Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Introduce sig block height for the new replay protection #265

Merged
merged 13 commits into from
Jul 14, 2021

Conversation

egonspace
Copy link

@egonspace egonspace commented Jul 7, 2021

Description

Introduce sig block height to be added to tx body that is included to sign bytes.
And I removed account number concept.
This PR includes following features.

  • sig block height field in tx body
  • add the configuration VALID_SIG_BLOCK_PREIOD that limits how old the sig block height from current.
  • removed account number
  • linked empty tx of auth module to main app
  • unknown account may send tx (it can pass the signature verification of ante handler)
  • fix a bug that --offline flag of broadcast command does not work.

closes: #258

How to use

simd tx bank send link1u02ad8y2k6c8y94fhc38wm9t2pvzr90t8wlecp link19wgf6ymq2ur6r59st95e04e49m69z4al4fc982 1stake --chain-id sim --keyring-backend test --sig-block-height 100
// Of course, it is possible to omit --sig-block-height here. If you omit it, then the node use current block height as that value
// But you should specify sig-block-height to use --generate-only or --offline flag.

To test sending tx from unknown account

simd tx auth empty link1u02ad8y2k6c8y94fhc38wm9t2pvzr90t8wlecp --chain-id sim --keyring-backend test
// It's possible the account link1u02ad8y2k6c8y94fhc38wm9t2pvzr90t8wlecp is not on the chain at this moment.

Configuration

We can configure valid_sig_block_period of auth param by modifying genesis.json
This configuration property limits how much older the value of the sig block height can be than the current block height.
The default value is 100.

"auth": {
      "params": {
        "max_memo_characters": "256",
        "tx_sig_limit": "7",
        "tx_size_cost_per_byte": "10",
        "sig_verify_cost_ed25519": "590",
        "sig_verify_cost_secp256k1": "1000",
        "valid_sig_block_period": "100"
      },
      "accounts": []

Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.

  • Targeted PR against correct branch (see CONTRIBUTING.md)
  • Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
  • Code follows the module structure standards.
  • Wrote unit and integration tests
  • Updated relevant documentation (docs/) or specification (x/<module>/spec/)
  • Added relevant godoc comments.
  • Added a relevant changelog entry to the Unreleased section in CHANGELOG.md
  • Re-reviewed Files changed in the Github PR explorer
  • Review Codecov Report in the comment section below once CI passes

@egonspace egonspace self-assigned this Jul 7, 2021
@egonspace egonspace added this to the CBDC functional requirements milestone Jul 7, 2021
@codecov
Copy link

codecov bot commented Jul 7, 2021

Codecov Report

❗ No coverage uploaded for pull request base (main@d0aa5a6). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #265   +/-   ##
=======================================
  Coverage        ?   53.33%           
=======================================
  Files           ?      639           
  Lines           ?    46816           
  Branches        ?        0           
=======================================
  Hits            ?    24969           
  Misses          ?    18995           
  Partials        ?     2852           

@CLAassistant
Copy link

CLAassistant commented Jul 7, 2021

CLA assistant check
All committers have signed the CLA.

@egonspace egonspace changed the title feat: introduce sig block height for a tx body field. feat: Introduce sig block height for the new replay protection Jul 7, 2021
x/auth/ante/fee.go Outdated Show resolved Hide resolved
x/auth/ante/sigverify.go Outdated Show resolved Hide resolved
x/auth/ante/basic.go Show resolved Hide resolved
Copy link
Contributor

@whylee259 whylee259 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@egonspace egonspace merged commit c1c71f1 into main Jul 14, 2021
@egonspace egonspace deleted the egon/feat/sign_block_height branch July 14, 2021 06:54
iproudhon pushed a commit that referenced this pull request Jul 14, 2021
* feat: sign block height-work1

* feat: implement sig block height; work-1

* feat: implement sig block height; work-2

* fix: make send command to require sequence flag when it is on offline mode

* fix: unknown account may send tx

* fix: lint error

* fix: modify comment

* fix: self review

* docs: update changelog

* fix: apply comment
@zemyblue zemyblue mentioned this pull request Feb 10, 2022
4 tasks
zemyblue added a commit to zemyblue/finschia-sdk that referenced this pull request Feb 11, 2022
Finschia#265)"

This reverts commit c1c71f1.

