Closed rootulp closed 1 week ago
The changes introduce enhanced validation for nested authz
messages within the MsgVersioningGateKeeper
's AnteHandle
function. A new function, hasInvalidMsg
, recursively checks for invalid messages, ensuring thorough validation. Corresponding test cases have been added to validate nested MsgSend
and MsgMultiSend
messages, ensuring they are processed correctly based on their versions and types.
Files | Change Summary |
---|---|
app/ante/msg_gatekeeper.go |
Added recursive invalid message check via hasInvalidMsg function; updated AnteHandle for message validation. |
app/ante/msg_gatekeeper_test.go |
Added nested message handling and test cases for MsgSend and MsgMultiSend using authz.MsgExec . |
sequenceDiagram
participant User
participant MsgVersioningGateKeeper
participant hasInvalidMsg
participant authz.MsgExec
User->>MsgVersioningGateKeeper: Submit transaction with nested messages
MsgVersioningGateKeeper->>hasInvalidMsg: Check for invalid messages
hasInvalidMsg->>authz.MsgExec: Recursively validate nested messages
authz.MsgExec-->>hasInvalidMsg: Return validation result
hasInvalidMsg-->>MsgVersioningGateKeeper: Return validation result
MsgVersioningGateKeeper-->>User: Return transaction result
This diagram illustrates the interaction between the user, MsgVersioningGateKeeper
, hasInvalidMsg
function, and nested authz.MsgExec
during the transaction validation process.
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
is this consensus breaking?
yes because a node who doesn't have this change would allow the tx to get into a block while a node that does would reject the block.
Resolves this security advisory. Thanks @Reecepbcups for the report and fix!