dydxprotocol · jayy04 · Jan 25, 2024 · Jan 11, 2024 · Jan 12, 2024 · Jan 12, 2024
@@ -52,6 +52,9 @@ import (
 	authkeeper "github.com/cosmos/cosmos-sdk/x/auth/keeper"
 	authtx "github.com/cosmos/cosmos-sdk/x/auth/tx"
 	authtypes "github.com/cosmos/cosmos-sdk/x/auth/types"
+	authz "github.com/cosmos/cosmos-sdk/x/authz"
+	authzkeeper "github.com/cosmos/cosmos-sdk/x/authz/keeper"
+	authzmodule "github.com/cosmos/cosmos-sdk/x/authz/module"
 	"github.com/cosmos/cosmos-sdk/x/bank"
 	bankkeeper "github.com/cosmos/cosmos-sdk/x/bank/keeper"
 	banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
@@ -234,6 +237,7 @@ type App struct {
 
 	// keepers
 	AccountKeeper    authkeeper.AccountKeeper
+	AuthzKeeper      authzkeeper.Keeper
 	BankKeeper       bankkeeper.Keeper
 	CapabilityKeeper *capabilitykeeper.Keeper
 	StakingKeeper    *stakingkeeper.Keeper
@@ -346,10 +350,20 @@ func New(
 	bApp.SetTxEncoder(txConfig.TxEncoder())
 
 	keys := storetypes.NewKVStoreKeys(
-		authtypes.StoreKey, banktypes.StoreKey, stakingtypes.StoreKey, crisistypes.StoreKey,
-		distrtypes.StoreKey, slashingtypes.StoreKey,
-		govtypes.StoreKey, paramstypes.StoreKey, consensusparamtypes.StoreKey, upgradetypes.StoreKey, feegrant.StoreKey,
-		ibcexported.StoreKey, ibctransfertypes.StoreKey,
+		authtypes.StoreKey,
+		authzkeeper.StoreKey,
+		banktypes.StoreKey,
+		stakingtypes.StoreKey,
+		crisistypes.StoreKey,
+		distrtypes.StoreKey,
+		slashingtypes.StoreKey,
+		govtypes.StoreKey,
+		paramstypes.StoreKey,
+		consensusparamtypes.StoreKey,
+		upgradetypes.StoreKey,
+		feegrant.StoreKey,
+		ibcexported.StoreKey,
+		ibctransfertypes.StoreKey,
 		ratelimitmoduletypes.StoreKey,
 		icacontrollertypes.StoreKey,
 		icahosttypes.StoreKey,
@@ -429,6 +443,14 @@ func New(
 		sdk.GetConfig().GetBech32AccountAddrPrefix(),
 		lib.GovModuleAddress.String(),
 	)
+
+	app.AuthzKeeper = authzkeeper.NewKeeper(
+		runtime.NewKVStoreService(keys[authzkeeper.StoreKey]),
+		appCodec,
+		app.MsgServiceRouter(),
+		app.AccountKeeper,
+	)
+
 	app.BankKeeper = bankkeeper.NewBaseKeeper(
 		appCodec,
 		runtime.NewKVStoreService(keys[banktypes.StoreKey]),
@@ -987,6 +1009,7 @@ func New(
 		),
 		auth.NewAppModule(appCodec, app.AccountKeeper, nil, app.getSubspace(authtypes.ModuleName)),
 		bank.NewAppModule(appCodec, app.BankKeeper, app.AccountKeeper, app.getSubspace(banktypes.ModuleName)),
+		authzmodule.NewAppModule(appCodec, app.AuthzKeeper, app.AccountKeeper, app.BankKeeper, app.interfaceRegistry),
 		capability.NewAppModule(appCodec, *app.CapabilityKeeper, false),
 		feegrantmodule.NewAppModule(appCodec, app.AccountKeeper, app.BankKeeper, app.FeeGrantKeeper, app.interfaceRegistry),
 		crisis.NewAppModule(app.CrisisKeeper, skipGenesisInvariants, app.getSubspace(crisistypes.ModuleName)),
@@ -1048,6 +1071,7 @@ func New(
 	// NOTE: staking module is required if HistoricalEntries param > 0
 	app.ModuleManager.SetOrderBeginBlockers(
 		blocktimemoduletypes.ModuleName, // Must be first
+		authz.ModuleName,                // Delete expired grants.
 		epochsmoduletypes.ModuleName,
 		capabilitytypes.ModuleName,
 		distrtypes.ModuleName,
@@ -1116,6 +1140,7 @@ func New(
 		rewardsmoduletypes.ModuleName,
 		epochsmoduletypes.ModuleName,
 		delaymsgmoduletypes.ModuleName,
+		authz.ModuleName,                // No-op.
 		blocktimemoduletypes.ModuleName, // Must be last
 	)
 
