From c22254de038daa640d04397a6b80856e26e8ae5c Mon Sep 17 00:00:00 2001 From: beer-1 <147697694+beer-1@users.noreply.github.com> Date: Wed, 6 Mar 2024 21:54:57 +0900 Subject: [PATCH] fix bridge hook to check sender addr --- app/app.go | 2 +- app/hook/wasm.go | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/app/app.go b/app/app.go index 24893df..4e0e6fd 100644 --- a/app/app.go +++ b/app/app.go @@ -369,7 +369,7 @@ func NewMinitiaApp( runtime.NewKVStoreService(keys[opchildtypes.StoreKey]), app.AccountKeeper, app.BankKeeper, - apphook.NewWasmBridgeHook(app.WasmKeeper).Hook, + apphook.NewWasmBridgeHook(ac, app.WasmKeeper).Hook, app.MsgServiceRouter(), authorityAddr, vc, diff --git a/app/hook/wasm.go b/app/hook/wasm.go index ab3c7a7..54c4e69 100644 --- a/app/hook/wasm.go +++ b/app/hook/wasm.go @@ -5,7 +5,9 @@ import ( "encoding/json" "strings" + "cosmossdk.io/core/address" sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" wasmkeeper "github.com/CosmWasm/wasmd/x/wasm/keeper" wasmtypes "github.com/CosmWasm/wasmd/x/wasm/types" @@ -13,11 +15,12 @@ import ( // bridge hook implementation for move type WasmBridgeHook struct { + ac address.Codec wasmKeeper *wasmkeeper.Keeper } -func NewWasmBridgeHook(wasmKeeper *wasmkeeper.Keeper) WasmBridgeHook { - return WasmBridgeHook{wasmKeeper} +func NewWasmBridgeHook(ac address.Codec, wasmKeeper *wasmkeeper.Keeper) WasmBridgeHook { + return WasmBridgeHook{ac, wasmKeeper} } func (mbh WasmBridgeHook) Hook(ctx context.Context, sender sdk.AccAddress, msgBytes []byte) error { @@ -29,6 +32,13 @@ func (mbh WasmBridgeHook) Hook(ctx context.Context, sender sdk.AccAddress, msgBy return err } + senderAddr, err := mbh.ac.StringToBytes(msg.Sender) + if err != nil { + return err + } else if !sender.Equals(sdk.AccAddress(senderAddr)) { + return sdkerrors.ErrUnauthorized + } + ms := wasmkeeper.NewMsgServerImpl(mbh.wasmKeeper) _, err = ms.ExecuteContract(ctx, &msg)