based on the main branch, and will not have this issue. v1.3.0 will also contain all the accumulated PRs from the various releases below. After v1.3.0, we plan to revamp release practices, and how we modularize the repo for consumer/provider. +* (fix) Ser correct byte prefix for SlashLogKey [#786](https://github.com/cosmos/interchain-security/pull/786) +* (chore) add Makefile target to generate mocks [#769](https://github.com/cosmos/interchain-security/pull/769) +* (deps) Bump github.com/golang/protobuf from 1.5.2 to 1.5.3 [#779](https://github.com/cosmos/interchain-security/pull/779) +* (deps) Bump github.com/tidwall/gjson from 1.14.0 to 1.14.4 [#776](https://github.com/cosmos/interchain-security/pull/776) +* (deps) Bump actions/checkout from 2 to 3 [#775](https://github.com/cosmos/interchain-security/pull/775) +* (deps) Bump actions/setup-go from 2 to 3 [#774](https://github.com/cosmos/interchain-security/pull/774) +* (feature) Improve keeper field validation [#766](https://github.com/cosmos/interchain-security/pull/766) +* (deps) Bump json5 from 2.2.1 to 2.2.3 in /tests/difference/core/model [#762](https://github.com/cosmos/interchain-security/pull/762) +* (deps) Bump golang.org/x/net from 0.5.0 to 0.7.0 [#763](https://github.com/cosmos/interchain-security/pull/763) +* (chore) Add depedabot config [#764](https://github.com/cosmos/interchain-security/pull/764) +* (chore) disable sonarcloud on dependabot PRs and forks [#768](https://github.com/cosmos/interchain-security/pull/768) +* (chore) revert build.yml changes [#767](https://github.com/cosmos/interchain-security/pull/767) +* (chore) update build.yml [commit](https://github.com/cosmos/interchain-security/commit/019f70fa7e83bd29ab94f4d1da77ba7aa49bba9c) +* (docs) Tidy docs directory [#758](https://github.com/cosmos/interchain-security/pull/758) +* (docs) Update issue template [#755](https://github.com/cosmos/interchain-security/pull/755) +* (testing) gaia docker tests with custom sdk [#737](https://github.com/cosmos/interchain-security/pull/737) +* (testing) gaia as provider in docker tests [#735](https://github.com/cosmos/interchain-security/pull/735) +* (docs) Contributing guidelines [#744](https://github.com/cosmos/interchain-security/pull/744) +* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725) +* (refactor) Update protos and fix deps [#752](https://github.com/cosmos/interchain-security/pull/752) +* (api) Add consumer QueryParams [#746](https://github.com/cosmos/interchain-security/pull/746) +* (fix) Nits from audit [#743](https://github.com/cosmos/interchain-security/pull/743) +* (feature) New validation for keeper fields [#740](https://github.com/cosmos/interchain-security/pull/740) + ## v1.2.0-multiden The first release candidate for a fix built on top of v1.2.0, intended for consumers. This release adds a list of denoms on the consumer that are allowed to be sent to the provider as rewards. This prevents a potential DOS attack that was discovered during the audit of Replicated Security performed by Oak Security and funded by the Cosmos Hub community through Proposal 687. In an effort to move quickly, this release also includes a multisig fix that is effective only for provider. It shouldn't affect the consumer module. From ae3fbbac3cdc309b5cc492d646487eb8681596b0 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 15:54:53 -0700 Subject: [PATCH 06/14] another progress save --- CHANGELOG.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 46fadf71b9..e0e91f958b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,25 @@ Note: Some PRs in the unreleased section may reappear from the released sections The ICS v1.3.0 release will be based on the main branch, and will not have this issue. v1.3.0 will also contain all the accumulated PRs from the various releases below. After v1.3.0, we plan to revamp release practices, and how we modularize the repo for consumer/provider. +TODO: Feature EPICs that were completed and will be added within the next release (standalone to consumer, soft opt out, etc.) + +* (chore) fix makefile [#837](https://github.com/cosmos/interchain-security/pull/837) +* (deps) Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 [#834](https://github.com/cosmos/interchain-security/pull/834) +* (deps) bump IBC to v4.3.0 [#823](https://github.com/cosmos/interchain-security/pull/823) +* (docs) fix