@@ -1157,6 +1182,7 @@ func New(
 		rewardsmoduletypes.ModuleName,
 		sendingmoduletypes.ModuleName,
 		delaymsgmoduletypes.ModuleName,
+		authz.ModuleName,
 	)
 
 	// NOTE: by default, set migration order here to be the same as init genesis order,
@@ -1194,6 +1220,7 @@ func New(
 		rewardsmoduletypes.ModuleName,
 		sendingmoduletypes.ModuleName,
 		delaymsgmoduletypes.ModuleName,
+		authz.ModuleName,
 
 		// Auth must be migrated after staking.
 		authtypes.ModuleName,

@@ -12,6 +12,7 @@ import (
 	tmproto "github.com/cometbft/cometbft/proto/tendermint/types"
 	"github.com/cosmos/cosmos-sdk/types/module"
 	"github.com/cosmos/cosmos-sdk/x/auth"
+	authzmodule "github.com/cosmos/cosmos-sdk/x/authz/module"
 	"github.com/cosmos/cosmos-sdk/x/bank"
 	"github.com/cosmos/cosmos-sdk/x/consensus"
 	"github.com/cosmos/cosmos-sdk/x/crisis"
@@ -201,6 +202,7 @@ func TestModuleBasics(t *testing.T) {
 		upgrade.AppModuleBasic{},
 		transfer.AppModuleBasic{},
 		consensus.AppModuleBasic{},
+		authzmodule.AppModuleBasic{},
 
 		// Custom modules
 		pricesmodule.AppModuleBasic{},

@@ -6,6 +6,7 @@ import (
 	"cosmossdk.io/x/upgrade"
 	"github.com/cosmos/cosmos-sdk/types/module"
 	"github.com/cosmos/cosmos-sdk/x/auth"
+	authzmodule "github.com/cosmos/cosmos-sdk/x/authz/module"
 	"github.com/cosmos/cosmos-sdk/x/bank"
 	"github.com/cosmos/cosmos-sdk/x/consensus"
 	"github.com/cosmos/cosmos-sdk/x/crisis"
@@ -71,6 +72,7 @@ var (
 		evidence.AppModuleBasic{},
 		transfer.AppModuleBasic{},
 		consensus.AppModuleBasic{},
+		authzmodule.AppModuleBasic{},
 
 		// Custom modules
 		pricesmodule.AppModuleBasic{},

@@ -14,6 +14,15 @@ var (
 		"/cosmos.auth.v1beta1.ModuleCredential": {},
 		"/cosmos.auth.v1beta1.MsgUpdateParams":  {},
 
+		// authz
+		"/cosmos.authz.v1beta1.GenericAuthorization": {},
+		"/cosmos.authz.v1beta1.MsgExec":              {},
+		"/cosmos.authz.v1beta1.MsgExecResponse":      {},
+		"/cosmos.authz.v1beta1.MsgGrant":             {},
+		"/cosmos.authz.v1beta1.MsgGrantResponse":     {},
+		"/cosmos.authz.v1beta1.MsgRevoke":            {},
+		"/cosmos.authz.v1beta1.MsgRevokeResponse":    {},
+
 		// bank
 		"/cosmos.bank.v1beta1.MsgMultiSend":              {},
 		"/cosmos.bank.v1beta1.MsgMultiSendResponse":      {},

@@ -2,12 +2,17 @@ package msgs
 
 import (
 	sdk "github.com/cosmos/cosmos-sdk/types"
+	"github.com/cosmos/cosmos-sdk/x/authz"
 	gov "github.com/cosmos/cosmos-sdk/x/gov/types/v1"
 )
 
 var (
 	// NestedMsgSamples are msgs that have can include other arbitrary messages inside.
 	NestedMsgSamples = map[string]sdk.Msg{
+		// authz
+		"/cosmos.authz.v1beta1.MsgExec":         &authz.MsgExec{},
+		"/cosmos.authz.v1beta1.MsgExecResponse": nil,
+
 		// gov
 		"/cosmos.gov.v1.MsgSubmitProposal":         &gov.MsgSubmitProposal{},
 		"/cosmos.gov.v1.MsgSubmitProposalResponse": nil,

