fix failed back transfer #83
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
taitruong
force-pushed
the
fix_back_transfer
branch
from
3c2437b to
ff96919
Compare
taitruong
force-pushed
the
fix_back_transfer
branch
from
ff96919 to
fb52da8
Compare
- happy path on back transfer - edge case: transfer via unknown channel
…l sub messages have succesfully completed
taitruong
commented
Jan 28, 2024
| @@ -94,57 +121,117 @@ pub(crate) fn receive_ibc_packet( | |||
| // We previously sent this NFT out on this | |||
| // channel. Unlock the local version for the | |||
| // receiver. | |||
| OUTGOING_CLASS_TOKEN_TO_CHANNEL.remove(deps.storage, key); | |||
There was a problem hiding this comment.
This here is the bug: state change is done here in ics721
| let local_prefix = get_endpoint_prefix(&packet.dest); | ||
| let local_class_id = ClassId::new(format!("{}{}", local_prefix, data.class_id)); | ||
|
|
||
| INCOMING_CLASS_TOKEN_TO_CHANNEL.save( |
There was a problem hiding this comment.
This is the other bug: state change is done also in ics721.
Comment on lines
-184
to
-189
| let submessage = action_aggregator.into_submessage( | ||
| env.contract.address, | ||
| receiver, | ||
| callback_msg, | ||
| incoming_proxy_msg, | ||
| )?; |
There was a problem hiding this comment.
Here is all the main logic: submessage itself contains a list of messags for:
- action aggregrator: creates a callback msg with a list of more messages for create or redeemining NFTs
- optional incoming proxy handling
- optional callback handling
Comment on lines
-73
to
-80
| let action_aggregator = data | ||
| // sub message holds 2 to 4 messages: | ||
| // - one message for voucher creation or redemption, another message for updating incoming or outgoing channel | ||
| let (is_redemption, voucher_and_channel_messages) = create_voucher_and_channel_messages( | ||
| deps.as_ref(), | ||
| env.clone(), | ||
| data.clone(), | ||
| maybe_local_class_id, | ||
| local_class_id.clone(), | ||
| packet.clone(), | ||
| )?; | ||
| // - one optional incoming proxy message | ||
| let incoming_proxy_msg = | ||
| get_incoming_proxy_msg(deps.as_ref().storage, packet.clone(), data.clone())?; | ||
| // - one optional callback message | ||
| let callback_msg = create_callback_msg( | ||
| deps.as_ref(), | ||
| &env, | ||
| &data, | ||
| is_redemption, | ||
| callback, | ||
| local_class_id, | ||
| )?; | ||
|
|
||
| let submessage = into_submessage( | ||
| env.contract.address, | ||
| voucher_and_channel_messages.0, | ||
| voucher_and_channel_messages.1, | ||
| callback_msg, | ||
| incoming_proxy_msg, | ||
| )?; | ||
|
|
||
| let response = if let Some(memo) = data.memo { | ||
| IbcReceiveResponse::default().add_attribute("ics721_memo", memo) | ||
| } else { | ||
| IbcReceiveResponse::default() | ||
| }; | ||
|
|
||
| Ok(response | ||
| .add_submessage(submessage) | ||
| .add_attribute("method", "receive_ibc_packet") | ||
| .add_attribute("class_id", data.class_id) | ||
| .add_attribute("local_channel", packet.dest.channel_id) | ||
| .add_attribute("counterparty_channel", packet.src.channel_id)) | ||
| } | ||
|
|
||
| fn create_voucher_and_channel_messages( | ||
| deps: Deps, | ||
| env: Env, | ||
| data: NonFungibleTokenPacketData, | ||
| maybe_local_class_id: Option<&str>, | ||
| local_class_id: ClassId, | ||
| packet: IbcPacket, | ||
| ) -> Result<(bool, (WasmMsg, WasmMsg)), ContractError> { | ||
| let token_count = data.token_ids.len(); | ||
| let redemption_or_create = data | ||
| .token_ids | ||
| .into_iter() | ||
| .zip_optional(data.token_uris) | ||
| .zip_optional(data.token_data) | ||
| .try_fold( | ||
| Vec::<Action>::with_capacity(token_count), | ||
| |mut messages, ((token_id, token_uri), token_data)| -> StdResult<_> { |
There was a problem hiding this comment.
old logic is super complicated for create a callaback submessage, using Action and Action Aggregator...