typos and broken links [#829](https://github.com/cosmos/interchain-security/pull/829) +* (refactor) more linting [#820](https://github.com/cosmos/interchain-security/pull/820) +* (refactor) linting [#810](https://github.com/cosmos/interchain-security/pull/810) +* (refactor) Remove spm module [#812](https://github.com/cosmos/interchain-security/pull/812) +* (feat) Standalone to consumer changeover part 1 [#757](https://github.com/cosmos/interchain-security/pull/757) +* (deps) Bump webpack from 5.75.0 to 5.76.3 in /docs [#797](https://github.com/cosmos/interchain-security/pull/797) +* (chore) Swap names of e2e and integration tests [#681](https://github.com/cosmos/interchain-security/pull/681) +* (testing) Improved key tests [#787](https://github.com/cosmos/interchain-security/pull/787) +* (chore) Change automated test run policy to run on pull req [#807](https://github.com/cosmos/interchain-security/pull/807) +* (docs) Update consume chain governance documentation [commit](https://github.com/cosmos/interchain-security/commit/9c25ab51dc1c0311bd036935bab7478e6a2f2b71) +* (fix) fix fix StopConsumerChain not running in cachedContext [#802](https://github.com/cosmos/interchain-security/pull/802). Also in earlier releases with different commit order! +* (docs) Introduce docs website [#759](https://github.com/cosmos/interchain-security/pull/759) +* (deps) Bump google.golang.org/protobuf from 1.28.2-0.20220831092852-f930b1dc76e8 to 1.30.0 [#793](https://github.com/cosmos/interchain-security/pull/793) +* (deps) Bump actions/setup-go from 3 to 4 [#792](https://github.com/cosmos/interchain-security/pull/792) * (fix) Ser correct byte prefix for SlashLogKey [#786](https://github.com/cosmos/interchain-security/pull/786) * (chore) add Makefile target to generate mocks [#769](https://github.com/cosmos/interchain-security/pull/769) * (deps) Bump github.com/golang/protobuf from 1.5.2 to 1.5.3 [#779](https://github.com/cosmos/interchain-security/pull/779) From 2e128d0a54f378389012226cbcd0ac77a8b6697b Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Thu, 11 May 2023 16:00:43 -0700 Subject: [PATCH 07/14] progress save --- CHANGELOG.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e0e91f958b..5475f7ee0e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ The ICS v1.3.0 release will be based on the main branch, and will not have this TODO: Feature EPICs that were completed and will be added within the next release (standalone to consumer, soft opt out, etc.) +* (deps) Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 [#854](https://github.com/cosmos/interchain-security/pull/854) +* (feat) Standalone to consumer changeover - staking functionalities [#794](https://github.com/cosmos/interchain-security/pull/794) +* (fix) prevent provider from sending VSCPackets with multiple updates for the same validator [#850](https://github.com/cosmos/interchain-security/pull/850) +* (docs) code and docs mismatch [#844](https://github.com/cosmos/interchain-security/pull/844) +* (testing) Use caching in dockerfiles [#843](https://github.com/cosmos/interchain-security/pull/843) +* (feat) Soft opt out [#833](https://github.com/cosmos/interchain-security/issues/833) +* (fix) Correctly handle VSC packet with duplicate val updates on consumer [#846](https://github.com/cosmos/interchain-security/pull/846) +* (deps) bump sdk to v0.45.15.ics [#805](https://github.com/cosmos/interchain-security/pull/805) +* (refactor) Remove starport config [#841](https://github.com/cosmos/interchain-security/pull/841) +* (refactor) Remove RegisterSdkCryptoCodecInterfaces [#838](https://github.com/cosmos/interchain-security/pull/838) * (chore) fix makefile [#837](https://github.com/cosmos/interchain-security/pull/837) * (deps) Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 [#834](https://github.com/cosmos/interchain-security/pull/834) * (deps) bump IBC to v4.3.0 [#823](https://github.com/cosmos/interchain-security/pull/823) From 6220ff276a8c9afd3a20c108c64f96724d52e85e Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Fri, 12 May 2023 10:06:14 -0700 Subject: [PATCH 08/14] done --- CHANGELOG.