diff --git a/aclmapping/bank/mappings.go b/aclmapping/bank/mappings.go new file mode 100644 index 0000000000..3d65fa90ba --- /dev/null +++ b/aclmapping/bank/mappings.go @@ -0,0 +1,82 @@ +package aclbankmapping + +import ( + "fmt" + + sdk "github.com/cosmos/cosmos-sdk/types" + sdkacltypes "github.com/cosmos/cosmos-sdk/types/accesscontrol" + aclkeeper "github.com/cosmos/cosmos-sdk/x/accesscontrol/keeper" + acltypes "github.com/cosmos/cosmos-sdk/x/accesscontrol/types" + banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" + utils "github.com/sei-protocol/sei-chain/aclmapping/utils" +) + +var ErrorInvalidMsgType = fmt.Errorf("invalid message received for bank module") + +func GetBankDepedencyGenerator() aclkeeper.DependencyGeneratorMap { + dependencyGeneratorMap := make(aclkeeper.DependencyGeneratorMap) + + // dex place orders + placeOrdersKey := acltypes.GenerateMessageKey(&banktypes.MsgSend{}) + dependencyGeneratorMap[placeOrdersKey] = MsgSendDependencyGenerator + + return dependencyGeneratorMap +} + +// TODO:: we can make resource types more granular (e.g KV_PARAM or KV_BANK_BALANCE) +func MsgSendDependencyGenerator(keeper aclkeeper.Keeper, ctx sdk.Context, msg sdk.Msg) ([]sdkacltypes.AccessOperation, error) { + msgSend, ok := msg.(*banktypes.MsgSend) + if !ok { + return []sdkacltypes.AccessOperation{}, ErrorInvalidMsgType + } + + accessOperations := []sdkacltypes.AccessOperation{ + // MsgSend also checks if the coin denom is enabled, but the information is from the params. + // Changing the param would require a gov proposal, which is synchrounos by default + + // Checks balance of sender + { + AccessType: sdkacltypes.AccessType_READ, + ResourceType: sdkacltypes.ResourceType_KV, + IdentifierTemplate: utils.GetIdentifierTemplatePerModule(utils.BANK, msgSend.FromAddress), + }, + // Reduce the amount from the sender's balance + { + AccessType: sdkacltypes.AccessType_WRITE, + ResourceType: sdkacltypes.ResourceType_KV, + IdentifierTemplate: utils.GetIdentifierTemplatePerModule(utils.BANK, msgSend.FromAddress), + }, + + // Checks balance for receiver + { + AccessType: sdkacltypes.AccessType_READ, + ResourceType: sdkacltypes.ResourceType_KV, + IdentifierTemplate: utils.GetIdentifierTemplatePerModule(utils.BANK, msgSend.ToAddress), + }, + { + AccessType: sdkacltypes.AccessType_WRITE, + ResourceType: sdkacltypes.ResourceType_KV, + IdentifierTemplate: utils.GetIdentifierTemplatePerModule(utils.BANK, msgSend.ToAddress), + }, + + // Tries to create the reciever's account if it doesn't exist + { + AccessType: sdkacltypes.AccessType_READ, + ResourceType: sdkacltypes.ResourceType_KV, + IdentifierTemplate: utils.GetIdentifierTemplatePerModule(utils.AUTH, msgSend.ToAddress), + }, + { + AccessType: sdkacltypes.AccessType_WRITE, + ResourceType: sdkacltypes.ResourceType_KV, + IdentifierTemplate: utils.GetIdentifierTemplatePerModule(utils.AUTH, msgSend.ToAddress), + }, + + // Last Operation should always be a commit + { + ResourceType: sdkacltypes.ResourceType_ANY, + AccessType: sdkacltypes.AccessType_COMMIT, + IdentifierTemplate: utils.DefaultIDTemplate, + }, + } + return accessOperations, nil +} diff --git a/aclmapping/dependency_generator.go b/aclmapping/dependency_generator.go index 5544aaf7bb..2d875e4022 100644 --- a/aclmapping/dependency_generator.go +++ b/aclmapping/dependency_generator.go @@ -3,6 +3,7 @@ package aclmapping import ( wasmkeeper "github.com/CosmWasm/wasmd/x/wasm/keeper" aclkeeper "github.com/cosmos/cosmos-sdk/x/accesscontrol/keeper" + aclbankmapping "github.com/sei-protocol/sei-chain/aclmapping/bank" acldexmapping "github.com/sei-protocol/sei-chain/aclmapping/dex" aclwasmmapping "github.com/sei-protocol/sei-chain/aclmapping/wasm" ) @@ -19,6 +20,7 @@ func (customDepGen CustomDependencyGenerator) GetCustomDependencyGenerators() ac dependencyGeneratorMap := make(aclkeeper.DependencyGeneratorMap) dependencyGeneratorMap.Merge(acldexmapping.GetDexDependencyGenerators()) + dependencyGeneratorMap.Merge(aclbankmapping.GetBankDepedencyGenerator()) wasmDependencyGenerators := aclwasmmapping.NewWasmDependencyGenerator(customDepGen.WasmKeeper) dependencyGeneratorMap.Merge(wasmDependencyGenerators.GetWasmDependencyGenerators()) diff --git a/aclmapping/utils/identifier_templates.go b/aclmapping/utils/identifier_templates.go new file mode 100644 index 0000000000..fc03b665e2 --- /dev/null +++ b/aclmapping/utils/identifier_templates.go @@ -0,0 +1,13 @@ +package util + +import "fmt" + +const ( + BANK = "bank" + AUTH = "auth" + DefaultIDTemplate = "*" +) + +func GetIdentifierTemplatePerModule(module string, identifier string) string { + return fmt.Sprintf("%s/%s", module, identifier) +}