Comment on lines
+46
to
+53
| let (is_redemption, voucher_and_channel_messages) = create_voucher_and_channel_messages( | ||
| deps.as_ref(), | ||
| env.clone(), | ||
| data.clone(), | ||
| maybe_local_class_id, | ||
| local_class_id.clone(), | ||
| packet.clone(), | ||
| )?; |
There was a problem hiding this comment.
...new logic leads to same result, by creating required messages - without using temporary action and aggregator objects
Comment on lines
+190
to
+207
| let add_incoming_channels: Vec<((ClassId, TokenId), String)> = creation | ||
| .tokens | ||
| .clone() | ||
| .into_iter() | ||
| .map(|token| { | ||
| ( | ||
| (local_class_id.clone(), token.id), | ||
| packet.dest.channel_id.clone(), | ||
| ) | ||
| }) | ||
| .collect(); | ||
| let add_incoming_channels_msg = WasmMsg::Execute { | ||
| contract_addr: env.contract.address.to_string(), | ||
| msg: to_json_binary(&ExecuteMsg::Callback( | ||
| CallbackMsg::AddIncomingChannelEntries(add_incoming_channels), | ||
| ))?, | ||
| funds: vec![], | ||
| }; |
There was a problem hiding this comment.
... CallbackMsg::AddIncomingChannelEntries which then will be added to sub message.
Comment on lines
+469
to
+536
| assertAckErrors(info.acksFromA); | ||
| // assert no change before and after relay | ||
| const afterWasmOutgoingClassTokenToChannelList = await outgoingChannels( | ||
| wasmClient, | ||
| wasmIcs721 | ||
| ); | ||
| const afterWasmIncomingClassTokenToChannelList = await incomingChannels( | ||
| wasmClient, | ||
| wasmIcs721 | ||
| ); | ||
| const afterWasmNftContractsToClassIdList = await nftContracts( | ||
| wasmClient, | ||
| wasmIcs721 | ||
| ); | ||
| t.deepEqual( | ||
| beforeWasmOutgoingClassTokenToChannelList, | ||
| afterWasmOutgoingClassTokenToChannelList, | ||
| `outgoing channels must be unchanged: | ||
| - wasm before: ${JSON.stringify(beforeWasmOutgoingClassTokenToChannelList)} | ||
| - wasm after: ${JSON.stringify(afterWasmOutgoingClassTokenToChannelList)}` | ||
| ); | ||
| t.deepEqual( | ||
| beforeWasmIncomingClassTokenToChannelList, | ||
| afterWasmIncomingClassTokenToChannelList, | ||
| `incoming channels must be unchanged: | ||
| - wasm before: ${JSON.stringify(beforeWasmIncomingClassTokenToChannelList)} | ||
| - wasm after: ${JSON.stringify(afterWasmIncomingClassTokenToChannelList)}` | ||
| ); | ||
| t.deepEqual( | ||
| beforeWasmNftContractsToClassIdList, | ||
| afterWasmNftContractsToClassIdList, | ||
| `nft contracts must be unchanged: | ||
| - wasm before: ${JSON.stringify(beforeWasmNftContractsToClassIdList)} | ||
| - wasm after: ${JSON.stringify(afterWasmNftContractsToClassIdList)}` | ||
| ); | ||
| const afterOsmoOutgoingClassTokenToChannelList = await outgoingChannels( | ||
| osmoClient, | ||
| osmoIcs721 | ||
| ); | ||
| const afterOsmoIncomingClassTokenToChannelList = await incomingChannels( | ||
| osmoClient, | ||
