- limit allow list size

- update denom checks

app/app.go

@@ -532,13 +532,19 @@ func New(
 	).SetHooks(epochmoduletypes.NewMultiEpochHooks(
 		app.MintKeeper.Hooks()))
 
+	tokenFactoryConfig, err := tokenfactorykeeper.ReadConfig(appOpts)
+	if err != nil {
+		panic(fmt.Sprintf("error reading token factory config due to %s", err))
+	}
+
 	app.TokenFactoryKeeper = tokenfactorykeeper.NewKeeper(
 		appCodec,
 		app.keys[tokenfactorytypes.StoreKey],
 		app.GetSubspace(tokenfactorytypes.ModuleName),
 		app.AccountKeeper,
 		app.BankKeeper.(bankkeeper.BaseKeeper).WithMintCoinsRestriction(tokenfactorytypes.NewTokenFactoryDenomMintCoinsRestriction()),
 		app.DistrKeeper,
+		tokenFactoryConfig,
 	)
 
 	// The last arguments can contain custom message handlers, and custom query handlers,

x/tokenfactory/keeper/config.go

@@ -0,0 +1,29 @@
+package keeper
+
+import (
+	servertypes "github.com/cosmos/cosmos-sdk/server/types"
+	"github.com/spf13/cast"
+)
+
+type Config struct {
+	DenomAllowListMaxSize int `mapstructure:"denom_allow_list_max_size"`
+}
+
+var DefaultConfig = Config{
+	DenomAllowListMaxSize: 2000,
+}
+
+const (
+	flagDenomAllowListMaxSize = "tokenfactory.denom_allow_list_max_size"
+)
+
+func ReadConfig(opts servertypes.AppOptions) (Config, error) {
+	cfg := DefaultConfig // copy
+	var err error
+	if v := opts.Get(flagDenomAllowListMaxSize); v != nil {
+		if cfg.DenomAllowListMaxSize, err = cast.ToIntE(v); err != nil {
+			return cfg, err
+		}
+	}
+	return cfg, nil
+}

x/tokenfactory/keeper/createdenom.go

@@ -69,8 +69,8 @@ func (k Keeper) validateCreateDenom(ctx sdk.Context, creatorAddr string, subdeno
 	return denom, nil
 }
 
-func (k Keeper) validateUpdateDenom(ctx sdk.Context, creatorAddr string, subdenom string) (tokenDenom string, err error) {
-	denom, err := types.GetTokenDenom(creatorAddr, subdenom)
+func (k Keeper) validateUpdateDenom(ctx sdk.Context, msg *types.MsgUpdateDenom) (tokenDenom string, err error) {
+	denom, err := types.GetTokenDenom(msg.GetSender(), msg.GetSubdenom())
 	if err != nil {
 		return "", err
 	}
@@ -80,5 +80,17 @@ func (k Keeper) validateUpdateDenom(ctx sdk.Context, creatorAddr string, subdeno
 		return "", types.ErrDenomDoesNotExist.Wrapf("denom: %s", denom)
 	}
 
+	err = k.validateAllowListSize(*msg.AllowList)
+	if err != nil {
+		return "", err
+	}
+
 	return denom, nil
 }
+
+func (k Keeper) validateAllowListSize(allowList banktypes.AllowList) error {
+	if len(allowList.Addresses) > k.config.DenomAllowListMaxSize {
+		return types.ErrAllowListTooLarge
+	}
+	return nil
+}

x/tokenfactory/keeper/keeper.go

@@ -24,6 +24,8 @@ type (
 		accountKeeper types.AccountKeeper
 		bankKeeper    types.BankKeeper
 		distrKeeper   types.DistrKeeper
+
+		config Config
 	}
 )
 
