Problem: sender address verification is not decoupled from execution (#…

…358) * Problem: sender address verification is not decoupled from execution WIP: #355 Solution: - to decouple sender address verification from execution, we must first enforce user setting the From field in the msg * changelog * fix GetSenderLegacy * cleanup * fix unit tests * reduce overhead of debug log * lazy init the btree in cache store because many stores are never touched * fix mutation
yihuang · Sep 22, 2023 · 8e9320e · 8e9320e
1 parent 9c9f9e6
commit 8e9320e
Show file tree

Hide file tree

Showing 43 changed files with 390 additions and 307 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -52,6 +52,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 - (eip712) [#1746](https://github.com/evmos/ethermint/pull/1746) Add EIP712 support for multiple messages and schemas
 - (feemarket) [#1790](https://github.com/evmos/ethermint/pull/1790) Raise error when get invalid consensus params
 - (deps) [#1782](https://github.com/evmos/ethermint/pull/1782) Bump Cosmos-SDK to v0.47.3 and ibc-go to v7.1.0.
+- (ante) [#358](https://github.com/crypto-org-chain/ethermint/pull/358) enforce user setting the From address in MsgEthereumTx
 
 ### Bug Fixes
 

diff --git a/app/ante/ante_test.go b/app/ante/ante_test.go
@@ -95,7 +95,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -116,7 +116,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -137,7 +137,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -159,7 +159,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -181,7 +181,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -203,7 +203,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -224,7 +224,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -234,7 +234,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 			"fail - CheckTx (cosmos tx is not valid)",
 			func() sdk.Tx {
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), 1, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 				// bigger than MaxGasWanted
@@ -246,7 +246,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 			"fail - CheckTx (memo too long)",
 			func() sdk.Tx {
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), 1, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 				txBuilder.SetMemo(strings.Repeat("*", 257))
@@ -257,7 +257,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 			"fail - CheckTx (ExtensionOptionsEthereumTx not set)",
 			func() sdk.Tx {
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), 1, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false, true)
 				return txBuilder.GetTx()
@@ -271,7 +271,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 				nonce, err := suite.app.AccountKeeper.GetSequence(suite.ctx, acc.GetAddress())
 				suite.Require().NoError(err)
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), nonce, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, true)
 				return tx
@@ -283,7 +283,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 				nonce, err := suite.app.AccountKeeper.GetSequence(suite.ctx, acc.GetAddress())
 				suite.Require().NoError(err)
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), nonce, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 				txBuilder.SetMemo("memo for cosmos tx not allowed")
@@ -296,7 +296,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 				nonce, err := suite.app.AccountKeeper.GetSequence(suite.ctx, acc.GetAddress())
 				suite.Require().NoError(err)
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), nonce, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 				txBuilder.SetTimeoutHeight(10)
@@ -309,7 +309,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 				nonce, err := suite.app.AccountKeeper.GetSequence(suite.ctx, acc.GetAddress())
 				suite.Require().NoError(err)
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), nonce, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 
@@ -329,7 +329,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 				nonce, err := suite.app.AccountKeeper.GetSequence(suite.ctx, acc.GetAddress())
 				suite.Require().NoError(err)
 				signedTx := evmtypes.NewTx(suite.app.EvmKeeper.ChainID(), nonce, &to, big.NewInt(10), 100000, big.NewInt(1), nil, nil, nil, nil)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 
@@ -589,10 +589,12 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				msg.From = addr.Hex()
+				msg.From = addr.Bytes()
 				tx := suite.CreateTestTx(msg, privKey, 1, false)
 				msg = tx.GetMsgs()[0].(*evmtypes.MsgEthereumTx)
-				msg.From = addr.Hex()
+				msg.From = addr.Bytes()
+				// arbitrary modify
+				msg.From[0] = msg.From[0] + 1
 				return tx
 			}, true, false, false,
 		},
@@ -906,7 +908,7 @@ func (suite AnteTestSuite) TestAnteHandler() {
 					nil,
 					nil,
 				)
-				ethTx.From = addr.Hex()
+				ethTx.From = addr.Bytes()
 
 				msg := authz.NewMsgExec(
 					sdk.AccAddress(privKey.PubKey().Address()),
@@ -976,7 +978,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -998,7 +1000,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -1020,7 +1022,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -1043,7 +1045,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -1066,7 +1068,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -1089,7 +1091,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -1112,7 +1114,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -1135,7 +1137,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 				// bigger than MaxGasWanted
@@ -1160,7 +1162,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				txBuilder := suite.CreateTestTxBuilder(signedTx, privKey, 1, false)
 				txBuilder.SetMemo(strings.Repeat("*", 257))
@@ -1183,7 +1185,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithDynamicTxFee() {
 					nil,
 					&types.AccessList{},
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -1242,7 +1244,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithParams() {
 					nil,
 					&types.AccessList{},
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -1264,7 +1266,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithParams() {
 					nil,
 					&types.AccessList{},
 				)
-				signedContractTx.From = addr.Hex()
+				signedContractTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedContractTx, privKey, 1, false)
 				return tx
@@ -1287,7 +1289,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithParams() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx
@@ -1310,7 +1312,7 @@ func (suite AnteTestSuite) TestAnteHandlerWithParams() {
 					nil,
 					&types.AccessList{},
 				)
-				signedTx.From = addr.Hex()
+				signedTx.From = addr.Bytes()
 
