dymensionxyz · omritoptix · May 9, 2024 · Apr 29, 2024 · Apr 29, 2024 · Apr 29, 2024
diff --git a/app/ante.go b/app/ante.go
diff --git a/app/ante/ante.go b/app/ante/ante.go
@@ -0,0 +1,167 @@
+package ante
+
+import (
+	"fmt"
+	"runtime/debug"
+
+	"github.com/cosmos/cosmos-sdk/codec"
+
+	errorsmod "cosmossdk.io/errors"
+
+	"github.com/cosmos/cosmos-sdk/client"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+	authante "github.com/cosmos/cosmos-sdk/x/auth/ante"
+	ibckeeper "github.com/cosmos/ibc-go/v6/modules/core/keeper"
+	evmosante "github.com/evmos/evmos/v12/app/ante"
+	evmosanteevm "github.com/evmos/evmos/v12/app/ante/evm"
+	anteutils "github.com/evmos/evmos/v12/app/ante/utils"
+	evmostypes "github.com/evmos/evmos/v12/types"
+	evmtypes "github.com/evmos/evmos/v12/x/evm/types"
+	evmosvestingtypes "github.com/evmos/evmos/v12/x/vesting/types"
+	tmlog "github.com/tendermint/tendermint/libs/log"
+)
+
+type HasPermission = func(ctx sdk.Context, accAddr sdk.AccAddress, perm string) bool
+
+func MustCreateHandler(codec codec.BinaryCodec, txConfig client.TxConfig, maxGasWanted uint64, hasPermission HasPermission, accountKeeper evmtypes.AccountKeeper, stakingKeeper evmosvestingtypes.StakingKeeper, bankKeeper evmtypes.BankKeeper, feeMarketKeeper evmosanteevm.FeeMarketKeeper, evmKeeper evmosanteevm.EVMKeeper, ibcKeeper *ibckeeper.Keeper, distrKeeper anteutils.DistributionKeeper) sdk.AnteHandler {
+	ethOpts := evmosante.HandlerOptions{
+		Cdc:                    codec,
+		AccountKeeper:          accountKeeper,
+		BankKeeper:             bankKeeper,
+		ExtensionOptionChecker: evmostypes.HasDynamicFeeExtensionOption,
+		EvmKeeper:              evmKeeper,
+		StakingKeeper:          stakingKeeper,
+		FeegrantKeeper:         nil,
+		DistributionKeeper:     distrKeeper,
+		IBCKeeper:              ibcKeeper,
+		FeeMarketKeeper:        feeMarketKeeper,
+		SignModeHandler:        txConfig.SignModeHandler(),
+		SigGasConsumer:         evmosante.SigVerificationGasConsumer,
+		MaxTxGasWanted:         maxGasWanted,
+		TxFeeChecker:           evmosanteevm.NewDynamicFeeChecker(evmKeeper),
+	}
+
+	opts := HandlerOptions{
+		HandlerOptions: ethOpts,
+		hasPermission:  hasPermission,
+	}
+
+	h, err := NewHandler(opts)
+	if err != nil {
+		panic(fmt.Errorf("new ante handler: %w", err))
+	}
+	return h
+}
+
+// HandlerOptions are the options required for constructing a default SDK AnteHandler.
+type HandlerOptions struct {
+	evmosante.HandlerOptions
+	hasPermission HasPermission
+}
+
+func (o HandlerOptions) validate() error {
+	/*
+		First check the eth stuff - the validate method is not exported so this is copy-pasted
+	*/
+	if o.AccountKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "account keeper missing")
+	}
+	if o.BankKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "bank keeper missing")
+	}
+	if o.SignModeHandler == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "sign mode handler missing")
+	}
+	if o.FeeMarketKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "fee market keeper missing")
+	}
+	if o.EvmKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "evm keeper missing")
+	}
+	if o.DistributionKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "distribution keeper missing")
+	}
+	if o.StakingKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "staking keeper missing")
+	}
+
+	/*
+	 Our stuff
+	*/
+	if o.hasPermission == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "permission checker missing")
+	}
+	if o.IBCKeeper == nil {
+		return errorsmod.Wrap(sdkerrors.ErrLogic, "IBC keeper missing")
+	}
+	return nil
+}
+
+func NewHandler(options HandlerOptions) (sdk.AnteHandler, error) {
+	if err := options.validate(); err != nil {
+		return nil, fmt.Errorf("options validate: %w", err)
+	}
+
+	return func(
+		ctx sdk.Context, tx sdk.Tx, sim bool,
+	) (newCtx sdk.Context, err error) {
+		var anteHandler sdk.AnteHandler
+
+		defer Recover(ctx.Logger(), &err)
+
+		txWithExtensions, ok := tx.(authante.HasExtensionOptionsTx)
+		if ok {
+			opts := txWithExtensions.GetExtensionOptions()
+			if len(opts) > 0 {
+				switch typeURL := opts[0].GetTypeUrl(); typeURL {
+				case "/ethermint.evm.v1.ExtensionOptionsEthereumTx":
+					// handle as *evmtypes.MsgEthereumTx. It will get checked by the EVM handler to make sure it is.
+					anteHandler = newEVMAnteHandler(options)
+				case "/ethermint.types.v1.ExtensionOptionsWeb3Tx":
+					// Deprecated: Handle as normal Cosmos SDK tx, except signature is checked for Legacy EIP712 representation
+					anteHandler = newLegacyCosmosAnteHandlerEip712(options)
+				case "/ethermint.types.v1.ExtensionOptionDynamicFeeTx": // TODO: can delete?
+					// cosmos-sdk tx with dynamic fee extension
+					anteHandler = newCosmosAnteHandler(options)
+				default:
+					return ctx, errorsmod.Wrapf(
+						sdkerrors.ErrUnknownExtensionOptions,
+						"rejecting tx with unsupported extension option: %s", typeURL,
+					)
+				}
+
+				return anteHandler(ctx, tx, sim)
+			}
+		}
+
+		// handle as totally normal Cosmos SDK tx
+		switch tx.(type) {
+		case sdk.Tx:
+			anteHandler = newCosmosAnteHandler(options)
+		default:
+			return ctx, errorsmod.Wrapf(sdkerrors.ErrUnknownRequest, "invalid transaction type: %T", tx)
+		}
+
+		return anteHandler(ctx, tx, sim)
+	}, nil
+}
+
+func Recover(logger tmlog.Logger, err *error) {
+	if r := recover(); r != nil {
+		*err = errorsmod.Wrapf(sdkerrors.ErrPanic, "%v", r)
+
+		if e, ok := r.(error); ok {
+			logger.Error(
+				"ante handler panicked",
+				"error", e,
+				"stack trace", string(debug.Stack()),
+			)
+		} else {
+			logger.Error(
+				"ante handler panicked",
+				"recover", fmt.Sprintf("%v", r),
+			)
+		}
+	}
+}
diff --git a/app/ante/decorator_permissioned_urls.go b/app/ante/decorator_permissioned_urls.go
@@ -0,0 +1,39 @@
+package ante
+
+import (
+	errorsmod "cosmossdk.io/errors"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+	"golang.org/x/exp/slices"
+)
+
+// PermissionedURLsDecorator prevents invalid msg types from being executed
+type PermissionedURLsDecorator struct {
+	hasPermission    func(ctx sdk.Context, accAddr sdk.AccAddress) bool
+	permissionedURls []string
+}
+
+func NewPermissionedURLsDecorator(hasPermission func(ctx sdk.Context, accAddr sdk.AccAddress) bool, msgTypeURLs []string) PermissionedURLsDecorator {
+	return PermissionedURLsDecorator{
+		hasPermission:    hasPermission,
+		permissionedURls: msgTypeURLs,
+	}
+}
+
+// AnteHandle rejects vesting messages that signer does not have permission
+func (d PermissionedURLsDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (newCtx sdk.Context, err error) {
+	for _, msg := range tx.GetMsgs() {
+		if slices.Contains(d.permissionedURls, sdk.MsgTypeURL(msg)) {
+			// Check if vesting tx signer is 1
+			if len(msg.GetSigners()) != 1 {
+				return ctx, errorsmod.Wrapf(sdkerrors.ErrInvalidAddress, "expect 1 signer: signers: %v", msg.GetSigners())
+			}
+
+			signer := msg.GetSigners()[0]
+			if !d.hasPermission(ctx, signer) {
+				return ctx, sdkerrors.ErrUnauthorized
+			}
+		}
+	}
+	return next(ctx, tx, simulate)
+}
diff --git a/app/ante/handlers.go b/app/ante/handlers.go
@@ -0,0 +1,103 @@
+package ante
+
+import (
+	codectypes "github.com/cosmos/cosmos-sdk/codec/types"
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	"github.com/cosmos/cosmos-sdk/x/auth/ante"
+	authante "github.com/cosmos/cosmos-sdk/x/auth/ante"
+	sdkvestingtypes "github.com/cosmos/cosmos-sdk/x/auth/vesting/types"
+	vestingtypes "github.com/cosmos/cosmos-sdk/x/auth/vesting/types"
+	ibcante "github.com/cosmos/ibc-go/v6/modules/core/ante"
+	cosmosante "github.com/evmos/evmos/v12/app/ante/cosmos"
+	evmante "github.com/evmos/evmos/v12/app/ante/evm"
+	evmtypes "github.com/evmos/evmos/v12/x/evm/types"
+)
+
+// NOTE: this function is copied from evmos
+func newEVMAnteHandler(options HandlerOptions) sdk.AnteHandler {
+	return sdk.ChainAnteDecorators(
+		// outermost AnteDecorator. SetUpContext must be called first
+		evmante.NewEthSetUpContextDecorator(options.EvmKeeper),
+		// Check eth effective gas price against the node's minimal-gas-prices config
+		evmante.NewEthMempoolFeeDecorator(options.EvmKeeper),
+		// Check eth effective gas price against the global MinGasPrice
+		evmante.NewEthMinGasPriceDecorator(options.FeeMarketKeeper, options.EvmKeeper),
+		evmante.NewEthValidateBasicDecorator(options.EvmKeeper),
+		evmante.NewEthSigVerificationDecorator(options.EvmKeeper),
+		evmante.NewEthAccountVerificationDecorator(options.AccountKeeper, options.EvmKeeper),
+		evmante.NewCanTransferDecorator(options.EvmKeeper),
+		evmante.NewEthVestingTransactionDecorator(options.AccountKeeper, options.BankKeeper, options.EvmKeeper),
+		evmante.NewEthGasConsumeDecorator(options.BankKeeper, options.DistributionKeeper, options.EvmKeeper, options.StakingKeeper, options.MaxTxGasWanted),
+		evmante.NewEthIncrementSenderSequenceDecorator(options.AccountKeeper),
+		evmante.NewGasWantedDecorator(options.EvmKeeper, options.FeeMarketKeeper),
+		// emit eth tx hash and index at the very last ante handler.
