Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bypass Interchain Security Disabled Modules Messages #1492

Closed
2 of 5 tasks
mpoke opened this issue Dec 8, 2023 · 3 comments · Fixed by #1500
Closed
2 of 5 tasks

Bypass Interchain Security Disabled Modules Messages #1492

mpoke opened this issue Dec 8, 2023 · 3 comments · Fixed by #1500
Assignees
@sontrinh16
Labels
type: bug Issues that need priority attention -- something isn't working

Comments

@mpoke
Copy link
Contributor

mpoke commented Dec 8, 2023

Summary of Bug

Consumer chains disable messages for both the Slashing and Evidence modules, i.e.,

interchain-security/app/consumer/ante_handler.go

Line 46 in a9b090f

consumerante.NewDisabledModulesDecorator("/cosmos.evidence", "/cosmos.slashing"),

These mechanism can be bypass by submitting messages wrapped within an authz MsgExec transaction.

This is also the case for Stride and Neutron.

Version

a9b090f

Steps to Reproduce

  1. Wrap a /cosmos.evidence or /cosmos.slashing transaction within a authz MsgExec transaction
  2. Broadcast this transaction to the chain
  3. bypass the blocked messages

For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged
  • Contributor assigned/self-assigned
  • Is a spike necessary to map out how the issue should be approached?
@mpoke mpoke added the type: bug Issues that need priority attention -- something isn't working label Dec 8, 2023
@mpoke mpoke added this to Cosmos Hub Dec 8, 2023
@github-project-automation github-project-automation bot moved this to 🩹 F1: Triage in Cosmos Hub Dec 8, 2023
@mpoke
Copy link
Contributor Author

mpoke commented Dec 8, 2023

An update on this issue:

  • The Unjail message is not a problem as this is a noop for consumers, see

    interchain-security/x/ccv/consumer/keeper/validators.go

    Line 184 in fe918ae

    func (k Keeper) Unjail(sdk.Context, sdk.ConsAddress) {}
  • The SubmitEvidence message is also not a problem on Neutron or Stride as neither chain has a router set for the Evidence keeper so such a transaction will always panic

Still, this needs to be fixed to avoid any issues in the future a consumer chain sets the evidence router.

@mpoke mpoke moved this from 🩹 F1: Triage to 📥 F2: Todo in Cosmos Hub Dec 8, 2023
@sontrinh16
Copy link
Member

sontrinh16 commented Dec 11, 2023
edited
Loading

hi @mpoke, correct me if i'm wrong but we can check the for authz message in the consumer ante handler and check the msgs array in MsgExec for any message type that corresponded to the disable message types. What do you think ?

@sontrinh16 sontrinh16 mentioned this issue Dec 12, 2023
Merged
21 tasks
@sontrinh16
Copy link
Member

sontrinh16 commented Dec 12, 2023
edited
Loading

spin up some rough idea PR, hope this would be any help

@mpoke mpoke moved this from 📥 F2: Todo to 🏗 F3: InProgress in Cosmos Hub Dec 12, 2023
@mpoke mpoke moved this from 🏗 F3: InProgress to 👀 F3: InReview in Cosmos Hub Dec 12, 2023
@github-project-automation github-project-automation bot moved this from 👀 F3: InReview to 👍 F4: Assessment in Cosmos Hub Dec 22, 2023
@mpoke mpoke moved this from 👍 F4: Assessment to ✅ Done in Cosmos Hub Dec 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sontrinh16 sontrinh16

Labels
type: bug Issues that need priority attention -- something isn't working
Projects
Cosmos Hub
Status: ✅ Done
Milestone
No milestone
2 participants
@mpoke @sontrinh16