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5475f7ee0e..efeb14dacf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,30 @@ The ICS v1.3.0 release will be based on the main branch, and will not have this TODO: Feature EPICs that were completed and will be added within the next release (standalone to consumer, soft opt out, etc.) +* (deps) Bump hermes [#921](https://github.com/cosmos/interchain-security/pull/921) +* (deps) bump gaurav-nelson/github-action-markdown-link-check from 1.0.13 to 1.0.15 [#928](https://github.com/cosmos/interchain-security/pull/928) +* (chore) update codeowners [#892](https://github.com/cosmos/interchain-security/pull/892) +* (fix) multisig for assigning consumer key, use json [#916](https://github.com/cosmos/interchain-security/pull/916) +* (chore) update golangci-lint configuration [#914](https://github.com/cosmos/interchain-security/pull/914) +* (ci) add check for markdown links [#912](https://github.com/cosmos/interchain-security/issues/912) +* (docs) Update links, update docs on withdraw rewards [#910](https://github.com/cosmos/interchain-security/pull/910) +* (chore) buf.yaml should specify the repository [#872](https://github.com/cosmos/interchain-security/pull/872) +* (deps) Bump github.com/cosmos/ibc-go/v4 from 4.3.0 to 4.4.0 [#902](https://github.com/cosmos/interchain-security/pull/902) +* (feat) Add warnings when provider unbonding is shorter than consumer unbonding [#858](https://github.com/cosmos/interchain-security/pull/858) +* (chore) use go 1.19 [#899](https://github.com/cosmos/interchain-security/pull/899) +* (docs) guidelines on large contributions and feature branches [#868](https://github.com/cosmos/interchain-security/pull/868) +* (docs) Create security doc [#871](https://github.com/cosmos/interchain-security/pull/871) +* (docs) Update contributing guidelines [#859](https://github.com/cosmos/interchain-security/pull/859) +* (docs) fix comment [#863](https://github.com/cosmos/interchain-security/pull/863) +* (chore) Various linting config changes [#860](https://github.com/cosmos/interchain-security/pull/860) +* (feat) Standalone to consumer changeover - recycle existing transfer channel [#832](https://github.com/cosmos/interchain-security/pull/832) +* (deps) Bump IBC [862](https://github.com/cosmos/interchain-security/pull/862) +* (testing) Add tests for soft opt out [#857](https://github.com/cosmos/interchain-security/pull/857) +* (chore) Use go 1.20 [#840](https://github.com/cosmos/interchain-security/pull/840) +* (chore) fix make proto-update-deps [#830](https://github.com/cosmos/interchain-security/pull/830) +* (refactor) Remove GenPubKey [#839](https://github.com/cosmos/interchain-security/pull/839) +* (refactor) Move /utils to /types [#856](https://github.com/cosmos/interchain-security/pull/856) +* (deps) Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 [#855](https://github.com/cosmos/interchain-security/pull/855) * (deps) Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 [#854](https://github.com/cosmos/interchain-security/pull/854) * (feat) Standalone to consumer changeover - staking functionalities [#794](https://github.com/cosmos/interchain-security/pull/794) * (fix) prevent provider from sending VSCPackets with multiple updates for the same validator [#850](https://github.com/cosmos/interchain-security/pull/850) From 3d4ae27d8f799b1c2bf8b716b6b3f38e3b8c4750 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Fri, 12 May 2023 14:23:53 -0700 Subject: [PATCH 09/14] Update CHANGELOG.md --- CHANGELOG.md | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index efeb14dacf..3c6103a63f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,11 +2,26 @@ ## [Unreleased] -Note: Some PRs in the unreleased section may reappear from the released sections of some releases below. This is due to the fact that ICS v1.1.0 deviates from the commit ordering of the main branch, and all other releases thereafter are based on v1.1.0. +Add an entry to the unreleased section whenever merging a PR to main that is not targeted at a specific release. These entries will eventually be included in a release. -The ICS v1.3.0 release will be based on the main branch, and will not have this issue. v1.3.0 will also contain all the accumulated PRs from the various releases below. After v1.3.0, we plan to revamp release practices, and how we modularize the repo for consumer/provider. +## v.1.3.0 -TODO: Feature EPICs that were completed and will be added within the next release (standalone to consumer, soft opt out, etc.) +Date: May 