[TRA-671] Prevent connect messages in x/authz

[chenyaoy]

Changelist

[Describe or list the changes made in this PR]

Test Plan

[Describe how this PR was tested (if applicable)]

Author/Reviewer Checklist

• If this PR has changes that result in a different app state given the same prior state and transaction list, manually add the state-breaking label.
• If the PR has breaking postgres changes to the indexer add the indexer-postgres-breaking label.
• If this PR isn't state-breaking but has changes that modify behavior in PrepareProposal or ProcessProposal, manually add the label proposal-breaking.
• If this PR is one of many that implement a specific feature, manually label them all feature:[feature-name].
• If you wish to for mergify-bot to automatically create a PR to backport your change to a release branch, manually add the label backport/[branch-name].
• Manually add any of the following labels: refactor, chore, bug.

Summary by CodeRabbit

• New Features

  • Introduced functionality to identify and validate "Connect" messages within the messaging system.
  • Added a new message type, MsgExecWithConnectMessage, to handle specific transaction scenarios.

• Bug Fixes

  • Enhanced error handling for invalid "Connect" messages in nested message validation.

• Tests

  • Expanded test coverage with new tests for validating "Connect" messages, ensuring accurate identification and error reporting.

[linear]

TRA-671 Prevent Connect messages in x/authz MsgExec

[coderabbitai]

Walkthrough

The changes introduce new functionality for handling "Connect" messages within the protocol's message validation logic. A constant CONNECT_MSG_PREFIX and a function IsConnectMsg are added to identify these messages. The validation function validateInnerMsg is updated to reject invalid nested "Connect" messages. Additionally, the test suite is enhanced with new tests for validating "Connect" messages and their handling in the context of MsgExec. A new message type, MsgExecWithConnectMessage, is also introduced along with its encoded transaction bytes.

Changes

File	Change Summary
protocol/lib/ante/nested_msg.go	Added constant CONNECT_MSG_PREFIX and function IsConnectMsg(msg sdk.Msg) bool. Updated validateInnerMsg to check for Connect messages.
protocol/lib/ante/nested_msg_test.go	Introduced tests TestIsConnectMsg_Invalid and TestIsConnectMsg_Valid. Updated TestValidateNestedMsg to handle Connect messages. Added error variable invalidInnerMsgErr_Connect.
protocol/testutil/msgs/nested_msgs.go	Added import for marketmap. Introduced MsgExecWithConnectMessage and MsgExecWithConnectMessageTxBytes. Updated init() function for message initialization.

Poem

In the meadow where messages flow,
Connect whispers softly, a new way to go.
With tests and checks, we dance with delight,
Validating each message, making it right.
Hopping through code, with joy we proclaim,
The Connect message joins in the game! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (3)

protocol/lib/ante/nested_msg.go (2)

89-91: LGTM: Prevent Connect messages in MsgExec.

The addition of the check for Connect messages within MsgExec is appropriate and consistent with the existing code. It successfully implements the PR objective of preventing connect messages in x/authz.

For consistency, consider updating the error message to match the style of the dYdX message check:

- return fmt.Errorf("Invalid nested msg for MsgExec: Connect msg type")
+ return fmt.Errorf("Invalid nested msg for MsgExec: connect msg type")

This change would make the error message fully lowercase, matching the "dydx msg type" error.

---

Line range hint 15-91: Summary: Successfully implemented prevention of Connect messages in x/authz

The changes in this file effectively implement the PR objective of preventing Connect messages in x/authz. The additions include:

1. A new constant CONNECT_MSG_PREFIX for identifying Connect messages.
2. A new function IsConnectMsg to check if a message is a Connect message.
3. An update to the validateInnerMsg function to prevent Connect messages within MsgExec.

These changes are well-integrated with the existing code and follow consistent patterns. The implementation should successfully prevent Connect messages from being nested within MsgExec messages, enhancing the security and integrity of the system.

Consider adding unit tests to verify the behavior of the IsConnectMsg function and the updated validateInnerMsg function, especially focusing on the new Connect message check.

protocol/testutil/msgs/nested_msgs.go (1)

127-131: LGTM: New message type added correctly.

