Skip to content

Commit

Permalink
resolve comments
Browse files Browse the repository at this point in the history
  • Loading branch information
kingpinXD committed May 31, 2024
1 parent 6a755ca commit c18bd7d
Show file tree
Hide file tree
Showing 5 changed files with 198 additions and 121 deletions.
2 changes: 2 additions & 0 deletions proto/zetachain/zetacore/authority/authorization.proto
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,14 @@ import "zetachain/zetacore/authority/policies.proto";

option go_package = "github.com/zeta-chain/zetacore/x/authority/types";

// Authorization defines the authorization required to access use a message which needs special permissions
message Authorization {
// The URL of the message that needs to be authorized
string msg_url = 1;
// The policy that is authorized to access the message
PolicyType authorized_policy = 2;
}

// AuthorizationList holds the list of authorizations on zetachain
message AuthorizationList {
repeated Authorization authorizations = 1 [ (gogoproto.nullable) = false ];
Expand Down
5 changes: 3 additions & 2 deletions x/authority/keeper/authorization_list.go
Original file line number Diff line number Diff line change
@@ -1,21 +1,22 @@
package keeper

import (
"github.com/cosmos/cosmos-sdk/store/prefix"
sdk "github.com/cosmos/cosmos-sdk/types"

"github.com/zeta-chain/zetacore/x/authority/types"
)

// SetAuthorizationList sets the authorization list to the store.It returns an error if the list is invalid.
func (k Keeper) SetAuthorizationList(ctx sdk.Context, list types.AuthorizationList) {
store := ctx.KVStore(k.storeKey)
store := prefix.NewStore(ctx.KVStore(k.storeKey), types.KeyPrefix(types.AuthorizationListKey))
b := k.cdc.MustMarshal(&list)
store.Set([]byte{0}, b)
}

// GetAuthorizationList returns the authorization list from the store
func (k Keeper) GetAuthorizationList(ctx sdk.Context) (val types.AuthorizationList, found bool) {
store := ctx.KVStore(k.storeKey)
store := prefix.NewStore(ctx.KVStore(k.storeKey), types.KeyPrefix(types.AuthorizationListKey))
b := store.Get([]byte{0})
if b == nil {
return val, false
Expand Down
176 changes: 58 additions & 118 deletions x/authority/types/authorizations.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,130 +6,69 @@ import (
"cosmossdk.io/errors"
)

var (
OperationPolicyMessages = []string{
"/zetachain.zetacore.crosschain.MsgRefundAbortedCCTX",
"/zetachain.zetacore.crosschain.MsgAbortStuckCCTX",
"/zetachain.zetacore.crosschain.MsgUpdateRateLimiterFlags",
"/zetachain.zetacore.crosschain.MsgWhitelistERC20",
"/zetachain.zetacore.fungible.MsgDeployFungibleCoinZRC20",
"/zetachain.zetacore.fungible.MsgDeploySystemContracts",
"/zetachain.zetacore.fungible.MsgRemoveForeignCoin",
"/zetachain.zetacore.fungible.MsgUpdateZRC20LiquidityCap",
"/zetachain.zetacore.fungible.MsgUpdateZRC20WithdrawFee",
"/zetachain.zetacore.fungible.MsgUnpauseZRC20",
"/zetachain.zetacore.observer.MsgAddObserver",
"/zetachain.zetacore.observer.MsgRemoveChainParams",
"/zetachain.zetacore.observer.MsgResetChainNonces",
"/zetachain.zetacore.observer.MsgUpdateChainParams",
"/zetachain.zetacore.observer.MsgEnableCCTX",
"/zetachain.zetacore.observer.MsgUpdateGasPriceIncreaseFlags",
"/zetachain.zetacore.lightclient.MsgEnableHeaderVerification",
}
AdminPolicyMessages = []string{
"/zetachain.zetacore.crosschain.MsgMigrateTssFunds",
"/zetachain.zetacore.crosschain.MsgUpdateTssAddress",
"/zetachain.zetacore.fungible.MsgUpdateContractBytecode",
"/zetachain.zetacore.fungible.MsgUpdateSystemContract",
"/zetachain.zetacore.observer.MsgUpdateObserver",
}
EmergencyPolicyMessages = []string{
"/zetachain.zetacore.crosschain.MsgAddInboundTracker",
"/zetachain.zetacore.crosschain.MsgAddOutboundTracker",
"/zetachain.zetacore.crosschain.MsgRemoveOutboundTracker",
"/zetachain.zetacore.fungible.MsgPauseZRC20",
"/zetachain.zetacore.observer.MsgUpdateKeygen",
"/zetachain.zetacore.observer.MsgDisableCCTX",
"/zetachain.zetacore.lightclient.MsgDisableHeaderVerification",
}
)

// DefaultAuthorizationsList list is the list of authorizations that presently exist in the system.
// This is the minimum set of authorizations that are required to be set when the authorization table is deployed
func DefaultAuthorizationsList() AuthorizationList {
var authorizations []Authorization

authorizations = []Authorization{
// OperationalPolicyMessageList
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgRefundAbortedCCTX",
AuthorizedPolicy: PolicyType_groupOperational},
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgAbortStuckCCTX",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgUpdateRateLimiterFlags",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgWhitelistERC20",
AuthorizedPolicy: PolicyType_groupOperational},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgDeployFungibleCoinZRC20",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgDeploySystemContracts",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgRemoveForeignCoin",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgUpdateZRC20LiquidityCap",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgUpdateZRC20WithdrawFee",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgUnpauseZRC20",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgAddObserver",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgRemoveChainParams",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgResetChainNonces",
AuthorizedPolicy: PolicyType_groupOperational,
},

{
MsgUrl: "/zetachain.zetacore.observer.MsgUpdateChainParams",
authorizations := make([]Authorization, len(OperationPolicyMessages)+len(AdminPolicyMessages)+len(EmergencyPolicyMessages))
index := 0
for _, msgURL := range OperationPolicyMessages {
authorizations[index] = Authorization{
MsgUrl: msgURL,
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgEnableCCTX",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgUpdateGasPriceIncreaseFlags",
AuthorizedPolicy: PolicyType_groupOperational,
},
{
MsgUrl: "/zetachain.zetacore.lightclient.MsgEnableHeaderVerification",
AuthorizedPolicy: PolicyType_groupOperational,
},
// AdminPolicyMessageList
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgMigrateTssFunds",
AuthorizedPolicy: PolicyType_groupAdmin,
},
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgUpdateTssAddress",
AuthorizedPolicy: PolicyType_groupAdmin,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgUpdateContractBytecode",
AuthorizedPolicy: PolicyType_groupAdmin,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgUpdateSystemContract",
AuthorizedPolicy: PolicyType_groupAdmin,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgUpdateObserver",
}
index++
}
for _, msgURL := range AdminPolicyMessages {
authorizations[index] = Authorization{
MsgUrl: msgURL,
AuthorizedPolicy: PolicyType_groupAdmin,
},
// EmergencyPolicyMessageList
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgAddInboundTracker",
AuthorizedPolicy: PolicyType_groupEmergency,
},
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgAddOutboundTracker",
AuthorizedPolicy: PolicyType_groupEmergency,
},
{
MsgUrl: "/zetachain.zetacore.crosschain.MsgRemoveOutboundTracker",
AuthorizedPolicy: PolicyType_groupEmergency,
},
{
MsgUrl: "/zetachain.zetacore.fungible.MsgPauseZRC20",
AuthorizedPolicy: PolicyType_groupEmergency,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgUpdateKeygen",
AuthorizedPolicy: PolicyType_groupEmergency,
},
{
MsgUrl: "/zetachain.zetacore.observer.MsgDisableCCTX",
AuthorizedPolicy: PolicyType_groupEmergency,
},
{
MsgUrl: "/zetachain.zetacore.lightclient.MsgDisableHeaderVerification",
}
index++
}
for _, msgURL := range EmergencyPolicyMessages {
authorizations[index] = Authorization{
MsgUrl: msgURL,
AuthorizedPolicy: PolicyType_groupEmergency,
},
}
index++
}

return AuthorizationList{
Expand Down Expand Up @@ -165,6 +104,7 @@ func (a *AuthorizationList) GetAuthorizedPolicy(msgURL string) (PolicyType, erro
return auth.AuthorizedPolicy, nil
}
}
fmt.Println("Authorization not found", msgURL)
// Returning first value of enum, can consider adding a default value of `EmptyPolicy` in the enum.
return PolicyType(0), ErrAuthorizationNotFound
}
Expand Down
Loading

0 comments on commit c18bd7d

Please sign in to comment.