12th, 2023 + +Unlike prior releases, the ICS v1.3.0 release will be based on the main branch. v1.3.0 will contain all the accumulated PRs from the various releases below, along with other PRs that were merged, but not released to production. After v1.3.0, we plan to revamp release practices, and how we modularize the repo for consumer/provider. + +Some PRs from v1.3.0 may reappear from other releases below. This is due to the fact that ICS v1.1.0 deviates from the commit ordering of the main branch, and other releases thereafter are based on v1.1.0. + +### High level changes included in v1.3.0 + +* MVP for standalone to consumer changeover, see [EPIC](https://github.com/cosmos/interchain-security/issues/756) +* MVP for soft opt out, see [EPIC](https://github.com/cosmos/interchain-security/issues/851) +* Various fixes, critical and non-critical +* Docs updates which should not affect production code + +## PRs included in v1.3.0 + +TODO: entry for https://github.com/cosmos/interchain-security/pull/931 once it's merged. * (deps) Bump hermes [#921](https://github.com/cosmos/interchain-security/pull/921) * (deps) bump gaurav-nelson/github-action-markdown-link-check from 1.0.13 to 1.0.15 [#928](https://github.com/cosmos/interchain-security/pull/928) From 3b63243264917525d378abd5d2461288bdecdcc8 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Mon, 15 May 2023 20:47:54 -0700 Subject: [PATCH 10/14] add denom dos entry --- CHANGELOG.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3c6103a63f..fbc6d7ed0a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,8 +21,7 @@ Some PRs from v1.3.0 may reappear from other releases below. This is due to the ## PRs included in v1.3.0 -TODO: entry for https://github.com/cosmos/interchain-security/pull/931 once it's merged. - +* (fix) Prevent denom DOS [#931](https://github.com/cosmos/interchain-security/pull/931) * (deps) Bump hermes [#921](https://github.com/cosmos/interchain-security/pull/921) * (deps) bump gaurav-nelson/github-action-markdown-link-check from 1.0.13 to 1.0.15 [#928](https://github.com/cosmos/interchain-security/pull/928) * (chore) update codeowners [#892](https://github.com/cosmos/interchain-security/pull/892) From 04b258212480b96c9f9c1b4a6ba0a084e316c6c8 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Mon, 15 May 2023 21:01:18 -0700 Subject: [PATCH 11/14] remove extraneous changelog entries --- CHANGELOG.md | 56 +++------------------------------------------------- 1 file changed, 3 insertions(+), 53 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fbc6d7ed0a..807eee31d3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,77 +22,27 @@ Some PRs from v1.3.0 may reappear from other releases below. This is due to the ## PRs included in v1.3.0 * (fix) Prevent denom DOS [#931](https://github.com/cosmos/interchain-security/pull/931) -* (deps) Bump hermes [#921](https://github.com/cosmos/interchain-security/pull/921) -* (deps) bump gaurav-nelson/github-action-markdown-link-check from 1.0.13 to 1.0.15 [#928](https://github.com/cosmos/interchain-security/pull/928) -* (chore) update codeowners [#892](https://github.com/cosmos/interchain-security/pull/892) * (fix) multisig for assigning consumer key, use json [#916](https://github.com/cosmos/interchain-security/pull/916) -* (chore) update golangci-lint configuration [#914](https://github.com/cosmos/interchain-security/pull/914) -* (ci) add check for markdown links [#912](https://github.com/cosmos/interchain-security/issues/912) -* (docs) Update links, update docs on withdraw rewards [#910](https://github.com/cosmos/interchain-security/pull/910) -* (chore) buf.yaml should specify the repository [#872](https://github.com/cosmos/interchain-security/pull/872) -* (deps) Bump github.com/cosmos/ibc-go/v4 from 4.3.0 to 4.4.0 [#902](https://github.com/cosmos/interchain-security/pull/902) * (feat) Add warnings when provider unbonding is shorter than consumer unbonding [#858](https://github.com/cosmos/interchain-security/pull/858) * (chore) use go 1.19 [#899](https://github.com/cosmos/interchain-security/pull/899) -* (docs) guidelines on large contributions and feature branches [#868](https://github.com/cosmos/interchain-security/pull/868) -* (docs) Create security doc [#871](https://github.com/cosmos/interchain-security/pull/871) -* (docs) Update contributing guidelines [#859](https://github.com/cosmos/interchain-security/pull/859) -* (docs) fix comment [#863](https://github.com/cosmos/interchain-security/pull/863) -* (chore) Various linting config changes [#860](https://github.com/cosmos/interchain-security/pull/860) * (feat) Standalone to consumer changeover - recycle existing transfer channel [#832](https://github.com/cosmos/interchain-security/pull/832) * (deps) Bump IBC [862](https://github.com/cosmos/interchain-security/pull/862) -* (testing) Add tests for soft opt out [#857](https://github.com/cosmos/interchain-security/pull/857) * (chore) Use go 1.20 [#840](https://github.com/cosmos/interchain-security/pull/840) -* (chore) fix make proto-update-deps [#830](https://github.com/cosmos/interchain-security/pull/830) -* (refactor) Remove GenPubKey [#839](https://github.com/cosmos/interchain-security/pull/839) -* (refactor) Move /utils to /types [#856](https://github.com/cosmos/interchain-security/pull/856) -* (deps) Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 [#855](https://github.com/cosmos/interchain-security/pull/855) -* (deps) Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 [#854](https://github.com/cosmos/interchain-security/pull/854) * (feat) Standalone to consumer changeover - staking functionalities [#794](https://github.com/cosmos/interchain-security/pull/794) * (fix) prevent provider from sending VSCPackets with multiple updates for the same validator [#850](https://github.com/cosmos/interchain-security/pull/850) -* (docs) code and docs mismatch [#844](https://github.com/cosmos/interchain-security/pull/844) -* (testing) Use caching in dockerfiles [#843](https://github.com/cosmos/interchain-security/pull/843) * (feat) Soft opt out [#833](https://github.com/cosmos/interchain-security/issues/833) * (fix) Correctly handle VSC packet with duplicate val updates on consumer [#846](https://github.com/cosmos/interchain-security/pull/846) * (deps) bump sdk to v0.45.15.ics [#805](https://github.com/cosmos/interchain-security/pull/805) -* (refactor) Remove starport config [#841](https://github.com/cosmos/interchain-security/pull/841) -* (refactor) Remove RegisterSdkCryptoCodecInterfaces [#838](https://github.com/cosmos/interchain-security/pull/838) -* (chore) fix makefile [#837](https://github.com/cosmos/interchain-security/pull/837) -* (deps) Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 [#834](https://github.com/cosmos/interchain-security/pull/834) -* (deps) bump IBC to v4.3.0 [#823](https://github.com/cosmos/interchain-security/pull/823) -* (docs) fix typos and broken links [#829](https://github.com/cosmos/interchain-security/pull/829) -* (refactor) more linting [#820](https://github.com/cosmos/interchain-security/pull/820) -* (refactor) linting [#810](https://github.com/cosmos/interchain-security/pull/810) * (refactor) Remove spm module [#812](https://github.com/cosmos/interchain-security/pull/812) * (feat) Standalone to consumer changeover part 1 [#757](https://github.com/cosmos/interchain-security/pull/757) -* (deps) Bump webpack from 5.75.0 to 5.76.3 in /docs [#797](https://github.com/cosmos/interchain-security/pull/797) * (chore) Swap names of e2e and integration tests [#681](https://github.com/cosmos/interchain-security/pull/681) -* (testing) Improved key tests [#787](https://github.com/cosmos/interchain-security/pull/787) -* (chore) Change automated test run policy to run on pull req [#807](https://github.com/cosmos/interchain-security/pull/807) -* (docs) Update consume chain governance documentation [commit](https://github.com/cosmos/interchain-security/commit/9c25ab51dc1c0311bd036935bab7478e6a2f2b71) -* (fix) fix fix StopConsumerChain not running in cachedContext [#802](https://github.com/cosmos/interchain-security/pull/802). Also in earlier releases with different commit order! +* (fix) fix StopConsumerChain not running in cachedContext [#802](https://github.com/cosmos/interchain-security/pull/802). Also in earlier releases with different commit order! * (docs) Introduce docs website [#759](https://github.com/cosmos/interchain-security/pull/759) -* (deps) Bump google.golang.org/protobuf from 1.28.2-0.20220831092852-f930b1dc76e8 to 1.30.0 [#793](https://github.com/cosmos/interchain-security/pull/793) -* (deps) Bump actions/setup-go from 3 to 4 [#792](https://github.com/cosmos/interchain-security/pull/792) * (fix) Ser