fix: nft transfer packet spec

[beer-1]

Description

• Follow NFT packet spec to follow camel case json encoding
• bump forwarding module to latest

--

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

• included the correct type prefix in the PR title, you can find examples of the prefixes below:
• confirmed ! in the type prefix if API or client breaking change
• targeted the correct branch
• provided a link to the relevant issue or specification
• reviewed "Files changed" and left comments if necessary
• included the necessary unit and integration tests
• updated the relevant documentation or specification, including comments for documenting Go code
• confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

• confirmed the correct type prefix in the PR title
• confirmed all author checklist items have been addressed
• reviewed state machine logic, API design and naming, documentation is accurate, tests and test coverage

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request introduces a series of modifications across multiple files in the codebase, primarily focusing on package import restructuring, function signature updates, and minor logic adjustments. The changes span various modules including IBC hooks, NFT transfer, evidence, and Move-related components. Key modifications include simplifying function calls, updating import paths for the forwarding package, and enhancing error handling in certain methods.

Changes

File	Change Summary
app/ante/sigverify/sigverify.go	Updated function name from consumeMultisignatureVerificationGas to consumeMultiSignatureVerificationGas, added handling for *forwardingtypes.ForwardingPubKey
app/keepers/keepers.go, app/keepers/keys.go, app/modules.go	Updated import paths for forwarding package from v2/x/forwarding to v2
cmd/initiad/config.go	Added srvCfg.InterBlockCache = false
proto/ibc/applications/nft_transfer/v1/packet.proto	Removed NonFungibleTokenPacketDataWasm message
x/evidence/keeper/grpc_query.go, x/intertx/ibc_module.go, x/intertx/types/msgs.go	Updated protobuf import from gogo/protobuf to cosmos/gogoproto
x/ibc-hooks/move-hooks/*	Simplified packet handling methods, removed source/destination port arguments
x/ibc/nft-transfer/*	Significant changes to packet data handling, removed counterpartyPort parameter, added JSON marshaling helpers
x/move/keeper/msg_server.go	Updated telemetry measurement label
x/move/keeper/vm_query.go	Enhanced error handling with panic recovery
x/move/types/errors.go	Added new error variable ErrVMQueryFailed

Poem

🐰 Hop, hop, through the code we go,
Refactoring paths with a rabbit's flow
Imports dance, functions realign
Simplicity blooms on every line
A codebase transformed, clean and bright! 🌟

Suggested Reviewers

• sh-cha

Possibly Related PRs

• feat: add vesting vote #234: The main PR introduces changes related to signature verification and gas consumption, while this PR enhances governance functionality by integrating a new vesting keeper, which may interact with the same signature verification logic.
• fix: audit fix #245: This PR includes modifications to the NFT module, which may relate to the handling of public keys and signatures in the context of gas consumption and verification.
• proto formatting #267: The formatting changes in proto files may indirectly relate to the main PR's changes in handling signatures and public keys, as both involve structural changes in the codebase.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bd37671 and 56aa39e.

📒 Files selected for processing (1)

• x/intertx/types/msgs.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• x/intertx/types/msgs.go

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Run test and upload codecov

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

go.mod

Package	Version	License	Issue Type
github.com/noble-assets/forwarding/v2	2.0.0	Null	Unknown License

Denied Licenses: GPL-1.0-or-later, LGPL-2.0-or-later

OpenSSF Scorecard

Package	Version	Score	Details
gomod/github.com/cosmos/iavl	1.2.4	🟢 6.7	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 22 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 5 5 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
gomod/github.com/noble-assets/forwarding/v2	2.0.0	Unknown	Unknown

Scanned Files

• go.mod

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

x/ibc/nft-transfer/types/packet.go (2)

79-92: Consider adding error handling for JSON marshaling.

While the implementation correctly handles token URIs and data reshaping, the use of mustProtoMarshalJSON could panic on marshaling errors.

Consider using regular marshaling with error handling:

-return sdk.MustSortJSON(mustProtoMarshalJSON(&nftpd))
+bz, err := protoMarshalJSON(&nftpd)
+if err != nil {
+    return nil
+}
+return sdk.MustSortJSON(bz)

---

115-122: Consider adding validation in DecodePacketData.