+		evmante.NewEthEmitEventDecorator(options.EvmKeeper),
+	)
+}
+
+func newCosmosAnteHandler(options HandlerOptions) sdk.AnteHandler {
+	return sdk.ChainAnteDecorators(
+		cosmosDecorators(
+			options,
+			options.ExtensionOptionChecker, // make sure there are no extension options
+			ante.NewSigVerificationDecorator(options.AccountKeeper, options.SignModeHandler), // Use modern signature verification
+		)...,
+	)
+}
+
+// Deprecated: NewLegacyCosmosAnteHandlerEip712 creates an AnteHandler to process legacy EIP-712
+// transactions, as defined by the presence of an ExtensionOptionsWeb3Tx extension.
+func newLegacyCosmosAnteHandlerEip712(options HandlerOptions) sdk.AnteHandler {
+	return sdk.ChainAnteDecorators(
+		cosmosDecorators(
+			options,
+			func(c *codectypes.Any) bool { return true },                                                       // allows any extension, this is consistent with the evmos behavior
+			cosmosante.NewLegacyEip712SigVerificationDecorator(options.AccountKeeper, options.SignModeHandler), // Use old signature verification: uses EIP instead of the cosmos signature validator
+		)...,
+	)
+}
+
+func cosmosDecorators(options HandlerOptions, extensionChecker authante.ExtensionOptionChecker, sigChecker sdk.AnteDecorator) []sdk.AnteDecorator {
+	sigGasConsumer := options.SigGasConsumer
+	if sigGasConsumer == nil {
+		sigGasConsumer = authante.DefaultSigVerificationGasConsumer
+	}
+	return []sdk.AnteDecorator{
+		cosmosante.NewRejectMessagesDecorator(
+			[]string{
+				sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
+			},
+		),
+		cosmosante.NewAuthzLimiterDecorator( // disable the Msg types that cannot be included on an authz.MsgExec msgs field
+			sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
+			sdk.MsgTypeURL(&sdkvestingtypes.MsgCreateVestingAccount{}),
+			sdk.MsgTypeURL(&sdkvestingtypes.MsgCreatePermanentLockedAccount{}),
+			sdk.MsgTypeURL(&sdkvestingtypes.MsgCreatePeriodicVestingAccount{}),
+		),
+		ante.NewSetUpContextDecorator(),
+		ante.NewExtensionOptionsDecorator(extensionChecker),
+		ante.NewValidateBasicDecorator(),
+		ante.NewTxTimeoutHeightDecorator(),
+		NewPermissionedURLsDecorator(
+			func(ctx sdk.Context, accAddr sdk.AccAddress) bool {
+				return options.hasPermission(ctx, accAddr, vestingtypes.ModuleName)
+			}, []string{
+				sdk.MsgTypeURL(&vestingtypes.MsgCreateVestingAccount{}),
+				sdk.MsgTypeURL(&vestingtypes.MsgCreatePermanentLockedAccount{}),
+				sdk.MsgTypeURL(&vestingtypes.MsgCreatePeriodicVestingAccount{}),
+			}),
+		ante.NewValidateMemoDecorator(options.AccountKeeper),
+		cosmosante.NewMinGasPriceDecorator(options.FeeMarketKeeper, options.EvmKeeper),
+		ante.NewConsumeGasForTxSizeDecorator(options.AccountKeeper),
+		cosmosante.NewDeductFeeDecorator(options.AccountKeeper, options.BankKeeper, options.DistributionKeeper, options.FeegrantKeeper, options.StakingKeeper, options.TxFeeChecker),
+		cosmosante.NewVestingDelegationDecorator(options.AccountKeeper, options.StakingKeeper, options.Cdc),
+		// SetPubKeyDecorator must be called before all signature verification decorators
+		ante.NewSetPubKeyDecorator(options.AccountKeeper),
+		ante.NewValidateSigCountDecorator(options.AccountKeeper),
+		ante.NewSigGasConsumeDecorator(options.AccountKeeper, sigGasConsumer),
+		sigChecker,
+		ante.NewIncrementSequenceDecorator(options.AccountKeeper),
+		ibcante.NewRedundantRelayDecorator(options.IBCKeeper),
+		evmante.NewGasWantedDecorator(options.EvmKeeper, options.FeeMarketKeeper),
+	}
+}