fix: check for duplicates in observer set #2672

kingpinXD · 2024-08-09T14:57:19Z

Description

The pr adds a check for duplicates in the observer.Validate() function.
The validate function is called before setting the observer set during an update and add .
The validate is not needed to call on removal, as removing a value from a valid set cannot make it invalid .
Closes https://github.com/zeta-chain/security/issues/85
zetacore : check for duplicate addresses when adding or updating the observer set #2670
zetacore : fix events for add observer #2671

How Has This Been Tested?

Summary by CodeRabbit

New Features
- Enhanced validation for the authorization process, improving security against unauthorized access.
- Added checks to prevent duplicate entries in the observer set, ensuring data integrity.
- Introduced new error types for improved error handling in observer management.
Bug Fixes
- Improved error handling in observer addition and updating functions to provide clearer feedback on failures.
Tests
- Expanded test coverage, including new cases for validating edge scenarios related to observer management.
Documentation
- Updated changelog to reflect recent changes and improvements in functionality.

coderabbitai · 2024-08-09T14:57:29Z

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

This update introduces significant enhancements to the Zeta Chain project's observer management and authorization processes. Key improvements include robust error handling for adding and updating observers, validation checks for duplicate entries, and the introduction of new error types. These changes aim to enhance the reliability and integrity of the system, ensuring that observer management and authorization processes operate without inconsistencies or unauthorized actions.

Changes

File(s)	Change Summary
changelog.md	Summarizes two major updates: validation for the authorization list and duplicate checks in the observer set.
x/observer/keeper/msg_server_*.go	Enhanced error handling in `AddObserver` and `UpdateObserverAddress`, returning errors for invalid operations.
x/observer/keeper/msg_server_*.test.go	Added tests for duplicate observer handling and edge cases in observer management functions.
x/observer/keeper/observer_set.go	Updated methods to return errors, improving validation and error handling in observer management.
x/observer/keeper/observer_set_test.go	Enhanced test coverage with structured tests and new scenarios for validating observers.
x/observer/types/errors.go	Introduced new error types: `ErrDuplicateObserver` and `ErrObserverNotFound`, improving error clarity.
x/observer/types/observer_set.go	Improved the `Validate` method to include checks for address validity and uniqueness.
x/observer/types/observer_set_test.go	Renamed and restructured tests for the `Validate` function to ensure comprehensive coverage of validation logic.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant MsgServer
    participant ObserverKeeper

    User->>MsgServer: AddObserver()
    MsgServer->>ObserverKeeper: AddObserverToSet()
    ObserverKeeper-->>MsgServer: Return Error (if any)
    MsgServer-->>User: Return response (success/error)

sequenceDiagram
    participant User
    participant MsgServer
    participant ObserverKeeper

    User->>MsgServer: UpdateObserver()
    MsgServer->>ObserverKeeper: UpdateObserverAddress()
    ObserverKeeper-->>MsgServer: Return Error (if any)
    MsgServer-->>User: Return response (success/error)

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>.
- Generate unit testing code for this file.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai generate unit testing code for this file.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai generate interesting stats about this repository and render them as a table.
- @coderabbitai show all the console.log statements in this repository.
- @coderabbitai read src/utils.ts and generate unit testing code.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

codecov · 2024-08-09T15:05:38Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 71.25%. Comparing base (a4c1b18) to head (d2f2074).
Report is 1 commits behind head on develop.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #2672   +/-   ##
========================================
  Coverage    71.25%   71.25%           
========================================
  Files          351      351           
  Lines        18982    18993   +11     
========================================
+ Hits         13525    13534    +9     
- Misses        4853     4856    +3     
+ Partials       604      603    -1

Files	Coverage Δ
x/observer/keeper/msg_server_add_observer.go	`93.93% <100.00%> (ø)`
x/observer/keeper/observer_set.go	`100.00% <100.00%> (ø)`
x/observer/types/observer_set.go	`81.81% <100.00%> (-18.19%)`	⬇️

... and 1 file with indirect coverage changes

…server-set' into trailofbits-4-duplicate-check-observer-set # Conflicts: # changelog.md

github-actions · 2024-08-09T16:38:46Z

!!!WARNING!!!
nosec detected in the following files: x/observer/keeper/msg_server_update_observer_test.go

Be very careful about using #nosec in code. It can be a quick way to suppress security warnings and move forward with development, it should be employed with caution. Suppressing warnings with #nosec can hide potentially serious vulnerabilities. Only use #nosec when you're absolutely certain that the security issue is either a false positive or has been mitigated in another way.

Only suppress a single rule (or a specific set of rules) within a section of code, while continuing to scan for other problems. To do this, you can list the rule(s) to be suppressed within the #nosec annotation, e.g: /* #nosec G401 */ or //#nosec G201 G202 G203
Broad #nosec annotations should be avoided, as they can hide other vulnerabilities. The CI will block you from merging this PR until you remove #nosec annotations that do not target specific rules.