While the decoding is correct, consider validating the decoded data using ValidateBasic.

 func DecodePacketData(packetData []byte) (NonFungibleTokenPacketData, error) {
     var data NonFungibleTokenPacketData
     if err := unmarshalProtoJSON(packetData, &data); err != nil {
         return NonFungibleTokenPacketData{}, sdkerrors.ErrInvalidRequest.Wrap(err.Error())
     }
+    if err := data.ValidateBasic(); err != nil {
+        return NonFungibleTokenPacketData{}, err
+    }
     return data, nil
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 10ff76b and e86ea8d.

⛔ Files ignored due to path filters (6)

• client/docs/swagger-ui/swagger.yaml is excluded by !**/*.yaml
• go.mod is excluded by !**/*.mod
• go.sum is excluded by !**/*.sum, !**/*.sum
• x/ibc/nft-transfer/types/packet.pb.go is excluded by !**/*.pb.go, !**/*.pb.go
• x/ibc/nft-transfer/types/query.pb.go is excluded by !**/*.pb.go, !**/*.pb.go
• x/ibc/nft-transfer/types/query.pb.gw.go is excluded by !**/*.pb.gw.go, !**/*.pb.gw.go

📒 Files selected for processing (24)

• app/ante/sigverify/sigverify.go (2 hunks)
• app/keepers/keepers.go (2 hunks)
• app/keepers/keys.go (1 hunks)
• app/modules.go (1 hunks)
• cmd/initiad/config.go (1 hunks)
• proto/ibc/applications/nft_transfer/v1/packet.proto (0 hunks)
• proto/ibc/applications/nft_transfer/v1/query.proto (1 hunks)
• x/evidence/keeper/grpc_query.go (1 hunks)
• x/ibc-hooks/move-hooks/hooks.go (3 hunks)
• x/ibc-hooks/move-hooks/message.go (2 hunks)
• x/ibc-hooks/move-hooks/receive.go (1 hunks)
• x/ibc-hooks/move-hooks/receive_test.go (0 hunks)
• x/ibc-hooks/move-hooks/util.go (1 hunks)
• x/ibc-hooks/move-hooks/util_test.go (1 hunks)
• x/ibc/nft-transfer/ibc_module.go (1 hunks)
• x/ibc/nft-transfer/keeper/relay.go (1 hunks)
• x/ibc/nft-transfer/types/codec.go (2 hunks)
• x/ibc/nft-transfer/types/packet.go (1 hunks)
• x/ibc/nft-transfer/types/packet_test.go (2 hunks)
• x/intertx/ibc_module.go (1 hunks)
• x/intertx/types/msgs.go (1 hunks)
• x/move/keeper/msg_server.go (1 hunks)
• x/move/keeper/vm_query.go (1 hunks)
• x/move/types/errors.go (1 hunks)

💤 Files with no reviewable changes (2)

• proto/ibc/applications/nft_transfer/v1/packet.proto
• x/ibc-hooks/move-hooks/receive_test.go

✅ Files skipped from review due to trivial changes (4)

• app/keepers/keys.go
• x/move/keeper/msg_server.go
• x/evidence/keeper/grpc_query.go
• x/intertx/types/msgs.go

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Run test and upload codecov
• GitHub Check: Analyze (go)

🔇 Additional comments (26)

x/move/keeper/vm_query.go (1)

14-14: LGTM! Good use of named return values.

The updated method signature with named return values improves code readability and self-documentation.

x/move/types/errors.go (1)

53-55: LGTM! Well-defined error registration.

The new error variable is well-documented, follows the error code sequence, and has a clear error message.

x/ibc/nft-transfer/types/codec.go (4)

33-36: LGTM! Good practice using package-level variables for codec and registry.

The initialization of anyResolver and protoCodec as package-level variables promotes reusability and follows the singleton pattern for these expensive-to-create objects.

---

57-72: LGTM! Well-structured JSON marshaling with proper interface handling.

The implementation correctly:

1. Uses jsonpb.Marshaler with OrigName: false for camel case output
2. Handles interface unpacking before marshaling
3. Uses a buffer for efficient string building

---

74-77: LGTM! Simple and effective JSON unmarshaling.

The function leverages the protoCodec for JSON unmarshaling, which is the recommended approach.

---

38-55: Consider handling panic recovery in production code.

While panicking in case of marshaling errors might be acceptable during development, consider implementing proper error handling for production use.

