Skip to content

Custom AuthorizationPolicy with code & contract info #1999

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Custom AuthorizationPolicy with code & contract info #1999

wants to merge 2 commits into from

Conversation

@codehans
Copy link

@codehans codehans commented Sep 29, 2024
edited
Loading

CosmWasm integration with THORChain requires a different model for permissioning than standard AccessConfig via x/gov:

  • Code upload & instantiate permissions will be configured via "Mimir" (node-set configuration parameters), and will be restricted based on code checksum. This is in order to be able to provide clear accountability from the raw wasm code, through git commit, audit, compilation checksum, through to on-chain permissions.
  • Current design does not allow the create function to discriminate permissions based on the actual code being uploaded, instantiated (or contracts being modified).
  • This PR extends the AuthorizationPolicy interface loaded in msg_server.go to have the CodeInfo passed during CanCreateCode and CanInstantiateContract checks.
  • It also adds ContractInfo where appropriate, for a more uniform and flexible interface
  • All existing behaviour is retained
  • As selectAuthorizationPolicy is currently fixed, this PR also adds a customAuthPolicy func(ctx context.Context, actor string) (types.AuthorizationPolicy, bool) value to the Keeper struct, which can be set in NewKeeper with an Option
  • This allows chains to write custom AuthorizationPolicy implementations, accessing state outside x/wasm etc
@codecov
Copy link

codecov bot commented Sep 29, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 54.46%. Comparing base (1ff8188) to head (b7e5035).
Report is 49 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@ Coverage Diff @@ ## main #1999 +/- ## ========================================== + Coverage 54.40% 54.46% +0.06%  ========================================== Files 65 65 Lines 9976 9985 +9 ========================================== + Hits 5427 5438 +11  + Misses 3993 3992 -1  + Partials 556 555 -1
Files with missing lines Coverage Δ
x/wasm/keeper/authz_policy.go 100.00% <100.00%> (ø)
x/wasm/keeper/keeper.go 77.55% <100.00%> (+0.25%) ⬆️
x/wasm/keeper/msg_server.go 64.23% <100.00%> (+0.39%) ⬆️
x/wasm/types/authz_policy.go 0.00% <ø> (ø)
@pinosu
Copy link
Contributor

pinosu commented Oct 2, 2024

Thanks for your PR.
The use case seems interesting. I just want to show another possibility we have at the moment implemented in wasmd for similar use case:
You can use the command:

wasmd tx wasm grant store-code \ wasm1427kpq9mmnfp0madk5axh2ukmjgpfh6skzdxku \ 3F4CD47C39C57FE1733FB41ED176EEBD9D5C67BAF5DF8A1EEDA1455E758F8514:everybody

to grant the permission to an address to store a code with specific checksum and specific instantiate permission.
Could this kind of mechanism work for you as well?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@codehans @pinosu