@@ -35,6 +37,7 @@ func NewKeeper(
 	accountKeeper types.AccountKeeper,
 	bankKeeper types.BankKeeper,
 	distrKeeper types.DistrKeeper,
+	config Config,
 ) Keeper {
 	if !paramSpace.HasKeyTable() {
 		paramSpace = paramSpace.WithKeyTable(types.ParamKeyTable())
@@ -47,6 +50,8 @@ func NewKeeper(
 		accountKeeper: accountKeeper,
 		bankKeeper:    bankKeeper,
 		distrKeeper:   distrKeeper,
+
+		config: config,
 	}
 }
 

x/tokenfactory/keeper/migrations_test.go

@@ -59,7 +59,7 @@ func TestMigrate2to3(t *testing.T) {
 	store.Set(oldCreatorSpecificPrefix, []byte("garbage value whitelist creator"))
 	require.True(t, store.Has(oldCreateDenomFeeWhitelistPrefix))
 	require.True(t, store.Has(oldCreatorSpecificPrefix))
-	newKeeper := NewKeeper(cdc, storeKey, paramsSubspace, nil, bankkeeper.NewBaseKeeper(cdc, bankstorekey, nil, paramsSubspace, nil), nil)
+	newKeeper := NewKeeper(cdc, storeKey, paramsSubspace, nil, bankkeeper.NewBaseKeeper(cdc, bankstorekey, nil, paramsSubspace, nil), nil, Config{DenomAllowListMaxSize: 100})
 	m := NewMigrator(newKeeper)
 	err := m.Migrate2to3(ctx)
 	require.Nil(t, err)
@@ -80,7 +80,7 @@ func TestMigrate2to3(t *testing.T) {
 func TestMigrate3To4(t *testing.T) {
 	// Test migration with all metadata denom
 	metadata := banktypes.Metadata{Description: sdk.DefaultBondDenom, Base: sdk.DefaultBondDenom, Display: sdk.DefaultBondDenom, Name: sdk.DefaultBondDenom, Symbol: sdk.DefaultBondDenom}
-	keeper := NewKeeper(nil, nil, typesparams.Subspace{}, nil, nil, nil)
+	keeper := NewKeeper(nil, nil, typesparams.Subspace{}, nil, nil, nil, Config{DenomAllowListMaxSize: 100})
 	m := NewMigrator(keeper)
 	m.SetMetadata(&metadata)
 	require.Equal(t, sdk.DefaultBondDenom, metadata.Display)

x/tokenfactory/keeper/msg_server.go

@@ -35,6 +35,10 @@ func (server msgServer) CreateDenom(goCtx context.Context, msg *types.MsgCreateD
 	)
 
 	if msg.AllowList != nil {
+		err = server.validateAllowListSize(*msg.AllowList)
+		if err != nil {
+			return nil, err
+		}
 		server.bankKeeper.SetDenomAllowList(ctx, denom, *msg.AllowList)
 		createDenomEvent = createDenomEvent.AppendAttributes(
 			sdk.NewAttribute(types.AttributeAllowList, strings.Join(msg.AllowList.Addresses, ",")),
@@ -53,11 +57,20 @@ func (server msgServer) CreateDenom(goCtx context.Context, msg *types.MsgCreateD
 func (server msgServer) UpdateDenom(goCtx context.Context, msg *types.MsgUpdateDenom) (*types.MsgUpdateDenomResponse, error) {
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
-	denom, err := server.Keeper.validateUpdateDenom(ctx, msg.Sender, msg.GetSubdenom())
+	denom, err := server.Keeper.validateUpdateDenom(ctx, msg)
 	if err != nil {
 		return nil, err
 	}
 
+	authorityMetadata, err := server.Keeper.GetAuthorityMetadata(ctx, denom)
+	if err != nil {
+		return nil, err
+	}
+
+	if msg.Sender != authorityMetadata.GetAdmin() {
+		return nil, types.ErrUnauthorized
+	}
+
 	updateDenomEvent := sdk.NewEvent(
 		types.TypeMsgUpdateDenom,
 		sdk.NewAttribute(types.AttributeCreator, msg.Sender),

x/tokenfactory/types/errors.go

@@ -29,4 +29,5 @@ var (
 	ErrEncodingDenomAuthorityMetadata = sdkerrors.Register(ModuleName, 18, "Error encoding denom authority metadata as JSON")
 	ErrEncodingDenomsFromCreator      = sdkerrors.Register(ModuleName, 19, "Error encoding denoms from creator as JSON")
 	ErrUnknownSeiTokenFactoryQuery    = sdkerrors.Register(ModuleName, 23, "Error unknown sei token factory query")
+	ErrAllowListTooLarge              = sdkerrors.Register(ModuleName, 24, "allowlist too large")
 )