-func mustProtoMarshalJSON(msg proto.Message) []byte {
+func mustProtoMarshalJSON(msg proto.Message) ([]byte, error) {
 	bz, err := protoMarshalJSON(msg, anyResolver)
-	if err != nil {
-		panic(err)
-	}
-	return bz
+	return bz, err
}

x/ibc-hooks/move-hooks/hooks.go (1)

40-40: LGTM! Simplified packet type checking.

The removal of port parameters from isIcs721Packet calls streamlines the code while maintaining functionality. This change aligns with the PR objective of ensuring compliance with the NFT packet specification.

Also applies to: 52-52, 64-64

cmd/initiad/config.go (1)

46-46: Verify the performance impact of disabling inter-block cache.

Disabling the inter-block cache might affect performance. Please ensure this change is intentional and necessary.

x/ibc-hooks/move-hooks/message.go (1)

89-89: Verify the intention behind allowing maximum uint64 value.

The change from > to >= in the ID validation allows uint64.MaxValue to be valid. Please confirm if this is intentional and doesn't introduce any edge cases.

Also applies to: 98-98

✅ Verification successful

Validation change to disallow uint64.MaxValue is correct and improves safety

The change from > to >= makes the validation more restrictive by disallowing IDs equal to uint64.MaxValue. This is a proper security measure to prevent potential overflow issues when working with uint64 IDs.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for tests or documentation related to ID validation
rg -A 5 "uint64\(0\)" -g "*.{go,md}"

# Look for any existing uses of maximum uint64 value
ast-grep --pattern 'uint64($v)' 

Length of output: 48502

x/ibc/nft-transfer/types/packet_test.go (2)

69-69: LGTM! Simplified packet data decoding.

The removal of the port ID parameter aligns with the PR's objective of standardizing packet data encoding.

---

88-88: LGTM! Consistent packet data handling.

The simplified GetBytes call maintains consistency with other changes in the codebase.

x/ibc/nft-transfer/types/packet.go (2)

66-73: LGTM! Improved token ID validation.

The validation logic for token IDs is well-structured and handles both empty IDs and duplicates correctly.

---

95-112: LGTM! Well-structured helper function.

The requireShape helper function is well-implemented with clear logic for determining when to set token URIs/data to nil.

x/ibc-hooks/move-hooks/receive.go (1)

105-105: LGTM! Consistent packet data handling.

The simplified GetBytes call aligns with the standardized packet data handling approach.

x/intertx/ibc_module.go (1)

4-4: LGTM! Updated to maintained protobuf library.

The change from github.com/gogo/protobuf/proto to github.com/cosmos/gogoproto/proto is a good practice as it uses a more actively maintained fork.

x/ibc/nft-transfer/ibc_module.go (1)

182-182: Verify backward compatibility of packet data decoding changes.

The removal of sourcePort parameter from DecodePacketData simplifies the packet handling, which aligns with NFT packet specification. However, we should ensure this change maintains compatibility with existing IBC connections.

Run the following script to check for any existing IBC connections that might be affected:

✅ Verification successful

✓ Packet data decoding change is safe and specification-compliant

The removal of sourcePort parameter from DecodePacketData is verified to be backward compatible:

• The change aligns with ICS-721 NFT transfer specification
• Version compatibility is enforced at channel level with strict checks
• Existing tests already use the simplified signature

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for active IBC connections and their packet data format

# Search for IBC connection configurations
rg -A 5 'IBC.*Connection'

# Search for packet data decoding patterns
ast-grep --pattern 'DecodePacketData($$$)'

Length of output: 2188

---

Script:

#!/bin/bash
# Check packet data structure and version handling

# Search for packet data structure definition
ast-grep --pattern 'type PacketData struct {
  $$$
}'

# Look for version-related code in packet handling
rg -A 5 'Version|version' x/ibc/nft-transfer/

# Check for packet validation logic
ast-grep --pattern 'func $_(PacketData $$$) {
  $$$
}'

Length of output: 14578

x/ibc/nft-transfer/keeper/relay.go (1)

222-222: Consistent packet data serialization change.

The removal of destinationPort from GetBytes call aligns with the packet decoding changes, ensuring consistent packet data handling throughout the IBC transfer path.

app/modules.go (1)

86-87: LGTM! Import path simplification.

The forwarding package import paths have been simplified, improving code organization without affecting functionality.

app/ante/sigverify/sigverify.go (2)

174-174: Function name follows camelCase convention.

The rename from Multisignature to MultiSignature improves naming consistency.

---

180-182: Verify gas consumption for forwarding public keys.

The new case for ForwardingPubKey returns nil without consuming gas. Ensure this is the intended behavior for forwarded transactions.

Run the following script to check for similar gas consumption patterns:

✅ Verification successful

Verified: No gas consumption for forwarding public keys is intentional

The current implementation follows the codebase's pattern where each public key type either consumes gas or explicitly skips it. The ForwardingPubKey case returns nil without gas consumption, which is likely by design as the actual signature verification (and associated gas costs) would be handled within the forwarding module itself.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check gas consumption patterns for different public key types

# Search for gas consumption patterns in signature verification
ast-grep --pattern 'meter.ConsumeGas($$$)'

Length of output: 44

---

Script:

#!/bin/bash
# First, verify the file exists and check its content
echo "=== Checking file content ==="
cat app/ante/sigverify/sigverify.go

echo -e "\n=== Searching for gas-related patterns ==="
rg -i "gas" app/ante/sigverify/sigverify.go

echo -e "\n=== Looking for other public key type handlers ==="
rg "case \*" app/ante/sigverify/sigverify.go

Length of output: 8478

app/keepers/keepers.go (2)

107-109: LGTM! Import paths have been simplified.

The import paths for the forwarding package have been simplified, making the code more maintainable.

---

644-645: LGTM! Request type has been corrected.

The request type for GetAllCurrencyPairs query has been correctly updated to use GetAllCurrencyPairsRequest instead of GetAllCurrencyPairsResponse.

proto/ibc/applications/nft_transfer/v1/query.proto (2)

26-26: LGTM! HTTP path has been improved.

The HTTP GET path has been enhanced with:

1. Corrected spelling from "class_hashs" to "class_hashes"
2. Added wildcard parameter {trace=**} for more flexible matching

---

31-31: LGTM! HTTP path has been enhanced.

The HTTP GET path has been improved by adding a wildcard parameter {channel_id=**} for more flexible channel ID matching.

x/ibc-hooks/move-hooks/util_test.go (1)

37-37: LGTM! Test cases updated to match simplified function signature.

The test cases have been correctly updated to call isIcs721Packet without the counterpartyPort parameter, aligning with the function signature changes.

Also applies to: 43-43

x/ibc-hooks/move-hooks/util.go (1)

41-45: LGTM! Function signature has been simplified.

The isIcs721Packet function has been improved by:

1. Removing unnecessary counterpartyPort parameter
2. Streamlining the return statements for better readability

[ALPAC-4]

LGTM

[codecov]

Codecov Report

Attention: Patch coverage is 62.82051% with 29 lines in your changes missing coverage. Please review.

Project coverage is 41.14%. Comparing base (10ff76b) to head (56aa39e).
Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
x/ibc/nft-transfer/types/packet.go	51.51%	9 Missing and 7 partials ⚠️
x/ibc/nft-transfer/types/codec.go	55.55%	5 Missing and 3 partials ⚠️
app/ante/sigverify/sigverify.go	0.00%	3 Missing ⚠️
x/move/keeper/vm_query.go	81.81%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #339      +/-   ##
==========================================
- Coverage   41.22%   41.14%   -0.08%     
==========================================
  Files         269      269              
  Lines       25734    25737       +3     
==========================================
- Hits        10608    10589      -19     
- Misses      13488    13504      +16     
- Partials     1638     1644       +6     

Files with missing lines	Coverage Δ
app/keepers/keepers.go	98.47% <100.00%> (ø)
app/keepers/keys.go	87.87% <ø> (ø)
app/modules.go	100.00% <ø> (ø)
x/evidence/keeper/grpc_query.go	5.12% <ø> (ø)
x/ibc-hooks/move-hooks/hooks.go	83.78% <100.00%> (ø)
x/ibc-hooks/move-hooks/message.go	91.17% <100.00%> (ø)
x/ibc-hooks/move-hooks/receive.go	57.14% <100.00%> (ø)
x/ibc-hooks/move-hooks/util.go	84.72% <100.00%> (ø)
x/ibc/nft-transfer/ibc_module.go	27.95% <100.00%> (ø)
x/ibc/nft-transfer/keeper/relay.go	61.79% <100.00%> (ø)
... and 7 more

... and 1 file with indirect coverage changes