Pay extra attention to the way #nosec is being used in the files listed above.

…server-set' into trailofbits-4-duplicate-check-observer-set # Conflicts: # x/observer/keeper/observer_set_test.go

kingpinXD · 2024-08-09T18:24:55Z

The observer set is also set during genesis , but I think we can assume the genesis state to be valid , as Validate should already have been run on the genesisState

coderabbitai

Actionable comments posted: 5

Outside diff range, codebase verification and nitpick comments (2)

x/observer/types/observer_set.go (1)
18-20: Clarify the validation comment.

The comment block could be more descriptive by explaining the implications of invalid or duplicate observer addresses.
- // Validate observer set verifies that the observer set is valid
- // - All observer addresses are valid
- // - No duplicate observer addresses
+ // Validate ensures the observer set contains only valid and unique addresses.
+ // - Verifies each observer address is in a valid Bech32 format.
+ // - Ensures no duplicate addresses exist in the observer set.
x/observer/types/observer_set_test.go (1)
13-38: Enhance test case descriptions.

The test case names are clear, but consider adding comments to explain the purpose of each case for future maintainers.
+ // Test cases for ObserverSet validation
+ // Ensures proper error handling for duplicates, invalid addresses, and valid scenarios.

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between f78ff55 and 8f4068d.

Files selected for processing (9)

changelog.md (1 hunks)
x/observer/keeper/msg_server_add_observer.go (1 hunks)
x/observer/keeper/msg_server_add_observer_test.go (1 hunks)
x/observer/keeper/msg_server_update_observer_test.go (1 hunks)
x/observer/keeper/observer_set.go (3 hunks)
x/observer/keeper/observer_set_test.go (5 hunks)
x/observer/types/errors.go (1 hunks)
x/observer/types/observer_set.go (2 hunks)
x/observer/types/observer_set_test.go (1 hunks)

Additional context used

Path-based instructions (8)

x/observer/types/observer_set.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/types/observer_set_test.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/keeper/msg_server_add_observer.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/types/errors.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/keeper/observer_set.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/keeper/msg_server_add_observer_test.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/keeper/observer_set_test.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

x/observer/keeper/msg_server_update_observer_test.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

Additional comments not posted (11)

x/observer/types/observer_set_test.go (1)
23-25: Ensure error message consistency.

Check that the error message returned in the code matches the expected error in the test case for consistency.

Verification successful

Error Message Consistency Verified

The error message for ErrDuplicateObserver is consistently defined as "observer already exists" and is correctly used across the codebase. The test cases appropriately check for this error type, ensuring consistency. No changes are needed.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify consistency of error messages for duplicate observer errors.

# Test: Search for the error message definition and usage. Expect: Consistent error messages.
rg --type go --word-regexp "ErrDuplicateObserver"
Length of output: 797
x/observer/types/errors.go (1)

52-53: LGTM! Enhanced error handling.

The introduction of ErrDuplicateObserver and ErrObserverNotFound improves clarity and specificity in error reporting.

x/observer/keeper/msg_server_add_observer_test.go (1)

55-83: LGTM! Enhanced test coverage.

The addition of the test case for duplicate observers effectively ensures that the system handles duplicates correctly. Consider adding more edge cases if applicable.

x/observer/keeper/observer_set_test.go (5)

Line range hint 39-70: Structured comments and error handling enhance test readability and robustness.

The addition of "ARRANGE", "ACT", and "ASSERT" comments improves the readability of the test. The error handling ensures that the addition of observers is correctly validated.

58-70: Test case ensures proper handling of empty observer set.

This test case verifies that an observer can be added when the observer set does not exist, ensuring robustness in the initialization process.

72-87: New test case effectively validates duplicate observer prevention.

The test case ensures that the system correctly handles attempts to add duplicate observers, enhancing the validation logic.

121-147: Enhanced error handling in observer address update tests.

The new test cases improve error handling by checking for specific errors, such as types.ErrObserverSetNotFound and types.ErrDuplicateObserver, ensuring robust validation.

156-156: Comprehensive test coverage for observer management.

The test cases provide thorough coverage for various scenarios, ensuring that observer management functions correctly under different conditions.

x/observer/keeper/msg_server_update_observer_test.go (2)

76-129: New test case ensures prevention of duplicate addresses in tombstoned observer updates.

The test case effectively checks for types.ErrDuplicateObserver when updating a tombstoned observer with a duplicate address, enhancing system integrity.

130-130: Comprehensive test coverage for observer update scenarios.

The test cases ensure that the observer update functionality handles various error scenarios gracefully, providing robust validation.

changelog.md (1)

19-19: Changelog accurately reflects new validation features.

The updates to the changelog provide clear documentation of the new validation features for the observer set and authorization list, enhancing transparency.