Skip to content

Commit 17123a5

Browse files
yihuangmmsqe
andauthored
Problem: e2ee module is not backported (crypto-org-chain#1417)
* Problem: e2ee module is not backported Problem: no end-to-end encryption module (crypto-org-chain#1407) * Problem: no end-to-end encryption module add keeper add grpc query signer option getter/setter genesis init/export fix lint * fix proto lint * fix test * register codec * changelog * fix build * Update x/e2ee/types/keys.go Co-authored-by: mmsqe <mavis@crypto.com> Signed-off-by: yihuang <huang@crypto.com> * Update x/e2ee/types/codec.go Co-authored-by: mmsqe <mavis@crypto.com> Signed-off-by: yihuang <huang@crypto.com> --------- Signed-off-by: yihuang <huang@crypto.com> Co-authored-by: mmsqe <mavis@crypto.com> Problem: encryption-key cmd is not supported (crypto-org-chain#1409) * Problem: encryption-key cmd is not supported * gen doc * add validate Problem: no keyring interface for e2ee to store arbitrary payload (crypto-org-chain#1413) changelo add age encrypt/decrypt in unit test Update x/e2ee/keyring/keyring.go Signed-off-by: yihuang <huang@crypto.com> fix lint fix build Problem: no encrypt and decrypt cmds for message (crypto-org-chain#1411) * Problem: no encrypt and decrypt cmds for message * fix doc * add gen * test * cleanup * move command to e2ee module move encrypt cmd to e2ee module move decrypt cmd to e2ee update integration test store key as string, to make autocli better fix integration test Update x/e2ee/client/cli/encrypt.go Signed-off-by: yihuang <huang@crypto.com> fix lint --------- Signed-off-by: yihuang <huang@crypto.com> Co-authored-by: yihuang <huang@crypto.com> Co-authored-by: yihuang <yi.codeplayer@gmail.com> Problem: no efficient batch query for encryption keys (crypto-org-chain#1415) Update CHANGELOG.md Signed-off-by: yihuang <huang@crypto.com> update swagger typo fix build proposal handler update version check exist Problem: proto-gen fails in CI (crypto-org-chain#1392) * Problem: proto-gen fails in CI * Apply suggestions from code review add cronos msg add store-block-list cmd refresh block list add handler update deps add handler lint fix cmd test store list set with ante move to util fix ibc Revert "set with ante" This reverts commit c2700f5. reject on err fix prepare proposal fix proto lint * cmd to encrypt to validators * fix test * temp * fix test * improve test * Problem: no validate for malformed e2ee key in register (crypto-org-chain#1421) * Problem: no validate for malformed e2ee key in register * update doc * Apply suggestions from code review * cleanup --------- Co-authored-by: yihuang <yi.codeplayer@gmail.com> * cleanup test * revert * fix test * fix test * remove mempool blocked-addresses * fix test * fix test * fix test * fix patch * avoid prompt * encrypt clear list * cleanup * add validate * avoid concurrent mutate * Update app/proposal.go Signed-off-by: mmsqe <mavis@crypto.com> * cleanup * proto-gen --------- Signed-off-by: yihuang <huang@crypto.com> Signed-off-by: mmsqe <mavis@crypto.com> Co-authored-by: mmsqe <mavis@crypto.com>
1 parent bf11a2f commit 17123a5

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

61 files changed

+5283
-220
lines changed

.github/workflows/proto.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -40,10 +40,10 @@ jobs:
4040
with:
4141
PATTERNS: |
4242
**/**.proto
43-
- name: proto-gen
43+
- name: proto-gen-ci
4444
if: env.GIT_DIFF
4545
run: |
46-
make proto-gen # proto-swagger-gen FIXME swagger-gen result is not reproducible in CI
46+
make proto-gen-ci # proto-swagger-gen FIXME swagger-gen result is not reproducible in CI
4747
git checkout -- go.mod go.sum docs/api/proto-docs.md # FIXME doc gen not reproducible in CI
4848
- name: check working directory is clean
4949
uses: numtide/clean-git-action@main

