Skip to content

Commit

Permalink
Merge branch 'release/v0.45.x' into julien/v0.45.16-ics
Browse files Browse the repository at this point in the history
  • Loading branch information
julienrbrt committed May 11, 2023
2 parents b05b6fe + 9abd946 commit 1cc2c18
Show file tree
Hide file tree
Showing 4 changed files with 107 additions and 36 deletions.
12 changes: 10 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,19 @@ Ref: https://keepachangelog.com/en/1.0.0/

# Changelog

## [Unreleased]
Since **v0.45.15**, the v0.45.x line of the Cosmos SDK has reached end-of-life.
Any release after **v0.45.15** is a security release that contains security fixes.
It is strongly recommended to upgrade to these releases as well.

## [v0.45.16](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.45.16) - 2023-05-11

### Security Bug Fixes

* (x/feegrant) [#16097](https://github.com/cosmos/cosmos-sdk/pull/16097) Fix infinite feegrant allowance bug.

## [v0.45.15](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.45.15) - 2023-03-22

## Improvements
### Improvements

* (deps) Migrate to [CometBFT](https://github.com/cometbft/cometbft). Follow the instructions in the [release notes](./RELEASE_NOTES.md).
* (deps) [#15127](https://github.com/cosmos/cosmos-sdk/pull/15127) Bump btcd.
Expand Down
37 changes: 4 additions & 33 deletions RELEASE_NOTES.md
Original file line number Diff line number Diff line change
@@ -1,21 +1,12 @@
# Cosmos SDK v0.45.15 Release Notes
# Cosmos SDK v0.45.16 Release Notes

This release includes the migration to [CometBFT v0.34.27](https://github.com/cometbft/cometbft/blob/v0.34.27/CHANGELOG.md#v03427).
This migration should be minimally breaking for chains.
From `v0.45.15`+, the following replace is *mandatory* in the `go.mod` of your application:
The Cosmos SDK v0.45.x line has reached end-of-life since v0.45.15. This is an exceptional security release according to our [release policy](https://github.com/cosmos/cosmos-sdk/blob/2262199/RELEASE_PROCESS.md#major-release-maintenance).

```go
// use cometbft
replace github.com/tendermint/tendermint => github.com/cometbft/cometbft v0.34.27
```

Additionally, the SDK sets its minimum version to Go 1.19. This is not because the SDK uses new Go 1.19 functionalities, but to signal that we recommend chains to upgrade to Go 1.19 — Go 1.18 is not supported by the Go Team anymore.
Note, that SDK recommends chains to use the same Go version across all of their network.
We recommend, as well, chains to perform a **coordinated upgrade** when migrating from Go 1.18 to Go 1.19.
It fixes an issue in the `x/feegrant` module on version <= v0.45.15. Cosmos SDK v0.46.x+ is not affected.

Please see the [CHANGELOG](https://github.com/cosmos/cosmos-sdk/blob/release/v0.45.x/CHANGELOG.md) for an exhaustive list of changes.

**Full Commit History**: https://github.com/cosmos/cosmos-sdk/compare/v0.45.14...v0.45.15
**Full Commit History**: https://github.com/cosmos/cosmos-sdk/compare/v0.45.15...v0.45.16

## End-of-Life Notice

Expand All @@ -25,23 +16,3 @@ The SDK team maintains the two latest major versions of the SDK. This means no f
We encourage all chains to upgrade to the latest release of the SDK, or the `v0.46.x` line.

Refer to the [upgrading guide](https://github.com/cosmos/cosmos-sdk/blob/main/UPGRADING.md) for how to upgrade a chain to the latest release.

## FAQ Migration to CometBFT v0.34.27

### I use `tm-db` but I get an import error with `cometbft-db`

For preventing API breaking changes, the SDK team has kept using `tm-db` for `v0.45.x` and `v0.46.x`.
However, the CometBFT team kept using `cometbft-db` for their `v0.34.x` line.
This means if your app directly interact with CometBFT (e.g. for a force pruning command), you will need to use `cometbft-db` there.
When not interacting with CometBFT directly, you can use `tm-db` as usual.