correct byte prefix for SlashLogKey [#786](https://github.com/cosmos/interchain-security/pull/786) -* (chore) add Makefile target to generate mocks [#769](https://github.com/cosmos/interchain-security/pull/769) -* (deps) Bump github.com/golang/protobuf from 1.5.2 to 1.5.3 [#779](https://github.com/cosmos/interchain-security/pull/779) -* (deps) Bump github.com/tidwall/gjson from 1.14.0 to 1.14.4 [#776](https://github.com/cosmos/interchain-security/pull/776) -* (deps) Bump actions/checkout from 2 to 3 [#775](https://github.com/cosmos/interchain-security/pull/775) -* (deps) Bump actions/setup-go from 2 to 3 [#774](https://github.com/cosmos/interchain-security/pull/774) * (feature) Improve keeper field validation [#766](https://github.com/cosmos/interchain-security/pull/766) -* (deps) Bump json5 from 2.2.1 to 2.2.3 in /tests/difference/core/model [#762](https://github.com/cosmos/interchain-security/pull/762) -* (deps) Bump golang.org/x/net from 0.5.0 to 0.7.0 [#763](https://github.com/cosmos/interchain-security/pull/763) -* (chore) Add depedabot config [#764](https://github.com/cosmos/interchain-security/pull/764) -* (chore) disable sonarcloud on dependabot PRs and forks [#768](https://github.com/cosmos/interchain-security/pull/768) -* (chore) revert build.yml changes [#767](https://github.com/cosmos/interchain-security/pull/767) -* (chore) update build.yml [commit](https://github.com/cosmos/interchain-security/commit/019f70fa7e83bd29ab94f4d1da77ba7aa49bba9c) -* (docs) Tidy docs directory [#758](https://github.com/cosmos/interchain-security/pull/758) -* (docs) Update issue template [#755](https://github.com/cosmos/interchain-security/pull/755) -* (testing) gaia docker tests with custom sdk [#737](https://github.com/cosmos/interchain-security/pull/737) -* (testing) gaia as provider in docker tests [#735](https://github.com/cosmos/interchain-security/pull/735) * (docs) Contributing guidelines [#744](https://github.com/cosmos/interchain-security/pull/744) -* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725) -* (refactor) Update protos and fix deps [#752](https://github.com/cosmos/interchain-security/pull/752) +* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725). Note this is technically a refactor but is a large enough change to be included in changelog +* (fix) Update protos and fix deps [#752](https://github.com/cosmos/interchain-security/pull/752) * (api) Add consumer QueryParams [#746](https://github.com/cosmos/interchain-security/pull/746) * (fix) Nits from audit [#743](https://github.com/cosmos/interchain-security/pull/743) * (feature) New validation for keeper fields [#740](https://github.com/cosmos/interchain-security/pull/740) From 11947766f6504245b48d48dcbae8dc27833377a3 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Tue, 16 May 2023 11:13:55 -0700 Subject: [PATCH 12/14] restore a couple entries --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 807eee31d3..f9deed3249 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,10 +23,12 @@ Some PRs from v1.3.0 may reappear from other releases below. This is due to the * (fix) Prevent denom DOS [#931](https://github.com/cosmos/interchain-security/pull/931) * (fix) multisig for assigning consumer key, use json [#916](https://github.com/cosmos/interchain-security/pull/916) +* (deps) Bump github.com/cosmos/ibc-go/v4 from 4.3.0 to 4.4.0 [#902](https://github.com/cosmos/interchain-security/pull/902) * (feat) Add warnings when provider unbonding is shorter than consumer unbonding [#858](https://github.com/cosmos/interchain-security/pull/858) * (chore) use go 1.19 [#899](https://github.com/cosmos/interchain-security/pull/899) * (feat) Standalone to consumer changeover - recycle existing transfer channel [#832](https://github.com/cosmos/interchain-security/pull/832) * (deps) Bump IBC [862](https://github.com/cosmos/interchain-security/pull/862) +* (testing) Add tests for soft opt out [#857](https://github.com/cosmos/interchain-security/pull/857) * (chore) Use go 1.20 [#840](https://github.com/cosmos/interchain-security/pull/840) * (feat) Standalone to consumer changeover - staking functionalities [#794](https://github.com/cosmos/interchain-security/pull/794) * (fix) prevent provider from sending VSCPackets with multiple updates for the same validator [#850](https://github.com/cosmos/interchain-security/pull/850) From ef3f1dc50dcbf5a000d0c45231cfdff1a70e8c6f Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Tue, 16 May 2023 11:17:09 -0700 Subject: [PATCH 13/14] Changes from PR review --- CHANGELOG.