Upstream changes from v0.46.11-alpha.ledger.8 (cosmos#39)

Co-authored-by: Vladislav Varadinov <[email protected]> Co-authored-by: tom <[email protected]> Co-authored-by: Tom <[email protected]>
luchenqun · Jun 12, 2023 · a23e71c · a23e71c
1 parent aad3009
commit a23e71c
Show file tree

Hide file tree

Showing 7 changed files with 639 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -35,11 +35,22 @@ Ref: https://keepachangelog.com/en/1.0.0/
 
 # Changelog
 
-## [v0.46.11-alpha.ledger.7](https://github.com/evmos/cosmos-sdk/releases/tag/v0.46.11-alpha.ledger.7) - 2022-05-22
+## [Unreleased]
 
 ### Bug Fixes
 
-* [#33](https://github.com/evmos/cosmos-sdk/pull/33) Update `cosmos/iavl` dependency with memory leak patch (state-sync).
+## [v0.46.11-alpha.ledger.8]
+
+### Improvements
+* (x/distribution) [#35](https://github.com/evmos/cosmos-sdk/pull/35) Add `DistributionAuthorization` authz type 
+
+
+## [v0.46.11-alpha.ledger.7](https://github.com/evmos/cosmos-sdk/releases/tag/v0.46.11-alpha.ledger.7) - 2022-05-22
+
+### Improvements
+
+* (simapp) [#15305](https://github.com/cosmos/cosmos-sdk/pull/15305) Add `AppStateFnWithExtendedCb` with callback function to extend rawState and `AppStateRandomizedFnWithState` with extra genesisState argument which is the genesis state of the app.
+* (x/distribution) [#29](https://github.com/evmos/cosmos-sdk/pull/29) Add `Querier` to distribution module.
 
 ## [v0.46.11-alpha.ledger](https://github.com/evmos/cosmos-sdk/releases/tag/v0.46.11-alpha.ledger) - 2022-03-23
 
@@ -52,7 +63,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 
 * [#15243](https://github.com/cosmos/cosmos-sdk/pull/15243) `LatestBlockResponse` & `BlockByHeightResponse` types' field `sdk_block` was incorrectly cast `proposer_address` bytes to validator operator address, now to consensus address.
 * (x/auth/vesting) [#15383](https://github.com/cosmos/cosmos-sdk/pull/15383) Add extra checks when creating a periodic vesting account.
-* (x/staking) [#21](https://github.com/evmos/cosmos-sdk/pull/21) Add `CancelUnbondingDelegation` authz
+* (x/staking) [#21](https://github.com/evmos/cosmos-sdk/pull/21) Add `CancelUnbondingDelegation` authz.
 
 ## [v0.46.10-alpha.ledger.2](https://github.com/evmos/cosmos-sdk/releases/tag/v0.46.10-alpha.ledger.2) - 2023-03-15
 

diff --git a/proto/cosmos/distribution/v1beta1/authz.proto b/proto/cosmos/distribution/v1beta1/authz.proto
@@ -0,0 +1,18 @@
+syntax = "proto3";
+package cosmos.distribution.v1beta1;
+
+import "cosmos_proto/cosmos.proto";
+
+option go_package = "github.com/cosmos/cosmos-sdk/x/distribution/types";
+
+// DistributionAuthorization defines a grant that can be given to an address to allow them to
+// execute distribution messages on behalf of the granter.
+message DistributionAuthorization {
+  option (cosmos_proto.implements_interface) = "Authorization";
+
+  // message_type represents the type of the message that is authorized by this DistributionAuthorization.
+  string message_type = 1;
+  // allowed_list specifies list of addresses that are allowed to execute the distribution messages.
+  repeated string allowed_list = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"];
+}
+
diff --git a/x/distribution/keeper/grpc_query_test.go b/x/distribution/keeper/grpc_query_test.go
@@ -5,6 +5,8 @@ import (
 	"fmt"
 	"testing"
 
+	"github.com/cosmos/cosmos-sdk/x/distribution/keeper"
+
 	"github.com/stretchr/testify/suite"
 	tmproto "github.com/tendermint/tendermint/proto/tendermint/types"
 