# Conflicts:
#	CHANGELOG.md
#	baseapp/msg_service_router_test.go
#	client/tx/tx.go
#	codec/amino_codec_test.go
#	docs/core/proto-docs.md
#	proto/lbm/auth/v1/auth.proto
#	server/grpc/server_test.go
#	simapp/genesis_account_test.go
#	simapp/test_helpers.go
#	testutil/testdata/unknonwnproto.pb.go
#	types/errors/errors.go
#	types/grpc/headers.go
#	types/rest/rest_test.go
#	types/tx/tx.pb.go
#	types/tx/types.go
#	x/auth/ante/ante.go
#	x/auth/ante/ante_test.go
#	x/auth/ante/sigverify_test.go
#	x/auth/ante/testutil_test.go
#	x/auth/client/cli/cli_test.go
#	x/auth/keeper/keeper.go
#	x/auth/legacy/legacytx/amino_signing_test.go
#	x/auth/signing/handler_map_test.go
#	x/auth/signing/verify_test.go
#	x/auth/simulation/decoder.go
#	x/auth/simulation/genesis.go
#	x/auth/tx/builder.go
#	x/auth/tx/direct_test.go
#	x/auth/tx/legacy_amino_json_test.go
#	x/auth/types/account.go
#	x/auth/types/account_retriever.go
#	x/auth/types/account_test.go
#	x/auth/types/auth.pb.go
#	x/auth/types/params.go
#	x/auth/vesting/types/vesting_account.go
#	x/auth/vesting/types/vesting_account_test.go
#	x/evidence/keeper/keeper_test.go
#	x/ibc/testing/chain.go
#	x/wasm/keeper/keeper_test.go
#	x/wasm/keeper/submsg_test.go
zemyblue added a commit to zemyblue/finschia-sdk that referenced this pull request Feb 11, 2022
Finschia#265)"

This reverts commit c1c71f1.

# Conflicts:
#	CHANGELOG.md
#	baseapp/msg_service_router_test.go
#	client/tx/tx.go
#	codec/amino_codec_test.go
#	docs/core/proto-docs.md
#	proto/lbm/auth/v1/auth.proto
#	server/grpc/server_test.go
#	simapp/genesis_account_test.go
#	simapp/test_helpers.go
#	testutil/testdata/unknonwnproto.pb.go
#	types/errors/errors.go
#	types/grpc/headers.go
#	types/rest/rest_test.go
#	types/tx/tx.pb.go
#	types/tx/types.go
#	x/auth/ante/ante.go
#	x/auth/ante/ante_test.go
#	x/auth/ante/sigverify_test.go
#	x/auth/ante/testutil_test.go
#	x/auth/client/cli/cli_test.go
#	x/auth/keeper/keeper.go
#	x/auth/legacy/legacytx/amino_signing_test.go
#	x/auth/signing/handler_map_test.go
#	x/auth/signing/verify_test.go
#	x/auth/simulation/decoder.go
#	x/auth/simulation/genesis.go
#	x/auth/tx/builder.go
#	x/auth/tx/direct_test.go
#	x/auth/tx/legacy_amino_json_test.go
#	x/auth/types/account.go
#	x/auth/types/account_retriever.go
#	x/auth/types/account_test.go
#	x/auth/types/auth.pb.go
#	x/auth/types/params.go
#	x/auth/vesting/types/vesting_account.go
#	x/auth/vesting/types/vesting_account_test.go
#	x/evidence/keeper/keeper_test.go
#	x/ibc/testing/chain.go
#	x/wasm/keeper/keeper_test.go
#	x/wasm/keeper/submsg_test.go
@zemyblue zemyblue mentioned this pull request Feb 11, 2022
5 tasks
zemyblue added a commit that referenced this pull request Feb 16, 2022
* Revert "feat: Introduce sig block height for the new replay protection (#265)"

This reverts commit c1c71f1.

