-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/authz module spec is not up-to-date with implementation #11566
Comments
I think this should be implemented in a way that |
after having a small discussion with @aleem1314 & @AmauryM we just need to modify the ADR here, if we need limit less bank authz we can use generic authz. |
## Description Closes: #11566 --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable)
Summary of Bug
During the specification and code inspection of authz module (as a part of audit process that includes model-based testing) I have found that several specification markdown files are out of date or missing (in my opinion) some important info on authorization feature and implementation itself.
The following are just recommendations, so please if I'm missing some context needed for better understanding of authz module, feel free to tell me so.
01_concepts.md:
-I have found an explanation on issue Authorization logic of staking module: denyList never used? #11391 reported: “If deny list is provided, it should be possible to use any validator not on the deny list” and I think adding this to spec would explain the idea.
-Also, consider changing and to or in: "Msg takes an AllowList and a DenyList " since it is not possible to create staking authorization with both lists.
02_state.md:
(gogoproto.nullable) = true
with optional expirations feature implemented.03_messages.md
ADR30:
Version
master (commit: 8800d2e)
auditing is performed for tag: v0.46.0-alpha4 (commit: 354faa8)
For Admin Use
The text was updated successfully, but these errors were encountered: