fix: sequence should be higher or equal than expected during checktx …

…and equal during deliver tx (#22299) Co-authored-by: Julien Robert <julien@rbrt.fr> Co-authored-by: Matt Kocubinski <mkocubinski@gmail.com>
cosmos · Oct 17, 2024 · c1707b8 · c1707b8
1 parent 29ea9c8
commit c1707b8
Show file tree

Hide file tree

Showing 6 changed files with 37 additions and 22 deletions.
diff --git a/tests/systemtests/auth_test.go b/tests/systemtests/auth_test.go
@@ -67,13 +67,6 @@ func TestAuthSignAndBroadcastTxCmd(t *testing.T) {
 	sendAmount := transferAmount + newAmount
 	fees := feeAmount * 2
 
-	// TODO: remove below block code once v2 supports multi messages
-	// ref: https://github.com/cosmos/cosmos-sdk/issues/22215
-	if isV2() {
-		sendAmount = transferAmount
-		fees = feeAmount
-	}
-
 	testSignTxBroadcast(t, cli, signBatchCmd, "sign-batch tx", val1Addr, val2Addr, sendAmount, fees)
 }
 
@@ -304,13 +297,6 @@ func TestAuthMultisigTxCmds(t *testing.T) {
 	sendAmount := transferAmount * 2
 	fees := feeAmount * 2
 
-	// TODO: remove below block code once v2 supports multi messages
-	// ref: https://github.com/cosmos/cosmos-sdk/issues/22215
-	if isV2() {
-		sendAmount = transferAmount
-		fees = feeAmount
-	}
-
 	testMultisigTxBroadcast(t, cli, multiSigTxInput{
 		"multisign-batch",
 		multiAddr,

diff --git a/x/accounts/defaults/base/account.go b/x/accounts/defaults/base/account.go
@@ -14,6 +14,7 @@ import (
 	"cosmossdk.io/collections"
 	"cosmossdk.io/core/address"
 	"cosmossdk.io/core/header"
+	"cosmossdk.io/core/transaction"
 	"cosmossdk.io/x/accounts/accountstd"
 	v1 "cosmossdk.io/x/accounts/defaults/base/v1"
 	aa_interface_v1 "cosmossdk.io/x/accounts/interfaces/account_abstraction/v1"
@@ -43,6 +44,7 @@ func NewAccount(name string, handlerMap *signing.HandlerMap, options ...Option)
 			Sequence:         collections.NewSequence(deps.SchemaBuilder, SequencePrefix, "sequence"),
 			addrCodec:        deps.AddressCodec,
 			hs:               deps.Environment.HeaderService,
+			ts:               deps.Environment.TransactionService,
 			supportedPubKeys: map[string]pubKeyImpl{},
 			signingHandlers:  handlerMap,
 		}
@@ -65,6 +67,7 @@ type Account struct {
 
 	addrCodec address.Codec
 	hs        header.Service
+	ts        transaction.Service
 
 	supportedPubKeys map[string]pubKeyImpl
 
@@ -106,7 +109,13 @@ func (a Account) Authenticate(ctx context.Context, msg *aa_interface_v1.MsgAuthe
 	}
 
 	gotSeq := msg.Tx.AuthInfo.SignerInfos[msg.SignerIndex].Sequence
-	if gotSeq != signerData.Sequence {
+
+	execMode := a.ts.ExecMode(ctx)
+	if execMode == transaction.ExecModeCheck {
+		if gotSeq < signerData.Sequence {
+			return nil, fmt.Errorf("sequence number must be higher than: %d, got: %d", signerData.Sequence, gotSeq)
+		}
+	} else if gotSeq != signerData.Sequence {
 		return nil, fmt.Errorf("unexpected sequence number, wanted: %d, got: %d", signerData.Sequence, gotSeq)
 	}
 

diff --git a/x/accounts/defaults/base/utils_test.go b/x/accounts/defaults/base/utils_test.go
@@ -66,6 +66,13 @@ func newMockContext(t *testing.T) (context.Context, store.KVStoreService) {
 	)
 }
 
+type transactionService struct {
+}
+
+func (t transactionService) ExecMode(ctx context.Context) transaction.ExecMode {
+	return transaction.ExecModeFinalize
+}
+
 func makeMockDependencies(storeservice store.KVStoreService) accountstd.Dependencies {
 	sb := collections.NewSchemaBuilder(storeservice)
 
