From fc1cd33910371bdeeb764a0e81730090ccae9b25 Mon Sep 17 00:00:00 2001 From: lumtis Date: Wed, 24 Jul 2024 14:25:33 +0200 Subject: [PATCH 1/8] change authorization --- x/authority/types/authorization_list.go | 12 ++++++------ x/authority/types/authorization_list_test.go | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/x/authority/types/authorization_list.go b/x/authority/types/authorization_list.go index 5f72408833..d935839233 100644 --- a/x/authority/types/authorization_list.go +++ b/x/authority/types/authorization_list.go @@ -12,31 +12,31 @@ var ( "/zetachain.zetacore.crosschain.MsgRefundAbortedCCTX", "/zetachain.zetacore.crosschain.MsgAbortStuckCCTX", "/zetachain.zetacore.crosschain.MsgUpdateRateLimiterFlags", - "/zetachain.zetacore.crosschain.MsgWhitelistERC20", - "/zetachain.zetacore.fungible.MsgDeployFungibleCoinZRC20", "/zetachain.zetacore.fungible.MsgDeploySystemContracts", - "/zetachain.zetacore.fungible.MsgRemoveForeignCoin", "/zetachain.zetacore.fungible.MsgUpdateZRC20LiquidityCap", "/zetachain.zetacore.fungible.MsgUpdateZRC20WithdrawFee", "/zetachain.zetacore.fungible.MsgUnpauseZRC20", - "/zetachain.zetacore.observer.MsgAddObserver", - "/zetachain.zetacore.observer.MsgRemoveChainParams", "/zetachain.zetacore.observer.MsgResetChainNonces", "/zetachain.zetacore.observer.MsgUpdateChainParams", "/zetachain.zetacore.observer.MsgEnableCCTX", "/zetachain.zetacore.observer.MsgUpdateGasPriceIncreaseFlags", - "/zetachain.zetacore.lightclient.MsgEnableHeaderVerification", } // AdminPolicyMessages keeps track of the message URLs that can, by default, only be executed by admin policy address AdminPolicyMessages = []string{ "/zetachain.zetacore.crosschain.MsgMigrateTssFunds", "/zetachain.zetacore.crosschain.MsgUpdateTssAddress", + "/zetachain.zetacore.crosschain.MsgWhitelistERC20", "/zetachain.zetacore.fungible.MsgUpdateContractBytecode", "/zetachain.zetacore.fungible.MsgUpdateSystemContract", + "/zetachain.zetacore.fungible.MsgRemoveForeignCoin", + "/zetachain.zetacore.fungible.MsgDeployFungibleCoinZRC20", "/zetachain.zetacore.observer.MsgUpdateObserver", + "/zetachain.zetacore.observer.MsgAddObserver", + "/zetachain.zetacore.observer.MsgRemoveChainParams", "/zetachain.zetacore.authority.MsgAddAuthorization", "/zetachain.zetacore.authority.MsgRemoveAuthorization", "/zetachain.zetacore.authority.MsgUpdateChainInfo", + "/zetachain.zetacore.lightclient.MsgEnableHeaderVerification", } // EmergencyPolicyMessages keeps track of the message URLs that can, by default, only be executed by emergency policy address EmergencyPolicyMessages = []string{ diff --git a/x/authority/types/authorization_list_test.go b/x/authority/types/authorization_list_test.go index 4a1cf701e8..0f4c896a50 100644 --- a/x/authority/types/authorization_list_test.go +++ b/x/authority/types/authorization_list_test.go @@ -391,20 +391,14 @@ func TestDefaultAuthorizationsList(t *testing.T) { sdk.MsgTypeURL(&crosschaintypes.MsgRefundAbortedCCTX{}), sdk.MsgTypeURL(&crosschaintypes.MsgAbortStuckCCTX{}), sdk.MsgTypeURL(&crosschaintypes.MsgUpdateRateLimiterFlags{}), - sdk.MsgTypeURL(&crosschaintypes.MsgWhitelistERC20{}), - sdk.MsgTypeURL(&fungibletypes.MsgDeployFungibleCoinZRC20{}), sdk.MsgTypeURL(&fungibletypes.MsgDeploySystemContracts{}), - sdk.MsgTypeURL(&fungibletypes.MsgRemoveForeignCoin{}), sdk.MsgTypeURL(&fungibletypes.MsgUpdateZRC20LiquidityCap{}), sdk.MsgTypeURL(&fungibletypes.MsgUpdateZRC20WithdrawFee{}), sdk.MsgTypeURL(&fungibletypes.MsgUnpauseZRC20{}), - sdk.MsgTypeURL(&observertypes.MsgAddObserver{}), - sdk.MsgTypeURL(&observertypes.MsgRemoveChainParams{}), sdk.MsgTypeURL(&observertypes.MsgResetChainNonces{}), sdk.MsgTypeURL(&observertypes.MsgUpdateChainParams{}), sdk.MsgTypeURL(&observertypes.MsgEnableCCTX{}), sdk.MsgTypeURL(&observertypes.MsgUpdateGasPriceIncreaseFlags{}), - sdk.MsgTypeURL(&lightclienttypes.MsgEnableHeaderVerification{}), } // EmergencyPolicyMessageList is a list of messages that can be authorized by the emergency policy @@ -422,12 +416,18 @@ func TestDefaultAuthorizationsList(t *testing.T) { var AdminPolicyMessageList = []string{ sdk.MsgTypeURL(&crosschaintypes.MsgMigrateTssFunds{}), sdk.MsgTypeURL(&crosschaintypes.MsgUpdateTssAddress{}), + sdk.MsgTypeURL(&crosschaintypes.MsgWhitelistERC20{}), + sdk.MsgTypeURL(&fungibletypes.MsgDeployFungibleCoinZRC20{}), sdk.MsgTypeURL(&fungibletypes.MsgUpdateContractBytecode{}), sdk.MsgTypeURL(&fungibletypes.MsgUpdateSystemContract{}), + sdk.MsgTypeURL(&fungibletypes.MsgRemoveForeignCoin{}), sdk.MsgTypeURL(&observertypes.MsgUpdateObserver{}), + sdk.MsgTypeURL(&observertypes.MsgAddObserver{}), + sdk.MsgTypeURL(&observertypes.MsgRemoveChainParams{}), sdk.MsgTypeURL(&types.MsgAddAuthorization{}), sdk.MsgTypeURL(&types.MsgRemoveAuthorization{}), sdk.MsgTypeURL(&types.MsgUpdateChainInfo{}), + sdk.MsgTypeURL(&lightclienttypes.MsgEnableHeaderVerification{}), } defaultList := types.DefaultAuthorizationsList() for _, msgUrl := range OperationalPolicyMessageList { From e79695f7c922442d619a3280576e0f41f13c5d9e Mon Sep 17 00:00:00 2001 From: lumtis Date: Wed, 24 Jul 2024 14:28:37 +0200 Subject: [PATCH 2/8] changelogs --- changelog.md | 1 + 1 file changed, 1 insertion(+) diff --git a/changelog.md b/changelog.md index f8857f3e9e..dec3144e55 100644 --- a/changelog.md +++ b/changelog.md @@ -64,6 +64,7 @@ * [2428](https://github.com/zeta-chain/node/pull/2428) - propagate context across codebase & refactor zetacore client * [2464](https://github.com/zeta-chain/node/pull/2464) - move common voting logic to voting.go and add new function VoteOnBallot * [2515](https://github.com/zeta-chain/node/pull/2515) - replace chainName by chainID for ChainNonces indexing +* [2542](https://github.com/zeta-chain/node/pull/2542) - adjust permissions to be more restrictive ### Tests From b04fe01be1601e465bf0d858d11f0271ced48949 Mon Sep 17 00:00:00 2001 From: lumtis Date: Wed, 24 Jul 2024 15:25:17 +0200 Subject: [PATCH 3/8] fix permissions --- e2e/e2etests/test_migrate_chain_support.go | 8 ++++---- e2e/runner/setup_zeta.go | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/e2e/e2etests/test_migrate_chain_support.go b/e2e/e2etests/test_migrate_chain_support.go index 734415dbae..1d39b576e1 100644 --- a/e2e/e2etests/test_migrate_chain_support.go +++ b/e2e/e2etests/test_migrate_chain_support.go @@ -68,9 +68,9 @@ func TestMigrateChainSupport(r *runner.E2ERunner, _ []string) { // setup the gas token require.NoError(r, err) _, err = newRunner.ZetaTxServer.BroadcastTx( - utils.OperationalPolicyName, + utils.AdminPolicyName, fungibletypes.NewMsgDeployFungibleCoinZRC20( - r.ZetaTxServer.MustGetAccountAddressFromName(utils.OperationalPolicyName), + r.ZetaTxServer.MustGetAccountAddressFromName(utils.AdminPolicyName), "", chainParams.ChainId, 18, @@ -156,8 +156,8 @@ func TestMigrateChainSupport(r *runner.E2ERunner, _ []string) { // whitelist erc20 zrc20 newRunner.Logger.Info("whitelisting ERC20 on new network") - res, err := newRunner.ZetaTxServer.BroadcastTx(utils.OperationalPolicyName, crosschaintypes.NewMsgWhitelistERC20( - r.ZetaTxServer.MustGetAccountAddressFromName(utils.OperationalPolicyName), + res, err := newRunner.ZetaTxServer.BroadcastTx(utils.AdminPolicyName, crosschaintypes.NewMsgWhitelistERC20( + r.ZetaTxServer.MustGetAccountAddressFromName(utils.AdminPolicyName), newRunner.ERC20Addr.Hex(), chains.Sepolia.ChainId, "USDT", diff --git a/e2e/runner/setup_zeta.go b/e2e/runner/setup_zeta.go index 7007d60484..4ab36c0667 100644 --- a/e2e/runner/setup_zeta.go +++ b/e2e/runner/setup_zeta.go @@ -75,7 +75,7 @@ func (r *E2ERunner) SetZEVMContracts() { // deploy system contracts and ZRC20 contracts on ZetaChain uniswapV2FactoryAddr, uniswapV2RouterAddr, zevmConnectorAddr, wzetaAddr, erc20zrc20Addr, err := r.ZetaTxServer.DeploySystemContractsAndZRC20( - e2eutils.OperationalPolicyName, + e2eutils.AdminPolicyName, r.ERC20Addr.Hex(), ) require.NoError(r, err) @@ -229,7 +229,7 @@ func (r *E2ERunner) SetupSOLZRC20() { func (r *E2ERunner) EnableHeaderVerification(chainIDList []int64) error { r.Logger.Print("⚙️ enabling verification flags for block headers") - return r.ZetaTxServer.EnableHeaderVerification(e2eutils.OperationalPolicyName, chainIDList) + return r.ZetaTxServer.EnableHeaderVerification(e2eutils.AdminPolicyName, chainIDList) } // FundEmissionsPool funds the emissions pool on ZetaChain with the same value as used originally on mainnet (20M ZETA) From d478f2aa6bfa53942a0c2c6155cdd6235609e982 Mon Sep 17 00:00:00 2001 From: lumtis Date: Wed, 24 Jul 2024 15:50:55 +0200 Subject: [PATCH 4/8] fix test permissions --- e2e/runner/setup_zeta.go | 1 + e2e/txserver/zeta_tx_server.go | 37 ++++++++++++++++++++++------------ 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/e2e/runner/setup_zeta.go b/e2e/runner/setup_zeta.go index 4ab36c0667..25302e5378 100644 --- a/e2e/runner/setup_zeta.go +++ b/e2e/runner/setup_zeta.go @@ -75,6 +75,7 @@ func (r *E2ERunner) SetZEVMContracts() { // deploy system contracts and ZRC20 contracts on ZetaChain uniswapV2FactoryAddr, uniswapV2RouterAddr, zevmConnectorAddr, wzetaAddr, erc20zrc20Addr, err := r.ZetaTxServer.DeploySystemContractsAndZRC20( + e2eutils.OperationalPolicyName, e2eutils.AdminPolicyName, r.ERC20Addr.Hex(), ) diff --git a/e2e/txserver/zeta_tx_server.go b/e2e/txserver/zeta_tx_server.go index 23ae24da4f..1016b7fd8e 100644 --- a/e2e/txserver/zeta_tx_server.go +++ b/e2e/txserver/zeta_tx_server.go @@ -289,20 +289,28 @@ func (zts ZetaTxServer) EnableHeaderVerification(account string, chainIDList []i // DeploySystemContractsAndZRC20 deploys the system contracts and ZRC20 contracts // returns the addresses of uniswap factory, router and erc20 zrc20 func (zts ZetaTxServer) DeploySystemContractsAndZRC20( - account, erc20Addr string, + accountOperational, accountAdmin, erc20Addr string, ) (string, string, string, string, string, error) { // retrieve account - acc, err := zts.clientCtx.Keyring.Key(account) + accOperational, err := zts.clientCtx.Keyring.Key(accountOperational) if err != nil { return "", "", "", "", "", err } - addr, err := acc.GetAddress() + addrOperational, err := accOperational.GetAddress() + if err != nil { + return "", "", "", "", "", err + } + accAdmin, err := zts.clientCtx.Keyring.Key(accountAdmin) + if err != nil { + return "", "", "", "", "", err + } + addrAdmin, err := accAdmin.GetAddress() if err != nil { return "", "", "", "", "", err } // deploy new system contracts - res, err := zts.BroadcastTx(account, fungibletypes.NewMsgDeploySystemContracts(addr.String())) + res, err := zts.BroadcastTx(accountOperational, fungibletypes.NewMsgDeploySystemContracts(addrOperational.String())) if err != nil { return "", "", "", "", "", fmt.Errorf("failed to deploy system contracts: %s", err.Error()) } @@ -317,7 +325,10 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // get system contract - _, err = zts.BroadcastTx(account, fungibletypes.NewMsgUpdateSystemContract(addr.String(), systemContractAddress)) + _, err = zts.BroadcastTx( + accountAdmin, + fungibletypes.NewMsgUpdateSystemContract(addrAdmin.String(), systemContractAddress), + ) if err != nil { return "", "", "", "", "", fmt.Errorf("failed to set system contract: %s", err.Error()) } @@ -353,8 +364,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy eth zrc20 - _, err = zts.BroadcastTx(account, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addr.String(), + _, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( + addrAdmin.String(), "", chains.GoerliLocalnet.ChainId, 18, @@ -368,8 +379,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy btc zrc20 - _, err = zts.BroadcastTx(account, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addr.String(), + _, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( + addrAdmin.String(), "", chains.BitcoinRegtest.ChainId, 8, @@ -383,8 +394,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy sol zrc20 - _, err = zts.BroadcastTx(account, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addr.String(), + _, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( + addrAdmin.String(), "", chains.SolanaLocalnet.ChainId, 9, @@ -398,8 +409,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy erc20 zrc20 - res, err = zts.BroadcastTx(account, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addr.String(), + res, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( + addrAdmin.String(), erc20Addr, chains.GoerliLocalnet.ChainId, 6, From d0379026fa083d02363c75f374829992a6a628f7 Mon Sep 17 00:00:00 2001 From: lumtis Date: Wed, 24 Jul 2024 16:47:32 +0200 Subject: [PATCH 5/8] refactor addresses --- e2e/runner/setup_zeta.go | 12 ++++---- e2e/txserver/zeta_tx_server.go | 50 +++++++++++++++++++++------------- 2 files changed, 37 insertions(+), 25 deletions(-) diff --git a/e2e/runner/setup_zeta.go b/e2e/runner/setup_zeta.go index 25302e5378..eaee86bdbb 100644 --- a/e2e/runner/setup_zeta.go +++ b/e2e/runner/setup_zeta.go @@ -74,7 +74,7 @@ func (r *E2ERunner) SetZEVMContracts() { }() // deploy system contracts and ZRC20 contracts on ZetaChain - uniswapV2FactoryAddr, uniswapV2RouterAddr, zevmConnectorAddr, wzetaAddr, erc20zrc20Addr, err := r.ZetaTxServer.DeploySystemContractsAndZRC20( + addresses, err := r.ZetaTxServer.DeploySystemContractsAndZRC20( e2eutils.OperationalPolicyName, e2eutils.AdminPolicyName, r.ERC20Addr.Hex(), @@ -82,27 +82,27 @@ func (r *E2ERunner) SetZEVMContracts() { require.NoError(r, err) // Set ERC20ZRC20Addr - r.ERC20ZRC20Addr = ethcommon.HexToAddress(erc20zrc20Addr) + r.ERC20ZRC20Addr = ethcommon.HexToAddress(addresses.ERC20zrc20Addr) r.ERC20ZRC20, err = zrc20.NewZRC20(r.ERC20ZRC20Addr, r.ZEVMClient) require.NoError(r, err) // UniswapV2FactoryAddr - r.UniswapV2FactoryAddr = ethcommon.HexToAddress(uniswapV2FactoryAddr) + r.UniswapV2FactoryAddr = ethcommon.HexToAddress(addresses.UniswapV2FactoryAddr) r.UniswapV2Factory, err = uniswapv2factory.NewUniswapV2Factory(r.UniswapV2FactoryAddr, r.ZEVMClient) require.NoError(r, err) // UniswapV2RouterAddr - r.UniswapV2RouterAddr = ethcommon.HexToAddress(uniswapV2RouterAddr) + r.UniswapV2RouterAddr = ethcommon.HexToAddress(addresses.UniswapV2RouterAddr) r.UniswapV2Router, err = uniswapv2router.NewUniswapV2Router02(r.UniswapV2RouterAddr, r.ZEVMClient) require.NoError(r, err) // ZevmConnectorAddr - r.ConnectorZEVMAddr = ethcommon.HexToAddress(zevmConnectorAddr) + r.ConnectorZEVMAddr = ethcommon.HexToAddress(addresses.ZEVMConnectorAddr) r.ConnectorZEVM, err = connectorzevm.NewZetaConnectorZEVM(r.ConnectorZEVMAddr, r.ZEVMClient) require.NoError(r, err) // WZetaAddr - r.WZetaAddr = ethcommon.HexToAddress(wzetaAddr) + r.WZetaAddr = ethcommon.HexToAddress(addresses.WZETAAddr) r.WZeta, err = wzeta.NewWETH9(r.WZetaAddr, r.ZEVMClient) require.NoError(r, err) diff --git a/e2e/txserver/zeta_tx_server.go b/e2e/txserver/zeta_tx_server.go index 1016b7fd8e..23b0d8d302 100644 --- a/e2e/txserver/zeta_tx_server.go +++ b/e2e/txserver/zeta_tx_server.go @@ -49,6 +49,11 @@ import ( observertypes "github.com/zeta-chain/zetacore/x/observer/types" ) +// SystemContractAddresses contains the addresses of the system contracts deployed +type SystemContractAddresses struct { + UniswapV2FactoryAddr, UniswapV2RouterAddr, ZEVMConnectorAddr, WZETAAddr, ERC20zrc20Addr string +} + // EmissionsPoolAddress is the address of the emissions pool // This address is constant for all networks because it is derived from emissions name const EmissionsPoolAddress = "zeta1w43fn2ze2wyhu5hfmegr6vp52c3dgn0srdgymy" @@ -290,34 +295,34 @@ func (zts ZetaTxServer) EnableHeaderVerification(account string, chainIDList []i // returns the addresses of uniswap factory, router and erc20 zrc20 func (zts ZetaTxServer) DeploySystemContractsAndZRC20( accountOperational, accountAdmin, erc20Addr string, -) (string, string, string, string, string, error) { +) (SystemContractAddresses, error) { // retrieve account accOperational, err := zts.clientCtx.Keyring.Key(accountOperational) if err != nil { - return "", "", "", "", "", err + return SystemContractAddresses{}, err } addrOperational, err := accOperational.GetAddress() if err != nil { - return "", "", "", "", "", err + return SystemContractAddresses{}, err } accAdmin, err := zts.clientCtx.Keyring.Key(accountAdmin) if err != nil { - return "", "", "", "", "", err + return SystemContractAddresses{}, err } addrAdmin, err := accAdmin.GetAddress() if err != nil { - return "", "", "", "", "", err + return SystemContractAddresses{}, err } // deploy new system contracts res, err := zts.BroadcastTx(accountOperational, fungibletypes.NewMsgDeploySystemContracts(addrOperational.String())) if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to deploy system contracts: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to deploy system contracts: %s", err.Error()) } systemContractAddress, err := FetchAttributeFromTxResponse(res, "system_contract") if err != nil { - return "", "", "", "", "", fmt.Errorf( + return SystemContractAddresses{}, fmt.Errorf( "failed to fetch system contract address: %s; rawlog %s", err.Error(), res.RawLog, @@ -330,23 +335,23 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( fungibletypes.NewMsgUpdateSystemContract(addrAdmin.String(), systemContractAddress), ) if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to set system contract: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to set system contract: %s", err.Error()) } // get uniswap contract addresses uniswapV2FactoryAddr, err := FetchAttributeFromTxResponse(res, "uniswap_v2_factory") if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to fetch uniswap v2 factory address: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to fetch uniswap v2 factory address: %s", err.Error()) } uniswapV2RouterAddr, err := FetchAttributeFromTxResponse(res, "uniswap_v2_router") if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to fetch uniswap v2 router address: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to fetch uniswap v2 router address: %s", err.Error()) } // get zevm connector address zevmConnectorAddr, err := FetchAttributeFromTxResponse(res, "connector_zevm") if err != nil { - return "", "", "", "", "", fmt.Errorf( + return SystemContractAddresses{}, fmt.Errorf( "failed to fetch zevm connector address: %s, txResponse: %s", err.Error(), res.String(), @@ -356,7 +361,7 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( // get wzeta address wzetaAddr, err := FetchAttributeFromTxResponse(res, "wzeta") if err != nil { - return "", "", "", "", "", fmt.Errorf( + return SystemContractAddresses{}, fmt.Errorf( "failed to fetch wzeta address: %s, txResponse: %s", err.Error(), res.String(), @@ -375,7 +380,7 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( 100000, )) if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to deploy eth zrc20: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to deploy eth zrc20: %s", err.Error()) } // deploy btc zrc20 @@ -390,7 +395,7 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( 100000, )) if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to deploy btc zrc20: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to deploy btc zrc20: %s", err.Error()) } // deploy sol zrc20 @@ -405,7 +410,7 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( 100000, )) if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to deploy btc zrc20: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to deploy btc zrc20: %s", err.Error()) } // deploy erc20 zrc20 @@ -420,18 +425,25 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( 100000, )) if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to deploy erc20 zrc20: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to deploy erc20 zrc20: %s", err.Error()) } // fetch the erc20 zrc20 contract address and remove the quotes erc20zrc20Addr, err := FetchAttributeFromTxResponse(res, "Contract") if err != nil { - return "", "", "", "", "", fmt.Errorf("failed to fetch erc20 zrc20 contract address: %s", err.Error()) + return SystemContractAddresses{}, fmt.Errorf("failed to fetch erc20 zrc20 contract address: %s", err.Error()) } if !ethcommon.IsHexAddress(erc20zrc20Addr) { - return "", "", "", "", "", fmt.Errorf("invalid address in event: %s", erc20zrc20Addr) + return SystemContractAddresses{}, fmt.Errorf("invalid address in event: %s", erc20zrc20Addr) } - return uniswapV2FactoryAddr, uniswapV2RouterAddr, zevmConnectorAddr, wzetaAddr, erc20zrc20Addr, nil + + return SystemContractAddresses{ + uniswapV2FactoryAddr, + uniswapV2RouterAddr, + zevmConnectorAddr, + wzetaAddr, + erc20zrc20Addr, + }, nil } // FundEmissionsPool funds the emissions pool with the given amount From 24fcc57e15fce65ee1c7030ecbc8508f92c3ca92 Mon Sep 17 00:00:00 2001 From: lumtis Date: Thu, 25 Jul 2024 10:50:58 +0200 Subject: [PATCH 6/8] add query to check authorization --- cmd/zetae2e/config/clients.go | 72 +++++++++++-------- cmd/zetae2e/config/config.go | 1 + cmd/zetae2e/local/local.go | 3 + e2e/e2etests/test_migrate_chain_support.go | 1 + e2e/runner/runner.go | 4 ++ e2e/txserver/zeta_tx_server.go | 81 +++++++++++++++++----- 6 files changed, 116 insertions(+), 46 deletions(-) diff --git a/cmd/zetae2e/config/clients.go b/cmd/zetae2e/config/clients.go index db7753aede..debfc71368 100644 --- a/cmd/zetae2e/config/clients.go +++ b/cmd/zetae2e/config/clients.go @@ -3,6 +3,7 @@ package config import ( "context" "fmt" + authoritytypes "github.com/zeta-chain/zetacore/x/authority/types" "github.com/btcsuite/btcd/rpcclient" authtypes "github.com/cosmos/cosmos-sdk/x/auth/types" @@ -28,18 +29,30 @@ type E2EClients struct { EvmAuth *bind.TransactOpts // the gRPC clients for ZetaChain - CctxClient crosschaintypes.QueryClient - FungibleClient fungibletypes.QueryClient - AuthClient authtypes.QueryClient - BankClient banktypes.QueryClient - ObserverClient observertypes.QueryClient - LightClient lightclienttypes.QueryClient + AuthorityClient authoritytypes.QueryClient + CctxClient crosschaintypes.QueryClient + FungibleClient fungibletypes.QueryClient + AuthClient authtypes.QueryClient + BankClient banktypes.QueryClient + ObserverClient observertypes.QueryClient + LightClient lightclienttypes.QueryClient // the RPC clients for ZetaChain ZevmClient *ethclient.Client ZevmAuth *bind.TransactOpts } +// zetaChainClients contains all the RPC clients and gRPC clients for ZetaChain +type zetaChainClients struct { + AuthorityClient authoritytypes.QueryClient + CctxClient crosschaintypes.QueryClient + FungibleClient fungibletypes.QueryClient + AuthClient authtypes.QueryClient + BankClient banktypes.QueryClient + ObserverClient observertypes.QueryClient + LightClient lightclienttypes.QueryClient +} + // getClientsFromConfig get clients from config func getClientsFromConfig(ctx context.Context, conf config.Config, account config.Account) ( E2EClients, @@ -60,7 +73,7 @@ func getClientsFromConfig(ctx context.Context, conf config.Config, account confi if err != nil { return E2EClients{}, fmt.Errorf("failed to get evm client: %w", err) } - cctxClient, fungibleClient, authClient, bankClient, observerClient, lightclientClient, err := getZetaClients( + zetaChainClients, err := getZetaClients( conf.RPCs.ZetaCoreGRPC, ) if err != nil { @@ -72,18 +85,19 @@ func getClientsFromConfig(ctx context.Context, conf config.Config, account confi } return E2EClients{ - BtcRPCClient: btcRPCClient, - SolanaClient: solanaClient, - EvmClient: evmClient, - EvmAuth: evmAuth, - CctxClient: cctxClient, - FungibleClient: fungibleClient, - AuthClient: authClient, - BankClient: bankClient, - ObserverClient: observerClient, - LightClient: lightclientClient, - ZevmClient: zevmClient, - ZevmAuth: zevmAuth, + BtcRPCClient: btcRPCClient, + SolanaClient: solanaClient, + EvmClient: evmClient, + EvmAuth: evmAuth, + AuthorityClient: zetaChainClients.AuthorityClient, + CctxClient: zetaChainClients.CctxClient, + FungibleClient: zetaChainClients.FungibleClient, + AuthClient: zetaChainClients.AuthClient, + BankClient: zetaChainClients.BankClient, + ObserverClient: zetaChainClients.ObserverClient, + LightClient: zetaChainClients.LightClient, + ZevmClient: zevmClient, + ZevmAuth: zevmAuth, }, nil } @@ -140,19 +154,15 @@ func getEVMClient( // getZetaClients get zeta clients func getZetaClients(rpc string) ( - crosschaintypes.QueryClient, - fungibletypes.QueryClient, - authtypes.QueryClient, - banktypes.QueryClient, - observertypes.QueryClient, - lightclienttypes.QueryClient, + zetaChainClients, error, ) { grpcConn, err := grpc.Dial(rpc, grpc.WithInsecure()) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return zetaChainClients{}, err } + authorityClient := authoritytypes.NewQueryClient(grpcConn) cctxClient := crosschaintypes.NewQueryClient(grpcConn) fungibleClient := fungibletypes.NewQueryClient(grpcConn) authClient := authtypes.NewQueryClient(grpcConn) @@ -160,5 +170,13 @@ func getZetaClients(rpc string) ( observerClient := observertypes.NewQueryClient(grpcConn) lightclientClient := lightclienttypes.NewQueryClient(grpcConn) - return cctxClient, fungibleClient, authClient, bankClient, observerClient, lightclientClient, nil + return zetaChainClients{ + AuthorityClient: authorityClient, + CctxClient: cctxClient, + FungibleClient: fungibleClient, + AuthClient: authClient, + BankClient: bankClient, + ObserverClient: observerClient, + LightClient: lightclientClient, + }, nil } diff --git a/cmd/zetae2e/config/config.go b/cmd/zetae2e/config/config.go index f8e0fddafb..8a91bc1f86 100644 --- a/cmd/zetae2e/config/config.go +++ b/cmd/zetae2e/config/config.go @@ -32,6 +32,7 @@ func RunnerFromConfig( account, e2eClients.EvmClient, e2eClients.ZevmClient, + e2eClients.AuthorityClient, e2eClients.CctxClient, e2eClients.FungibleClient, e2eClients.AuthClient, diff --git a/cmd/zetae2e/local/local.go b/cmd/zetae2e/local/local.go index ce12478367..c83abf3e8a 100644 --- a/cmd/zetae2e/local/local.go +++ b/cmd/zetae2e/local/local.go @@ -157,6 +157,9 @@ func localE2ETest(cmd *cobra.Command, _ []string) { ) noError(err) + // set the authority client to the zeta tx server to be able to query message permissions + deployerRunner.ZetaTxServer.SetAuthorityClient(deployerRunner.AutorithyClient) + // wait for keygen to be completed // if setup is skipped, we assume that the keygen is already completed if !skipSetup { diff --git a/e2e/e2etests/test_migrate_chain_support.go b/e2e/e2etests/test_migrate_chain_support.go index 1d39b576e1..0fd2574c85 100644 --- a/e2e/e2etests/test_migrate_chain_support.go +++ b/e2e/e2etests/test_migrate_chain_support.go @@ -203,6 +203,7 @@ func configureEVM2(r *runner.E2ERunner) (*runner.E2ERunner, error) { r.Account, r.EVMClient, r.ZEVMClient, + r.AutorithyClient, r.CctxClient, r.FungibleClient, r.AuthClient, diff --git a/e2e/runner/runner.go b/e2e/runner/runner.go index 0dcffcb597..338d4c2bf9 100644 --- a/e2e/runner/runner.go +++ b/e2e/runner/runner.go @@ -2,6 +2,7 @@ package runner import ( "context" + authoritytypes "github.com/zeta-chain/zetacore/x/authority/types" "os" "sync" "time" @@ -65,6 +66,7 @@ type E2ERunner struct { SolanaClient *rpc.Client // grpc clients + AutorithyClient authoritytypes.QueryClient CctxClient crosschaintypes.QueryClient FungibleClient fungibletypes.QueryClient AuthClient authtypes.QueryClient @@ -140,6 +142,7 @@ func NewE2ERunner( account config.Account, evmClient *ethclient.Client, zevmClient *ethclient.Client, + authorityClient authoritytypes.QueryClient, cctxClient crosschaintypes.QueryClient, fungibleClient fungibletypes.QueryClient, authClient authtypes.QueryClient, @@ -161,6 +164,7 @@ func NewE2ERunner( ZEVMClient: zevmClient, EVMClient: evmClient, + AutorithyClient: authorityClient, CctxClient: cctxClient, FungibleClient: fungibleClient, AuthClient: authClient, diff --git a/e2e/txserver/zeta_tx_server.go b/e2e/txserver/zeta_tx_server.go index 23b0d8d302..2b2feb6ed6 100644 --- a/e2e/txserver/zeta_tx_server.go +++ b/e2e/txserver/zeta_tx_server.go @@ -60,12 +60,14 @@ const EmissionsPoolAddress = "zeta1w43fn2ze2wyhu5hfmegr6vp52c3dgn0srdgymy" // ZetaTxServer is a ZetaChain tx server for E2E test type ZetaTxServer struct { - clientCtx client.Context - txFactory tx.Factory - name []string - mnemonic []string - address []string - blockTimeout time.Duration + ctx context.Context + clientCtx client.Context + txFactory tx.Factory + name []string + mnemonic []string + address []string + blockTimeout time.Duration + authorityClient authoritytypes.QueryClient } // NewZetaTxServer returns a new TxServer with provided account @@ -119,6 +121,7 @@ func NewZetaTxServer(rpcAddr string, names []string, privateKeys []string, chain txf := newFactory(clientCtx) return &ZetaTxServer{ + ctx: ctx, clientCtx: clientCtx, txFactory: txf, name: names, @@ -244,15 +247,15 @@ func broadcastWithBlockTimeout(zts ZetaTxServer, txBytes []byte) (*sdktypes.TxRe case <-exitAfter: return nil, fmt.Errorf("timed out after waiting for tx to get included in the block: %d", zts.blockTimeout) case <-time.After(time.Millisecond * 100): - resTx, err := zts.clientCtx.Client.Tx(context.TODO(), hash, false) + resTx, err := zts.clientCtx.Client.Tx(zts.ctx, hash, false) if err == nil { - return mkTxResult(zts.clientCtx, resTx) + return mkTxResult(zts.ctx, zts.clientCtx, resTx) } } } } -func mkTxResult(clientCtx client.Context, resTx *coretypes.ResultTx) (*sdktypes.TxResponse, error) { +func mkTxResult(ctx context.Context, clientCtx client.Context, resTx *coretypes.ResultTx) (*sdktypes.TxResponse, error) { txb, err := clientCtx.TxConfig.TxDecoder()(resTx.Tx) if err != nil { return nil, err @@ -261,7 +264,7 @@ func mkTxResult(clientCtx client.Context, resTx *coretypes.ResultTx) (*sdktypes. if !ok { return nil, fmt.Errorf("expecting a type implementing intoAny, got: %T", txb) } - resBlock, err := clientCtx.Client.Block(context.TODO(), &resTx.Height) + resBlock, err := clientCtx.Client.Block(ctx, &resTx.Height) if err != nil { return nil, err } @@ -368,9 +371,23 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( ) } + // authorization for deploying new ZRC20 has changed from accountOperational to accountAdmin in v19 + // we use this query to check the current authorization for the message + // if pre v19 the query is not implement and authorization is operational + deployerAccount := accountAdmin + deployerAddr := addrAdmin.String() + authorization, preV19, err := zts.fetchMessagePermissions(&fungibletypes.MsgDeployFungibleCoinZRC20{}) + if err != nil { + return SystemContractAddresses{}, fmt.Errorf("failed to fetch message permissions: %s", err.Error()) + } + if preV19 || authorization == authoritytypes.PolicyType_groupOperational { + deployerAccount = accountOperational + deployerAddr = addrOperational.String() + } + // deploy eth zrc20 - _, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addrAdmin.String(), + _, err = zts.BroadcastTx(deployerAccount, fungibletypes.NewMsgDeployFungibleCoinZRC20( + deployerAddr, "", chains.GoerliLocalnet.ChainId, 18, @@ -384,8 +401,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy btc zrc20 - _, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addrAdmin.String(), + _, err = zts.BroadcastTx(deployerAccount, fungibletypes.NewMsgDeployFungibleCoinZRC20( + deployerAddr, "", chains.BitcoinRegtest.ChainId, 8, @@ -399,8 +416,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy sol zrc20 - _, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addrAdmin.String(), + _, err = zts.BroadcastTx(deployerAccount, fungibletypes.NewMsgDeployFungibleCoinZRC20( + deployerAddr, "", chains.SolanaLocalnet.ChainId, 9, @@ -414,8 +431,8 @@ func (zts ZetaTxServer) DeploySystemContractsAndZRC20( } // deploy erc20 zrc20 - res, err = zts.BroadcastTx(accountAdmin, fungibletypes.NewMsgDeployFungibleCoinZRC20( - addrAdmin.String(), + res, err = zts.BroadcastTx(deployerAccount, fungibletypes.NewMsgDeployFungibleCoinZRC20( + deployerAddr, erc20Addr, chains.GoerliLocalnet.ChainId, 6, @@ -486,6 +503,32 @@ func (zts ZetaTxServer) UpdateKeygen(height int64) error { return err } +// SetAuthorityClient sets the authority client +func (zts *ZetaTxServer) SetAuthorityClient(authorityClient