diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 2a25162b9..8a79ad606 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -74,13 +74,13 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ RUN bash /tmp/library-scripts/rust-debian.sh "${CARGO_HOME}" "${RUSTUP_HOME}" "${USERNAME}" "true" "true" # Install Go -#ADD https://go.dev/dl/go1.18.4.linux-amd64.tar.gz go1.18.4.linux-amd64.tar.gz -#RUN tar -C /usr/local -xzf go1.18.4.linux-amd64.tar.gz +#ADD https://go.dev/dl/go1.21.1.linux-amd64.tar.gz go.linux-amd64.tar.gz +#RUN tar -C /usr/local -xzf go.linux-amd64.tar.gz # #RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" "$GOPATH/pkg" && chmod -R 777 "$GOPATH" #RUN chown ${USERNAME}:${USERNAME} /go -R -RUN bash /tmp/library-scripts/go-debian.sh "1.18.4" "${GOROOT}" "${GOPATH}" "${USERNAME}" "true" "true" && \ +RUN bash /tmp/library-scripts/go-debian.sh "1.21.1" "${GOROOT}" "${GOPATH}" "${USERNAME}" "true" "true" && \ go install github.com/jteeuwen/go-bindata/go-bindata@latest && go-bindata -version RUN apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* /tmp/library-scripts diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 186f9a261..926c9814d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -6,7 +6,7 @@ jobs: Enclave-Unit-Tests: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive name: Pull git submodules @@ -14,8 +14,8 @@ jobs: run: | mkdir -p "$HOME/.sgxsdk" cd "$HOME/.sgxsdk" - SDK_BIN=sgx_linux_x64_sdk_2.17.101.1.bin - wget https://download.01.org/intel-sgx/sgx-linux/2.17.1/distro/ubuntu20.04-server/"$SDK_BIN" + SDK_BIN=sgx_linux_x64_sdk_2.20.100.4.bin + wget https://download.01.org/intel-sgx/sgx-linux/2.20/distro/ubuntu20.04-server/"$SDK_BIN" chmod +x "$SDK_BIN" echo yes | ./"$SDK_BIN" - name: Cache cargo registry @@ -43,27 +43,17 @@ jobs: rustc --version cargo +stable install xargo --version 0.3.25 xargo --version - - name: Download sccache - run: | - wget https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz - tar xf ./sccache-*.tar.gz - mv ./sccache*/sccache "$HOME/sccache" - name: Test enclave run: | source "$HOME/.sgxsdk/sgxsdk/environment" export SGX_MODE=SW - RUSTC_WRAPPER="$HOME/sccache" make enclave-tests + make enclave-tests make clean-enclave Build-Contracts: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 - - name: Download sccache - run: | - wget https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz - tar xf ./sccache-*.tar.gz - mv ./sccache*/sccache "$HOME/sccache" + - uses: actions/checkout@v4 - name: Install Requirements run: | rustup target add wasm32-unknown-unknown @@ -71,7 +61,7 @@ jobs: ./scripts/install-wasm-tools.sh - name: Build Contracts run: | - make build-test-contract + make build-test-contracts cp x/compute/internal/keeper/testdata/erc20.wasm . - uses: actions/upload-artifact@v3 with: @@ -81,6 +71,10 @@ jobs: with: name: contract.wasm path: cosmwasm/contracts/v010/compute-tests/test-compute-contract/contract.wasm + - uses: actions/upload-artifact@v3 + with: + name: contract-v2.wasm + path: cosmwasm/contracts/v010/compute-tests/test-compute-contract-v2/contract-v2.wasm - uses: actions/upload-artifact@v3 with: name: v1-contract.wasm @@ -106,18 +100,18 @@ jobs: runs-on: ubuntu-20.04 needs: [Build-Contracts, Build-LocalSecret] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - uses: actions/setup-go@v4 with: - go-version: 1.19 # The Go version to download (if necessary) and use. + go-version: 1.21 # The Go version to download (if necessary) and use. - name: Install Intel's SGX SDK run: | mkdir -p "$HOME/.sgxsdk" cd "$HOME/.sgxsdk" - SDK_BIN=sgx_linux_x64_sdk_2.17.101.1.bin - wget https://download.01.org/intel-sgx/sgx-linux/2.17.1/distro/ubuntu20.04-server/"$SDK_BIN" + SDK_BIN=sgx_linux_x64_sdk_2.20.100.4.bin + wget https://download.01.org/intel-sgx/sgx-linux/2.20/distro/ubuntu20.04-server/"$SDK_BIN" chmod +x "$SDK_BIN" echo yes | ./"$SDK_BIN" - name: Download LocalSecret @@ -133,10 +127,14 @@ jobs: docker run -v $PWD:/opt/mount --rm --entrypoint cp ghcr.io/scrtlabs/localsecret:v0.0.0 /usr/lib/librust_cosmwasm_enclave.signed.so /opt/mount/librust_cosmwasm_enclave.signed.so docker run -v $PWD:/opt/mount --rm --entrypoint cp ghcr.io/scrtlabs/localsecret:v0.0.0 /usr/lib/librandom_api.so /opt/mount/librandom_api.so docker run -v $PWD:/opt/mount --rm --entrypoint cp ghcr.io/scrtlabs/localsecret:v0.0.0 /usr/lib/tendermint_enclave.signed.so /opt/mount/tendermint_enclave.signed.so - - uses: actions/download-artifact@v3 with: name: contract.wasm + path: ./x/compute/internal/keeper/testdata/ + - uses: actions/download-artifact@v3 + with: + name: contract-v2.wasm + path: ./x/compute/internal/keeper/testdata/ - uses: actions/download-artifact@v3 with: name: v1-contract.wasm @@ -148,23 +146,20 @@ jobs: - uses: actions/download-artifact@v3 with: name: contract_with_floats.wasm + path: ./x/compute/internal/keeper/testdata/ - uses: actions/download-artifact@v3 with: name: too-high-initial-memory.wasm + path: ./x/compute/internal/keeper/testdata/ - uses: actions/download-artifact@v3 with: name: static-too-high-initial-memory.wasm + path: ./x/compute/internal/keeper/testdata/ - name: Setup Files run: | find "$(pwd)" -name \*.wasm cp libgo_cosmwasm.so ./go-cosmwasm/api/libgo_cosmwasm.so cp librust_cosmwasm_enclave.signed.so ./go-cosmwasm/librust_cosmwasm_enclave.signed.so - # cp /opt/mount/librandom_api.so /usr/lib/librandom_api.so - # cp /opt/mount/tendermint_enclave.signed.so /usr/lib/tendermint_enclave.signed.so - cp contract.wasm ./x/compute/internal/keeper/testdata/contract.wasm - cp too-high-initial-memory.wasm ./x/compute/internal/keeper/testdata/too-high-initial-memory.wasm - cp contract_with_floats.wasm ./x/compute/internal/keeper/testdata/contract_with_floats.wasm - cp static-too-high-initial-memory.wasm ./x/compute/internal/keeper/testdata/static-too-high-initial-memory.wasm find "$(pwd)" -name \*.wasm - name: Test x/registration run: | @@ -175,17 +170,18 @@ jobs: source "$HOME/.sgxsdk/sgxsdk/environment" export SGX_MODE=SW cp librust_cosmwasm_enclave.signed.so ./x/compute/internal/keeper + # cp tendermint_enclave.signed.so ./x/compute/internal/keeper mkdir -p ias_keys/develop mkdir -p /opt/secret/.sgx_secrets/ echo "not_a_key" > ias_keys/develop/spid.txt echo "not_a_key" > ias_keys/develop/api_key.txt LOG_LEVEL=ERROR go test -v -tags "test" ./x/compute/client/... - LOG_LEVEL=ERROR go test -p 1 -timeout 90m -v -tags "test" ./x/compute/internal/... + LOG_LEVEL=ERROR SKIP_LIGHT_CLIENT_VALIDATION=TRUE go test -p 1 -timeout 90m -v -tags "test" ./x/compute/internal/... Clippy: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Install Intel's SGX SDK @@ -224,28 +220,23 @@ jobs: rustc --version cargo +stable install xargo --version 0.3.25 xargo --version - - name: Download sccache - run: | - wget https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz - tar xf ./sccache-*.tar.gz - mv ./sccache*/sccache "$HOME/sccache" - name: Clippy run: | source "$HOME/.sgxsdk/sgxsdk/environment" mkdir -p ias_keys/production - echo "not_a_key" > ias_keys/production/api_key.txt + cp ias_keys/develop/api_key.txt ias_keys/production/api_key.txt SGX_MODE=SW make clippy SGX_MODE=HW make clippy MacOS-ARM64-CLI: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - uses: actions/setup-go@v4 with: - go-version: 1.19 # The Go version to download (if necessary) and use. + go-version: 1.21 # The Go version to download (if necessary) and use. - name: Install xgo run: | go install github.com/crazy-max/xgo@v0.17.0 @@ -260,7 +251,7 @@ jobs: uses: docker/setup-buildx-action@v2 with: driver-opts: network=host - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Build LocalSecret @@ -276,11 +267,11 @@ jobs: build-args: | SECRET_NODE_TYPE=BOOTSTRAP CHAIN_ID=secretdev-1 - FEATURES=debug-print + FEATURES_U=debug-print,random,light-client-validation,go-tests SGX_MODE=SW target: build-localsecret - cache-from: type=gha - cache-to: type=gha,mode=max + # cache-from: type=gha + # cache-to: type=gha,mode=max outputs: type=docker,dest=/tmp/localsecret.tar - name: Upload Image uses: actions/upload-artifact@v3 @@ -293,7 +284,7 @@ jobs: steps: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Build Hermes Image uses: docker/build-push-action@v4 with: @@ -315,7 +306,7 @@ jobs: runs-on: ubuntu-20.04 needs: [Build-LocalSecret, Build-Hermes] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Download Hermes @@ -336,8 +327,9 @@ jobs: run: | cd integration-tests yarn - docker compose -f ../deployment/dockerfiles/ibc/docker-compose.yml up -d - yarn test + perl -i -pe 's/localsecret:.+?"/localsecret:v0.0.0"/' ../deployment/dockerfiles/ibc/docker-compose.yml + docker compose -f ../deployment/dockerfiles/ibc/docker-compose.yml up -d > docker-compose.log 2>&1 + yarn test || { cat docker-compose.log; exit 1; } make kill-localsecret # next step needs the localsecret ports - name: Run secret.js tests run: | @@ -346,6 +338,6 @@ jobs: # Use the docker images that we built just a few steps above perl -i -pe 's/localsecret:.+?"/localsecret:v0.0.0"/' ./test/docker-compose.yml yarn - docker compose -f ./test/docker-compose.yml up -d - yarn test-ci + docker compose -f ./test/docker-compose.yml up -d > docker-compose.log 2>&1 + yarn test-ci || { cat docker-compose.log; exit 1; } make kill-localsecret diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 913a68df4..1e6fc76b3 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: actions/setup-go@v4 with: go-version: 1.18 diff --git a/.github/workflows/go-lint.yml b/.github/workflows/go-lint.yml index b2c3bb516..8521a6187 100644 --- a/.github/workflows/go-lint.yml +++ b/.github/workflows/go-lint.yml @@ -2,11 +2,9 @@ name: golangci-lint on: push: tags: - - v* + - "*" branches: - - master - - main - pull_request: + - "*" permissions: contents: read # Optional: allow read access to pull request. Use with `only-new-issues` option. @@ -18,10 +16,14 @@ jobs: steps: - uses: actions/setup-go@v4 with: - go-version: 1.19 - - uses: actions/checkout@v3 + go-version: 1.21 + - uses: actions/checkout@v4 + - name: make bin-data-sw + run: | + go install github.com/jteeuwen/go-bindata/go-bindata@latest + make bin-data-sw - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version - version: v1.51.2 + version: v1.54.2 + skip-cache: true diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 5f8f2aaa0..06035d806 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,13 +15,13 @@ jobs: strategy: fail-fast: false matrix: - db_backend: [rocksdb, goleveldb] + db_backend: [goleveldb] runs-on: ubuntu-20.04 env: # Or as an environment variable SPID: ${{ secrets.SPID_TESTNET }} API_KEY: ${{ secrets.API_KEY_TESTNET }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Declare Commit Variables @@ -38,10 +38,6 @@ jobs: - name: Get the version id: get_version run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\/v/} - - name: Sets env vars for rocksdb - if: ${{ matrix.db_backend == 'rocksdb' }} - run: | - echo "DOCKER_CGO_LDFLAGS=-L/usr/lib/x86_64-linux-gnu/ -lrocksdb -lstdc++ -llz4 -lm -lz -lbz2 -lsnappy" >> $GITHUB_ENV - name: Build .deb Package Image uses: docker/build-push-action@v4 with: @@ -58,6 +54,7 @@ jobs: CGO_LDFLAGS=${{ env.DOCKER_CGO_LDFLAGS }} BUILD_VERSION=${{ steps.get_version.outputs.VERSION }} SGX_MODE=HW + FEATURES="verify-validator-whitelist,light-client-validation,random" target: build-deb - name: Run .deb Package Image run: | @@ -73,14 +70,14 @@ jobs: strategy: fail-fast: false matrix: - db_backend: [goleveldb, rocksdb] + db_backend: [goleveldb] env: # Or as an environment variable SPID: ${{ secrets.SPID_MAINNET }} API_KEY: ${{ secrets.API_KEY_MAINNET }} REGISTRY: ghcr.io IMAGE_NAME: scrtlabs/secret-network-node steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Get the version @@ -105,7 +102,7 @@ jobs: API_KEY=${{ secrets.API_KEY_MAINNET }} SPID=${{ secrets.SPID_MAINNET }} build-args: | - FEATURES=production + FEATURES=verify-validator-whitelist,light-client-validation,random,production FEATURES_U=production SECRET_NODE_TYPE=NODE DB_BACKEND=${{ matrix.db_backend }} @@ -128,7 +125,7 @@ jobs: API_KEY=${{ secrets.API_KEY_MAINNET }} SPID=${{ secrets.SPID_MAINNET }} build-args: | - FEATURES=production + FEATURES=verify-validator-whitelist,light-client-validation,random,production FEATURES_U=production SECRET_NODE_TYPE=NODE DB_BACKEND=${{ matrix.db_backend }} @@ -151,10 +148,10 @@ jobs: matrix: os: [ubuntu-20.04, windows-latest, macos-latest] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v4 with: - go-version: 1.19 # The Go version to download (if necessary) and use. + go-version: 1.21 # The Go version to download (if necessary) and use. - name: Build CLI shell: bash run: | @@ -168,10 +165,10 @@ jobs: MacOS-ARM64-CLI: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v4 with: - go-version: 1.19 # The Go version to download (if necessary) and use. + go-version: 1.21 # The Go version to download (if necessary) and use. - name: Install xgo run: | go install github.com/crazy-max/xgo@v0.17.0 @@ -191,8 +188,9 @@ jobs: env: # Or as an environment variable SPID: ${{ secrets.SPID_TESTNET }} API_KEY: ${{ secrets.API_KEY_TESTNET }} + API_KEY_MAINNET: ${{ secrets.API_KEY_MAINNET }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Get the version @@ -208,6 +206,7 @@ jobs: secrets: | API_KEY=${{ secrets.API_KEY_TESTNET }} SPID=${{ secrets.SPID_TESTNET }} + API_KEY_MAINNET=${{ secrets.API_KEY_MAINNET }} build-args: | BUILD_VERSION=${{ steps.get_version.outputs.VERSION }} SGX_MODE=HW @@ -216,6 +215,7 @@ jobs: run: | docker run -e VERSION=${{ steps.get_version.outputs.VERSION }} -v $GITHUB_WORKSPACE/build:/build check_hw_tool_build cp build/check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz + - uses: actions/upload-artifact@v3 with: name: check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz @@ -230,7 +230,7 @@ jobs: steps: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive - name: Get the version @@ -255,34 +255,37 @@ jobs: build-args: | SECRET_NODE_TYPE=BOOTSTRAP CHAIN_ID=secretdev-1 - FEATURES=debug-print + FEATURES=debug-print,random,light-client-validation SGX_MODE=SW target: build-localsecret Lib-Checks: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: ./.github/actions/check-objdump name: Check Mitigation flags in Cosmwasm Enclave + with: + version: "v1.9.0" - uses: ./.github/actions/check-objdump name: Check Mitigation flags in TM Enclave with: filename: "tendermint_enclave.signed.so" - min-fence: "10" + min-fence: "1000" + version: "v1.9.0" Release: - needs: - [ + needs: [ native-build-cli, build-deb-testnet, build-deb-mainnet, MacOS-ARM64-CLI, check-hw-tool, + # check-hw-tool-mainnet ] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Get the version id: get_version run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\/v/} @@ -301,29 +304,26 @@ jobs: - uses: actions/download-artifact@v3 with: name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_goleveldb_amd64.deb - - uses: actions/download-artifact@v3 - with: - name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_rocksdb_amd64.deb - uses: actions/download-artifact@v3 with: name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_goleveldb_amd64.deb - - uses: actions/download-artifact@v3 - with: - name: secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_rocksdb_amd64.deb - uses: actions/download-artifact@v3 with: name: check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz + # - uses: actions/download-artifact@v3 + # with: + # name: check_hw_${{ steps.get_version.outputs.VERSION }}_mainnet.tar.gz - name: Release uses: softprops/action-gh-release@v1 with: prerelease: true files: | secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_goleveldb_amd64.deb - secretnetwork_${{ steps.get_version.outputs.VERSION }}_mainnet_rocksdb_amd64.deb secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_goleveldb_amd64.deb - secretnetwork_${{ steps.get_version.outputs.VERSION }}_testnet_rocksdb_amd64.deb secretcli-macOS secretcli-Windows secretcli-Linux secretcli-MacOS-arm64 check_hw_${{ steps.get_version.outputs.VERSION }}.tar.gz + +# check_hw_${{ steps.get_version.outputs.VERSION }}_mainnet.tar.gz diff --git a/.gitignore b/.gitignore index ecc8fd07a..1d454081e 100644 --- a/.gitignore +++ b/.gitignore @@ -15,6 +15,7 @@ secretcli* libenclave.a libEnclave_u.a librust_cosmwasm_enclave.signed.so +tendermint_enclave.signed.so *.o /release SHA256SUMS* @@ -38,12 +39,6 @@ node_modules /secretjs /secret.js tmp-swagger-gen -x/compute/internal/keeper/testdata/contract_with_floats.wasm -x/compute/internal/keeper/testdata/contract.wasm -x/compute/internal/keeper/testdata/ibc.wasm -x/compute/internal/keeper/testdata/static-too-high-initial-memory.wasm -x/compute/internal/keeper/testdata/too-high-initial-memory.wasm -x/compute/internal/keeper/testdata/v1-contract.wasm /github.com third_party/build x/compute/internal/keeper/testdata/test-contract/target diff --git a/.gitmodules b/.gitmodules index 02a2393be..5d2e05c77 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,4 @@ [submodule "third_party/incubator-teaclave-sgx-sdk"] path = third_party/incubator-teaclave-sgx-sdk url = https://github.com/scrtlabs/incubator-teaclave-sgx-sdk - branch = secret-new-1.1.5 + branch = secret-1.x diff --git a/.golangci.yml b/.golangci.yml index 24adf0886..f5f2f04a2 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,12 +1,13 @@ run: tests: false - # # timeout for analysis, e.g. 30s, 5m, default is 1m timeout: 5m + skip-files: + - x/registration/internal/types/reg_keys.go # uses auto generated code + - x/registration/internal/types/ias_bin.