@@ -11,6 +11,10 @@ import (
 
 func TestNestedMsgs_Key(t *testing.T) {
 	expectedMsgs := []string{
+		// authz
+		"/cosmos.authz.v1beta1.MsgExec",
+		"/cosmos.authz.v1beta1.MsgExecResponse",
+
 		// gov
 		"/cosmos.gov.v1.MsgSubmitProposal",
 		"/cosmos.gov.v1.MsgSubmitProposalResponse",

@@ -4,6 +4,7 @@ import (
 	evidence "cosmossdk.io/x/evidence/types"
 	feegrant "cosmossdk.io/x/feegrant"
 	sdk "github.com/cosmos/cosmos-sdk/types"
+	"github.com/cosmos/cosmos-sdk/x/authz"
 	bank "github.com/cosmos/cosmos-sdk/x/bank/types"
 	crisis "github.com/cosmos/cosmos-sdk/x/crisis/types"
 	distr "github.com/cosmos/cosmos-sdk/x/distribution/types"
@@ -27,6 +28,13 @@ var (
 		"/cosmos.auth.v1beta1.ModuleAccount":    nil,
 		"/cosmos.auth.v1beta1.ModuleCredential": nil,
 
+		// authz
+		"/cosmos.authz.v1beta1.GenericAuthorization": nil,
+		"/cosmos.authz.v1beta1.MsgGrant":             &authz.MsgGrant{},
+		"/cosmos.authz.v1beta1.MsgGrantResponse":     nil,
+		"/cosmos.authz.v1beta1.MsgRevoke":            &authz.MsgRevoke{},
+		"/cosmos.authz.v1beta1.MsgRevokeResponse":    nil,
+
 		// bank
 		"/cosmos.bank.v1beta1.MsgMultiSend":         &bank.MsgMultiSend{},
 		"/cosmos.bank.v1beta1.MsgMultiSendResponse": nil,

@@ -16,6 +16,13 @@ func TestNormalMsgs_Key(t *testing.T) {
 		"/cosmos.auth.v1beta1.ModuleAccount",
 		"/cosmos.auth.v1beta1.ModuleCredential",
 
+		// authz
+		"/cosmos.authz.v1beta1.GenericAuthorization",
+		"/cosmos.authz.v1beta1.MsgGrant",
+		"/cosmos.authz.v1beta1.MsgGrantResponse",
+		"/cosmos.authz.v1beta1.MsgRevoke",
+		"/cosmos.authz.v1beta1.MsgRevokeResponse",
+
 		// bank
 		"/cosmos.bank.v1beta1.MsgMultiSend",
 		"/cosmos.bank.v1beta1.MsgMultiSendResponse",

@@ -4,10 +4,8 @@ var (
 	// UnregisteredMsgs are msgs that should not be registered with the app.
 	UnregisteredMsgs = map[string]struct{}{
 		// authz
-		"/cosmos.authz.v1.MsgExec":              {},
-		"/cosmos.authz.v1.MsgExecResponse":      {},
-		"/cosmos.authz.v1beta1.MsgExec":         {},
-		"/cosmos.authz.v1beta1.MsgExecResponse": {},
+		"/cosmos.authz.v1.MsgExec":         {},
+		"/cosmos.authz.v1.MsgExecResponse": {},
 
 		// group
 		"/cosmos.group.v1.MsgSubmitProposal":              {},

@@ -14,8 +14,6 @@ func TestUnregisteredMsgs_Key(t *testing.T) {
 		// authz
 		"/cosmos.authz.v1.MsgExec",
 		"/cosmos.authz.v1.MsgExecResponse",
-		"/cosmos.authz.v1beta1.MsgExec",
-		"/cosmos.authz.v1beta1.MsgExecResponse",
 
 		// group
 		"/cosmos.group.v1.MsgSubmitProposal",

@@ -3,14 +3,15 @@ package app_test
 import (
 	"encoding/json"
 	"fmt"
-	dbm "github.com/cosmos/cosmos-db"
-	icatypes "github.com/cosmos/ibc-go/v8/modules/apps/27-interchain-accounts/types"
 	"io"
 	"math/rand"
 	"os"
 	"testing"
 	"time"
 