# Conflicts:
#	CHANGELOG.md
#	baseapp/msg_service_router_test.go
#	client/tx/tx.go
#	codec/amino_codec_test.go
#	docs/core/proto-docs.md
#	proto/lbm/auth/v1/auth.proto
#	server/grpc/server_test.go
#	simapp/genesis_account_test.go
#	simapp/test_helpers.go
#	testutil/testdata/unknonwnproto.pb.go
#	types/errors/errors.go
#	types/grpc/headers.go
#	types/rest/rest_test.go
#	types/tx/tx.pb.go
#	types/tx/types.go
#	x/auth/ante/ante.go
#	x/auth/ante/ante_test.go
#	x/auth/ante/sigverify_test.go
#	x/auth/ante/testutil_test.go
#	x/auth/client/cli/cli_test.go
#	x/auth/keeper/keeper.go
#	x/auth/legacy/legacytx/amino_signing_test.go
#	x/auth/signing/handler_map_test.go
#	x/auth/signing/verify_test.go
#	x/auth/simulation/decoder.go
#	x/auth/simulation/genesis.go
#	x/auth/tx/builder.go
#	x/auth/tx/direct_test.go
#	x/auth/tx/legacy_amino_json_test.go
#	x/auth/types/account.go
#	x/auth/types/account_retriever.go
#	x/auth/types/account_test.go
#	x/auth/types/auth.pb.go
#	x/auth/types/params.go
#	x/auth/vesting/types/vesting_account.go
#	x/auth/vesting/types/vesting_account_test.go
#	x/evidence/keeper/keeper_test.go
#	x/ibc/testing/chain.go
#	x/wasm/keeper/keeper_test.go
#	x/wasm/keeper/submsg_test.go

* Revert "feat: Introduce sig block height for the new replay protection (#265)"

This reverts commit c1c71f1.

# Conflicts:
#	CHANGELOG.md
#	baseapp/msg_service_router_test.go
#	client/tx/tx.go
#	codec/amino_codec_test.go
#	docs/core/proto-docs.md
#	proto/lbm/auth/v1/auth.proto
#	server/grpc/server_test.go
#	simapp/genesis_account_test.go
#	simapp/test_helpers.go
#	testutil/testdata/unknonwnproto.pb.go
#	types/errors/errors.go
#	types/grpc/headers.go
#	types/rest/rest_test.go
#	types/tx/tx.pb.go
#	types/tx/types.go
#	x/auth/ante/ante.go
#	x/auth/ante/ante_test.go
#	x/auth/ante/sigverify_test.go
#	x/auth/ante/testutil_test.go
#	x/auth/client/cli/cli_test.go
#	x/auth/keeper/keeper.go
#	x/auth/legacy/legacytx/amino_signing_test.go
#	x/auth/signing/handler_map_test.go
#	x/auth/signing/verify_test.go
#	x/auth/simulation/decoder.go
#	x/auth/simulation/genesis.go
#	x/auth/tx/builder.go
#	x/auth/tx/direct_test.go
#	x/auth/tx/legacy_amino_json_test.go
#	x/auth/types/account.go
#	x/auth/types/account_retriever.go
#	x/auth/types/account_test.go
#	x/auth/types/auth.pb.go
#	x/auth/types/params.go
#	x/auth/vesting/types/vesting_account.go
#	x/auth/vesting/types/vesting_account_test.go
#	x/evidence/keeper/keeper_test.go
#	x/ibc/testing/chain.go
#	x/wasm/keeper/keeper_test.go
#	x/wasm/keeper/submsg_test.go

* fix: fix lint warning.

* chore: add changelog about this pr

* fix typo

* chore: fix CHANGELOG.md links display error

* Update x/auth/tx/direct.go

fix: wrong comment.

Co-authored-by: Sujong Lee <[email protected]>

Co-authored-by: Sujong Lee <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

New signing mechanism
5 participants