CHANGELOG.md

+17
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,17 @@
11
# Changelog
22

3+
## UNRELEASED
4+
5+
### State Machine Breaking
6+
7+
* [#1407](https://github.com/crypto-org-chain/cronos/pull/1407) Add end-to-end encryption module.
8+
9+
### Improvements
10+
11+
* [#1413](https://github.com/crypto-org-chain/cronos/pull/1413) Add custom keyring implementation for e2ee module.
12+
* (e2ee)[#1415](https://github.com/crypto-org-chain/cronos/pull/1415) Add batch keys query for e2ee module.
13+
* (e2ee)[#1421](https://github.com/crypto-org-chain/cronos/pull/1421) Validate e2ee key when register.
14+
315
*May 3, 2024*
416

517
## v1.2.2
@@ -21,6 +33,11 @@
2133

2234
* (rpc) [#1397](https://github.com/crypto-org-chain/cronos/pull/1397) Avoid panic on invalid elasticity_multiplier.
2335

36+
### Features
37+
38+
* [#1406](https://github.com/crypto-org-chain/cronos/pull/1406) Add set-encryption-key for encryption module.
39+
* [#1411](https://github.com/crypto-org-chain/cronos/pull/1411) Add encrypt and decrypt cmds for message.
40+
2441
*April 8, 2024*
2542

2643
## v1.2.0

Makefile

+5
Original file line numberDiff line numberDiff line change
@@ -272,6 +272,7 @@ endif
272272
HTTPS_GIT := https://github.com/crypto-org-chain/cronos.git
273273
protoVer=0.11.6
274274
protoImageName=ghcr.io/cosmos/proto-builder:$(protoVer)
275+
protoImageCi=$(DOCKER) run --rm -v $(CURDIR):/workspace --workdir /workspace --user root $(protoImageName)
275276
protoImage=$(DOCKER) run --rm -v $(CURDIR):/workspace --workdir /workspace $(protoImageName)
276277

277278
# ------
@@ -280,6 +281,10 @@ protoImage=$(DOCKER) run --rm -v $(CURDIR):/workspace --workdir /workspace $(pro
280281
#
281282
proto-all: proto-format proto-lint proto-gen
282283

284+
proto-gen-ci:
285+
@echo "Generating Protobuf files"
286+
$(protoImageCi) sh ./scripts/protocgen.sh
287+
283288
proto-gen:
284289
@echo "Generating Protobuf files"
285290
$(protoImage) sh ./scripts/protocgen.sh

app/app.go

+79-47
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
package app
22

33
import (
4-
"crypto/sha256"
5-
"encoding/hex"
64
stderrors "errors"
75
"fmt"
86
"io"
@@ -11,10 +9,10 @@ import (
119
"net/http"
1210
"os"
1311
"path/filepath"
14-
"sort"
1512

1613
autocliv1 "cosmossdk.io/api/cosmos/autocli/v1"
1714
reflectionv1 "cosmossdk.io/api/cosmos/reflection/v1"
15+
"filippo.io/age"
1816
runtimeservices "github.com/cosmos/cosmos-sdk/runtime/services"
1917
"golang.org/x/exp/slices"
2018

@@ -23,6 +21,7 @@ import (
2321
tmjson "github.com/cometbft/cometbft/libs/json"
2422
"github.com/cometbft/cometbft/libs/log"
2523
tmos "github.com/cometbft/cometbft/libs/os"
24+
tmproto "github.com/cometbft/cometbft/proto/tendermint/types"
2625
"github.com/cosmos/cosmos-sdk/client"
2726
"github.com/cosmos/cosmos-sdk/codec/types"
2827
"github.com/gorilla/mux"
@@ -123,6 +122,7 @@ import (
123122
icaauthkeeper "github.com/crypto-org-chain/cronos/v2/x/icaauth/keeper"
124123
icaauthtypes "github.com/crypto-org-chain/cronos/v2/x/icaauth/types"
125124