| osmoIcs721 | ||
| ); | ||
| const afterOsmoNftContractsToClassIdList = await nftContracts( | ||
| osmoClient, | ||
| osmoIcs721 | ||
| ); | ||
| t.deepEqual( | ||
| beforeOsmoOutgoingClassTokenToChannelList, | ||
| afterOsmoOutgoingClassTokenToChannelList, | ||
| `outgoing channels must be unchanged: | ||
| - osmo before: ${JSON.stringify(beforeOsmoOutgoingClassTokenToChannelList)} | ||
| - osmo after: ${JSON.stringify(afterOsmoOutgoingClassTokenToChannelList)}` | ||
| ); | ||
| t.deepEqual( | ||
| beforeOsmoIncomingClassTokenToChannelList, | ||
| afterOsmoIncomingClassTokenToChannelList, | ||
| `incoming channels must be unchanged: | ||
| - osmo before: ${JSON.stringify(beforeOsmoIncomingClassTokenToChannelList)} | ||
| - osmo after: ${JSON.stringify(afterOsmoIncomingClassTokenToChannelList)}` | ||
| ); | ||
| t.deepEqual( | ||
| beforeOsmoNftContractsToClassIdList, | ||
| afterOsmoNftContractsToClassIdList, | ||
| `nft contracts must be unchanged: | ||
| - osmo before: ${JSON.stringify(beforeOsmoNftContractsToClassIdList)} | ||
| - osmo after: ${JSON.stringify(afterOsmoNftContractsToClassIdList)}` | ||
| ); |
There was a problem hiding this comment.
This is the ts relayer test, checking states before and after a failed back transfer
| tokenOwner = await ownerOf(wasmClient, wasmCw721, tokenId); | ||
| t.is(wasmAddr, tokenOwner.owner); | ||
|
|
||
| // ==== test transfer NFT to osmo chain via channel WLed ONLY on osmo incoming proxy and back to wasm chain ==== |
There was a problem hiding this comment.
This test reproduces back transfer on failure and success:
| tokenOwner = await ownerOf(osmoClient, osmoCw721, tokenId); | ||
| t.is(osmoAddr, tokenOwner.owner); | ||
|
|
||
| // test back transfer NFT to wasm chain, where onlyOsmoIncomingChannel is not WLed on wasm chain |
There was a problem hiding this comment.
test failed back transfer
|
|
||
| info = await otherChannel.link.relayAll(); | ||
| // ==== WL channel on wasm chain and test back transfer again ==== |
There was a problem hiding this comment.
migrate and WL channel for testing succesful back transfer, now NFT is unescrowd on existing collection - and NOT minted on a new collection
shanev
approved these changes
Jan 28, 2024
taitruong
commented
Jan 29, 2024
Comment on lines
+52
to
+67
| AdminCleanAndBurnNft { | ||
| owner: String, | ||
| token_id: String, | ||
| class_id: String, | ||
| collection: String, | ||
| }, | ||
|
|
||
| /// Admin msg in case something goes wrong. | ||
| /// As a minimum it clean up state (outgoing channel), and transfer NFT if exists. | ||
| /// - transfer NFT if exists | ||
| AdminCleanAndUnescrowNft { | ||
| recipient: String, | ||
| token_id: String, | ||
| class_id: String, | ||
| collection: String, | ||
| }, |
There was a problem hiding this comment.
Added 2 new messages for fixing "forked" NFTs due to back transfer bug.