*?.go # auto generated linters: disable-all: true enable: - - depguard - dogsled - exportloopref - errcheck diff --git a/.vscode/launch.json b/.vscode/launch.json index 86976b48d..e41d93959 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -11,9 +11,16 @@ "mode": "debug", "program": "${file}", "cwd": "${workspaceFolder}/x/compute/internal/keeper", - "env": { "SGX_MODE": "SW", "RUST_BACKTRACE": "1" }, + "env": { + "SGX_MODE": "SW", + "RUST_BACKTRACE": "1", + "LOG_LEVEL": "TRACE", + "SKIP_LIGHT_CLIENT_VALIDATION": "true" + }, "args": [ "test", + "-tags", + "sgx", "-timeout", "1200s", "-p", diff --git a/.vscode/settings.json b/.vscode/settings.json index 179ffa0aa..a38db357c 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -7,14 +7,21 @@ "third_party/build/Cargo.toml", "cosmwasm/enclaves/Cargo.toml", "cosmwasm/contracts/v1/compute-tests/test-compute-contract/Cargo.toml", + "cosmwasm/contracts/v1/compute-tests/test-compute-contract-v2/Cargo.toml", "cosmwasm/contracts/v1/compute-tests/ibc-test-contract/Cargo.toml", "cosmwasm/contracts/v1/compute-tests/bench-contract/Cargo.toml", "cosmwasm/contracts/v010/compute-tests/test-compute-contract/Cargo.toml", + "cosmwasm/contracts/v010/compute-tests/test-compute-contract-v2/Cargo.toml", + "cosmwasm/contracts/v1/compute-tests/migration/contract-v1/Cargo.toml", + "cosmwasm/contracts/v1/compute-tests/migration/contract-v2/Cargo.toml", "integration-tests/contract-v1/Cargo.toml", "integration-tests/contract-v0.10/Cargo.toml", + "cosmwasm/contracts/v1/compute-tests/random-test/Cargo.toml", "go-cosmwasm/Cargo.toml", - "integration-tests/contract-v0.10/Cargo.toml", - "check-hw/Cargo.toml" + "cosmwasm/enclaves/shared/cosmos-proto/Cargo.toml", + "cosmwasm/enclaves/shared/contract-engine/Cargo.toml", + "cosmwasm/enclaves/shared/utils/Cargo.toml", + "cosmwasm/enclaves/shared/block-verifier/Cargo.toml" ], "rust-analyzer.diagnostics.experimental.enable": true, "rust-analyzer.rustfmt.rangeFormatting.enable": true, @@ -22,15 +29,16 @@ "unresolved-macro-call", "unresolved-proc-macro" ], + "rust-analyzer.cargo.features": "all", "[rust]": { "editor.formatOnSave": true, "editor.defaultFormatter": "rust-lang.rust-analyzer" }, - "go.testEnvVars": { "SGX_MODE": "SW", "RUST_BACKTRACE": "1" }, + "go.buildTags": "sgx", "go.useLanguageServer": true, "go.lintTool": "golangci-lint", "go.lintOnSave": "workspace", diff --git a/CHANGELOG.md b/CHANGELOG.md index 76bddf618..ac640fc28 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,13 +1,105 @@ # CHANGELOG -# Unreleased - +# 1.12.0 + +- Fix the hardcoded admins feature +- Add hardcoded admins according to proposals [269](https://dev.mintscan.io/secret/proposals/269) (Shillables) & [270](https://dev.mintscan.io/secret/proposals/270) (Sienna). +- Fix PFM to stop dropping packets of IBC contracts. + - This has always been a bug in PFM. It was introduced in v1.9 and was missed because of a bug in our CI system. + - Fixed the bug in PFM and updated the dependency. + - For more info see https://github.com/cosmos/ibc-apps/pull/105. +- Add `admin` to `WasmMsg::Instantiate` in cosmwasm-std (Thanks [@luca992](https://github.com/luca992)!). + - This allows contracts to specify an admin address when instantiating other contracts. + - See usage example [here](https://github.com/scrtlabs/SecretNetwork/blob/eedfac881/cosmwasm/contracts/v1/compute-tests/test-compute-contract/src/contract.rs#L245-L259). +- Update IBC to v4.5.0 + +# 1.11.0 + +- Added ibc-hooks middleware by Osmosis. + - WASM hooks: allows ICS-20 token transfers to initiate contract calls, serving various use cases. + - Example: Sending tokens to Secret and immediately wrapping them as SNIP-20 token. For example, `ATOM on Hub -> ATOM on Secret -> sATOMS on Secret` (2 transactions on 2 chains) now becomes `ATOM on Hub -> sATOM on Secret` (1 transaction). + - Example: Cross-chain swaps. Using IBC Hooks, an AMM on Secret can atomically swap tokens that originated on a different chain and are headed to Secret. The AMM can also send those tokens back to the originating chain. + - [Axelar GMP](https://docs.axelar.dev/dev/general-message-passing/overview): Using IBC Hooks, a contract on Ethereum can call a contract on Secret and get a response back. + - Ack callbacks: allow non-IBC contracts that send an `IbcMsg::Transfer` to listen for the ack/timeout of the token transfer. This allows these contracts to definitively know whether the transfer was successful or not and act accordingly (refund if failed, continue if succeeded). See usage example [here](https://github.com/scrtlabs/secret.js/blob/4293219/test/ibc-hooks-contract/src/contract.rs#L47-L91). +- Added an optional `memo` field to `IbcMsg::Transfer`, to ease to use of the IBC Hooks ack callbacks feature. See usage example [here](https://github.com/scrtlabs/secret.js/blob/4293219/test/ibc-hooks-contract/src/contract.rs#L60-L63). +- Added contract upgrade feature. + - On init, the creator can specify an admin address. + - The admin can migrate the contract to a new code ID. + - The admin can update or clear the admin address. + - The admins of contracts that were instantiated before v1.10 are hardcoded according to [proposal 262](./docs/proposals/hardcode-admins-on-v1.10.md). + - Hardcoded admins can only be updated/cleared with a future gov proposal. + - When the new `MsgMigrateContract` is invoked, the `migrate()` function is being called on the new contract code, where the new contract can optionally perform state migrations. See usage example [here](https://github.com/scrtlabs/SecretNetwork/blob/139a0eb18/cosmwasm/contracts/v1/compute-tests/migration/contract-v2/src/contract.rs#L37-L43). +- Fixed a scenario where the enclave's light client might fail a valid node registration transaction. +- Add support for uploading contracts that were compiled with Rust v1.70+. +- Update Cosmos SDK to v0.45.16 +- Update Tendermint to CometBFT v0.34.29 +- Update IBC to v4.4.2 +- Update IAVL to v0.19.6 +- Update Packet Forward Middleware to v4.1.0 +- Fix initialization of x/vesting module +- Add `env.transaction.hash` to support SNIP-52 + - SNIP-52: https://github.com/SolarRepublic/SNIPs/blob/3cc16b7/SNIP-52.md#notification-data-algorithms + - See usage example [here](https://github.com/scrtlabs/SecretNetwork/blob/4f21d5794/cosmwasm/contracts/v1/compute-tests/test-compute-contract-v2/src/contract.rs#L1398-L1400). +- Flush the enclave's cache in a random order + +# 1.10.0 + +Patch against SGX Downfall vulnerability. See [v1.10 proposal](./docs/proposals/v1.10.md) for more info. + +# 1.9.3 + +- Bump ibc-go from v4.3.0 to v4.3.1 ([Huckleberry](https://forum.cosmos.network/t/ibc-security-advisory-huckleberry/10731/1) security patch) + +# 1.9.2 + +- Fix the v1.9.0 upgrade + +# 1.9.1 + +- An atempt to fix the v1.9.0 upgrade + +# 1.9.0 + +- New Feature: Randomness injection for secret contracts. + - Eliminates the need for contracts to bootstrap their own entropy pool. + - Unique for every contract call. + - Useful in lotteries, gaming, secure authentication protocols, protocols where unpredictable outcomes are essential for fairness and security, and much more. + For more infomation on how to use this feature, see the documentation +- New Feature: FinalizeTx. + - Contracts can force the transaction to finalize at a certain point, otherwise revert. + - Example: protect against sandwich attacks and potential transaction rollbacks. + - Example: protect against cheating in gaming applications, where a malicious player could try to rollback a transaction in which they lost. +- IBC: Updated ibc-go from v3.4.0 to v4.3.0. +- New IBC Feature: Added packet-forward-middleware by Strangelove. + - Other chains would be able to more easily route SCRT in the interchain. For example, sending SCRT from Osmosis to Hub now becomes a single transaction from `Osmosis -> Secret` rather than a transaction from `Osmosis -> Secret`, then a transaction from `Secret -> Hub`. +- New IBC Feature: Added IBC fee middleware. + - Creates a fee market for relaying IBC packets. +- New IBC Feature: Added IBC panic button. + - Quickly shut down IBC in case of an emergency. +- New Feature: Evaporate & Check Gas APIs + The new Check Gas and Evaporate APIs allow contract developers to create contracts that consume a constant amount of gas, independently of their code path. This helps harden contracts against information leakage from the amount of gas consumed by a contract. +- Bug Fix: Fixed an issue where nodes would sometimes stop if failing to enter SGX enclave +- Bug Fix: Fixed a bug where stopping and restarting a node would often cause the node to apphash +- Bug Fix: Fixed an issue where storing and deleting a key from storage in the same msg would cause it not to be deleted + +# 1.8.0 + +Fixed a critical bug in 1.7.0 that prevented new nodes from joining the network and existing nodes from restarting their secretd process. + +# 1.7.0 + +- Added the ability to rotate consensus seed during a network upgrade + - this will be executed during this upgrade - Added expedited gov proposals - Initial params (can be amended with a param change proposal): - Minimum deposit: 750 SCRT - Voting time: 24 hours - Voting treshhold: 2/3 yes to pass - If an expedited proposal fails to meet the threshold within the scope of shorter voting duration, the expedited proposal is then converted to a regular proposal and restarts voting under regular voting conditions. +- Added auto-restaking - an opt-in feature that enables automatic compounding of staking rewards +- Added light-client validation for blocks + - Protects against leaking private data using an offline fork attack + - Enables trusted block heights and block time to be relied on by contracts # 1.6.0 diff --git a/Makefile b/Makefile index 4ec8d5d5d..81ad8d0a6 100644 --- a/Makefile +++ b/Makefile @@ -32,7 +32,6 @@ TEST_COMPUTE_MODULE_PATH = ./x/compute/internal/keeper/testdata/ ENCLAVE_PATH = cosmwasm/enclaves/ EXECUTE_ENCLAVE_PATH = $(ENCLAVE_PATH)/execute/ -QUERY_ENCLAVE_PATH = $(ENCLAVE_PATH)/query/ DOCKER_BUILD_ARGS ?= DOCKER_BUILDX_CHECK = $(@shell docker build --load test) @@ -166,11 +165,13 @@ build-secret: build-linux build-linux: _build-linux build_local_no_rust build_cli _build-linux: - BUILD_PROFILE=$(BUILD_PROFILE) FEATURES=$(FEATURES) FEATURES_U=$(FEATURES_U) $(MAKE) -C go-cosmwasm build-rust + BUILD_PROFILE=$(BUILD_PROFILE) FEATURES="$(FEATURES)" FEATURES_U="$(FEATURES_U) light-client-validation go-tests" $(MAKE) -C go-cosmwasm build-rust -build-linux-with-query: _build-linux-with-query build_local_no_rust build_cli -_build-linux-with-query: - BUILD_PROFILE=$(BUILD_PROFILE) FEATURES=$(FEATURES) FEATURES_U=query-node,$(FEATURES_U) $(MAKE) -C go-cosmwasm build-rust +build-tm-secret-enclave: + git clone https://github.com/scrtlabs/tm-secret-enclave.git /tmp/tm-secret-enclave || true + cd /tmp/tm-secret-enclave && git checkout v1.9.3 && git submodule init && git submodule update --remote + rustup component add rust-src + SGX_MODE=$(SGX_MODE) $(MAKE) -C /tmp/tm-secret-enclave build build_windows_cli: $(MAKE) xgo_build_secretcli XGO_TARGET=windows/amd64 @@ -229,7 +230,7 @@ clean: -rm -rf /tmp/SecretNetwork -rm -f ./secretcli* -rm -f ./secretd* - -find -name '*.so' -delete + -find -name '*.so' -not -path './third_party/*' -delete -rm -f ./enigma-blockchain*.deb -rm -f ./SHA256SUMS* -rm -rf ./third_party/vendor/ @@ -241,10 +242,14 @@ clean: $(MAKE) -C go-cosmwasm clean-all $(MAKE) -C cosmwasm/enclaves/test clean $(MAKE) -C check-hw clean + $(MAKE) -C $(TEST_CONTRACT_V010_PATH)/test-compute-contract clean + $(MAKE) -C $(TEST_CONTRACT_V010_PATH)/test-compute-contract-v2 clean + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/test-compute-contract clean + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/test-compute-contract-v2 clean localsecret: DOCKER_BUILDKIT=1 docker build \ - --build-arg FEATURES="${FEATURES},light-client-validation,debug-print" \ + --build-arg FEATURES="${FEATURES},debug-print,random,light-client-validation" \ --build-arg FEATURES_U=${FEATURES_U} \ --secret id=API_KEY,src=.env.local \ --secret id=SPID,src=.env.local \ @@ -265,7 +270,7 @@ build-testnet-bootstrap: --secret id=API_KEY,src=api_key.txt \ --secret id=SPID,src=spid.txt \ --build-arg BUILD_VERSION=${VERSION} \ - --build-arg SGX_MODE=HW \ + --build-arg SGX_MODE=${SGX_MODE} \ $(DOCKER_BUILD_ARGS) \ --build-arg DB_BACKEND=${DB_BACKEND} \ --build-arg SECRET_NODE_TYPE=BOOTSTRAP \ @@ -280,8 +285,8 @@ build-testnet: --secret id=API_KEY,src=api_key.txt \ --secret id=SPID,src=spid.txt \ --build-arg BUILD_VERSION=${VERSION} \ - --build-arg SGX_MODE=HW \ - --build-arg FEATURES="verify-validator-whitelist,light-client-validation,${FEATURES}" \ + --build-arg SGX_MODE=${SGX_MODE} \ + --build-arg FEATURES="verify-validator-whitelist,light-client-validation,random,${FEATURES}" \ $(DOCKER_BUILD_ARGS) \ --build-arg DB_BACKEND=${DB_BACKEND} \ --build-arg SECRET_NODE_TYPE=NODE \ @@ -293,8 +298,8 @@ build-testnet: --secret id=API_KEY,src=api_key.txt \ --secret id=SPID,src=spid.txt \ --build-arg BUILD_VERSION=${VERSION} \ - --build-arg SGX_MODE=HW \ - --build-arg FEATURES="verify-validator-whitelist,light-client-validation,${FEATURES}" \ + --build-arg SGX_MODE=${SGX_MODE} \ + --build-arg FEATURES="verify-validator-whitelist,light-client-validation,random,${FEATURES}" \ $(DOCKER_BUILD_ARGS) \ --build-arg CGO_LDFLAGS=${DOCKER_CGO_LDFLAGS} \ --build-arg DB_BACKEND=${DB_BACKEND} \ @@ -333,7 +338,7 @@ build-mainnet-upgrade: docker run -e VERSION=${VERSION} -v $(CUR_DIR)/build:/build deb_build build-mainnet: @mkdir build 2>&3 || true - DOCKER_BUILDKIT=1 docker build --build-arg FEATURES="verify-validator-whitelist,light-client-validation,production, ${FEATURES}" \ + DOCKER_BUILDKIT=1 docker build --build-arg FEATURES="verify-validator-whitelist,light-client-validation,production,random, ${FEATURES}" \ --build-arg FEATURES_U=${FEATURES_U} \ --build-arg BUILDKIT_INLINE_CACHE=1 \ --secret id=API_KEY,src=api_key.txt \ @@ -347,7 +352,7 @@ build-mainnet: -f deployment/dockerfiles/Dockerfile \ -t ghcr.io/scrtlabs/secret-network-node:v$(VERSION) \ --target release-image . - DOCKER_BUILDKIT=1 docker build --build-arg FEATURES="verify-validator-whitelist,light-client-validation,production, ${FEATURES}" \ + DOCKER_BUILDKIT=1 docker build --build-arg FEATURES="verify-validator-whitelist,light-client-validation,production,random, ${FEATURES}" \ --build-arg FEATURES_U=${FEATURES_U} \ --build-arg BUILDKIT_INLINE_CACHE=1 \ --secret id=API_KEY,src=api_key.txt \ @@ -367,7 +372,8 @@ build-check-hw-tool: DOCKER_BUILDKIT=1 docker build --build-arg FEATURES="${FEATURES}" \ --build-arg FEATURES_U=${FEATURES_U} \ --build-arg BUILDKIT_INLINE_CACHE=1 \ - --secret id=API_KEY,src=api_key.txt \ + --secret id=API_KEY,src=ias_keys/develop/api_key.txt \ + --secret id=API_KEY_MAINNET,src=ias_keys/production/api_key.txt \ --secret id=SPID,src=spid.txt \ --build-arg SECRET_NODE_TYPE=NODE \ --build-arg BUILD_VERSION=${VERSION} \ @@ -416,37 +422,74 @@ build-bench-contract: $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/bench-contract cp $(TEST_CONTRACT_V1_PATH)/bench-contract/*.wasm $(TEST_COMPUTE_MODULE_PATH)/ -build-test-contract: +build-test-contracts: # echo "" | sudo add-apt-repository ppa:hnakamur/binaryen # sudo apt update # sudo apt install -y binaryen $(MAKE) -C $(TEST_CONTRACT_V010_PATH)/test-compute-contract - cp $(TEST_CONTRACT_V010_PATH)/test-compute-contract/*.wasm $(TEST_COMPUTE_MODULE_PATH)/ + + rm -f $(TEST_COMPUTE_MODULE_PATH)/contract.wasm + cp $(TEST_CONTRACT_V010_PATH)/test-compute-contract/contract.wasm $(TEST_COMPUTE_MODULE_PATH)/contract.wasm + + rm -f $(TEST_COMPUTE_MODULE_PATH)/contract_with_floats.wasm + cp $(TEST_CONTRACT_V010_PATH)/test-compute-contract/contract_with_floats.wasm $(TEST_COMPUTE_MODULE_PATH)/contract_with_floats.wasm + + rm -f $(TEST_COMPUTE_MODULE_PATH)/static-too-high-initial-memory.wasm + cp $(TEST_CONTRACT_V010_PATH)/test-compute-contract/static-too-high-initial-memory.wasm $(TEST_COMPUTE_MODULE_PATH)/static-too-high-initial-memory.wasm + + rm -f $(TEST_COMPUTE_MODULE_PATH)/too-high-initial-memory.wasm + cp $(TEST_CONTRACT_V010_PATH)/test-compute-contract/too-high-initial-memory.wasm $(TEST_COMPUTE_MODULE_PATH)/too-high-initial-memory.wasm + + $(MAKE) -C $(TEST_CONTRACT_V010_PATH)/test-compute-contract-v2 + + rm -f $(TEST_COMPUTE_MODULE_PATH)/contract-v2.wasm + cp $(TEST_CONTRACT_V010_PATH)/test-compute-contract-v2/contract-v2.wasm $(TEST_COMPUTE_MODULE_PATH)/contract-v2.wasm + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/test-compute-contract - cp $(TEST_CONTRACT_V1_PATH)/test-compute-contract/*.wasm $(TEST_COMPUTE_MODULE_PATH)/ + rm -f $(TEST_COMPUTE_MODULE_PATH)/v1-contract.wasm + cp $(TEST_CONTRACT_V1_PATH)/test-compute-contract/v1-contract.wasm $(TEST_COMPUTE_MODULE_PATH)/v1-contract.wasm + + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/test-compute-contract-v2 + rm -f $(TEST_COMPUTE_MODULE_PATH)/v1-contract-v2.wasm + cp $(TEST_CONTRACT_V1_PATH)/test-compute-contract-v2/v1-contract-v2.wasm $(TEST_COMPUTE_MODULE_PATH)/v1-contract-v2.wasm + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/ibc-test-contract - cp $(TEST_CONTRACT_V1_PATH)/ibc-test-contract/*.wasm $(TEST_COMPUTE_MODULE_PATH)/ + rm -f $(TEST_COMPUTE_MODULE_PATH)/ibc.wasm + cp $(TEST_CONTRACT_V1_PATH)/ibc-test-contract/ibc.wasm $(TEST_COMPUTE_MODULE_PATH)/ibc.wasm + + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/migration/contract-v1 + rm -f $(TEST_COMPUTE_MODULE_PATH)/migrate_contract_v1.wasm + cp $(TEST_CONTRACT_V1_PATH)/migration/contract-v1/migrate_contract_v1.wasm $(TEST_COMPUTE_MODULE_PATH)/migrate_contract_v1.wasm + + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/migration/contract-v2 + rm -f $(TEST_COMPUTE_MODULE_PATH)/migrate_contract_v2.wasm + cp $(TEST_CONTRACT_V1_PATH)/migration/contract-v2/migrate_contract_v2.wasm $(TEST_COMPUTE_MODULE_PATH)/migrate_contract_v2.wasm -prep-go-tests: build-test-contract bin-data-sw + $(MAKE) -C $(TEST_CONTRACT_V1_PATH)/random-test + rm -f $(TEST_COMPUTE_MODULE_PATH)/v1_random_test.wasm + cp $(TEST_CONTRACT_V1_PATH)/random-test/v1_random_test.wasm $(TEST_COMPUTE_MODULE_PATH)/v1_random_test.wasm + + +prep-go-tests: build-test-contracts bin-data-sw # empty BUILD_PROFILE means debug mode which compiles faster SGX_MODE=SW $(MAKE) build-linux cp ./$(EXECUTE_ENCLAVE_PATH)/librust_cosmwasm_enclave.signed.so ./x/compute/internal/keeper + cp ./$(EXECUTE_ENCLAVE_PATH)/librust_cosmwasm_enclave.signed.so . -go-tests: build-test-contract bin-data-sw - SGX_MODE=SW $(MAKE) build-linux-with-query +go-tests: build-test-contracts bin-data-sw + # SGX_MODE=SW $(MAKE) build-tm-secret-enclave + # cp /tmp/tm-secret-enclave/tendermint_enclave.signed.so ./x/compute/internal/keeper + SGX_MODE=SW $(MAKE) build-linux cp ./$(EXECUTE_ENCLAVE_PATH)/librust_cosmwasm_enclave.signed.so ./x/compute/internal/keeper - #cp ./$(QUERY_ENCLAVE_PATH)/librust_cosmwasm_query_enclave.signed.so ./x/compute/internal/keeper - rm -rf ./x/compute/internal/keeper/.sgx_secrets - mkdir -p ./x/compute/internal/keeper/.sgx_secrets - GOMAXPROCS=8 SGX_MODE=SW SCRT_SGX_STORAGE='./' go test -failfast -timeout 90m -v ./x/compute/internal/... $(GO_TEST_ARGS) + GOMAXPROCS=8 SGX_MODE=SW SCRT_SGX_STORAGE='./' SKIP_LIGHT_CLIENT_VALIDATION=TRUE go test -count 1 -failfast -timeout 90m -v ./x/compute/internal/... $(GO_TEST_ARGS) -go-tests-hw: build-test-contract bin-data +go-tests-hw: build-test-contracts bin-data # empty BUILD_PROFILE means debug mode which compiles faster + # SGX_MODE=HW $(MAKE) build-tm-secret-enclave + # cp /tmp/tm-secret-enclave/tendermint_enclave.signed.so ./x/compute/internal/keeper SGX_MODE=HW $(MAKE) build-linux cp ./$(EXECUTE_ENCLAVE_PATH)/librust_cosmwasm_enclave.signed.so ./x/compute/internal/keeper - rm -rf ./x/compute/internal/keeper/.sgx_secrets - mkdir -p ./x/compute/internal/keeper/.sgx_secrets - GOMAXPROCS=8 SGX_MODE=HW go test -v ./x/compute/internal/... $(GO_TEST_ARGS) + GOMAXPROCS=8 SGX_MODE=HW SCRT_SGX_STORAGE='./' SKIP_LIGHT_CLIENT_VALIDATION=TRUE go test -v ./x/compute/internal/... $(GO_TEST_ARGS) # When running this more than once, after the first time you'll want to remove the contents of the `ffi-types` # rule in the Makefile in `enclaves/execute`. This is to speed up the compilation time of tests and speed up the @@ -455,7 +498,7 @@ go-tests-hw: build-test-contract bin-data enclave-tests: $(MAKE) -C cosmwasm/enclaves/test run -build-all-test-contracts: build-test-contract +build-all-test-contracts: build-test-contracts cd $(CW_CONTRACTS_V010_PATH)/gov && RUSTFLAGS='-C link-arg=-s' cargo build --release --target wasm32-unknown-unknown --locked wasm-opt -Os $(CW_CONTRACTS_V010_PATH)/gov/target/wasm32-unknown-unknown/release/gov.wasm -o $(TEST_CONTRACT_PATH)/gov.wasm @@ -481,7 +524,7 @@ build-all-test-contracts: build-test-contract wasm-opt -Os .$(CW_CONTRACTS_V010_PATH)/hackatom/target/wasm32-unknown-unknown/release/hackatom.wasm -o $(TEST_CONTRACT_PATH)/contract.wasm cat $(TEST_CONTRACT_PATH)/contract.wasm | gzip > $(TEST_CONTRACT_PATH)/contract.wasm.gzip -build-erc20-contract: build-test-contract +build-erc20-contract: build-test-contracts cd .$(CW_CONTRACTS_V010_PATH)/erc20 && RUSTFLAGS='-C link-arg=-s' cargo build --release --target wasm32-unknown-unknown --locked wasm-opt -Os .$(CW_CONTRACTS_V010_PATH)/erc20/target/wasm32-unknown-unknown/release/cw_erc20.wasm -o ./erc20.wasm diff --git a/app/ante.go b/app/ante.go index 416439d37..9ad889ad5 100644 --- a/app/ante.go +++ b/app/ante.go @@ -4,7 +4,7 @@ import ( sdk "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" "github.com/cosmos/cosmos-sdk/x/auth/ante" - "github.com/cosmos/ibc-go/v3/modules/core/keeper" + "github.com/cosmos/ibc-go/v4/modules/core/keeper" "github.com/scrtlabs/SecretNetwork/x/compute" ) diff --git a/app/app.go b/app/app.go index 2c4253835..cbb172b5b 100644 --- a/app/app.go +++ b/app/app.go @@ -7,8 +7,9 @@ import ( "os" "path/filepath" - "github.com/scrtlabs/SecretNetwork/app/keepers" - icaauth "github.com/scrtlabs/SecretNetwork/x/mauth" + packetforwardtypes "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router/types" + ibcfeetypes "github.com/cosmos/ibc-go/v4/modules/apps/29-fee/types" + ibcswitchtypes "github.com/scrtlabs/SecretNetwork/x/emergencybutton/types" "github.com/cosmos/cosmos-sdk/baseapp" "github.com/cosmos/cosmos-sdk/client" @@ -23,65 +24,53 @@ import ( "github.com/cosmos/cosmos-sdk/simapp" sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/cosmos-sdk/types/module" + vestingtypes "github.com/cosmos/cosmos-sdk/x/auth/vesting/types" "github.com/cosmos/cosmos-sdk/x/authz" - ica "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts" - icatypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/types" - "github.com/cosmos/ibc-go/v3/modules/apps/transfer" - ibctransfertypes "github.com/cosmos/ibc-go/v3/modules/apps/transfer/types" - ibc "github.com/cosmos/ibc-go/v3/modules/core" - ibchost "github.com/cosmos/ibc-go/v3/modules/core/24-host" - ibckeeper "github.com/cosmos/ibc-go/v3/modules/core/keeper" + icatypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/types" + ibctransfertypes "github.com/cosmos/ibc-go/v4/modules/apps/transfer/types" + ibchost "github.com/cosmos/ibc-go/v4/modules/core/24-host" + ibckeeper "github.com/cosmos/ibc-go/v4/modules/core/keeper" + "github.com/scrtlabs/SecretNetwork/app/keepers" "github.com/scrtlabs/SecretNetwork/app/upgrades" + v1_10 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.10" + v1_11 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.11" + v1_12 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.12" v1_3 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.3" v1_4 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.4" v1_5 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.5" v1_6 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.6" v1_7 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.7" v1_8 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.8" + v1_9 "github.com/scrtlabs/SecretNetwork/app/upgrades/v1.9" + icaauthtypes "github.com/scrtlabs/SecretNetwork/x/mauth/types" "github.com/cosmos/cosmos-sdk/version" - "github.com/cosmos/cosmos-sdk/x/auth" "github.com/cosmos/cosmos-sdk/x/auth/ante" authrest "github.com/cosmos/cosmos-sdk/x/auth/client/rest" - authsims "github.com/cosmos/cosmos-sdk/x/auth/simulation" authtx "github.com/cosmos/cosmos-sdk/x/auth/tx" authtypes "github.com/cosmos/cosmos-sdk/x/auth/types" - authzmodule "github.com/cosmos/cosmos-sdk/x/authz/module" - "github.com/cosmos/cosmos-sdk/x/bank" banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" - "github.com/cosmos/cosmos-sdk/x/capability" capabilitykeeper "github.com/cosmos/cosmos-sdk/x/capability/keeper" capabilitytypes "github.com/cosmos/cosmos-sdk/x/capability/types" "github.com/cosmos/cosmos-sdk/x/crisis" crisistypes "github.com/cosmos/cosmos-sdk/x/crisis/types" - distr "github.com/cosmos/cosmos-sdk/x/distribution" distrtypes "github.com/cosmos/cosmos-sdk/x/distribution/types" - "github.com/cosmos/cosmos-sdk/x/evidence" evidencetypes "github.com/cosmos/cosmos-sdk/x/evidence/types" "github.com/cosmos/cosmos-sdk/x/feegrant" - feegrantmodule "github.com/cosmos/cosmos-sdk/x/feegrant/module" - "github.com/cosmos/cosmos-sdk/x/genutil" genutiltypes "github.com/cosmos/cosmos-sdk/x/genutil/types" - "github.com/cosmos/cosmos-sdk/x/gov" govtypes "github.com/cosmos/cosmos-sdk/x/gov/types" - "github.com/cosmos/cosmos-sdk/x/mint" minttypes "github.com/cosmos/cosmos-sdk/x/mint/types" - "github.com/cosmos/cosmos-sdk/x/params" paramstypes "github.com/cosmos/cosmos-sdk/x/params/types" - "github.com/cosmos/cosmos-sdk/x/slashing" slashingtypes "github.com/cosmos/cosmos-sdk/x/slashing/types" - "github.com/cosmos/cosmos-sdk/x/staking" stakingkeeper "github.com/cosmos/cosmos-sdk/x/staking/keeper" stakingtypes "github.com/cosmos/cosmos-sdk/x/staking/types" - "github.com/cosmos/cosmos-sdk/x/upgrade" upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" + "github.com/gorilla/mux" + "github.com/rakyll/statik/fs" "github.com/scrtlabs/SecretNetwork/x/compute" reg "github.com/scrtlabs/SecretNetwork/x/registration" "github.com/spf13/cast" - - "github.com/gorilla/mux" - "github.com/rakyll/statik/fs" abci "github.com/tendermint/tendermint/abci/types" tmjson "github.com/tendermint/tendermint/libs/json" tmlog "github.com/tendermint/tendermint/libs/log" @@ -102,24 +91,23 @@ var ( // DefaultNodeHome sets the folder where the applcation data and configuration will be stored DefaultNodeHome = filepath.Join(homeDir, ".secretd") - // module account permissions - maccPerms = map[string][]string{ - authtypes.FeeCollectorName: nil, - distrtypes.ModuleName: nil, - minttypes.ModuleName: {authtypes.Minter}, - stakingtypes.BondedPoolName: {authtypes.Burner, authtypes.Staking}, - stakingtypes.NotBondedPoolName: {authtypes.Burner, authtypes.Staking}, - govtypes.ModuleName: {authtypes.Burner}, - ibctransfertypes.ModuleName: {authtypes.Minter, authtypes.Burner}, - icatypes.ModuleName: nil, - } - // Module accounts that are allowed to receive tokens allowedReceivingModAcc = map[string]bool{ distrtypes.ModuleName: true, } - Upgrades = []upgrades.Upgrade{v1_3.Upgrade, v1_4.Upgrade, v1_5.Upgrade, v1_6.Upgrade, v1_7.Upgrade, v1_8.Upgrade} + Upgrades = []upgrades.Upgrade{ + v1_3.Upgrade, + v1_4.Upgrade, + v1_5.Upgrade, + v1_6.Upgrade, + v1_7.Upgrade, + v1_8.Upgrade, + v1_9.Upgrade, + v1_10.Upgrade, + v1_11.Upgrade, + v1_12.Upgrade, + } ) // Verify app interface at compile time @@ -151,6 +139,14 @@ type SecretNetworkApp struct { configurator module.Configurator } +func (app *SecretNetworkApp) GetInterfaceRegistry() types.InterfaceRegistry { + return app.interfaceRegistry +} + +func (app *SecretNetworkApp) GetCodec() codec.Codec { + return app.appCodec +} + func (app *SecretNetworkApp) GetBaseApp() *baseapp.BaseApp { return app.BaseApp } @@ -216,7 +212,6 @@ func NewSecretNetworkApp( bApp.SetCommitMultiStoreTracer(traceStore) bApp.SetVersion(version.Version) bApp.SetInterfaceRegistry(interfaceRegistry) - // bApp.GRPCQueryRouter().RegisterSimulateService(bApp.Simulate, interfaceRegistry) // Initialize our application with the store keys it requires app := &SecretNetworkApp{ @@ -230,7 +225,7 @@ func NewSecretNetworkApp( app.AppKeepers.InitKeys() - app.AppKeepers.InitSdkKeepers(appCodec, legacyAmino, bApp, maccPerms, app.BlockedAddrs(), invCheckPeriod, skipUpgradeHeights, homePath) + app.AppKeepers.InitSdkKeepers(appCodec, legacyAmino, bApp, ModuleAccountPermissions, app.BlockedAddrs(), invCheckPeriod, skipUpgradeHeights, homePath) app.AppKeepers.InitCustomKeepers(appCodec, legacyAmino, bApp, bootstrap, homePath, computeConfig) app.setupUpgradeStoreLoaders() @@ -238,119 +233,25 @@ func NewSecretNetworkApp( // we prefer to be more strict in what arguments the modules expect. skipGenesisInvariants := cast.ToBool(appOpts.Get(crisis.FlagSkipGenesisInvariants)) - icaModule := ica.NewAppModule(app.AppKeepers.ICAControllerKeeper, app.AppKeepers.ICAHostKeeper) - icaAuthModule := icaauth.NewAppModule(appCodec, *app.AppKeepers.ICAAuthKeeper) - // NOTE: Any module instantiated in the module manager that is later modified // must be passed by reference here. - app.mm = module.NewManager( - genutil.NewAppModule(app.AppKeepers.AccountKeeper, app.AppKeepers.StakingKeeper, app.BaseApp.DeliverTx, encodingConfig.TxConfig), - auth.NewAppModule(appCodec, *app.AppKeepers.AccountKeeper, authsims.RandomGenesisAccounts), - bank.NewAppModule(appCodec, *app.AppKeepers.BankKeeper, app.AppKeepers.AccountKeeper), - capability.NewAppModule(appCodec, *app.AppKeepers.CapabilityKeeper), - crisis.NewAppModule(app.AppKeepers.CrisisKeeper, skipGenesisInvariants), - feegrantmodule.NewAppModule(appCodec, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, *app.AppKeepers.FeegrantKeeper, app.interfaceRegistry), - gov.NewAppModule(app.appCodec, *app.AppKeepers.GovKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper), - mint.NewAppModule(appCodec, *app.AppKeepers.MintKeeper, app.AppKeepers.AccountKeeper), - slashing.NewAppModule(appCodec, *app.AppKeepers.SlashingKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, *app.AppKeepers.StakingKeeper), - distr.NewAppModule(appCodec, *app.AppKeepers.DistrKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, *app.AppKeepers.StakingKeeper), - staking.NewAppModule(appCodec, *app.AppKeepers.StakingKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper), - upgrade.NewAppModule(*app.AppKeepers.UpgradeKeeper), - evidence.NewAppModule(*app.AppKeepers.EvidenceKeeper), - compute.NewAppModule(*app.AppKeepers.ComputeKeeper), - params.NewAppModule(*app.AppKeepers.ParamsKeeper), - authzmodule.NewAppModule(appCodec, *app.AppKeepers.AuthzKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, app.interfaceRegistry), - reg.NewAppModule(*app.AppKeepers.RegKeeper), - ibc.NewAppModule(app.AppKeepers.IbcKeeper), - transfer.NewAppModule(*app.AppKeepers.TransferKeeper), - icaModule, - icaAuthModule, - ) + app.mm = module.NewManager(Modules(app, encodingConfig, skipGenesisInvariants)...) + // During begin block slashing happens after distr.BeginBlocker so that // there is nothing left over in the validator fee pool, so as to keep the // CanWithdrawInvariant invariant. - app.mm.SetOrderBeginBlockers( - upgradetypes.ModuleName, - capabilitytypes.ModuleName, - minttypes.ModuleName, - distrtypes.ModuleName, - slashingtypes.ModuleName, - evidencetypes.ModuleName, - stakingtypes.ModuleName, - ibchost.ModuleName, - ibctransfertypes.ModuleName, - feegrant.ModuleName, - authtypes.ModuleName, - banktypes.ModuleName, - govtypes.ModuleName, - crisistypes.ModuleName, - genutiltypes.ModuleName, - authz.ModuleName, - paramstypes.ModuleName, - icatypes.ModuleName, - icaauthtypes.ModuleName, - // custom modules - compute.ModuleName, - reg.ModuleName, - ) + SetOrderBeginBlockers(app) // NOTE: Capability module must occur first so that it can initialize any capabilities // so that other modules that want to create or claim capabilities afterwards in InitChain // can do so safely. - app.mm.SetOrderEndBlockers( - crisistypes.ModuleName, - govtypes.ModuleName, - authz.ModuleName, - feegrant.ModuleName, - stakingtypes.ModuleName, - capabilitytypes.ModuleName, - authtypes.ModuleName, - banktypes.ModuleName, - distrtypes.ModuleName, - slashingtypes.ModuleName, - minttypes.ModuleName, - genutiltypes.ModuleName, - evidencetypes.ModuleName, - paramstypes.ModuleName, - upgradetypes.ModuleName, - ibchost.ModuleName, - ibctransfertypes.ModuleName, - icatypes.ModuleName, - icaauthtypes.ModuleName, - compute.ModuleName, - reg.ModuleName, - ) + SetOrderEndBlockers(app) // NOTE: The genutils module must occur after staking so that pools are // properly initialized with tokens from genesis accounts. // Sets the order of Genesis - Order matters, genutil is to always come last - app.mm.SetOrderInitGenesis( - capabilitytypes.ModuleName, - authtypes.ModuleName, - banktypes.ModuleName, - distrtypes.ModuleName, - stakingtypes.ModuleName, - slashingtypes.ModuleName, - govtypes.ModuleName, - paramstypes.ModuleName, - upgradetypes.ModuleName, - // custom modules - compute.ModuleName, - reg.ModuleName, - - icatypes.ModuleName, - icaauthtypes.ModuleName, - - authz.ModuleName, - minttypes.ModuleName, - crisistypes.ModuleName, - ibchost.ModuleName, - genutiltypes.ModuleName, - evidencetypes.ModuleName, - ibctransfertypes.ModuleName, - feegrant.ModuleName, - ) + SetOrderInitGenesis(app) // register all module routes and module queriers app.mm.RegisterInvariants(app.AppKeepers.CrisisKeeper) @@ -443,7 +344,7 @@ func (app *SecretNetworkApp) LoadHeight(height int64) error { // ModuleAccountAddrs returns all the app's module account addresses. func (app *SecretNetworkApp) ModuleAccountAddrs() map[string]bool { modAccAddrs := make(map[string]bool) - for acc := range maccPerms { + for acc := range ModuleAccountPermissions { modAccAddrs[authtypes.NewModuleAddress(acc).String()] = true } @@ -496,7 +397,7 @@ func RegisterSwaggerAPI(_ client.Context, rtr *mux.Router) { // allowed to receive external tokens. func (app *SecretNetworkApp) BlockedAddrs() map[string]bool { blockedAddrs := make(map[string]bool) - for acc := range maccPerms { + for acc := range ModuleAccountPermissions { blockedAddrs[authtypes.NewModuleAddress(acc).String()] = !allowedReceivingModAcc[acc] } @@ -526,9 +427,9 @@ func (app *SecretNetworkApp) setupUpgradeStoreLoaders() { return } - for _, upgradeDetails := range Upgrades { - if upgradeInfo.Name == upgradeDetails.UpgradeName { - app.BaseApp.SetStoreLoader(upgradetypes.UpgradeStoreLoader(upgradeInfo.Height, &upgradeDetails.StoreUpgrades)) + for i := range Upgrades { + if upgradeInfo.Name == Upgrades[i].UpgradeName { + app.BaseApp.SetStoreLoader(upgradetypes.UpgradeStoreLoader(upgradeInfo.Height, &Upgrades[i].StoreUpgrades)) } } } @@ -537,3 +438,98 @@ func (app *SecretNetworkApp) setupUpgradeStoreLoaders() { func (app *SecretNetworkApp) LegacyAmino() *codec.LegacyAmino { return app.legacyAmino } + +func SetOrderBeginBlockers(app *SecretNetworkApp) { + app.mm.SetOrderBeginBlockers( + upgradetypes.ModuleName, + capabilitytypes.ModuleName, + minttypes.ModuleName, + distrtypes.ModuleName, + slashingtypes.ModuleName, + evidencetypes.ModuleName, + stakingtypes.ModuleName, + ibchost.ModuleName, + ibctransfertypes.ModuleName, + feegrant.ModuleName, + authtypes.ModuleName, + vestingtypes.ModuleName, + banktypes.ModuleName, + govtypes.ModuleName, + crisistypes.ModuleName, + genutiltypes.ModuleName, + authz.ModuleName, + paramstypes.ModuleName, + icatypes.ModuleName, + icaauthtypes.ModuleName, + packetforwardtypes.ModuleName, + ibcfeetypes.ModuleName, + // custom modules + compute.ModuleName, + reg.ModuleName, + ibcswitchtypes.ModuleName, + ) +} + +func SetOrderInitGenesis(app *SecretNetworkApp) { + app.mm.SetOrderInitGenesis( + capabilitytypes.ModuleName, + authtypes.ModuleName, + vestingtypes.ModuleName, + banktypes.ModuleName, + distrtypes.ModuleName, + stakingtypes.ModuleName, + slashingtypes.ModuleName, + govtypes.ModuleName, + paramstypes.ModuleName, + upgradetypes.ModuleName, + // custom modules + compute.ModuleName, + reg.ModuleName, + ibcswitchtypes.ModuleName, + + icatypes.ModuleName, + icaauthtypes.ModuleName, + + authz.ModuleName, + minttypes.ModuleName, + crisistypes.ModuleName, + ibchost.ModuleName, + genutiltypes.ModuleName, + evidencetypes.ModuleName, + ibctransfertypes.ModuleName, + packetforwardtypes.ModuleName, + + ibcfeetypes.ModuleName, + feegrant.ModuleName, + ) +} + +func SetOrderEndBlockers(app *SecretNetworkApp) { + app.mm.SetOrderEndBlockers( + crisistypes.ModuleName, + govtypes.ModuleName, + authz.ModuleName, + feegrant.ModuleName, + stakingtypes.ModuleName, + capabilitytypes.ModuleName, + authtypes.ModuleName, + vestingtypes.ModuleName, + banktypes.ModuleName, + distrtypes.ModuleName, + slashingtypes.ModuleName, + minttypes.ModuleName, + genutiltypes.ModuleName, + evidencetypes.ModuleName, + paramstypes.ModuleName, + upgradetypes.ModuleName, + ibchost.ModuleName, + ibctransfertypes.ModuleName, + icatypes.ModuleName, + icaauthtypes.ModuleName, + ibcfeetypes.ModuleName, + packetforwardtypes.ModuleName, + compute.ModuleName, + reg.ModuleName, + ibcswitchtypes.ModuleName, + ) +} diff --git a/app/config.go b/app/config.go index dc37baedc..fd9432083 100644 --- a/app/config.go +++ b/app/config.go @@ -5,48 +5,35 @@ import ( "github.com/cosmos/cosmos-sdk/codec" "github.com/cosmos/cosmos-sdk/codec/types" "github.com/cosmos/cosmos-sdk/std" - sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/cosmos-sdk/types/module" "github.com/cosmos/cosmos-sdk/x/auth" "github.com/cosmos/cosmos-sdk/x/auth/tx" - authtypes "github.com/cosmos/cosmos-sdk/x/auth/types" "github.com/cosmos/cosmos-sdk/x/auth/vesting" - authzkeeper "github.com/cosmos/cosmos-sdk/x/authz/keeper" authz "github.com/cosmos/cosmos-sdk/x/authz/module" "github.com/cosmos/cosmos-sdk/x/bank" - banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" "github.com/cosmos/cosmos-sdk/x/capability" - capabilitytypes "github.com/cosmos/cosmos-sdk/x/capability/types" "github.com/cosmos/cosmos-sdk/x/crisis" distr "github.com/cosmos/cosmos-sdk/x/distribution" distrclient "github.com/cosmos/cosmos-sdk/x/distribution/client" - distrtypes "github.com/cosmos/cosmos-sdk/x/distribution/types" "github.com/cosmos/cosmos-sdk/x/evidence" - evidencetypes "github.com/cosmos/cosmos-sdk/x/evidence/types" - "github.com/cosmos/cosmos-sdk/x/feegrant" feegrantmodule "github.com/cosmos/cosmos-sdk/x/feegrant/module" "github.com/cosmos/cosmos-sdk/x/genutil" "github.com/cosmos/cosmos-sdk/x/gov" - govtypes "github.com/cosmos/cosmos-sdk/x/gov/types" "github.com/cosmos/cosmos-sdk/x/mint" - minttypes "github.com/cosmos/cosmos-sdk/x/mint/types" "github.com/cosmos/cosmos-sdk/x/params" paramsclient "github.com/cosmos/cosmos-sdk/x/params/client" - paramstypes "github.com/cosmos/cosmos-sdk/x/params/types" "github.com/cosmos/cosmos-sdk/x/slashing" - slashingtypes "github.com/cosmos/cosmos-sdk/x/slashing/types" "github.com/cosmos/cosmos-sdk/x/staking" - stakingtypes "github.com/cosmos/cosmos-sdk/x/staking/types" "github.com/cosmos/cosmos-sdk/x/upgrade" upgradeclient "github.com/cosmos/cosmos-sdk/x/upgrade/client" - upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" - ica "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts" - icacontrollertypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/controller/types" - icahosttypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/host/types" - "github.com/cosmos/ibc-go/v3/modules/apps/transfer" - ibctransfertypes "github.com/cosmos/ibc-go/v3/modules/apps/transfer/types" - ibc "github.com/cosmos/ibc-go/v3/modules/core" - ibchost "github.com/cosmos/ibc-go/v3/modules/core/24-host" + ica "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts" + ibcfee "github.com/cosmos/ibc-go/v4/modules/apps/29-fee" + "github.com/cosmos/ibc-go/v4/modules/apps/transfer" + ibc "github.com/cosmos/ibc-go/v4/modules/core" + ibcclient "github.com/cosmos/ibc-go/v4/modules/core/02-client/client" + ibcswitch "github.com/scrtlabs/SecretNetwork/x/emergencybutton" + + packetforwardrouter "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router" "github.com/scrtlabs/SecretNetwork/x/compute" icaauth "github.com/scrtlabs/SecretNetwork/x/mauth" "github.com/scrtlabs/SecretNetwork/x/registration" @@ -55,35 +42,35 @@ import ( var mbasics = module.NewBasicManager( append([]module.AppModuleBasic{ authz.AppModuleBasic{}, - // accounts, fees. auth.AppModuleBasic{}, - // genesis utilities genutil.AppModuleBasic{}, - // tokens, token balance. bank.AppModuleBasic{}, capability.AppModuleBasic{}, - // validator staking staking.AppModuleBasic{}, - // inflation mint.AppModuleBasic{}, - // distribution of fess and inflation distr.AppModuleBasic{}, - // governance functionality (voting) gov.NewAppModuleBasic( - paramsclient.ProposalHandler, distrclient.ProposalHandler, - upgradeclient.ProposalHandler, upgradeclient.CancelProposalHandler, + paramsclient.ProposalHandler, + distrclient.ProposalHandler, + upgradeclient.ProposalHandler, + upgradeclient.CancelProposalHandler, + ibcclient.UpdateClientProposalHandler, + ibcclient.UpgradeProposalHandler, ), - // chain parameters params.AppModuleBasic{}, crisis.AppModuleBasic{}, slashing.AppModuleBasic{}, - ibc.AppModuleBasic{}, upgrade.AppModuleBasic{}, evidence.AppModuleBasic{}, transfer.AppModuleBasic{}, vesting.AppModuleBasic{}, feegrantmodule.AppModuleBasic{}, + + // ibc modules + ibc.AppModuleBasic{}, ica.AppModuleBasic{}, + packetforwardrouter.AppModuleBasic{}, + ibcfee.AppModuleBasic{}, }, // our stuff customModuleBasics()..., @@ -103,6 +90,7 @@ func customModuleBasics() []module.AppModuleBasic { compute.AppModuleBasic{}, registration.AppModuleBasic{}, icaauth.AppModuleBasic{}, + ibcswitch.AppModuleBasic{}, } } @@ -138,27 +126,3 @@ func MakeEncodingConfig() EncodingConfig { Amino: amino, } } - -func kvStoreKeys() map[string]*sdk.KVStoreKey { - return sdk.NewKVStoreKeys( - append([]string{ - authtypes.StoreKey, banktypes.StoreKey, stakingtypes.StoreKey, - minttypes.StoreKey, distrtypes.StoreKey, slashingtypes.StoreKey, - govtypes.StoreKey, paramstypes.StoreKey, ibchost.StoreKey, upgradetypes.StoreKey, - evidencetypes.StoreKey, ibctransfertypes.StoreKey, capabilitytypes.StoreKey, - feegrant.StoreKey, authzkeeper.StoreKey, - icacontrollertypes.StoreKey, - icahosttypes.StoreKey, - }, - customKVStoreKeys()..., - )..., - ) -} - -func transientStoreKeys() map[string]*sdk.TransientStoreKey { - return sdk.NewTransientStoreKeys(paramstypes.TStoreKey) -} - -func memStoreKeys() map[string]*sdk.MemoryStoreKey { - return sdk.NewMemoryStoreKeys(capabilitytypes.MemStoreKey) -} diff --git a/app/keepers/keepers.go b/app/keepers/keepers.go index 69ebcfac5..6fbc6bfd9 100644 --- a/app/keepers/keepers.go +++ b/app/keepers/keepers.go @@ -37,25 +37,40 @@ import ( "github.com/cosmos/cosmos-sdk/x/upgrade" upgradekeeper "github.com/cosmos/cosmos-sdk/x/upgrade/keeper" upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" - icacontroller "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/controller" - icacontrollerkeeper "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/controller/keeper" - icacontrollertypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/controller/types" - icahost "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/host" - icahostkeeper "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/host/keeper" - icahosttypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/host/types" - "github.com/cosmos/ibc-go/v3/modules/apps/transfer" - ibctransferkeeper "github.com/cosmos/ibc-go/v3/modules/apps/transfer/keeper" - ibctransfertypes "github.com/cosmos/ibc-go/v3/modules/apps/transfer/types" - ibcclient "github.com/cosmos/ibc-go/v3/modules/core/02-client" - ibcclienttypes "github.com/cosmos/ibc-go/v3/modules/core/02-client/types" - porttypes "github.com/cosmos/ibc-go/v3/modules/core/05-port/types" - ibchost "github.com/cosmos/ibc-go/v3/modules/core/24-host" - ibckeeper "github.com/cosmos/ibc-go/v3/modules/core/keeper" + ibcpacketforward "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router" + icacontroller "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/controller" + icacontrollerkeeper "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/controller/keeper" + icacontrollertypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/controller/types" + icahost "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/host" + icahostkeeper "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/host/keeper" + icahosttypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/host/types" + ibcfee "github.com/cosmos/ibc-go/v4/modules/apps/29-fee" + "github.com/cosmos/ibc-go/v4/modules/apps/transfer" + ibctransferkeeper "github.com/cosmos/ibc-go/v4/modules/apps/transfer/keeper" + ibctransfertypes "github.com/cosmos/ibc-go/v4/modules/apps/transfer/types" + ibcclient "github.com/cosmos/ibc-go/v4/modules/core/02-client" + ibcclienttypes "github.com/cosmos/ibc-go/v4/modules/core/02-client/types" + porttypes "github.com/cosmos/ibc-go/v4/modules/core/05-port/types" + ibchost "github.com/cosmos/ibc-go/v4/modules/core/24-host" + ibckeeper "github.com/cosmos/ibc-go/v4/modules/core/keeper" "github.com/scrtlabs/SecretNetwork/x/compute" icaauth "github.com/scrtlabs/SecretNetwork/x/mauth" icaauthkeeper "github.com/scrtlabs/SecretNetwork/x/mauth/keeper" icaauthtypes "github.com/scrtlabs/SecretNetwork/x/mauth/types" reg "github.com/scrtlabs/SecretNetwork/x/registration" + + ibcpacketforwardkeeper "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router/keeper" + ibcpacketforwardtypes "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router/types" + + ibcfeekeeper "github.com/cosmos/ibc-go/v4/modules/apps/29-fee/keeper" + ibcfeetypes "github.com/cosmos/ibc-go/v4/modules/apps/29-fee/types" + + ibcswitch "github.com/scrtlabs/SecretNetwork/x/emergencybutton" + ibcswitchtypes "github.com/scrtlabs/SecretNetwork/x/emergencybutton/types" + + ibchooks "github.com/scrtlabs/SecretNetwork/x/ibc-hooks" + ibchookskeeper "github.com/scrtlabs/SecretNetwork/x/ibc-hooks/keeper" + ibchookstypes "github.com/scrtlabs/SecretNetwork/x/ibc-hooks/types" ) type SecretAppKeepers struct { @@ -77,7 +92,12 @@ type SecretAppKeepers struct { ComputeKeeper *compute.Keeper RegKeeper *reg.Keeper IbcKeeper *ibckeeper.Keeper // IBC Keeper must be a pointer in the app, so we can SetRouter on it correctly - TransferKeeper *ibctransferkeeper.Keeper + TransferKeeper ibctransferkeeper.Keeper + + IbcHooksKeeper *ibchookskeeper.Keeper + IbcFeeKeeper ibcfeekeeper.Keeper + PacketForwardKeeper *ibcpacketforwardkeeper.Keeper + IbcSwitchKeeper *ibcswitch.Keeper ICAControllerKeeper *icacontrollerkeeper.Keeper ICAHostKeeper *icahostkeeper.Keeper @@ -93,8 +113,6 @@ type SecretAppKeepers struct { ScopedComputeKeeper capabilitykeeper.ScopedKeeper - // - // keys to access the substores keys map[string]*sdk.KVStoreKey tKeys map[string]*sdk.TransientStoreKey @@ -235,11 +253,24 @@ func (ak *SecretAppKeepers) CreateScopedKeepers() { ak.ScopedICAHostKeeper = ak.CapabilityKeeper.ScopeToModule(icahosttypes.SubModuleName) ak.ScopedICAAuthKeeper = ak.CapabilityKeeper.ScopeToModule(icaauthtypes.ModuleName) ak.ScopedComputeKeeper = ak.CapabilityKeeper.ScopeToModule(compute.ModuleName) + // Applications that wish to enforce statically created ScopedKeepers should call `Seal` after creating // their scoped modules in `NewApp` with `ScopeToModule` ak.CapabilityKeeper.Seal() } +// InitCustomKeepers Create keeper for the register module. +// Also, Create keepers and modules for the transfer, compute, icacontroller and icahost modules. +// These are all ibc-enabled, so we build a Stack around each of them. +// +// For example, this is how the stack will be build for the transfer app +// - SendPacket. Originates from the transferKeeper and goes up the stack: +// transferKeeper.SendPacket -> ibcpacketforward.SendPacket -> ibcfeekeeper.SendPacket -> +// - RecvPacket, message that originates from core IBC and goes down to app, the flow is the other way: +// channel.RecvPacket -> ibcswitch.OnRecvPacket -> ibcfeekeeper.OnRecvPacket -> +// ibcpacketforward.OnRecvPacket -> transfer.OnRecvPacket +// +// Note that the forward middleware is only integrated on the "receive" direction. It can be safely skipped when sending. func (ak *SecretAppKeepers) InitCustomKeepers( appCodec codec.Codec, legacyAmino *codec.LegacyAmino, @@ -255,10 +286,146 @@ func (ak *SecretAppKeepers) InitCustomKeepers( regKeeper := reg.NewKeeper(appCodec, ak.keys[reg.StoreKey], regRouter, reg.EnclaveApi{}, homePath, bootstrap) ak.RegKeeper = ®Keeper + // Assaf: + // Rules: + // 1. Everything should go through our IBC Switch middleware + // 2. Everything should go through the IBC Fee middleware + // 3. IBC Transfer should go through the IBC Packet Forward middleware + // 4. IBC Transfer should go through the IBC Hooks middleware + // + // Therefore we'll initialize the Switch keeper and pass it to the Fee keeper as an ics4wrapper. + // That means that whenever a packet is being send via Fee as an ics4wrapper, it will go through the switch middleware first (ref: https://github.com/cosmos/ibc-go/blob/v4.3.0/modules/apps/29-fee/keeper/relay.go#L15-L18). + // Then we'll pass Fee as an ics4wrapper to everything else. + // + // Compute send: Switch -> Fee -> Packet Forward -> WASM Hooks + // Compute receive: Switch -> Fee -> Packet Forward -> WASM Hooks + // + // Transfer send: Switch -> Fee -> Packet Forward -> WASM Hooks (WASM Hooks isn't necessary here, but we'll add it for consistency) + // Transfer receive: Switch -> Fee -> Packet Forward -> WASM Hooks + // + // Note: we need to make sure that every underlying IBC app/middleware that we're adding uses the ics4wrapper to send packets, and not the IBC channel keeper. + + // Setup the ICS4Wrapper used by the hooks middleware + // Configure the hooks keeper + ibcHooksKeeper := ibchookskeeper.NewKeeper( + ak.keys[ibchookstypes.StoreKey], + ) + ak.IbcHooksKeeper = &ibcHooksKeeper + + wasmHooks := ibchooks.NewWasmHooks( + &ibcHooksKeeper, + nil, // The compute keeper will be set later on + sdk.GetConfig().GetBech32AccountAddrPrefix(), + ) + ibcHooksICS4Wrapper := ibchooks.NewICS4Middleware( + ak.IbcKeeper.ChannelKeeper, + &wasmHooks, + ) + + // Initialize packet forward middleware + ak.PacketForwardKeeper = ibcpacketforwardkeeper.NewKeeper( + appCodec, + ak.keys[ibcpacketforwardtypes.StoreKey], + ak.GetSubspace(ibcpacketforwardtypes.ModuleName), + nil, // transfer keeper will be set later on + ak.IbcKeeper.ChannelKeeper, + ak.DistrKeeper, + ak.BankKeeper, + ibcHooksICS4Wrapper, + ) + + ak.IbcFeeKeeper = ibcfeekeeper.NewKeeper( + appCodec, + ak.keys[ibcfeetypes.StoreKey], + ak.GetSubspace(ibcfeetypes.ModuleName), + ak.PacketForwardKeeper, + ak.IbcKeeper.ChannelKeeper, + &ak.IbcKeeper.PortKeeper, + ak.AccountKeeper, + ak.BankKeeper, + ) + + ibcSwitchKeeper := ibcswitch.NewKeeper( + ak.IbcFeeKeeper, + ak.GetSubspace(ibcswitch.ModuleName), + ) + ak.IbcSwitchKeeper = &ibcSwitchKeeper + + icaControllerKeeper := icacontrollerkeeper.NewKeeper( + appCodec, + ak.keys[icacontrollertypes.StoreKey], + ak.GetSubspace(icacontrollertypes.SubModuleName), + ak.IbcSwitchKeeper, + ak.IbcKeeper.ChannelKeeper, + &ak.IbcKeeper.PortKeeper, + ak.ScopedICAControllerKeeper, + app.MsgServiceRouter(), + ) + ak.ICAControllerKeeper = &icaControllerKeeper + + icaHostKeeper := icahostkeeper.NewKeeper( + appCodec, + ak.keys[icahosttypes.StoreKey], + ak.GetSubspace(icahosttypes.SubModuleName), + ak.IbcKeeper.ChannelKeeper, + &ak.IbcKeeper.PortKeeper, + ak.AccountKeeper, + ak.ScopedICAHostKeeper, + app.MsgServiceRouter(), + ) + ak.ICAHostKeeper = &icaHostKeeper + + icaAuthKeeper := icaauthkeeper.NewKeeper(appCodec, ak.keys[icaauthtypes.StoreKey], *ak.ICAControllerKeeper, ak.ScopedICAAuthKeeper) + ak.ICAAuthKeeper = &icaAuthKeeper + + icaAuthIBCModule := icaauth.NewIBCModule(*ak.ICAAuthKeeper) + + icaHostIBCModule := icahost.NewIBCModule(*ak.ICAHostKeeper) + + // Create Transfer Keepers + transferKeeper := ibctransferkeeper.NewKeeper( + appCodec, + ak.keys[ibctransfertypes.StoreKey], + ak.GetSubspace(ibctransfertypes.ModuleName), + ak.IbcSwitchKeeper, + ak.IbcKeeper.ChannelKeeper, + &ak.IbcKeeper.PortKeeper, + ak.AccountKeeper, + ak.BankKeeper, + ak.ScopedTransferKeeper, + ) + ak.TransferKeeper = transferKeeper + + ak.PacketForwardKeeper.SetTransferKeeper(ak.TransferKeeper) + + // Transfer receive: Switch -> Fee -> Packet Forward -> WASM Hooks + var transferStack porttypes.IBCModule + transferStack = transfer.NewIBCModule(ak.TransferKeeper) + transferStack = ibchooks.NewIBCMiddleware(transferStack, &ibcHooksICS4Wrapper) + transferStack = ibcpacketforward.NewIBCMiddleware( + transferStack, + ak.PacketForwardKeeper, + 0, + ibcpacketforwardkeeper.DefaultForwardTransferPacketTimeoutTimestamp, // 10 minutes + ibcpacketforwardkeeper.DefaultRefundTransferPacketTimeoutTimestamp, // 28 days + ) + transferStack = ibcfee.NewIBCMiddleware(transferStack, ak.IbcFeeKeeper) + transferStack = ibcswitch.NewIBCMiddleware(transferStack, ak.IbcSwitchKeeper) + + var icaHostStack porttypes.IBCModule + icaHostStack = ibcfee.NewIBCMiddleware(icaHostIBCModule, ak.IbcFeeKeeper) + icaHostStack = ibcswitch.NewIBCMiddleware(icaHostStack, ak.IbcSwitchKeeper) + + // initialize ICA module with mock module as the authentication module on the controller side + var icaControllerStack porttypes.IBCModule + icaControllerStack = icacontroller.NewIBCMiddleware(icaAuthIBCModule, *ak.ICAControllerKeeper) + icaControllerStack = ibcfee.NewIBCMiddleware(icaControllerStack, ak.IbcFeeKeeper) + icaControllerStack = ibcswitch.NewIBCMiddleware(icaControllerStack, ak.IbcSwitchKeeper) + computeDir := filepath.Join(homePath, ".compute") // The last arguments can contain custom message handlers, and custom query handlers, // if we want to allow any custom callbacks - supportedFeatures := "staking,stargate,ibc3" + supportedFeatures := "staking,stargate,ibc3,random" computeKeeper := compute.NewKeeper( appCodec, @@ -274,6 +441,7 @@ func (ak *SecretAppKeepers) InitCustomKeepers( ak.IbcKeeper.PortKeeper, ak.TransferKeeper, ak.IbcKeeper.ChannelKeeper, + ak.IbcSwitchKeeper, app.Router(), app.MsgServiceRouter(), app.GRPCQueryRouter(), @@ -282,47 +450,31 @@ func (ak *SecretAppKeepers) InitCustomKeepers( supportedFeatures, nil, nil, + &app.LastTxManager, ) ak.ComputeKeeper = &computeKeeper - - icaControllerKeeper := icacontrollerkeeper.NewKeeper( - appCodec, ak.keys[icacontrollertypes.StoreKey], ak.GetSubspace(icacontrollertypes.SubModuleName), - ak.IbcKeeper.ChannelKeeper, ak.IbcKeeper.ChannelKeeper, &ak.IbcKeeper.PortKeeper, - ak.ScopedICAControllerKeeper, app.MsgServiceRouter(), + wasmHooks.ContractKeeper = ak.ComputeKeeper + + // Compute receive: Switch -> Fee -> Packet Forward -> WASM Hooks + var computeStack porttypes.IBCModule + computeStack = compute.NewIBCHandler(ak.ComputeKeeper, ak.IbcKeeper.ChannelKeeper, ak.IbcFeeKeeper) + computeStack = ibchooks.NewIBCMiddleware(computeStack, &ibcHooksICS4Wrapper) + computeStack = ibcpacketforward.NewIBCMiddleware( + computeStack, + ak.PacketForwardKeeper, + 0, + ibcpacketforwardkeeper.DefaultForwardTransferPacketTimeoutTimestamp, // 10 minutes + ibcpacketforwardkeeper.DefaultRefundTransferPacketTimeoutTimestamp, // 28 days ) - ak.ICAControllerKeeper = &icaControllerKeeper + computeStack = ibcfee.NewIBCMiddleware(computeStack, ak.IbcFeeKeeper) + computeStack = ibcswitch.NewIBCMiddleware(computeStack, ak.IbcSwitchKeeper) - icaHostKeeper := icahostkeeper.NewKeeper( - appCodec, ak.keys[icahosttypes.StoreKey], ak.GetSubspace(icahosttypes.SubModuleName), - ak.IbcKeeper.ChannelKeeper, &ak.IbcKeeper.PortKeeper, - ak.AccountKeeper, ak.ScopedICAHostKeeper, app.MsgServiceRouter(), - ) - ak.ICAHostKeeper = &icaHostKeeper - - icaAuthKeeper := icaauthkeeper.NewKeeper(appCodec, ak.keys[icaauthtypes.StoreKey], *ak.ICAControllerKeeper, ak.ScopedICAAuthKeeper) - ak.ICAAuthKeeper = &icaAuthKeeper - - icaAuthIBCModule := icaauth.NewIBCModule(*ak.ICAAuthKeeper) - - // Create Transfer Keepers - transferKeeper := ibctransferkeeper.NewKeeper( - appCodec, ak.keys[ibctransfertypes.StoreKey], ak.GetSubspace(ibctransfertypes.ModuleName), - ak.IbcKeeper.ChannelKeeper, ak.IbcKeeper.ChannelKeeper, &ak.IbcKeeper.PortKeeper, - ak.AccountKeeper, ak.BankKeeper, ak.ScopedTransferKeeper, - ) - ak.TransferKeeper = &transferKeeper - - // Create static IBC router, add ibc-tranfer module route, then set and seal it - ibcRouter := porttypes.NewRouter() - - icaControllerIBCModule := icacontroller.NewIBCModule(*ak.ICAControllerKeeper, icaAuthIBCModule) - icaHostIBCModule := icahost.NewIBCModule(*ak.ICAHostKeeper) - - ibcRouter.AddRoute(compute.ModuleName, compute.NewIBCHandler(ak.ComputeKeeper, ak.IbcKeeper.ChannelKeeper)). - AddRoute(ibctransfertypes.ModuleName, transfer.NewIBCModule(*ak.TransferKeeper)). - AddRoute(icacontrollertypes.SubModuleName, icaControllerIBCModule). - AddRoute(icahosttypes.SubModuleName, icaHostIBCModule). - AddRoute(icaauthtypes.ModuleName, icaControllerIBCModule) + // Create static IBC router, add ibc-transfer module route, then set and seal it + ibcRouter := porttypes.NewRouter(). + AddRoute(ibctransfertypes.ModuleName, transferStack). + AddRoute(compute.ModuleName, computeStack). + AddRoute(icacontrollertypes.SubModuleName, icaControllerStack). + AddRoute(icahosttypes.SubModuleName, icaHostStack) // Setting Router will finalize all routes by sealing router // No more routes can be added @@ -349,6 +501,10 @@ func (ak *SecretAppKeepers) InitKeys() { feegrant.StoreKey, authzkeeper.StoreKey, icahosttypes.StoreKey, + ibcpacketforwardtypes.StoreKey, + ibcfeetypes.StoreKey, + ibcswitch.StoreKey, + ibchookstypes.StoreKey, ) ak.tKeys = sdk.NewTransientStoreKeys(paramstypes.TStoreKey) @@ -369,11 +525,12 @@ func initParamsKeeper(appCodec codec.BinaryCodec, legacyAmino *codec.LegacyAmino paramsKeeper.Subspace(ibchost.ModuleName) paramsKeeper.Subspace(icacontrollertypes.SubModuleName) paramsKeeper.Subspace(icahosttypes.SubModuleName) - paramsKeeper.Subspace(govtypes.ModuleName).WithKeyTable(govtypes.ParamKeyTable()) paramsKeeper.Subspace(crisistypes.ModuleName) paramsKeeper.Subspace(compute.ModuleName) paramsKeeper.Subspace(reg.ModuleName) + paramsKeeper.Subspace(ibcpacketforwardtypes.ModuleName).WithKeyTable(ibcpacketforwardtypes.ParamKeyTable()) + paramsKeeper.Subspace(ibcswitch.ModuleName).WithKeyTable(ibcswitchtypes.ParamKeyTable()) return paramsKeeper } diff --git a/app/keepers/modules.go b/app/keepers/modules.go deleted file mode 100644 index 764706070..000000000 --- a/app/keepers/modules.go +++ /dev/null @@ -1 +0,0 @@ -package keepers diff --git a/app/legacy/migrate.go b/app/legacy/migrate.go index a70432ebd..def785e10 100644 --- a/app/legacy/migrate.go +++ b/app/legacy/migrate.go @@ -13,10 +13,10 @@ import ( tmjson "github.com/tendermint/tendermint/libs/json" tmtypes "github.com/tendermint/tendermint/types" - ibcxfertypes "github.com/cosmos/ibc-go/v3/modules/apps/transfer/types" - host "github.com/cosmos/ibc-go/v3/modules/core/24-host" - "github.com/cosmos/ibc-go/v3/modules/core/exported" - ibccoretypes "github.com/cosmos/ibc-go/v3/modules/core/types" + ibcxfertypes "github.com/cosmos/ibc-go/v4/modules/apps/transfer/types" + host "github.com/cosmos/ibc-go/v4/modules/core/24-host" + "github.com/cosmos/ibc-go/v4/modules/core/exported" + ibccoretypes "github.com/cosmos/ibc-go/v4/modules/core/types" "github.com/cosmos/cosmos-sdk/client" "github.com/cosmos/cosmos-sdk/client/flags" diff --git a/app/legacy/v170/migrate.go b/app/legacy/v170/migrate.go index ec9036cad..a61d60c80 100644 --- a/app/legacy/v170/migrate.go +++ b/app/legacy/v170/migrate.go @@ -9,7 +9,7 @@ import ( v170registration "github.com/scrtlabs/SecretNetwork/x/registration/legacy/v170" ) -func Migrate(appState types.AppMap, clientCtx client.Context) types.AppMap { +func Migrate(appState types.AppMap, _ client.Context) types.AppMap { legacyAminoCodec := codec.NewLegacyAmino() if appState[v120registration.ModuleName] != nil { diff --git a/app/modules.go b/app/modules.go new file mode 100644 index 000000000..db9193375 --- /dev/null +++ b/app/modules.go @@ -0,0 +1,88 @@ +package app + +import ( + "github.com/cosmos/cosmos-sdk/types/module" + "github.com/cosmos/cosmos-sdk/x/auth" + authsims "github.com/cosmos/cosmos-sdk/x/auth/simulation" + authtypes "github.com/cosmos/cosmos-sdk/x/auth/types" + "github.com/cosmos/cosmos-sdk/x/auth/vesting" + authzmodule "github.com/cosmos/cosmos-sdk/x/authz/module" + "github.com/cosmos/cosmos-sdk/x/bank" + "github.com/cosmos/cosmos-sdk/x/capability" + "github.com/cosmos/cosmos-sdk/x/crisis" + distr "github.com/cosmos/cosmos-sdk/x/distribution" + distrtypes "github.com/cosmos/cosmos-sdk/x/distribution/types" + "github.com/cosmos/cosmos-sdk/x/evidence" + feegrantmodule "github.com/cosmos/cosmos-sdk/x/feegrant/module" + "github.com/cosmos/cosmos-sdk/x/genutil" + "github.com/cosmos/cosmos-sdk/x/gov" + govtypes "github.com/cosmos/cosmos-sdk/x/gov/types" + "github.com/cosmos/cosmos-sdk/x/mint" + minttypes "github.com/cosmos/cosmos-sdk/x/mint/types" + "github.com/cosmos/cosmos-sdk/x/params" + "github.com/cosmos/cosmos-sdk/x/slashing" + "github.com/cosmos/cosmos-sdk/x/staking" + stakingtypes "github.com/cosmos/cosmos-sdk/x/staking/types" + "github.com/cosmos/cosmos-sdk/x/upgrade" + packetforward "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router" + ica "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts" + icatypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/types" + ibcfee "github.com/cosmos/ibc-go/v4/modules/apps/29-fee" + ibcfeetypes "github.com/cosmos/ibc-go/v4/modules/apps/29-fee/types" + "github.com/cosmos/ibc-go/v4/modules/apps/transfer" + ibctransfertypes "github.com/cosmos/ibc-go/v4/modules/apps/transfer/types" + ibc "github.com/cosmos/ibc-go/v4/modules/core" + "github.com/scrtlabs/SecretNetwork/x/compute" + ibcswitch "github.com/scrtlabs/SecretNetwork/x/emergencybutton" + icaauth "github.com/scrtlabs/SecretNetwork/x/mauth" + reg "github.com/scrtlabs/SecretNetwork/x/registration" +) + +var ModuleAccountPermissions = map[string][]string{ + authtypes.FeeCollectorName: nil, + distrtypes.ModuleName: nil, + minttypes.ModuleName: {authtypes.Minter}, + stakingtypes.BondedPoolName: {authtypes.Burner, authtypes.Staking}, + stakingtypes.NotBondedPoolName: {authtypes.Burner, authtypes.Staking}, + govtypes.ModuleName: {authtypes.Burner}, + ibctransfertypes.ModuleName: {authtypes.Minter, authtypes.Burner}, + icatypes.ModuleName: nil, + ibcfeetypes.ModuleName: nil, + ibcswitch.ModuleName: nil, + compute.ModuleName: {authtypes.Burner}, +} + +func Modules( + app *SecretNetworkApp, + encodingConfig EncodingConfig, + skipGenesisInvariants bool, +) []module.AppModule { + appCodec := encodingConfig.Marshaler + + return []module.AppModule{ + genutil.NewAppModule(app.AppKeepers.AccountKeeper, app.AppKeepers.StakingKeeper, app.BaseApp.DeliverTx, encodingConfig.TxConfig), + auth.NewAppModule(appCodec, *app.AppKeepers.AccountKeeper, authsims.RandomGenesisAccounts), + vesting.NewAppModule(*app.AppKeepers.AccountKeeper, app.AppKeepers.BankKeeper), + bank.NewAppModule(appCodec, *app.AppKeepers.BankKeeper, app.AppKeepers.AccountKeeper), + capability.NewAppModule(appCodec, *app.AppKeepers.CapabilityKeeper), + crisis.NewAppModule(app.AppKeepers.CrisisKeeper, skipGenesisInvariants), + feegrantmodule.NewAppModule(appCodec, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, *app.AppKeepers.FeegrantKeeper, app.GetInterfaceRegistry()), gov.NewAppModule(app.GetCodec(), *app.AppKeepers.GovKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper), + mint.NewAppModule(appCodec, *app.AppKeepers.MintKeeper, app.AppKeepers.AccountKeeper), + slashing.NewAppModule(appCodec, *app.AppKeepers.SlashingKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, *app.AppKeepers.StakingKeeper), + distr.NewAppModule(appCodec, *app.AppKeepers.DistrKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, *app.AppKeepers.StakingKeeper), + staking.NewAppModule(appCodec, *app.AppKeepers.StakingKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper), + upgrade.NewAppModule(*app.AppKeepers.UpgradeKeeper), + evidence.NewAppModule(*app.AppKeepers.EvidenceKeeper), + compute.NewAppModule(*app.AppKeepers.ComputeKeeper), + params.NewAppModule(*app.AppKeepers.ParamsKeeper), + authzmodule.NewAppModule(appCodec, *app.AppKeepers.AuthzKeeper, app.AppKeepers.AccountKeeper, *app.AppKeepers.BankKeeper, app.GetInterfaceRegistry()), + reg.NewAppModule(*app.AppKeepers.RegKeeper), + ibc.NewAppModule(app.AppKeepers.IbcKeeper), + transfer.NewAppModule(app.AppKeepers.TransferKeeper), + ica.NewAppModule(app.AppKeepers.ICAControllerKeeper, app.AppKeepers.ICAHostKeeper), + packetforward.NewAppModule(app.AppKeepers.PacketForwardKeeper), + ibcfee.NewAppModule(app.AppKeepers.IbcFeeKeeper), + ibcswitch.NewAppModule(app.AppKeepers.IbcSwitchKeeper), + icaauth.NewAppModule(appCodec, *app.AppKeepers.ICAAuthKeeper), + } +} diff --git a/app/upgrades/types.go b/app/upgrades/types.go index e0871c406..4d13b0844 100644 --- a/app/upgrades/types.go +++ b/app/upgrades/types.go @@ -21,7 +21,7 @@ type BaseAppParamManager interface { // An upgrade must implement this struct, and then set it in the app.go. // The app.go will then define the handler. type Upgrade struct { - // Upgrade version name, for the upgrade handler, e.g. `v1.4` + // UpgradeName defines the on-chain upgrade name for the upgrade, e.g. "v1.8", "v1.9", etc. UpgradeName string // CreateUpgradeHandler defines the function that creates an upgrade handler diff --git a/app/upgrades/v1.10/upgrade.go b/app/upgrades/v1.10/upgrade.go new file mode 100644 index 000000000..bc6232108 --- /dev/null +++ b/app/upgrades/v1.10/upgrade.go @@ -0,0 +1,35 @@ +package v1_10 + +import ( + "fmt" + + store "github.com/cosmos/cosmos-sdk/store/types" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/module" + upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" + "github.com/scrtlabs/SecretNetwork/app/keepers" + "github.com/scrtlabs/SecretNetwork/app/upgrades" +) + +const upgradeName = "v1.10" + +var Upgrade = upgrades.Upgrade{ + UpgradeName: upgradeName, + CreateUpgradeHandler: createUpgradeHandler, + StoreUpgrades: store.StoreUpgrades{}, +} + +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, +) upgradetypes.UpgradeHandler { + return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { + ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) + ctx.Logger().Info(`| | | | __ \ / ____| __ \ /\ | __ \| ____|`) + ctx.Logger().Info(`| | | | |__) | | __| |__) | / \ | | | | |__ `) + ctx.Logger().Info(`| | | | ___/| | |_ | _ / / /\ \ | | | | __| `) + ctx.Logger().Info(`| |__| | | | |__| | | \ \ / ____ \| |__| | |____ `) + ctx.Logger().Info(` \____/|_| \_____|_| \_\/_/ \_\_____/|______|`) + + ctx.Logger().Info(fmt.Sprintf("Running module migrations for %s...", upgradeName)) + return mm.RunMigrations(ctx, configurator, vm) + } +} diff --git a/app/upgrades/v1.11/upgrade.go b/app/upgrades/v1.11/upgrade.go new file mode 100644 index 000000000..6f6596ace --- /dev/null +++ b/app/upgrades/v1.11/upgrade.go @@ -0,0 +1,43 @@ +package v1_11 + +import ( + "fmt" + + store "github.com/cosmos/cosmos-sdk/store/types" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/module" + upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" + "github.com/scrtlabs/SecretNetwork/app/keepers" + "github.com/scrtlabs/SecretNetwork/app/upgrades" + ibchookstypes "github.com/scrtlabs/SecretNetwork/x/ibc-hooks/types" +) + +const upgradeName = "v1.11" + +var Upgrade = upgrades.Upgrade{ + UpgradeName: upgradeName, + CreateUpgradeHandler: createUpgradeHandler, + StoreUpgrades: store.StoreUpgrades{ + Added: []string{ + ibchookstypes.StoreKey, + }, + }, +} + +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, +) upgradetypes.UpgradeHandler { + return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { + ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) + ctx.Logger().Info(`| | | | __ \ / ____| __ \ /\ | __ \| ____|`) + ctx.Logger().Info(`| | | | |__) | | __| |__) | / \ | | | | |__ `) + ctx.Logger().Info(`| | | | ___/| | |_ | _ / / /\ \ | | | | __| `) + ctx.Logger().Info(`| |__| | | | |__| | | \ \ / ____ \| |__| | |____ `) + ctx.Logger().Info(` \____/|_| \_____|_| \_\/_/ \_\_____/|______|`) + + // WASM Hooks doesn't require any initialization code: + // https://github.com/osmosis-labs/osmosis/blob/8b4c62a26/app/upgrades/v14/upgrades.go#L12-L21 + + ctx.Logger().Info(fmt.Sprintf("Running module migrations for %s...", upgradeName)) + return mm.RunMigrations(ctx, configurator, vm) + } +} diff --git a/app/upgrades/v1.12/upgrade.go b/app/upgrades/v1.12/upgrade.go new file mode 100644 index 000000000..65cb0a7f8 --- /dev/null +++ b/app/upgrades/v1.12/upgrade.go @@ -0,0 +1,35 @@ +package v1_12 + +import ( + "fmt" + + store "github.com/cosmos/cosmos-sdk/store/types" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/module" + upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" + "github.com/scrtlabs/SecretNetwork/app/keepers" + "github.com/scrtlabs/SecretNetwork/app/upgrades" +) + +const upgradeName = "v1.12" + +var Upgrade = upgrades.Upgrade{ + UpgradeName: upgradeName, + CreateUpgradeHandler: createUpgradeHandler, + StoreUpgrades: store.StoreUpgrades{}, +} + +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, +) upgradetypes.UpgradeHandler { + return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { + ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) + ctx.Logger().Info(`| | | | __ \ / ____| __ \ /\ | __ \| ____|`) + ctx.Logger().Info(`| | | | |__) | | __| |__) | / \ | | | | |__ `) + ctx.Logger().Info(`| | | | ___/| | |_ | _ / / /\ \ | | | | __| `) + ctx.Logger().Info(`| |__| | | | |__| | | \ \ / ____ \| |__| | |____ `) + ctx.Logger().Info(` \____/|_| \_____|_| \_\/_/ \_\_____/|______|`) + + ctx.Logger().Info(fmt.Sprintf("Running module migrations for %s...", upgradeName)) + return mm.RunMigrations(ctx, configurator, vm) + } +} diff --git a/app/upgrades/v1.3/upgrade.go b/app/upgrades/v1.3/upgrade.go index ec5df35bf..2cdd10763 100644 --- a/app/upgrades/v1.3/upgrade.go +++ b/app/upgrades/v1.3/upgrade.go @@ -5,10 +5,10 @@ import ( sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/cosmos-sdk/types/module" upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" - icamodule "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts" - icacontrollertypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/controller/types" - icahosttypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/host/types" - icatypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/types" + icamodule "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts" + icacontrollertypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/controller/types" + icahosttypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/host/types" + icatypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/types" "github.com/scrtlabs/SecretNetwork/app/keepers" "github.com/scrtlabs/SecretNetwork/app/upgrades" ) diff --git a/app/upgrades/v1.5/upgrade.go b/app/upgrades/v1.5/upgrade.go index 8c8f31567..2781f2c72 100644 --- a/app/upgrades/v1.5/upgrade.go +++ b/app/upgrades/v1.5/upgrade.go @@ -17,7 +17,7 @@ var Upgrade = upgrades.Upgrade{ StoreUpgrades: store.StoreUpgrades{}, } -func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, ) upgradetypes.UpgradeHandler { return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) diff --git a/app/upgrades/v1.6/upgrade.go b/app/upgrades/v1.6/upgrade.go index f940b93f7..66c7cf072 100644 --- a/app/upgrades/v1.6/upgrade.go +++ b/app/upgrades/v1.6/upgrade.go @@ -17,7 +17,7 @@ var Upgrade = upgrades.Upgrade{ StoreUpgrades: store.StoreUpgrades{}, } -func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, +func createUpgradeHandler(mm *module.Manager, _ *keepers.SecretAppKeepers, configurator module.Configurator, ) upgradetypes.UpgradeHandler { return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) diff --git a/app/upgrades/v1.7/upgrade.go b/app/upgrades/v1.7/upgrade.go index cad50e775..c39d49510 100644 --- a/app/upgrades/v1.7/upgrade.go +++ b/app/upgrades/v1.7/upgrade.go @@ -8,11 +8,12 @@ import ( "os" "path/filepath" + icacontrollertypes "github.com/cosmos/ibc-go/v4/modules/apps/27-interchain-accounts/controller/types" + store "github.com/cosmos/cosmos-sdk/store/types" sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/cosmos-sdk/types/module" upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" - icacontrollertypes "github.com/cosmos/ibc-go/v3/modules/apps/27-interchain-accounts/controller/types" "github.com/scrtlabs/SecretNetwork/app/keepers" "github.com/scrtlabs/SecretNetwork/app/upgrades" reg "github.com/scrtlabs/SecretNetwork/x/registration" diff --git a/app/upgrades/v1.8/upgrade.go b/app/upgrades/v1.8/upgrade.go index ac422182b..2453975d8 100644 --- a/app/upgrades/v1.8/upgrade.go +++ b/app/upgrades/v1.8/upgrade.go @@ -19,7 +19,7 @@ var Upgrade = upgrades.Upgrade{ StoreUpgrades: store.StoreUpgrades{}, } -func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, +func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, //nolint:all ) upgradetypes.UpgradeHandler { return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) diff --git a/app/upgrades/v1.9/upgrade.go b/app/upgrades/v1.9/upgrade.go new file mode 100644 index 000000000..79069c520 --- /dev/null +++ b/app/upgrades/v1.9/upgrade.go @@ -0,0 +1,51 @@ +package v1_9 + +import ( + "fmt" + + store "github.com/cosmos/cosmos-sdk/store/types" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/module" + upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types" + ibcpacketforwardtypes "github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4/router/types" + ibcfeetypes "github.com/cosmos/ibc-go/v4/modules/apps/29-fee/types" + "github.com/scrtlabs/SecretNetwork/app/keepers" + "github.com/scrtlabs/SecretNetwork/app/upgrades" + ibcswitchtypes "github.com/scrtlabs/SecretNetwork/x/emergencybutton/types" +) + +const upgradeName = "v1.9" + +var Upgrade = upgrades.Upgrade{ + UpgradeName: upgradeName, + CreateUpgradeHandler: createUpgradeHandler, + StoreUpgrades: store.StoreUpgrades{ + Added: []string{ + ibcpacketforwardtypes.StoreKey, + ibcfeetypes.ModuleName, + ibcswitchtypes.ModuleName, + }, + }, +} + +func createUpgradeHandler(mm *module.Manager, keepers *keepers.SecretAppKeepers, configurator module.Configurator, +) upgradetypes.UpgradeHandler { + return func(ctx sdk.Context, _ upgradetypes.Plan, vm module.VersionMap) (module.VersionMap, error) { + ctx.Logger().Info(` _ _ _____ _____ _____ _____ ______ `) + ctx.Logger().Info(`| | | | __ \ / ____| __ \ /\ | __ \| ____|`) + ctx.Logger().Info(`| | | | |__) | | __| |__) | / \ | | | | |__ `) + ctx.Logger().Info(`| | | | ___/| | |_ | _ / / /\ \ | | | | __| `) + ctx.Logger().Info(`| |__| | | | |__| | | \ \ / ____ \| |__| | |____ `) + ctx.Logger().Info(` \____/|_| \_____|_| \_\/_/ \_\_____/|______|`) + + ctx.Logger().Info(fmt.Sprintf("Running module migrations for %s...", upgradeName)) + + vm[ibcfeetypes.ModuleName] = mm.Modules[ibcfeetypes.ModuleName].ConsensusVersion() + ctx.Logger().Info(fmt.Sprintf("ibcfee module version %s set", fmt.Sprint(vm[ibcfeetypes.ModuleName]))) + + keepers.PacketForwardKeeper.SetParams(ctx, ibcpacketforwardtypes.DefaultParams()) + keepers.IbcSwitchKeeper.SetParams(ctx, ibcswitchtypes.DefaultParams()) + + return mm.RunMigrations(ctx, configurator, vm) + } +} diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 5ec7e2363..2d735d342 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,103 +9,120 @@ trigger: - "docs/*" - ".gitignore" - "LICENSE" +jobs: +- job: RunTests + displayName: Run Hardware Tests + timeoutInMinutes: 120 + pool: + name: "sgx scale set new" + workspace: + clean: all # what to clean up before the job runs + variables: + baseImageRepository: 'azcr.io/enigmampc/ci-base-image' + baseImageRepositoryLocalTests: 'azcr.io/enigmampc/ci-base-image-local' + nodeImageRepository: 'azcr.io/enigmampc/ci-node-image' + containerRegistry: 'enigmampcdocker' + dockerfilePath: '$(Build.SourcesDirectory)/deployment/dockerfiles/Dockerfile' + tag: '$(Build.BuildId)' + DOCKER_BUILDKIT: 1 + SGX_MODE: "HW" + FEATURES: "light-client-validation,random" + FEATURES_TESTS_LOCAL: "random" -pool: - name: "sgx scale set new" + steps: + - checkout: "self" + submodules: true + displayName: "Checkout Repository and Submodules" + - script: echo $(spid) > spid.txt; echo $(api-key-dev) > api_key.txt + displayName: "Save api keys" -workspace: - clean: all # what to clean up before the job runs + - task: Docker@2 + displayName: "Build base image" + inputs: + command: build + repository: '$(baseImageRepository)' + tags: | + $(tag) + latest + buildContext: . + arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --cache-from $(baseImageRepository) --build-arg SGX_MODE=$(SGX_MODE) --build-arg FEATURES=$(FEATURES) --target compile-secretd + dockerfile: '$(dockerfilePath)' -variables: - baseImageRepository: 'azcr.io/enigmampc/ci-base-image' - nodeImageRepository: 'azcr.io/enigmampc/ci-node-image' - containerRegistry: 'enigmampcdocker' - dockerfilePath: '$(Build.SourcesDirectory)/deployment/dockerfiles/Dockerfile' - tag: '$(Build.BuildId)' - DOCKER_BUILDKIT: 1 + - task: Docker@2 + displayName: "Build base image for system tests" + inputs: + command: build + repository: '$(baseImageRepositoryLocalTests)' + tags: | + $(tag) + latest + buildContext: . + arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --cache-from $(baseImageRepositoryLocalTests) --build-arg SGX_MODE=$(SGX_MODE) --build-arg FEATURES=$(FEATURES_TESTS_LOCAL) --target compile-secretd + dockerfile: '$(dockerfilePath)' -steps: - - checkout: "self" - submodules: true - displayName: "Checkout Repository and Submodules" - - script: echo $(spid) > spid.txt; echo $(api-key-dev) > api_key.txt - displayName: "Save api keys" + - script: | + cp deployment/ci/bootstrap_init.sh deployment/docker/testnet/bootstrap_init.sh + cp deployment/ci/node_init.sh deployment/docker/testnet/node_init.sh + cp deployment/ci/startup.sh deployment/docker/testnet/startup.sh + cp deployment/ci/node_key.json deployment/docker/testnet/node_key.json + displayName: Overwrite node scripts - - task: Docker@2 - displayName: "Build base image" - inputs: - command: build - repository: '$(baseImageRepository)' - tags: | - $(tag) - latest - buildContext: . - arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --cache-from $(baseImageRepository) --build-arg SGX_MODE=HW --build-arg FEATURES=light-client-validation --target compile-secretd - dockerfile: '$(dockerfilePath)' + - task: Docker@2 + displayName: "Build release image" + inputs: + command: build + repository: '$(nodeImageRepository)' + tags: latest + buildContext: . + arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --build-arg