125+
clientflags "github.com/cosmos/cosmos-sdk/client/flags"
126126
evmante "github.com/evmos/ethermint/app/ante"
127127
srvflags "github.com/evmos/ethermint/server/flags"
128128
ethermint "github.com/evmos/ethermint/types"
@@ -159,6 +159,11 @@ import (
159159
_ "github.com/ethereum/go-ethereum/eth/tracers/native"
160160
ethparams "github.com/ethereum/go-ethereum/params"
161161

162+
e2ee "github.com/crypto-org-chain/cronos/v2/x/e2ee"
163+
e2eekeeper "github.com/crypto-org-chain/cronos/v2/x/e2ee/keeper"
164+
e2eekeyring "github.com/crypto-org-chain/cronos/v2/x/e2ee/keyring"
165+
e2eetypes "github.com/crypto-org-chain/cronos/v2/x/e2ee/types"
166+
162167
// force register the extension json-rpc.
163168
_ "github.com/crypto-org-chain/cronos/v2/x/cronos/rpc"
164169
)
@@ -170,8 +175,6 @@ const (
170175
//
171176
// NOTE: In the SDK, the default value is 255.
172177
AddrLen = 20
173-
174-
FlagBlockedAddresses = "blocked-addresses"
175178
)
176179

177180
var Forks = []Fork{}
@@ -260,6 +263,7 @@ func GenModuleBasics() module.BasicManager {
260263
ibcfee.AppModuleBasic{},
261264
evm.AppModuleBasic{},
262265
feemarket.AppModuleBasic{},
266+
e2ee.AppModuleBasic{},
263267
// this line is used by starport scaffolding # stargate/app/moduleBasic
264268
gravity.AppModuleBasic{},
265269
cronos.AppModuleBasic{},
@@ -286,6 +290,8 @@ func StoreKeys(skipGravity bool) (
286290
icaauthtypes.StoreKey,
287291
// ethermint keys
288292
evmtypes.StoreKey, feemarkettypes.StoreKey,
293+
// e2ee keys
294+
e2eetypes.StoreKey,
289295
// this line is used by starport scaffolding # stargate/app/storeKey
290296
cronostypes.StoreKey,
291297
}
@@ -357,6 +363,9 @@ type App struct {
357363
// Gravity module
358364
GravityKeeper gravitykeeper.Keeper
359365

366+
// e2ee keeper
367+
E2EEKeeper e2eekeeper.Keeper
368+
360369
// this line is used by starport scaffolding # stargate/app/keeperDeclaration
361370

362371
CronosKeeper cronoskeeper.Keeper
@@ -371,6 +380,8 @@ type App struct {
371380
configurator module.Configurator
372381

373382
qms storetypes.MultiStore
383+
384+
blockProposalHandler *ProposalHandler
374385
}
375386

376387
// New returns a reference to an initialized chain.
@@ -385,15 +396,37 @@ func New(
385396
cdc := encodingConfig.Amino
386397
interfaceRegistry := encodingConfig.InterfaceRegistry
387398

399+
var identity age.Identity
400+
{
401+
if cast.ToString(appOpts.Get("mode")) == "validator" {
402+
krBackend := cast.ToString(appOpts.Get(clientflags.FlagKeyringBackend))
403+
kr, err := e2eekeyring.New("cronosd", krBackend, homePath, os.Stdin)
404+
if err != nil {
405+
panic(err)
406+
}
407+
bz, err := kr.Get(e2eetypes.DefaultKeyringName)
408+
if err != nil {
409+
logger.Error("e2ee identity for validator not found", "error", err)
410+
} else {
411+
identity, err = age.ParseX25519Identity(string(bz))
412+
if err != nil {
413+
panic(err)
414+
}
415+
}
416+
}
417+
}
418+
388419
baseAppOptions = memiavlstore.SetupMemIAVL(logger, homePath, appOpts, false, false, baseAppOptions)
420+
421+
blockProposalHandler := NewProposalHandler(encodingConfig.TxConfig.TxDecoder(), identity)
422+
389423
// NOTE we use custom transaction decoder that supports the sdk.Tx interface instead of sdk.StdTx
390424
// Setup Mempool and Proposal Handlers
391425
baseAppOptions = append(baseAppOptions, func(app *baseapp.BaseApp) {
392426
mempool := mempool.NoOpMempool{}
393427
app.SetMempool(mempool)
394-
handler := baseapp.NewDefaultProposalHandler(mempool, app)
395-
app.SetPrepareProposal(handler.PrepareProposalHandler())
396-
app.SetProcessProposal(handler.ProcessProposalHandler())
428+
app.SetPrepareProposal(blockProposalHandler.PrepareProposalHandler())
429+
app.SetProcessProposal(blockProposalHandler.ProcessProposalHandler())
397430
})
398431
bApp := baseapp.NewBaseApp(Name, logger, db, encodingConfig.TxConfig.TxDecoder(), baseAppOptions...)
399432