@@ -34,7 +36,8 @@ func (suite *KeeperTestSuite) SetupTest() {
 	ctx := app.BaseApp.NewContext(false, tmproto.Header{})
 
 	queryHelper := baseapp.NewQueryServerTestHelper(ctx, app.InterfaceRegistry())
-	types.RegisterQueryServer(queryHelper, app.DistrKeeper)
+	querySrv := keeper.NewQuerier(app.DistrKeeper)
+	types.RegisterQueryServer(queryHelper, querySrv)
 	queryClient := types.NewQueryClient(queryHelper)
 
 	suite.app = app
@@ -350,7 +353,8 @@ func (suite *KeeperTestSuite) TestGRPCDelegationRewards() {
 	ctx = ctx.WithBlockHeight(ctx.BlockHeight() + 1)
 
 	queryHelper := baseapp.NewQueryServerTestHelper(ctx, app.InterfaceRegistry())
-	types.RegisterQueryServer(queryHelper, app.DistrKeeper)
+	querySrv := keeper.NewQuerier(app.DistrKeeper)
+	types.RegisterQueryServer(queryHelper, querySrv)
 	queryClient := types.NewQueryClient(queryHelper)
 
 	val := app.StakingKeeper.Validator(ctx, valAddrs[0])

diff --git a/x/distribution/types/authz.go b/x/distribution/types/authz.go
@@ -0,0 +1,78 @@
+package types
+
+import (
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+	"github.com/cosmos/cosmos-sdk/x/authz"
+	"golang.org/x/exp/slices"
+)
+
+var _ authz.Authorization = &DistributionAuthorization{}
+
+var (
+	SetWithdrawerAddressMsg        = sdk.MsgTypeURL(&MsgSetWithdrawAddress{})
+	WithdrawDelegatorRewardMsg     = sdk.MsgTypeURL(&MsgWithdrawDelegatorReward{})
+	WithdrawValidatorCommissionMsg = sdk.MsgTypeURL(&MsgWithdrawValidatorCommission{})
+)
+
+// NewDistributionAuthorization creates a new DistributionAuthorization.
+func NewDistributionAuthorization(msgType string, allowed ...string) *DistributionAuthorization {
+	return &DistributionAuthorization{
+		MessageType: msgType,
+		AllowedList: allowed,
+	}
+}
+
+// MsgTypeURL implements Authorization.MsgTypeURL.
+func (da *DistributionAuthorization) MsgTypeURL() string {
+	return da.MessageType
+}
+
+// Accept implements Authorization.Accept. It checks, that the
+// withdrawer for MsgSetWithdrawAddress,
+// validator for MsgWithdrawValidatorCommission,
+// the delegator address for MsgWithdrawDelegatorReward
+// is in the allowed list. If these conditions are met, the AcceptResponse is returned.
+func (da *DistributionAuthorization) Accept(ctx sdk.Context, msg sdk.Msg) (authz.AcceptResponse, error) {
+	switch msg := msg.(type) {
+	case *MsgSetWithdrawAddress:
+		if !slices.Contains(da.AllowedList, msg.WithdrawAddress) {
+			return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrap("address is not in the allowed list")
+		}
+	case *MsgWithdrawValidatorCommission:
+		if !slices.Contains(da.AllowedList, msg.ValidatorAddress) {
+			return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrap("address is not in the allowed list")
+		}
+	case *MsgWithdrawDelegatorReward:
+		if !slices.Contains(da.AllowedList, msg.DelegatorAddress) {
+			return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrap("address is not in the allowed list")
+		}
+	default:
+		return authz.AcceptResponse{}, sdkerrors.ErrInvalidRequest.Wrap("unknown msg type")
+	}
+
+	return authz.AcceptResponse{
+		Accept: true,
+		Delete: false,
+		Updated: &DistributionAuthorization{
+			AllowedList: da.AllowedList,
+			MessageType: da.MessageType,
+		},
+	}, nil
+}
+
+// ValidateBasic performs a stateless validation of the fields.
+func (da *DistributionAuthorization) ValidateBasic() error {
+	if len(da.AllowedList) == 0 {
+		return sdkerrors.ErrInvalidRequest.Wrap("allowed list cannot be empty")
+	}
+
+	// validate all the addresses are correct bech32 addresses
+	for _, addr := range da.AllowedList {
+		if _, err := sdk.AccAddressFromBech32(addr); err != nil {
+			return sdkerrors.ErrInvalidAddress.Wrapf("invalid address: %s", addr)
+		}
+	}
+
+	return nil
+}