Due to the bug, we have this invalid state on back transfer:
chain A:
- OG NFT escrowed
- new NFT on new collection (due to bug)
chain B: - NFT got burned due to bug
So on chain A, we need to:
- burn newly minted NFT
- unescrow OG NFT, transfer to recipient
These 2 msgs can only be executed by admin of ics721, once ics721 is immutable it cant be executed anymore! So in case of invalid we may fix specific NFTs.
| } | ||
|
|
||
| #[allow(clippy::too_many_arguments)] | ||
| fn execute_admin_clean_and_burn_nft( |
There was a problem hiding this comment.
burn "child" nft: ...
Comment on lines
+155
to
+157
| INCOMING_CLASS_TOKEN_TO_CHANNEL | ||
| .remove(deps.storage, (child_class_id.clone(), token_id.clone())); | ||
| TOKEN_METADATA.remove(deps.storage, (child_class_id.clone(), token_id.clone())); |
There was a problem hiding this comment.
- ... cleanup state
Comment on lines
+183
to
+190
| let burn_msg = WasmMsg::Execute { | ||
| contract_addr: child_collection.to_string(), | ||
| msg: to_json_binary(&cw721::Cw721ExecuteMsg::Burn { | ||
| token_id: token_id.clone().into(), | ||
| })?, | ||
| funds: vec![], | ||
| }; | ||
| response = response.add_message(burn_msg); |
| } | ||
|
|
||
| #[allow(clippy::too_many_arguments)] | ||
| fn execute_admin_clean_and_unescrow_nft( |
There was a problem hiding this comment.
Unescrow "parent" NFT
| ); | ||
| // assert NFT on chain A is owned by wasmAddr | ||
| tokenOwner = await ownerOf(wasmClient, wasmCw721, tokenId); | ||
| t.is(wasmAddr, tokenOwner.owner); |
There was a problem hiding this comment.
NFT transferred to owner
|
|
||
| // ==== test burn NFT on osmo chain ==== | ||
| // we need to approve the contract to burn the NFT | ||
| t.log(`approve NFT on osmo chain`); |
There was a problem hiding this comment.
we need to approve nft, so ics721 can burn it
Comment on lines
+910
to
+917
| await adminCleanAndBurnNft( | ||
| osmoClient, | ||
| osmoIcs721, | ||
| osmoAddr, | ||
| tokenId, | ||
| osmoClassId, | ||
| osmoCw721 | ||
| ); |
There was a problem hiding this comment.
Burn "child" NFT
| ); | ||
| t.log(`- response: ${JSON.stringify(response, bigIntReplacer, 2)}`); | ||
| allNFTs = await allTokens(osmoClient, osmoCw721); | ||
| t.is(allNFTs.tokens.length, 0); |
There was a problem hiding this comment.
No NFTs in collection
| osmoClient, | ||
| osmoIcs721 | ||
| ); | ||
| t.deepEqual( |
humanalgorithm
approved these changes
Jan 29, 2024
| packet.clone(), | ||
| )?; | ||
| // - one optional incoming proxy message | ||
| let incoming_proxy_msg = |
There was a problem hiding this comment.
thanks for refactoring this out to functions 👍
jhernandezb
approved these changes
Jan 31, 2024
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bug description
Task to reproduce:
1. NFT (forward) transferred from chain A to B
Outcoume:
OUTGOING_CLASS_TOKEN_TO_CHANNEL("returning to source" identifier for back transfer)INCOMING_CLASS_TOKEN_TO_CHANNEL2. Transfer NFT back from B to A
Outcome:
Reason here states are updated in contract, but all other actions are handled in sub messages. So if sub messages fails, states in ics721 are not reverted. Reason here is, that on ibc receive TX must not fail for relaying Ack success or error.
What happened next: I WLed incoming proxy and did another back transfer, this time successfully, but with an unexpected result:
Reason here is because of previous failure, removal of entry in outgoing channel got not reverted. So on next transfer ics721 on chain A:
This PR fixes this, by moving state changes for incoming and outgoing channel, away from ics721 contract to a dedicated sub message. So if other sub messages like callback or incoming proxy fails, this submessage is not executed.