Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check that client state is zeroed out for IBC client upgrade proposals #291

Closed
3 tasks
colin-axner opened this issue Jul 22, 2021 · 7 comments
Closed
3 tasks

Check that client state is zeroed out for IBC client upgrade proposals #291

colin-axner opened this issue Jul 22, 2021 · 7 comments
Assignees
@chatton
Labels
core good first issue Good for newcomers type: refactor Architecture, code or CI improvements that may or may not tackle technical debt.
Milestone
Q2-2022-backlog

Comments

@colin-axner
Copy link
Contributor

Summary

proposal.ValidateBasic() should ensure the client submitted is zeroed out. Not a security concern but prevents the proposal from containing information governance is not actually voting on

For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged/assigned
@colin-axner colin-axner added the good first issue Good for newcomers label Dec 15, 2021
@crodriguezvega crodriguezvega added the type: refactor Architecture, code or CI improvements that may or may not tackle technical debt. label Jan 3, 2022
@crodriguezvega crodriguezvega added this to the Q2-2022-backlog milestone Mar 31, 2022
@alizahidraja
Copy link
Contributor

Hey!
I wanted to ask, in what cases is the client state not needed? And also want to confirm that we’re talking about the client state associated with UpgradeProposal, right?

@crodriguezvega
Copy link
Contributor

crodriguezvega commented May 11, 2022
edited
Loading

  • Add utility function hasZeroedCustomFields to exported.ClientState.
  • For 07-tendermint implement hasZeroedCustomFields in client_state.go and check that TrustLevel, TrustingPeriod, MaxClockDrift, FrozenHeight, AllowUpdateAfterExpiry and AllowUpdateAfterMisbehaviour have all default values.
  • For 06-solomachine implement hasZeroedCustomFields in client_state.go and check that FrozenSequence and AllowUpdateAfterProposal have both default values.
  • Use hasZeroedCustomFields in UpgradeProposal.ValidateBasic and return error if custom fields are not zeroed out.

@colin-axner
Copy link
Contributor Author

Hey! I wanted to ask, in what cases is the client state not needed? And also want to confirm that we’re talking about the client state associated with UpgradeProposal, right?

Yes we are talking about the client state in the upgrade proposal. The client is always needed. "Zeroing" out the client state just means removing all relayer set fields from the client state (setting them to nil/zero)

@colin-axner
Copy link
Contributor Author

  • Add utility function hasZeroedCustomFields to exported.ClientState.

    • For 07-tendermint implement hasZeroedCustomFields in client_state.go and check that TrustLevel, TrustingPeriod, MaxClockDrift, FrozenHeight, AllowUpdateAfterExpiry and AllowUpdateAfterMisbehaviour have all default values.

    • For 06-solomachine implement hasZeroedCustomFields in client_state.go and check that FrozenSequence and AllowUpdateAfterProposal have both default values.

    • Use hasZeroedCustomFields in UpgradeProposal.ValidateBasic and return error if custom fields are not zeroed out.

No, we don't want to add another function to the exported.ClientState. We can simply check that reflect.DeepEqual(up.UpgradedClientState, up.UpgradedClientState.ZeroCustomFields()) ie that the custom fields have already been zeroed out on the provided upgraded client state

@crodriguezvega
Copy link
Contributor

crodriguezvega commented May 11, 2022
edited
Loading

No, we don't want to add another function to the exported.ClientState. We can simply check that reflect.DeepEqual(up.UpgradedClientState, up.UpgradedClientState.ZeroCustomFields()) ie that the custom fields have already been zeroed out on the provided upgraded client state

I think we need to first unpack, right? So then we just need to do something like this?

clientState, err := UnpackClientState(up.UpgradedClientState)
if err != nil {
        return sdkerrors.Wrap(err, "failed to unpack upgraded client state")
}

if !reflect.DeepEqual(clientState, clientState.ZeroCustomFields()) {
	return sdkerrors.Wrap(err, "upgraded client state is not zeroed out")
}

@colin-axner
Copy link
Contributor Author

I think we need to first unpack, right?

Yup, but the unpacking is already being performed in proposal.ValidateBasic()

@chatton chatton mentioned this issue Jun 13, 2022
Closed
9 tasks
@chatton chatton self-assigned this Jun 13, 2022
@charleenfei charleenfei mentioned this issue Jun 13, 2022
Closed
9 tasks
This was referenced Jul 8, 2022
Merged
Merged
@colin-axner
Copy link
Contributor Author

closed by #1676

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chatton chatton

Labels
core good first issue Good for newcomers type: refactor Architecture, code or CI improvements that may or may not tackle technical debt.
Projects
ibc-go
Archived in project
Milestone
Q2-2022-backlog
Development

Successfully merging a pull request may close this issue.

Check that client state is zeroed out for ibc client upgrade proposals cosmos/ibc-go
4 participants
@crodriguezvega @chatton @colin-axner @alizahidraja