Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gov: support contracts that dynamically instantiate other contracts #1207

Closed
alpe opened this issue Feb 23, 2023 · 2 comments · Fixed by #1482
Closed

Gov: support contracts that dynamically instantiate other contracts #1207

alpe opened this issue Feb 23, 2023 · 2 comments · Fixed by #1482
Assignees
@alpe
Milestone
v0.41.0

Comments

@alpe
Copy link
Contributor

alpe commented Feb 23, 2023

Currently, only the first contract call is executed in a gov authorization context. On a restricted chain, submessages would not be able to create instances.

As a simple solution for this feature, gov proposal executions would pass their privileged GovAuthorizationPolicy to submessages. Without further restrictions, this policy would not only bypass chain restrictions on instantiate but also admin checks for migrate or access config increasing the risk of dangerous operations.

A more restrictive solution, would consider the original intent of the gov proposal and forward a finer grained authorization. The original intent though is not always easy to spot with sudo/ execute proposals
Current proposal types:

  • InstantiateContractProposal
  • InstantiateContract2Proposal
  • StoreAndInstantiateContractProposal
  • MigrateContractProposal
  • SudoContractProposal
  • ExecuteContractProposal
@alpe alpe added the discussion label Mar 7, 2023
@alpe alpe added this to the v0.41.0 milestone Jul 4, 2023
@alpe alpe self-assigned this Jul 4, 2023
@alpe
Copy link
Contributor Author

alpe commented Jul 4, 2023

We need this to support mesh-security on permissioned chains

@alpe alpe mentioned this issue Jul 4, 2023
Merged
@alpe
Copy link
Contributor Author

alpe commented Jul 4, 2023

Design decisions for the initial implementation:

  • No authorization propagation for sudo gov proposals
  • gov authorization propagation for instantiate and migrate proposals
  • only instantiate is enabled by default
  • the defaults can be modified with a constructor option for the keeper

@alpe alpe removed the discussion label Jul 4, 2023
@alpe alpe closed this as completed in #1482 Jul 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alpe alpe

Labels
None yet
Projects
None yet
Milestone
v0.41.0
Development

Successfully merging a pull request may close this issue.

Gov authorization propagation for sub-messages CosmWasm/wasmd
1 participant
@alpe