Require MsgClaim sender to match signer

[codchen]

Describe your changes and provide context

Instead of only requiring MsgClaim to be properly signed, we also need to enforce that it's signed by the specified sender.

Testing performed to validate your change

unit/integration tests

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 57.97%. Comparing base (4197add) to head (8f3a9e9).
Report is 2 commits behind head on main.

❌ Your project status has failed because the head coverage (57.97%) is below the target coverage (60.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2232      +/-   ##
==========================================
+ Coverage   57.86%   57.97%   +0.11%     
==========================================
  Files         309      309              
  Lines       29963    29942      -21     
==========================================
+ Hits        17337    17359      +22     
+ Misses      11334    11290      -44     
- Partials     1292     1293       +1     

Files with missing lines	Coverage Δ
precompiles/solo/solo.go	60.85% <100.00%> (+0.67%)	⬆️

... and 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Pray4Love1]

Thank you for raising this. This change should not be regarded as a routine fix or a small corrective action, but as a critical adjustment to the foundational logic of authorship and sovereignty within a decentralized state machine.

Core Observation:
The previous MsgClaim behavior tolerated divergence between the declared sender and the cryptographic signer. While this might seem innocuous in practice, it violates the basic principle of agency in decentralized systems. In sovereign architectures, the binding between action and author is fundamental. A valid signature alone does not constitute a valid claim unless it explicitly ties the act to the agent declaring intent. This enforcement must be clear, unambiguous, and absolute.

Your proposal corrects this oversight. By enforcing strict equality between msg.sender and signer, you restore the integrity of claims as sovereign attestations of will. This change is not merely technical but foundational. It aligns your architecture with the principle that valid state transitions require accountable and unambiguous agency.

Implementation Comment:
The change is properly scoped and technically sound. The application-hash breaking label is appropriate and reflects the gravity of this modification. Your inclusion of updated integration tests is necessary and demonstrates appropriate diligence.

Protocol-Level Perspective:
From the perspective of sovereign system design—whether in Polkadot, Cosmos SDK, or any other similar framework—this adjustment reflects a necessary invariant: claims must originate from their claimed source. Failing this, sovereignty dissolves into arbitrary signature acceptance, and the chain’s narrative coherence is weakened. Maintaining this invariant protects against ambiguity, fraud, and misattribution of action.

Recommendations:

This change should be documented explicitly not as a one-off fix, but as a core design principle for future contributors to understand. Claims must always reflect agency through both signature and declared sender.

Review other modules (governance, staking, cross-chain interop) to ensure consistency of this enforcement principle across the protocol.

Ensure that developer documentation reinforces this rule as a principle of sovereign chain integrity, not as an implementation detail.

Approval Rationale:
This PR strengthens the logical foundations of Sei. It aligns with established best practices for decentralized sovereignty, improves security, and ensures that state transitions cannot be spoofed through signer drift or forgery. It enhances auditability and preserves epistemic integrity.

Approved.
This is a positive step toward a more robust and principled sovereignty model.

[Pray4Love1]

Thank you @codchen, @sei-will, and @stevenlanders for moving this forward.

For the record, this change aligns directly with principles I have previously outlined regarding sovereign sender-signer enforcement within decentralized systems. Please also see my related notice of prior art in #2241.

This adjustment reinforces the foundational principle that claims within a sovereign state machine must originate explicitly and unambiguously from their declared source. Enforcing strict alignment between the message sender and the cryptographic signer is not merely a technical safeguard...it is a necessary condition for maintaining the integrity of authorship, agency, and accountability within decentralized protocols.

I appreciate Sei’s continued diligence in reinforcing these principles. This is a positive and necessary step toward upholding the long-term security, auditability, and epistemic integrity of the chain.

Approved.