The new MsgExecWithConnectMessage is properly declared and follows the existing pattern in the file. It correctly incorporates the new marketmap package.

Consider whether the empty marketmap.MsgUpsertMarkets{} needs to be populated with actual data for testing purposes. If not, you might want to add a comment explaining why it's left empty.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between e2438dd and be3a91b.

📒 Files selected for processing (3)

• protocol/lib/ante/nested_msg.go (3 hunks)
• protocol/lib/ante/nested_msg_test.go (3 hunks)
• protocol/testutil/msgs/nested_msgs.go (3 hunks)

🔇 Additional comments (11)

protocol/lib/ante/nested_msg.go (2)

15-15: LGTM: New constant for Connect messages.

The addition of CONNECT_MSG_PREFIX constant is appropriate and consistent with the existing code style.

---

36-39: LGTM: New function to identify Connect messages.

The IsConnectMsg function is well-implemented and consistent with the existing code style. It provides a clear way to identify Connect messages.

protocol/testutil/msgs/nested_msgs.go (4)

13-13: LGTM: New import statement added correctly.

The new import for the marketmap package is properly formatted and consistent with the existing import style.

---

131-131: LGTM: New byte slice variable declared correctly.

The MsgExecWithConnectMessageTxBytes variable is properly declared, following the existing pattern in the file. It's correctly positioned alongside other similar declarations.

---

50-52: LGTM: Initialization for new message type added correctly.

The init() function has been properly updated to include the initialization and encoding of the new MsgExecWithConnectMessage. This follows the existing pattern and ensures consistency with other message types.

---

Line range hint 1-145: Summary: New message type for marketmap package integrated successfully.

The changes in this file successfully introduce a new message type MsgExecWithConnectMessage related to the marketmap package. This addition is consistent with the existing code structure and patterns. While these changes lay the groundwork for handling connect messages, the exact mechanism for preventing them in x/authz is not evident from this file alone. Ensure that the implementation in other parts of the codebase aligns with the PR objective.

To ensure the changes are properly integrated, please run the following command to check for any references to the new message type:

✅ Verification successful

Summary: New message type for marketmap package integrated successfully.

The changes in this file successfully introduce the new message type MsgExecWithConnectMessage related to the marketmap package. These additions are consistent with the existing code structure and patterns. Furthermore, references to MsgExecWithConnectMessage are localized within this file and the corresponding test file, ensuring proper integration and testing coverage. The implementation aligns with the PR objective of preventing connect messages in x/authz.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for references to MsgExecWithConnectMessage
rg "MsgExecWithConnectMessage" --type go

Length of output: 524

protocol/lib/ante/nested_msg_test.go (5)

25-25: LGTM: New error variable for Connect messages.

The addition of invalidInnerMsgErr_Connect is consistent with the existing error variables and correctly describes the scenario for an invalid nested message of Connect type.

---

110-125: LGTM: New test function for invalid Connect messages.

The TestIsConnectMsg_Invalid function is well-structured and follows the established pattern for similar tests in this file. It correctly tests that non-Connect messages are not identified as Connect messages.

---

127-138: LGTM: New test function for valid Connect messages.

The TestIsConnectMsg_Valid function is well-implemented and consistent with other test functions in this file. It correctly verifies that all Connect messages are properly identified.

---

177-180: LGTM: New test case for Connect messages in MsgExec.

The addition of the "Invalid MsgExec: Connect custom msg" test case is consistent with other test cases and correctly uses the new invalidInnerMsgErr_Connect error. This ensures proper handling of Connect messages in MsgExec contexts.

---

25-25: Summary: Comprehensive test coverage added for Connect messages.

The changes in this file successfully introduce test coverage for Connect messages in the nested message validation system. The additions include:

1. A new error variable for Connect messages.
2. Test functions for both valid and invalid Connect messages.
3. A test case for Connect messages in the MsgExec context.

These changes are consistent with the existing code structure and improve the overall test coverage of the ante package.

Also applies to: 110-138, 177-180