@@ -74,8 +81,9 @@ func makeMockDependencies(storeservice store.KVStoreService) accountstd.Dependen
 		AddressCodec:     addressCodec{},
 		LegacyStateCodec: mockStateCodec{},
 		Environment: appmodulev2.Environment{
-			EventService:  eventService{},
-			HeaderService: headerService{},
+			EventService:       eventService{},
+			HeaderService:      headerService{},
+			TransactionService: transactionService{},
 		},
 	}
 }

diff --git a/x/auth/ante/ante_test.go b/x/auth/ante/ante_test.go
@@ -915,6 +915,8 @@ func TestAnteHandlerBadSignBytes(t *testing.T) {
 				suite.bankKeeper.EXPECT().SendCoinsFromAccountToModule(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
 				require.NoError(t, accs[0].acc.SetSequence(2)) // wrong accSeq
 
+				suite.ctx = suite.ctx.WithExecMode(sdk.ExecModeFinalize)
+
 				return TestCaseArgs{
 					chainID:   suite.ctx.ChainID(),
 					feeAmount: feeAmount,
@@ -1081,6 +1083,8 @@ func TestAnteHandlerSetPubKey(t *testing.T) {
 				accs := suite.CreateTestAccounts(2)
 				suite.bankKeeper.EXPECT().SendCoinsFromAccountToModule(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
 
+				suite.ctx = suite.ctx.WithExecMode(sdk.ExecModeFinalize)
+
 				// Make sure public key has not been set from previous test.
 				acc1 := suite.accountKeeper.GetAccount(suite.ctx, accs[1].acc.GetAddress())
 				require.Nil(t, acc1.GetPubKey())

diff --git a/x/auth/ante/sigverify.go b/x/auth/ante/sigverify.go
@@ -306,17 +306,25 @@ func (svd SigVerificationDecorator) consumeSignatureGas(
 
 // verifySig will verify the signature of the provided signer account.
 func (svd SigVerificationDecorator) verifySig(ctx context.Context, tx sdk.Tx, acc sdk.AccountI, sig signing.SignatureV2, newlyCreated bool) error {
-	if sig.Sequence != acc.GetSequence() {
+	execMode := svd.ak.GetEnvironment().TransactionService.ExecMode(ctx)
+	if execMode == transaction.ExecModeCheck {
+		if sig.Sequence < acc.GetSequence() {
+			return errorsmod.Wrapf(
+				sdkerrors.ErrWrongSequence,
+				"account sequence mismatch, expected higher than or equal to %d, got %d", acc.GetSequence(), sig.Sequence,
+			)
+		}
+	} else if sig.Sequence != acc.GetSequence() {
 		return errorsmod.Wrapf(
 			sdkerrors.ErrWrongSequence,
-			"account sequence mismatch, expected %d, got %d", acc.GetSequence(), sig.Sequence,
+			"account sequence mismatch: expected %d, got %d", acc.GetSequence(), sig.Sequence,
 		)
 	}
 
 	// we're in simulation mode, or in ReCheckTx, or context is not
 	// on sig verify tx, then we do not need to verify the signatures
 	// in the tx.
-	if svd.ak.GetEnvironment().TransactionService.ExecMode(ctx) == transaction.ExecModeSimulate ||
+	if execMode == transaction.ExecModeSimulate ||
 		isRecheckTx(ctx, svd.ak.GetEnvironment().TransactionService) ||
 		!isSigverifyTx(ctx) {
 		return nil
@@ -352,7 +360,7 @@ func (svd SigVerificationDecorator) verifySig(ctx context.Context, tx sdk.Tx, ac
 		Address:       acc.GetAddress().String(),
 		ChainID:       chainID,
 		AccountNumber: accNum,
-		Sequence:      acc.GetSequence(),
+		Sequence:      sig.Sequence,
 		PubKey: &anypb.Any{
 			TypeUrl: anyPk.TypeUrl,
 			Value:   anyPk.Value,

diff --git a/x/auth/ante/sigverify_test.go b/x/auth/ante/sigverify_test.go
@@ -231,7 +231,7 @@ func TestSigVerification(t *testing.T) {
 				if tc.recheck {
 					ctx = ctx.WithExecMode(sdk.ExecModeReCheck)
 				} else {
-					ctx = ctx.WithExecMode(sdk.ExecModeCheck)
+					ctx = ctx.WithExecMode(sdk.ExecModeFinalize)
 				}
 
 				suite.txBuilder = suite.clientCtx.TxConfig.NewTxBuilder() // Create new txBuilder for each test