v042..v043 Audit changes on existing code

[amaury1093]

Part of #9116.

This checklist is to be used for tracking the final internal audit of fixes and features introduced on existing Cosmos SDK code and modules, prior to inclusion in a published release.

Commit 7fd3d00 is when release/v0.42.x branched out of master. We should audit the commit log 7fd3d00..master, and perform the following audits below.

Prior to beta tag

Modules Audit

excluding authz and feegrant

Checklist west

• auth - @robert-zaremba
• bank - @technicallyty x/bank v0.43 Audit updates  #9271
• capability - @robert-zaremba
• crisis - @clevinson
• distribution - @aleem1314

Checklist east

• genutil @AmauryM
• gov @AmauryM x/gov v0.43 Audit updates #9258
• mint @blushi
• params @blushi
• simulation @atheeshp
• slashing @atheeshp
• staking @likhita809 x/staking v0.43 Audit updates  #9267
• upgrade @likhita809
• evidence - @cyberbono3
• genaccounts - @cyberbono3 Remove migration scripts <=0.38 #9291

Scope for each module:

• API audit (at least 1 person, TODO assignee)
  • spec audit: check if the spec is complete.
  • Are Msg and Query methods and types well-named and organized?
  • Is everything well documented (inline godoc as well as /spec/ folder in module directory)
  • check the proto definition - make sure everything is in accordance to ADR-30 (at least 1 person, TODO assignee)
• Completeness audit, fully implemented with tests (at least 1 person TODO assignee)
  • Genesis import and export of all state
  • Query services
  • CLI methods
  • All necessary migration scripts are present (if this is an upgrade of existing module)
  • Assess maintainability and risks of future migrations
• State machine audit (at least 2 people, TODO assignees)
  • Read through MsgServer code and verify correctness upon visual inspection
  • Ensure all state machine code which could be confusing is properly commented
  • Make sure state machine logic matches Msg method documentation
  • Ensure that all state machine edge cases are covered with tests and that test coverage is sufficient (at least 90% coverage on module code)
  • Assess potential threats for each method including spam attacks and ensure that threats have been addressed sufficiently. This should be done by writing up threat assessment for each method. Specifically we should be paying attention to:
    • algorithmic complexity and places this could be exploited (ex. nested for loops)
    • charging gas complex computation (ex. for loops)
    • storage is safe (we don't pollute the state).
  • Assess potential risks of any new third party dependencies and decide whether a dependency audit is needed
  • Check correctness of simulation implementation if any
• Audit Changelog against commit log, ensuring all breaking changes, bug fixes, and improvements are properly documented. (at least 1 person TODO assignee)

SDK Core Audit (aka non-module code)

West:

• baseappp - @robert-zaremba
• client - @aleem1314 v0.43 audit changes for client/ #9295
• codec - @ryanchrypto
• crypto - @technicallyty
• server - @clevinson
• std - @anilcse
• snapshots - @robert-zaremba

East:

• simapp @blushi SDK Core Audit - simapp updates #9315
• store @AmauryM
• telemetry @likhita-809 v043 audit changes for telemetry/ #9297
• tests @cyberbono3
• testutil @atheeshp
• types @AmauryM v043 audit changes for types/ #9290
• version @likhita-809 v043 audit changes for version/ #9296

Scope;

• API audit (at least 2 people, TODO assignee)
  • Ensure clear naming.
  • Assess function arguments, return types, struct fields etc... if the public-facing API makes sense
  • Is everything well documented (inline godoc)
• check the proto definition (at least 2 people, TODO assignee)
• Completeness audit, fully implemented with tests (at least 1 person TODO assignee)
  • Ensure proper unit, integration and simulation test coverage for new or changed features.
  • Assess maintainability and risks of future migrations
• Audit Changelog against commit log, ensuring all breaking changes, bug fixes, and improvements are properly documented. (at least 1 person TODO assignee)

[amaury1093]

If useful for anyone, to check what code has been modified in v043 in a subfolder, this command works: git diff 7fd3d00459bb5d69d64c6648f1ed7eb6a47e7c85 master x/genutil

[blushi]

If useful for anyone, to check what code has been modified in v043 in a subfolder, this command works: git diff 7fd3d00459bb5d69d64c6648f1ed7eb6a47e7c85 master x/genutil

I guess it might be relevant to have a look at the corresponding proto subfolders as well.

[technicallyty]

Found this to be helpful:

1. Checkout master branch
2. Make branch from commit: git branch <branch name> <commit id>
3. use vscode/goland to diff against master (easier to read than git diff in terminal)

[robert-zaremba]

Emacs also supports diff buffers :)

[anilcse]

There are not much things inside std package, just codec registration. No changes required in the package.

[ryanchristo]

The codec package is missing descriptions for some of the functions in the following files:

• types/compat.go
• types/interface_registry.go
• amino.go

There is some room for improvement on the content and formatting of comments but nothing critical. It might be nice to do a larger audit of content and formatting throughout the project to improve consistency and readability for generated godocs.

All changes are recorded in the CHANGELOG. The following changes are not explicitly referenced but implied:

• MustMarshalBinaryBare -> MustMarshal
• MustMarshalBinaryLengthPrefixed -> MustMarshalLengthPrefixed
• MustUnmarshalBinaryBare -> MustUnmarshal
• MustUnmarshalBinaryLengthPrefixed -> MustUnmarshalLengthPrefixed

[amaury1093]

All items are checked, I'm closing this. Thanks everyone 🚀

simapp follow-up is tracked here: #9346.