@@ -404,14 +437,15 @@ func New(
404437
keys, memKeys, tkeys := StoreKeys(skipGravity)
405438

406439
app := &App{
407-
BaseApp: bApp,
408-
cdc: cdc,
409-
appCodec: appCodec,
410-
interfaceRegistry: interfaceRegistry,
411-
invCheckPeriod: invCheckPeriod,
412-
keys: keys,
413-
tkeys: tkeys,
414-
memKeys: memKeys,
440+
BaseApp: bApp,
441+
cdc: cdc,
442+
appCodec: appCodec,
443+
interfaceRegistry: interfaceRegistry,
444+
invCheckPeriod: invCheckPeriod,
445+
keys: keys,
446+
tkeys: tkeys,
447+
memKeys: memKeys,
448+
blockProposalHandler: blockProposalHandler,
415449
}
416450

417451
// init params keeper and subspaces
@@ -666,6 +700,8 @@ func New(
666700
// this line is used by starport scaffolding # ibc/app/router
667701
app.IBCKeeper.SetRouter(ibcRouter)
668702

703+
app.E2EEKeeper = e2eekeeper.NewKeeper(keys[e2eetypes.StoreKey])
704+
669705
/**** Module Options ****/
670706

671707
// NOTE: we may consider parsing `appOpts` inside module constructors. For the moment
@@ -709,6 +745,9 @@ func New(
709745
feeModule,
710746
feemarket.NewAppModule(app.FeeMarketKeeper, feeMarketS),
711747
evm.NewAppModule(app.EvmKeeper, app.AccountKeeper, evmS),
748+
e2ee.NewAppModule(app.E2EEKeeper),
749+
750+
// Cronos app modules
712751
cronosModule,
713752
}
714753

@@ -737,6 +776,7 @@ func New(
737776
vestingtypes.ModuleName,
738777
cronostypes.ModuleName,
739778
consensusparamtypes.ModuleName,
779+
e2eetypes.ModuleName,
740780
}
741781
endBlockersOrder := []string{
742782
crisistypes.ModuleName, govtypes.ModuleName, stakingtypes.ModuleName,
@@ -760,6 +800,7 @@ func New(
760800
vestingtypes.ModuleName,
761801
cronostypes.ModuleName,
762802
consensusparamtypes.ModuleName,
803+
e2eetypes.ModuleName,
763804
}
764805
// NOTE: The genutils module must occur after staking so that pools are
765806
// properly initialized with tokens from genesis accounts.
@@ -795,6 +836,7 @@ func New(
795836
consensusparamtypes.ModuleName,
796837
// NOTE: crisis module must go at the end to check for invariants on each module
797838
crisistypes.ModuleName,
839+
e2eetypes.ModuleName,
798840
}
799841