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f9deed3249..e23492d858 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,11 +25,10 @@ Some PRs from v1.3.0 may reappear from other releases below. This is due to the * (fix) multisig for assigning consumer key, use json [#916](https://github.com/cosmos/interchain-security/pull/916) * (deps) Bump github.com/cosmos/ibc-go/v4 from 4.3.0 to 4.4.0 [#902](https://github.com/cosmos/interchain-security/pull/902) * (feat) Add warnings when provider unbonding is shorter than consumer unbonding [#858](https://github.com/cosmos/interchain-security/pull/858) -* (chore) use go 1.19 [#899](https://github.com/cosmos/interchain-security/pull/899) +* (chore) use go 1.19 [#899](https://github.com/cosmos/interchain-security/pull/899), [#840](https://github.com/cosmos/interchain-security/pull/840) * (feat) Standalone to consumer changeover - recycle existing transfer channel [#832](https://github.com/cosmos/interchain-security/pull/832) * (deps) Bump IBC [862](https://github.com/cosmos/interchain-security/pull/862) * (testing) Add tests for soft opt out [#857](https://github.com/cosmos/interchain-security/pull/857) -* (chore) Use go 1.20 [#840](https://github.com/cosmos/interchain-security/pull/840) * (feat) Standalone to consumer changeover - staking functionalities [#794](https://github.com/cosmos/interchain-security/pull/794) * (fix) prevent provider from sending VSCPackets with multiple updates for the same validator [#850](https://github.com/cosmos/interchain-security/pull/850) * (feat) Soft opt out [#833](https://github.com/cosmos/interchain-security/issues/833) @@ -40,13 +39,12 @@ Some PRs from v1.3.0 may reappear from other releases below. This is due to the * (chore) Swap names of e2e and integration tests [#681](https://github.com/cosmos/interchain-security/pull/681) * (fix) fix StopConsumerChain not running in cachedContext [#802](https://github.com/cosmos/interchain-security/pull/802). Also in earlier releases with different commit order! * (docs) Introduce docs website [#759](https://github.com/cosmos/interchain-security/pull/759) -* (fix) Ser correct byte prefix for SlashLogKey [#786](https://github.com/cosmos/interchain-security/pull/786) +* (fix) Serialize correct byte prefix for SlashLogKey [#786](https://github.com/cosmos/interchain-security/pull/786) * (feature) Improve keeper field validation [#766](https://github.com/cosmos/interchain-security/pull/766) * (docs) Contributing guidelines [#744](https://github.com/cosmos/interchain-security/pull/744) -* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725). Note this is technically a refactor but is a large enough change to be included in changelog +* (refactor) Key assignment type safety [#725](https://github.com/cosmos/interchain-security/pull/725) * (fix) Update protos and fix deps [#752](https://github.com/cosmos/interchain-security/pull/752) * (api) Add consumer QueryParams [#746](https://github.com/cosmos/interchain-security/pull/746) -* (fix) Nits from audit [#743](https://github.com/cosmos/interchain-security/pull/743) * (feature) New validation for keeper fields [#740](https://github.com/cosmos/interchain-security/pull/740) ## v1.2.0-multiden From 012c9bef3a3aa33d137966d69d6f813110c82703 Mon Sep 17 00:00:00 2001 From: Shawn <44221603+smarshall-spitzbart@users.noreply.github.com> Date: Wed, 17 May 2023 09:02:12 -0700 Subject: [PATCH 14/14] add entry for 963 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e23492d858..7cc75efe60 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ Some PRs from v1.3.0 may reappear from other releases below. This is due to the ## PRs included in v1.3.0 +* (fix) consumer key prefix order to avoid complex migrations [#963](https://github.com/cosmos/interchain-security/pull/963) * (fix) Prevent denom DOS [#931](https://github.com/cosmos/interchain-security/pull/931) * (fix) multisig for assigning consumer key, use json [#916](https://github.com/cosmos/interchain-security/pull/916) * (deps) Bump github.com/cosmos/ibc-go/v4 from 4.3.0 to 4.4.0 [#902](https://github.com/cosmos/interchain-security/pull/902)