+	dbm "github.com/cosmos/cosmos-db"
+	icatypes "github.com/cosmos/ibc-go/v8/modules/apps/27-interchain-accounts/types"
+
 	"cosmossdk.io/log"
 	"cosmossdk.io/math"
 	"cosmossdk.io/store"
@@ -33,6 +34,7 @@ import (
 	authsims "github.com/cosmos/cosmos-sdk/x/auth/simulation"
 	authtypes "github.com/cosmos/cosmos-sdk/x/auth/types"
 	vestingtypes "github.com/cosmos/cosmos-sdk/x/auth/vesting/types"
+	authz "github.com/cosmos/cosmos-sdk/x/authz"
 	banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
 	distributiontypes "github.com/cosmos/cosmos-sdk/x/distribution/types"
 	govtypes "github.com/cosmos/cosmos-sdk/x/gov/types"
@@ -105,6 +107,7 @@ func (app *SimApp) SimulationManager() *module.SimulationManager {
 var genesisModuleOrder = []string{
 	authtypes.ModuleName,
 	banktypes.ModuleName,
+	authz.ModuleName,
 	capabilitytypes.ModuleName,
 	feegranttypes.ModuleName,
 	govtypes.ModuleName,

@@ -23,6 +23,9 @@
     },
     "accounts": []
   },
+  "authz": {
+    "authorization": []
+  },
   "bank": {
     "params": {
       "send_enabled": [],

@@ -3,6 +3,7 @@ package v_4_0_0
 import (
 	store "cosmossdk.io/store/types"
 	circuittypes "cosmossdk.io/x/circuit/types"
+	authzkeeper "github.com/cosmos/cosmos-sdk/x/authz/keeper"
 	icacontrollertypes "github.com/cosmos/ibc-go/v8/modules/apps/27-interchain-accounts/controller/types"
 	icahosttypes "github.com/cosmos/ibc-go/v8/modules/apps/27-interchain-accounts/host/types"
 	"github.com/dydxprotocol/v4-chain/protocol/app/upgrades"
@@ -23,6 +24,9 @@ var Upgrade = upgrades.Upgrade{
 			// Add new ICA stores that are needed by ICA host types as of v8.
 			icacontrollertypes.StoreKey,
 			icahosttypes.StoreKey,
+
+			// Add authz module to allow granting arbitrary privileges from one account to another acocunt.
+			authzkeeper.StoreKey,
 		},
 	},
 }
@@ -4,6 +4,7 @@ import (
 	"fmt"
 
 	sdk "github.com/cosmos/cosmos-sdk/types"
+	authz "github.com/cosmos/cosmos-sdk/x/authz"
 	gov "github.com/cosmos/cosmos-sdk/x/gov/types/v1"
 )
 
@@ -12,6 +13,8 @@ func IsNestedMsg(msg sdk.Msg) bool {
 	switch msg.(type) {
 	case
 		// ------- CosmosSDK default modules
+		// authz
+		*authz.MsgExec,
 		// gov
 		*gov.MsgSubmitProposal:
 		return true
@@ -45,6 +48,8 @@ func getInnerMsgs(msg sdk.Msg) ([]sdk.Msg, error) {
 	case
 		*gov.MsgSubmitProposal:
 		return msg.GetMsgs()
+	case *authz.MsgExec:
+		return msg.GetMessages()
 	default:
 		return nil, fmt.Errorf("unsupported msg type: %T", msg)
 	}

@@ -85,6 +85,18 @@ func TestValidateNestedMsg(t *testing.T) {
 			msg:         testmsgs.MsgSubmitProposalWithDoubleNestedInner,
 			expectedErr: invalidInnerMsgErr_Nested,
 		},
+		"Invalid MsgExec: unsupported inner msg": {
+			msg:         &testmsgs.MsgExecWithUnsupportedInner,
+			expectedErr: invalidInnerMsgErr_Unsupported,
+		},
+		"Invalid MsgExec: app-injected inner msg": {
+			msg:         &testmsgs.MsgExecWithAppInjectedInner,
+			expectedErr: invalidInnerMsgErr_AppInjected,
+		},
+		"Invalid MsgExec: double-nested inner msg": {
+			msg:         &testmsgs.MsgExecWithDoubleNestedInner,
+			expectedErr: invalidInnerMsgErr_Nested,
+		},
 		"Valid: empty inner msg": {
 			msg:         testmsgs.MsgSubmitProposalWithEmptyInner,
 			expectedErr: nil,

@@ -24,6 +24,9 @@
         "tx_size_cost_per_byte": "10"
       }
     },
+    "authz": {
+      "authorization": []
+    },
     "bank": {
       "balances": [
         {