Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate tx/sign body and use BaseReq #3176

Closed
4 tasks
fedekunze opened this issue Dec 19, 2018 · 1 comment
Closed
4 tasks

Validate tx/sign body and use BaseReq #3176

fedekunze opened this issue Dec 19, 2018 · 1 comment
Assignees
@alessio

Comments

@fedekunze
Copy link
Collaborator

Summary

POST body is not validated because it doesn't use BaseReq nor the StdTx.ValidateBasic()

Problem Definition

We are using SignBody for POST tx/sign but the StdTx is not validated at any point of the request.

cosmos-sdk/x/auth/client/rest/sign.go

Lines 15 to 24 in c9ef680

// SignBody defines the properties of a sign request's body.
type SignBody struct {
Tx auth.StdTx `json:"tx"`
LocalAccountName string `json:"name"`
Password string `json:"password"`
ChainID string `json:"chain_id"`
AccountNumber uint64 `json:"account_number"`
Sequence uint64 `json:"sequence"`
AppendSig bool `json:"append_sig"`
}

Proposal

Use BaseReq with its validation function and use StdTx.Validate() to validate the transaction.

For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged
  • Contributor assigned/self-assigned
@fedekunze fedekunze mentioned this issue Dec 19, 2018
Merged
5 tasks
@alexanderbez
Copy link
Contributor

alexanderbez commented Dec 20, 2018
edited
Loading

Awesome! While we're at it, can we also update ReadRESTReq to prefix a failed JSON unmarshal with failed to decode JSON payload: ...?

I kept trying to submit a send tx but kept getting a 400 and it was not obvious to me what was wrong.

@alessio alessio added T:Bug and removed T:Bug labels Dec 20, 2018
@alessio alessio self-assigned this Dec 20, 2018
alessio pushed a commit that referenced this issue Dec 20, 2018
validate sign tx request's body
266a9dd 
Closes: #3176
@alessio alessio mentioned this issue Dec 20, 2018
Merged
5 tasks
alessio pushed a commit that referenced this issue Dec 27, 2018
validate sign tx request's body
1ebe184 
Closes: #3176
jackzampolin added a commit that referenced this issue Jan 3, 2019
@jackzampolin @alessio
R4R: validate sign tx request's body (#3179)
d1824ad 
* validate sign tx request's body

Closes: #3176

* Introduce CodeNoSignatures

* Update swagger.yaml

* Fix tests

* Update x/auth/client/rest/sign.go

Co-Authored-By: alessio <quadrispro@ubuntu.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alessio alessio

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alessio @alexanderbez @fedekunze