800842
if !skipGravity {
@@ -876,7 +918,6 @@ func New(
876918
app.SetEndBlocker(app.EndBlocker)
877919
if err := app.setAnteHandler(encodingConfig.TxConfig,
878920
cast.ToUint64(appOpts.Get(srvflags.EVMMaxTxGasWanted)),
879-
cast.ToStringSlice(appOpts.Get(FlagBlockedAddresses)),
880921
); err != nil {
881922
panic(err)
882923
}
@@ -908,6 +949,10 @@ func New(
908949
tmos.Exit(fmt.Sprintf("versiondb version %d lag behind iavl version %d", v1, v2))
909950
}
910951
}
952+
953+
if err := app.RefreshBlockList(app.NewUncachedContext(false, tmproto.Header{})); err != nil {
954+
panic(err)
955+
}
911956
}
912957

913958
app.ScopedIBCKeeper = scopedIBCKeeper
@@ -920,34 +965,7 @@ func New(
920965
}
921966

922967
// use Ethermint's custom AnteHandler
923-
func (app *App) setAnteHandler(txConfig client.TxConfig, maxGasWanted uint64, blacklist []string) error {
924-
if len(blacklist) > 0 {
925-
sort.Strings(blacklist)
926-
// hash blacklist concatenated
927-
h := sha256.New()
928-
for _, addr := range blacklist {
929-
_, err := h.Write([]byte(addr))
930-
if err != nil {
931-
panic(err)
932-
}
933-
}
934-
app.Logger().Error("Setting ante handler with blacklist", "size", len(blacklist), "hash", hex.EncodeToString(h.Sum(nil)))
935-
for _, addr := range blacklist {
936-
app.Logger().Error("Blacklisted address", "address", addr)
937-
}
938-
} else {
939-
app.Logger().Error("Setting ante handler without blacklist")
940-
}
941-
blockedMap := make(map[string]struct{}, len(blacklist))
942-
for _, str := range blacklist {
943-
addr, err := sdk.AccAddressFromBech32(str)
944-
if err != nil {
945-
return fmt.Errorf("invalid bech32 address: %s, err: %w", str, err)
946-
}
947-
948-
blockedMap[string(addr)] = struct{}{}
949-
}
950-
blockAddressDecorator := NewBlockAddressesDecorator(blockedMap)
968+
func (app *App) setAnteHandler(txConfig client.TxConfig, maxGasWanted uint64) error {
951969
options := evmante.HandlerOptions{
952970
AccountKeeper: app.AccountKeeper,
953971
BankKeeper: app.BankKeeper,
@@ -964,7 +982,6 @@ func (app *App) setAnteHandler(txConfig client.TxConfig, maxGasWanted uint64, bl
964982
sdk.MsgTypeURL(&evmtypes.MsgEthereumTx{}),
965983
sdk.MsgTypeURL(&vestingtypes.MsgCreateVestingAccount{}),
966984
},
967-
ExtraDecorators: []sdk.AnteDecorator{blockAddressDecorator},
968985
}
969986

970987
anteHandler, err := evmante.NewAnteHandler(options)
@@ -1002,7 +1019,22 @@ func (app *App) BeginBlocker(ctx sdk.Context, req abci.RequestBeginBlock) abci.R
10021019

10031020
// EndBlocker application updates every end block
10041021
func (app *App) EndBlocker(ctx sdk.Context, req abci.RequestEndBlock) abci.ResponseEndBlock {
1005-
return app.mm.EndBlock(ctx, req)
1022+
rsp := app.mm.EndBlock(ctx, req)
1023+
1024+
if err := app.RefreshBlockList(ctx); err != nil {
1025+
app.Logger().Error("failed to update blocklist", "error", err)
1026+
}
1027+
1028+
return rsp
1029+
}
1030+
1031+
func (app *App) RefreshBlockList(ctx sdk.Context) error {
1032+
if app.blockProposalHandler == nil || app.blockProposalHandler.Identity == nil {
1033+
return nil
1034+
}
1035+
1036+
// refresh blocklist
1037+
return app.blockProposalHandler.SetBlockList(app.CronosKeeper.GetBlockList(ctx))
10061038
}
10071039

10081040
// InitChainer application update at chain initialization

app/block_address.go

-31
This file was deleted.

0 commit comments

Comments
 (0)