authoritytypes.QueryClient) { + zts.authorityClient = authorityClient +} + +// fetchMessagePermissions fetches the message permissions for a given message +// return a bool preV19 to indicate the node is preV19 and the query doesn't exist +func (zts ZetaTxServer) fetchMessagePermissions(msg sdktypes.Msg) (authoritytypes.PolicyType, bool, error) { + msgURL := sdktypes.MsgTypeURL(msg) + + res, err := zts.authorityClient.Authorization(zts.ctx, &authoritytypes.QueryAuthorizationRequest{ + MsgUrl: msgURL, + }) + + // check if error is unknown method + if err != nil { + if strings.Contains(err.Error(), "unknown method") { + return authoritytypes.PolicyType_groupOperational, true, nil + } else { + return authoritytypes.PolicyType_groupOperational, false, err + } + } + + return res.Authorization.AuthorizedPolicy, false, nil +} + // newCodec returns the codec for msg server func newCodec() (*codec.ProtoCodec, codectypes.InterfaceRegistry) { encodingConfig := app.MakeEncodingConfig() @@ -573,7 +616,7 @@ func FetchAttributeFromTxResponse(res *sdktypes.TxResponse, key string) (string, var logs []messageLog err := json.Unmarshal([]byte(res.RawLog), &logs) if err != nil { - return "", err + return "", fmt.Errorf("failed to unmarshal logs: %s, logs content: %s", err.Error(), res.RawLog) } var attributes []string From bcd2fe63a637bdd308abceb56db407294ad3bd7d Mon Sep 17 00:00:00 2001 From: lumtis Date: Thu, 25 Jul 2024 10:52:57 +0200 Subject: [PATCH 7/8] format --- cmd/zetae2e/config/clients.go | 2 +- e2e/runner/runner.go | 2 +- e2e/txserver/zeta_tx_server.go | 6 +++++- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/cmd/zetae2e/config/clients.go b/cmd/zetae2e/config/clients.go index debfc71368..b6ee7d5fb4 100644 --- a/cmd/zetae2e/config/clients.go +++ b/cmd/zetae2e/config/clients.go @@ -3,7 +3,6 @@ package config import ( "context" "fmt" - authoritytypes "github.com/zeta-chain/zetacore/x/authority/types" "github.com/btcsuite/btcd/rpcclient" authtypes "github.com/cosmos/cosmos-sdk/x/auth/types" @@ -14,6 +13,7 @@ import ( "google.golang.org/grpc" "github.com/zeta-chain/zetacore/e2e/config" + authoritytypes "github.com/zeta-chain/zetacore/x/authority/types" crosschaintypes "github.com/zeta-chain/zetacore/x/crosschain/types" fungibletypes "github.com/zeta-chain/zetacore/x/fungible/types" lightclienttypes "github.com/zeta-chain/zetacore/x/lightclient/types" diff --git a/e2e/runner/runner.go b/e2e/runner/runner.go index 338d4c2bf9..2ff538584f 100644 --- a/e2e/runner/runner.go +++ b/e2e/runner/runner.go @@ -2,7 +2,6 @@ package runner import ( "context" - authoritytypes "github.com/zeta-chain/zetacore/x/authority/types" "os" "sync" "time" @@ -34,6 +33,7 @@ import ( "github.com/zeta-chain/zetacore/e2e/contracts/zevmswap" "github.com/zeta-chain/zetacore/e2e/txserver" "github.com/zeta-chain/zetacore/e2e/utils" + authoritytypes "github.com/zeta-chain/zetacore/x/authority/types" crosschaintypes "github.com/zeta-chain/zetacore/x/crosschain/types" fungibletypes "github.com/zeta-chain/zetacore/x/fungible/types" lightclienttypes "github.com/zeta-chain/zetacore/x/lightclient/types" diff --git a/e2e/txserver/zeta_tx_server.go b/e2e/txserver/zeta_tx_server.go index 2b2feb6ed6..f56da6b3da 100644 --- a/e2e/txserver/zeta_tx_server.go +++ b/e2e/txserver/zeta_tx_server.go @@ -255,7 +255,11 @@ func broadcastWithBlockTimeout(zts ZetaTxServer, txBytes []byte) (*sdktypes.TxRe } } -func mkTxResult(ctx context.Context, clientCtx client.Context, resTx *coretypes.ResultTx) (*sdktypes.TxResponse, error) { +func mkTxResult( + ctx context.Context, + clientCtx client.Context, + resTx *coretypes.ResultTx, +) (*sdktypes.TxResponse, error) { txb, err := clientCtx.TxConfig.TxDecoder()(resTx.Tx) if err != nil { return nil, err From f2da8c310cda4860d31255840323b1dedf5e84a5 Mon Sep 17 00:00:00 2001 From: lumtis Date: Thu, 25 Jul 2024 10:54:23 +0200 Subject: [PATCH 8/8] fix lint --- e2e/txserver/zeta_tx_server.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/e2e/txserver/zeta_tx_server.go b/e2e/txserver/zeta_tx_server.go index f56da6b3da..2ce07f0fc5 100644 --- a/e2e/txserver/zeta_tx_server.go +++ b/e2e/txserver/zeta_tx_server.go @@ -525,9 +525,8 @@ func (zts ZetaTxServer) fetchMessagePermissions(msg sdktypes.Msg) (authoritytype if err != nil { if strings.Contains(err.Error(), "unknown method") { return authoritytypes.PolicyType_groupOperational, true, nil - } else { - return authoritytypes.PolicyType_groupOperational, false, err } + return authoritytypes.PolicyType_groupOperational, false, err } return res.Authorization.AuthorizedPolicy, false, nil