 				tx := suite.CreateTestTx(signedTx, privKey, 1, false)
 				return tx

diff --git a/app/ante/authz_test.go b/app/ante/authz_test.go
@@ -226,6 +226,8 @@ func (suite *AnteTestSuite) TestRejectDeliverMsgsInAuthz() {
 	_, testAddresses, err := generatePrivKeyAddressPairs(10)
 	suite.Require().NoError(err)
 
+	fromAddr := []byte{0, 0}
+
 	testcases := []struct {
 		name         string
 		msgs         []sdk.Msg
@@ -237,7 +239,7 @@ func (suite *AnteTestSuite) TestRejectDeliverMsgsInAuthz() {
 			msgs: []sdk.Msg{
 				newGenericMsgGrant(
 					testAddresses,
-					sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
+					sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{From: fromAddr}),
 				),
 			},
 			expectedCode: sdkerrors.ErrUnauthorized.ABCICode(),
@@ -257,7 +259,7 @@ func (suite *AnteTestSuite) TestRejectDeliverMsgsInAuthz() {
 			msgs: []sdk.Msg{
 				newGenericMsgGrant(
 					testAddresses,
-					sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
+					sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{From: fromAddr}),
 				),
 			},
 			expectedCode: sdkerrors.ErrUnauthorized.ABCICode(),
@@ -270,7 +272,7 @@ func (suite *AnteTestSuite) TestRejectDeliverMsgsInAuthz() {
 					testAddresses[1],
 					[]sdk.Msg{
 						createMsgSend(testAddresses),
-						&evmtypes.MsgEthereumTx{},
+						&evmtypes.MsgEthereumTx{From: fromAddr},
 					},
 				),
 			},
@@ -283,7 +285,7 @@ func (suite *AnteTestSuite) TestRejectDeliverMsgsInAuthz() {
 					testAddresses[1],
 					2,
 					[]sdk.Msg{
-						&evmtypes.MsgEthereumTx{},
+						&evmtypes.MsgEthereumTx{From: fromAddr},
 					},
 				),
 			},

diff --git a/app/ante/eth.go b/app/ante/eth.go
@@ -30,7 +30,6 @@ import (
 	evmtypes "github.com/evmos/ethermint/x/evm/types"
 
 	"github.com/ethereum/go-ethereum/common"
-	ethtypes "github.com/ethereum/go-ethereum/core/types"
 	"github.com/ethereum/go-ethereum/params"
 )
 
@@ -195,7 +194,7 @@ func (egcd EthGasConsumeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simula
 			return ctx, errorsmod.Wrapf(err, "failed to verify the fees")
 		}
 
-		err = egcd.evmKeeper.DeductTxCostsFromUserBalance(ctx, fees, common.HexToAddress(msgEthTx.From))
+		err = egcd.evmKeeper.DeductTxCostsFromUserBalance(ctx, fees, common.BytesToAddress(msgEthTx.From))
 		if err != nil {
 			return ctx, errorsmod.Wrapf(err, "failed to deduct transaction costs from user balance")
 		}
@@ -263,14 +262,13 @@ func NewCanTransferDecorator(evmKeeper EVMKeeper, baseFee *big.Int, evmParams *e
 // AnteHandle creates an EVM from the message and calls the BlockContext CanTransfer function to
 // see if the address can execute the transaction.
 func (ctd CanTransferDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (sdk.Context, error) {
-	signer := ethtypes.MakeSigner(ctd.ethCfg, big.NewInt(ctx.BlockHeight()))
 	for _, msg := range tx.GetMsgs() {
 		msgEthTx, ok := msg.(*evmtypes.MsgEthereumTx)
 		if !ok {
 			return ctx, errorsmod.Wrapf(errortypes.ErrUnknownRequest, "invalid message type %T, expected %T", msg, (*evmtypes.MsgEthereumTx)(nil))
 		}
 
-		coreMsg, err := msgEthTx.AsMessage(signer, ctd.baseFee)
+		coreMsg, err := msgEthTx.AsMessage(ctd.baseFee)
 		if err != nil {
 			return ctx, errorsmod.Wrapf(
 				err,