SCRT_BIN_IMAGE=$(baseImageRepository):$(tag) --cache-from $(nodeImageRepository) --build-arg SGX_MODE=$(SGX_MODE) --build-arg FEATURES=$(FEATURES) --target release-image + Dockerfile: deployment/dockerfiles/Dockerfile - - script: | - cp deployment/ci/bootstrap_init.sh deployment/docker/testnet/bootstrap_init.sh - cp deployment/ci/node_init.sh deployment/docker/testnet/node_init.sh - cp deployment/ci/startup.sh deployment/docker/testnet/startup.sh - cp deployment/ci/node_key.json deployment/docker/testnet/node_key.json - displayName: Overwrite node scripts + - task: Docker@2 + displayName: "Build enclave tests" + inputs: + command: build + repository: rust-enclave-test + tags: latest + buildContext: . + arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --build-arg SGX_MODE=HW + Dockerfile: deployment/dockerfiles/tests/enclave-test.Dockerfile - - task: Docker@2 - displayName: "Build release image" - inputs: - command: build - repository: '$(nodeImageRepository)' - tags: latest - buildContext: . - arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --build-arg SCRT_BIN_IMAGE=$(baseImageRepository):$(tag) --cache-from $(nodeImageRepository) --build-arg SGX_MODE=HW --target release-image - Dockerfile: deployment/dockerfiles/Dockerfile + - task: Docker@2 + displayName: "Build Integration tests image" + inputs: + command: build + repository: integration-tests + tags: latest + buildContext: . + arguments: --build-arg SGX_MODE=HW + Dockerfile: deployment/dockerfiles/tests/integration-tests.Dockerfile - - task: Docker@2 - displayName: "Build enclave tests" - inputs: - command: build - repository: rust-enclave-test - tags: latest - buildContext: . - arguments: --secret id=API_KEY,src=api_key.txt --secret id=SPID,src=spid.txt --build-arg SGX_MODE=HW - Dockerfile: deployment/dockerfiles/tests/enclave-test.Dockerfile + - task: Docker@2 + displayName: "Build System tests image" + inputs: + command: build + repository: tests-base-image + tags: latest + buildContext: . + arguments: --build-arg SGX_MODE=HW --build-arg CI_BASE_IMAGE=$(baseImageRepositoryLocalTests):latest + Dockerfile: deployment/dockerfiles/tests/system-tests.Dockerfile - - task: Docker@2 - displayName: "Build Integration tests image" - inputs: - command: build - repository: integration-tests - tags: latest - buildContext: . - arguments: --build-arg SGX_MODE=HW - Dockerfile: deployment/dockerfiles/tests/integration-tests.Dockerfile + - script: export DOCKER_CLIENT_TIMEOUT=120 && export COMPOSE_HTTP_TIMEOUT=120 && docker-compose --compatibility -f deployment/ci/docker-compose.ci.yaml up --exit-code-from base aesm base + displayName: "Run system tests (go tests)" -# - task: Docker@2 -# displayName: "Build System tests image" -# inputs: -# command: build -# repository: tests-base-image -# tags: latest -# buildContext: . -# arguments: --build-arg SGX_MODE=HW -# Dockerfile: deployment/dockerfiles/tests/system-tests.Dockerfile + - script: export DOCKER_CLIENT_TIMEOUT=120 && export COMPOSE_HTTP_TIMEOUT=120 && docker-compose --compatibility -f deployment/ci/docker-compose.ci.yaml up --exit-code-from bench aesm bench + displayName: "Run benchmarks" -# - script: export DOCKER_CLIENT_TIMEOUT=120 && export COMPOSE_HTTP_TIMEOUT=120 && docker-compose --compatibility -f deployment/ci/docker-compose.ci.yaml up --exit-code-from base aesm base -# displayName: "Run system tests (go tests)" -# -# - script: export DOCKER_CLIENT_TIMEOUT=120 && export COMPOSE_HTTP_TIMEOUT=120 && docker-compose --compatibility -f deployment/ci/docker-compose.ci.yaml up --exit-code-from bench aesm bench -# displayName: "Run benchmarks" + - script: | + docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility up --exit-code-from integration-tests aesm bootstrap node-no-tests integration-tests + displayName: "Run integration tests (new)" - - script: | - docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility up --exit-code-from integration-tests aesm bootstrap node-no-tests integration-tests - displayName: "Run integration tests (new)" + - script: docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility up --exit-code-from node aesm bootstrap node + displayName: "Run integration tests (old)" - - script: docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility up --exit-code-from node aesm bootstrap node - displayName: "Run integration tests (old)" + - script: docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility up --exit-code-from enclave-test aesm enclave-test + displayName: "Run enclave tests" - - script: docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility up --exit-code-from enclave-test aesm enclave-test - displayName: "Run enclave tests" - - - script: docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility down - condition: always() - displayName: "Shutdown" + - script: docker-compose -f deployment/ci/docker-compose.ci.yaml --compatibility down + condition: always() + displayName: "Shutdown" diff --git a/check-hw/Cargo.lock b/check-hw/Cargo.lock index 99b64074e..7361771ae 100644 --- a/check-hw/Cargo.lock +++ b/check-hw/Cargo.lock @@ -61,6 +61,7 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" name = "check-hw" version = "0.1.0" dependencies = [ + "clap", "enclave-ffi-types", "lazy_static", "parking_lot", @@ -296,11 +297,11 @@ dependencies = [ [[package]] name = "sgx_types" -version = "1.1.5" +version = "1.1.6" [[package]] name = "sgx_urts" -version = "1.1.5" +version = "1.1.6" dependencies = [ "libc", "sgx_types", diff --git a/check-hw/Cargo.toml b/check-hw/Cargo.toml index bb42738a9..64d09a432 100644 --- a/check-hw/Cargo.toml +++ b/check-hw/Cargo.toml @@ -9,12 +9,17 @@ edition = "2021" default = [] production = [] +# Just here for compatability with enclave features +verify-validator-whitelist = [] +light-client-validation = [] +random = [] + [dependencies] sgx_types = { path = "../third_party/incubator-teaclave-sgx-sdk/sgx_types" } sgx_urts = { path = "../third_party/incubator-teaclave-sgx-sdk/sgx_urts" } enclave-ffi-types = { path = "../cosmwasm/enclaves/ffi-types", features = [ "build_headers", ] } - +clap = "2.33" parking_lot = "0.11" lazy_static = "1.4" diff --git a/check-hw/build.rs b/check-hw/build.rs index 401e3e7f8..70a2a01cd 100644 --- a/check-hw/build.rs +++ b/check-hw/build.rs @@ -1,7 +1,7 @@ use std::env; fn main() { - let sdk_dir = env::var("SGX_SDK").unwrap_or_else(|_| "/opt/intel/sgxsdk".to_string()); + let sdk_dir = env::var("SGX_SDK").unwrap_or_else(|_| "/opt/sgxsdk".to_string()); println!("cargo:rustc-link-search=native=../go-cosmwasm/lib"); println!("cargo:rustc-link-lib=static=Enclave_u"); diff --git a/check-hw/rust-toolchain b/check-hw/rust-toolchain index 6213ae444..0f99c85c4 100644 --- a/check-hw/rust-toolchain +++ b/check-hw/rust-toolchain @@ -1 +1 @@ -nightly-2022-08-27 \ No newline at end of file +nightly-2022-10-22 \ No newline at end of file diff --git a/check-hw/src/enclave.rs b/check-hw/src/enclave.rs index 5ae25fd97..479c149f4 100644 --- a/check-hw/src/enclave.rs +++ b/check-hw/src/enclave.rs @@ -4,18 +4,12 @@ use sgx_types::{ use sgx_urts::SgxEnclave; use std::path::Path; -#[cfg(feature = "production")] -const ENCLAVE_DEBUG: i32 = 0; - -#[cfg(not(feature = "production"))] -const ENCLAVE_DEBUG: i32 = 1; - -pub fn init_enclave(enclave_file: &str) -> SgxResult { +pub fn init_enclave(enclave_file: &str, enclave_debug: i32) -> SgxResult { let mut launch_token: sgx_launch_token_t = [0; 1024]; let mut launch_token_updated: i32 = 0; // call sgx_create_enclave to initialize an enclave instance // Debug Support: set 2nd parameter to 1 - let debug: i32 = ENCLAVE_DEBUG; + let debug: i32 = enclave_debug; let mut misc_attr = sgx_misc_attribute_t { secs_attr: sgx_attributes_t { flags: 0, xfrm: 0 }, misc_select: 0, diff --git a/check-hw/src/enclave_api.rs b/check-hw/src/enclave_api.rs index 73a038614..ed9f79c97 100644 --- a/check-hw/src/enclave_api.rs +++ b/check-hw/src/enclave_api.rs @@ -3,7 +3,9 @@ use std::{ os::unix::prelude::IntoRawFd, }; -use enclave_ffi_types::{Ctx, EnclaveBuffer, OcallReturn, UntrustedVmError, UserSpaceBuffer}; +use enclave_ffi_types::{ + Ctx, EnclaveBuffer, NodeAuthResult, OcallReturn, UntrustedVmError, UserSpaceBuffer, +}; use sgx_types::{ c_int, sgx_calc_quote_size, sgx_enclave_id_t, sgx_epid_group_id_t, sgx_get_quote, sgx_init_quote, sgx_platform_info_t, sgx_quote_nonce_t, sgx_quote_sign_type_t, sgx_quote_t, @@ -14,12 +16,11 @@ use sgx_types::{ // ecalls extern "C" { - pub fn ecall_get_attestation_report( + pub fn ecall_check_patch_level( eid: sgx_enclave_id_t, - retval: *mut sgx_status_t, + retval: *mut NodeAuthResult, api_key: *const u8, api_key_len: u32, - dry_run: u8, ) -> sgx_status_t; } @@ -90,7 +91,7 @@ pub extern "C" fn ocall_get_ias_socket(ret_fd: *mut c_int) -> sgx_status_t { let port = 443; let hostname = "api.trustedservices.intel.com"; let addr = lookup_ipv4(hostname, port); - let sock = TcpStream::connect(&addr).expect("[-] Connect tls server failed!"); + let sock = TcpStream::connect(addr).expect("[-] Connect tls server failed!"); unsafe { *ret_fd = sock.into_raw_fd(); diff --git a/check-hw/src/main.rs b/check-hw/src/main.rs index 2331ad97b..16b4d627e 100644 --- a/check-hw/src/main.rs +++ b/check-hw/src/main.rs @@ -2,50 +2,95 @@ mod enclave; mod enclave_api; mod types; +use clap::App; use lazy_static::lazy_static; use sgx_types::sgx_status_t; -use crate::{enclave_api::ecall_get_attestation_report, types::EnclaveDoorbell}; +use crate::{enclave_api::ecall_check_patch_level, types::EnclaveDoorbell}; -static ENCLAVE_FILE: &str = "check_hw_enclave.so"; -const TCS_NUM: u8 = 8; +use enclave_ffi_types::NodeAuthResult; + +const ENCLAVE_FILE_TESTNET: &str = "check_hw_testnet_enclave.so"; +const ENCLAVE_FILE_MAINNET: &str = "check_hw_enclave.so"; +const TCS_NUM: u8 = 1; lazy_static! { - static ref ENCLAVE_DOORBELL: EnclaveDoorbell = EnclaveDoorbell::new(ENCLAVE_FILE, TCS_NUM); + static ref ENCLAVE_DOORBELL: EnclaveDoorbell = { + let is_testnet = std::env::args().any(|arg| arg == "--testnet" || arg == "-t"); + let enclave_file = if is_testnet { + ENCLAVE_FILE_TESTNET + } else { + ENCLAVE_FILE_MAINNET + }; + EnclaveDoorbell::new(enclave_file, TCS_NUM, is_testnet as i32) + }; } -fn main() -> Result<(), sgx_status_t> { +fn main() { + let matches = App::new("Check HW") + .version("1.0") + .arg( + clap::Arg::with_name("testnet") + .short("t") + .long("testnet") + .help("Run in testnet mode"), + ) + .get_matches(); + + let is_testnet = matches.is_present("testnet"); + println!("Creating enclave instance.."); let enclave_access_token = ENCLAVE_DOORBELL .get_access(1) // This can never be recursive - .ok_or(sgx_status_t::SGX_ERROR_BUSY)?; + .ok_or(sgx_status_t::SGX_ERROR_BUSY); - let enclave = enclave_access_token.enclave?; + if let Err(e) = enclave_access_token { + println!( + "Failed to get enclave access token: {:?} (is enclave currently running or busy?)", + e + ); + return; + } - let api_key_bytes = include_bytes!("../../ias_keys/production/api_key.txt"); + let enclave = enclave_access_token.unwrap().enclave; - let eid = enclave.geteid(); - let mut retval = sgx_status_t::SGX_SUCCESS; + if let Err(e) = enclave { + println!("Failed to start enclave: {:?}", e); + return; + } + + #[allow(clippy::if_same_then_else)] + let api_key_bytes = if is_testnet { + include_bytes!("../../ias_keys/develop/api_key.txt") + } else { + include_bytes!("../../ias_keys/production/api_key.txt") + }; + + let eid = enclave.unwrap().geteid(); + let mut retval = NodeAuthResult::Success; let status = unsafe { - ecall_get_attestation_report( + ecall_check_patch_level( eid, &mut retval, api_key_bytes.as_ptr(), api_key_bytes.len() as u32, - 1, // boolean ) }; if status != sgx_status_t::SGX_SUCCESS { - println!("could not generate attestation report"); - return Err(status); + println!( + "Failed to run hardware verification test (is the correct enclave in the correct path?)" + ); + return; } - if retval != sgx_status_t::SGX_SUCCESS { - println!("could not generate attestation report"); - return Err(retval); + if retval != NodeAuthResult::Success { + println!("Failed to verify platform. Please see errors above for more info on what needs to be fixed before you can run a mainnet node. \n\ + If you require assistance or more information, please contact us on Discord or Telegram. In addition, you may use the documentation available at \ + https://docs.scrt.network + "); + } else { + println!("Platform verification successful! You are able to run a mainnet Secret node") } - - Ok(()) } diff --git a/check-hw/src/types.rs b/check-hw/src/types.rs index 0690d1f7a..2ab002e60 100644 --- a/check-hw/src/types.rs +++ b/check-hw/src/types.rs @@ -18,10 +18,10 @@ pub struct EnclaveDoorbell { } impl EnclaveDoorbell { - pub fn new(enclave_file: &str, count: u8) -> Self { + pub fn new(enclave_file: &str, count: u8, debug: i32) -> Self { // info!("Setting up enclave doorbell for up to {} threads", count); Self { - enclave: init_enclave(enclave_file), + enclave: init_enclave(enclave_file, debug), condvar: Condvar::new(), count: Mutex::new(count), } diff --git a/client/docs/config.json b/client/docs/config.json index f3a5f5c3f..13701dd8f 100644 --- a/client/docs/config.json +++ b/client/docs/config.json @@ -3,7 +3,7 @@ "info": { "title": "Secret Network", "description": "A REST interface for queries and transactions", - "version": "v1.8" + "version": "v1.12" }, "apis": [ { @@ -171,6 +171,17 @@ } } }, + { + "url": "../../tmp-swagger-gen/ibc/applications/fee/v1/query.swagger.json", + "operationIds": { + "rename": { + "Params": "../../tmp-swagger-gen/ibc/applications/fee/v1/query.swagger.jsonParams", + "Pool": "../../tmp-swagger-gen/ibc/applications/fee/v1/query.swagger.jsonPool", + "DelegatorValidators": "../../tmp-swagger-gen/ibc/applications/fee/v1/query.swagger.jsonDelegatorValidators", + "UpgradedConsensusState": "../../tmp-swagger-gen/ibc/applications/fee/v1/query.swagger.jsonUpgradedConsensusState" + } + } + }, { "url": "../../tmp-swagger-gen/ibc/applications/interchain_accounts/controller/v1/query.swagger.json", "operationIds": { @@ -193,6 +204,17 @@ } } }, + { + "url": "../../tmp-swagger-gen/ibc/applications/packetforward/v1/query.swagger.json", + "operationIds": { + "rename": { + "Params": "../../tmp-swagger-gen/ibc/applications/packetforward/v1/query.swagger.jsonParams", + "Pool": "../../tmp-swagger-gen/ibc/applications/packetforward/v1/query.swagger.jsonPool", + "DelegatorValidators": "../../tmp-swagger-gen/ibc/applications/packetforward/v1/query.swagger.jsonDelegatorValidators", + "UpgradedConsensusState": "../../tmp-swagger-gen/ibc/applications/packetforward/v1/query.swagger.jsonUpgradedConsensusState" + } + } + }, { "url": "../../tmp-swagger-gen/ibc/applications/transfer/v1/query.swagger.json", "operationIds": { @@ -248,6 +270,17 @@ } } }, + { + "url": "../../tmp-swagger-gen/secret/emergencybutton/v1beta1/query.swagger.json", + "operationIds": { + "rename": { + "Params": "../../tmp-swagger-gen/secret/emergencybutton/v1beta1/query.swagger.jsonParams", + "Pool": "../../tmp-swagger-gen/secret/emergencybutton/v1beta1/query.swagger.jsonPool", + "DelegatorValidators": "../../tmp-swagger-gen/secret/emergencybutton/v1beta1/query.swagger.jsonDelegatorValidators", + "UpgradedConsensusState": "../../tmp-swagger-gen/secret/emergencybutton/v1beta1/query.swagger.jsonUpgradedConsensusState" + } + } + }, { "url": "../../tmp-swagger-gen/secret/intertx/v1beta1/query.swagger.json", "operationIds": { diff --git a/client/docs/static/openapi/index.html b/client/docs/static/openapi/index.html index ea2ac4810..a17f966de 100644 --- a/client/docs/static/openapi/index.html +++ b/client/docs/static/openapi/index.html @@ -2114,7 +2114,7 @@ stored at the last height of this chain. UpgradedConsensusState RPC not supported with legacy querier This rpc is deprecated now that IBC has its own replacement -(https://github.com/cosmos/ibc-go/blob/2c880a22e9f9cc75f62b527ca94aa75ce1106001/proto/ibc/core/client/v1/query.proto#L54)
    • Documentation Powered by Redocly
    getQuery a specific contract code by id
    • Documentation Powered by Redocly