### I get import errors with `btcd`

If you are using an old version of `btcd`, you will need to upgrade to the latest version.
The previous versions had vulnerabilities so the SDK and CometBFT have upgraded to the latest version.
In the latest version `btcsuite/btcd` and `btcsuite/btcd/btcec` are two separate go modules.

### I encounter state sync issues

Please ensure you have built the binary with the same Go version as the network.
You can easily verify that by querying `/cosmos/base/tendermint/v1beta1/node_info` of a node in the network, and checking the `go_version` field.
12 changes: 11 additions & 1 deletion x/feegrant/filtered_fee.go
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,17 @@ func (a *AllowedMsgAllowance) Accept(ctx sdk.Context, fee sdk.Coins, msgs []sdk.
return false, err
}

return allowance.Accept(ctx, fee, msgs)
remove, err := allowance.Accept(ctx, fee, msgs)
if err != nil {
return false, err
}

a.Allowance, err = types.NewAnyWithValue(allowance.(proto.Message))
if err != nil {
return false, err
}

return remove, nil
}

func (a *AllowedMsgAllowance) allowedMsgsToMap(ctx sdk.Context) map[string]bool {
Expand Down
82 changes: 82 additions & 0 deletions x/feegrant/filtered_fee_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
package feegrant_test

import (
"testing"
"time"

bank "github.com/cosmos/cosmos-sdk/x/bank/types"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
tmproto "github.com/tendermint/tendermint/proto/tendermint/types"

codectypes "github.com/cosmos/cosmos-sdk/codec/types"
"github.com/cosmos/cosmos-sdk/simapp"
sdk "github.com/cosmos/cosmos-sdk/types"
"github.com/cosmos/cosmos-sdk/x/feegrant"
)

func TestFilteredFeeValidAllow(t *testing.T) {
app := simapp.Setup(false)

smallAtom := sdk.NewCoins(sdk.NewInt64Coin("atom", 488))
bigAtom := sdk.NewCoins(sdk.NewInt64Coin("atom", 1000))
leftAtom := sdk.NewCoins(sdk.NewInt64Coin("atom", 512))

basicAllowance, _ := codectypes.NewAnyWithValue(&feegrant.BasicAllowance{
SpendLimit: bigAtom,
})

cases := map[string]struct {
allowance *feegrant.AllowedMsgAllowance
// all other checks are ignored if valid=false
fee sdk.Coins
blockTime time.Time
valid bool
accept bool
remove bool
remains sdk.Coins
}{
"internal fee is updated": {
allowance: &feegrant.AllowedMsgAllowance{
Allowance: basicAllowance,
AllowedMessages: []string{"/cosmos.bank.v1beta1.MsgSend"},
},
fee: smallAtom,
accept: true,
remove: false,
remains: leftAtom,
},
}

for name, stc := range cases {
tc := stc // to make scopelint happy
t.Run(name, func(t *testing.T) {
err := tc.allowance.ValidateBasic()
require.NoError(t, err)

ctx := app.BaseApp.NewContext(false, tmproto.Header{}).WithBlockTime(tc.blockTime)

// now try to deduct
removed, err := tc.allowance.Accept(ctx, tc.fee, []sdk.Msg{
&bank.MsgSend{
FromAddress: "gm",
ToAddress: "gn",
Amount: tc.fee,
},
})
if !tc.accept {
require.Error(t, err)
return
}
require.NoError(t, err)

require.Equal(t, tc.remove, removed)
if !removed {
var basicAllowanceLeft feegrant.BasicAllowance
app.AppCodec().Unmarshal(tc.allowance.Allowance.Value, &basicAllowanceLeft)

assert.Equal(t, tc.remains, basicAllowanceLeft.SpendLimit)
}
})
}
}

0 comments on commit 1cc2c18

Please sign in to comment.