    Secret Network (v1.8)

    Download OpenAPI specification:Download

    A REST interface for queries and transactions

    + " fill="currentColor">

    Secret Network (v1.12)

    Download OpenAPI specification:Download

    A REST interface for queries and transactions

    Authentication

    kms

    Security Scheme Type HTTP
    HTTP Authorization Scheme basic

    gRPC Gateway API

    Accounts returns all the existing accounts

    Since: cosmos-sdk 0.43

    query Parameters
    pagination.key
    string <byte>

    key is a value returned in PageResponse.next_key to begin querying the next page most efficiently. Only one of offset or key @@ -2792,13 +2793,99 @@ as this is the height under which next consensus state is stored

    Responses

    InterchainAccount returns the interchain account address for a given owner address on a given connection

    path Parameters
    owner
    required
    string
    connection_id
    required
    string

    Responses

    FeeEnabledChannel returns true if the provided port and channel identifiers belong to a fee enabled channel

    path Parameters
    channel_id
    required
    string

    unique channel identifier

    +
    port_id
    required
    string

    unique port identifier

    +

    Responses

    Gets all incentivized packets for a specific channel

    path Parameters
    channel_id
    required
    string
    port_id
    required
    string
    query Parameters
    pagination.key
    string <byte>

    key is a value returned in PageResponse.next_key to begin +querying the next page most efficiently. Only one of offset or key +should be set.

    +
    pagination.offset
    string <uint64>

    offset is a numeric offset that can be used when key is unavailable. +It is less efficient than using key. Only one of offset or key should +be set.

    +
    pagination.limit
    string <uint64>

    limit is the total number of results to be returned in the result page. +If left empty it will default to a value to be set by each app.

    +
    pagination.count_total
    boolean

    count_total is set to true to indicate that the result set should include +a count of the total number of items available for pagination in UIs. +count_total is only respected when offset is used. It is ignored when key +is set.

    +
    pagination.reverse
    boolean

    reverse is set to true if results are to be returned in the descending order.

    +

    Since: cosmos-sdk 0.43

    +
    query_height
    string <uint64>

    Height to query at.

    +

    Responses

    CounterpartyPayee returns the registered counterparty payee for forward relaying

    path Parameters
    channel_id
    required
    string

    unique channel identifier

    +
    relayer
    required
    string

    the relayer address to which the counterparty is registered

    +

    Responses

    Payee returns the registered payee address for a specific channel given the relayer address

    path Parameters
    channel_id
    required
    string

    unique channel identifier

    +
    relayer
    required
    string

    the relayer address to which the distribution address is registered

    +

    Responses

    IncentivizedPacket returns all packet fees for a packet given its identifier

    path Parameters
    packet_id.channel_id
    required
    string

    channel unique identifier

    +
    packet_id.port_id
    required
    string

    channel port identifier

    +
    packet_id.sequence
    required
    string <uint64>

    packet sequence

    +
    query Parameters
    query_height
    string <uint64>

    block height at which to query.

    +

    Responses

    TotalAckFees returns the total acknowledgement fees for a packet given its identifier

    path Parameters
    packet_id.channel_id
    required
    string

    channel unique identifier

    +
    packet_id.port_id
    required
    string

    channel port identifier

    +
    packet_id.sequence
    required
    string <uint64>

    packet sequence

    +

    Responses

    TotalRecvFees returns the total receive fees for a packet given its identifier

    path Parameters
    packet_id.channel_id
    required
    string

    channel unique identifier

    +
    packet_id.port_id
    required
    string

    channel port identifier

    +
    packet_id.sequence
    required
    string <uint64>

    packet sequence

    +

    Responses

    TotalTimeoutFees returns the total timeout fees for a packet given its identifier

    path Parameters
    packet_id.channel_id
    required
    string

    channel unique identifier

    +
    packet_id.port_id
    required
    string

    channel port identifier

    +
    packet_id.sequence
    required
    string <uint64>

    packet sequence

    +

    Responses

    FeeEnabledChannels returns a list of all fee enabled channels

    query Parameters
    pagination.key
    string <byte>

    key is a value returned in PageResponse.next_key to begin +querying the next page most efficiently. Only one of offset or key +should be set.

    +
    pagination.offset
    string <uint64>

    offset is a numeric offset that can be used when key is unavailable. +It is less efficient than using key. Only one of offset or key should +be set.

    +
    pagination.limit
    string <uint64>

    limit is the total number of results to be returned in the result page. +If left empty it will default to a value to be set by each app.

    +
    pagination.count_total
    boolean

    count_total is set to true to indicate that the result set should include +a count of the total number of items available for pagination in UIs. +count_total is only respected when offset is used. It is ignored when key +is set.

    +
    pagination.reverse
    boolean

    reverse is set to true if results are to be returned in the descending order.

    +

    Since: cosmos-sdk 0.43

    +
    query_height
    string <uint64>

    block height at which to query.

    +

    Responses

    IncentivizedPackets returns all incentivized packets and their associated fees

    query Parameters
    pagination.key
    string <byte>

    key is a value returned in PageResponse.next_key to begin +querying the next page most efficiently. Only one of offset or key +should be set.

    +
    pagination.offset
    string <uint64>

    offset is a numeric offset that can be used when key is unavailable. +It is less efficient than using key. Only one of offset or key should +be set.

    +
    pagination.limit
    string <uint64>

    limit is the total number of results to be returned in the result page. +If left empty it will default to a value to be set by each app.

    +
    pagination.count_total
    boolean

    count_total is set to true to indicate that the result set should include +a count of the total number of items available for pagination in UIs. +count_total is only respected when offset is used. It is ignored when key +is set.

    +
    pagination.reverse
    boolean

    reverse is set to true if results are to be returned in the descending order.

    +

    Since: cosmos-sdk 0.43

    +
    query_height
    string <uint64>

    block height at which to query.

    +

    Responses

    InterchainAccount returns the interchain account address for a given owner address on a given connection

    path Parameters
    owner
    required
    string
    connection_id
    required
    string

    Responses

    Params queries all parameters of the ICA controller submodule.

    Responses

    Params queries all parameters of the ICA host submodule.

    Responses

    EscrowAddress returns the escrow address for a particular port and channel id.

    path Parameters
    channel_id
    required
    string

    unique channel identifier

    +

    Params queries all parameters of the router module.

    Responses

    EscrowAddress returns the escrow address for a particular port and channel id.

    path Parameters
    channel_id
    required
    string

    unique channel identifier

    port_id
    required
    string

    unique port identifier

    Responses

    Query contract address by label

    path Parameters
    label
    required
    string

    Responses

    Query code info by id

    path Parameters
    code_id
    required
    string <uint64>

    Responses

    ContractHistory gets the contract code history

    path Parameters
    contract_address
    required
    string

    address is the address of the contract to query

    +

    Responses

    Query code info by id

    path Parameters
    code_id
    required
    string <uint64>

    Responses

    Query contract info by address

    path Parameters
    contract_address
    required
    string

    address is the bech32 human readable address of the contract

    Responses

    Query secret contract

    path Parameters
    contract_address
    required
    string

    address is the bech32 human readable address of the contract

    query Parameters
    query
    string <byte>

    Responses

    QueryInterchainAccountFromAddress returns the interchain account for given owner address on a given connection pair

    query Parameters
    owner
    string
    connection_id
    string

    Responses

    Params defines a gRPC query method that returns the emergencybutton module's +parameters.

    Responses

    QueryInterchainAccountFromAddress returns the interchain account for given owner address on a given connection pair

    path Parameters
    owner
    required
    string
    connection_id
    required
    string

    Responses

    Returns the encrypted seed for a registered node by public key

    path Parameters
    pub_key
    required
    string <byte>

    Responses

    Returns the encrypted seed for a registered node by public key

    path Parameters
    pub_key
    required
    string <byte>

    Responses

    Returns the key used for registration

    Responses