XCM: Deny barrier checks for nested XCMs with specific instructions to be... (79233b3d) · Commits · parity / Mirrored projects / polkadot-sdk

Commit 79233b3d authored 1 month ago by

Branislav Kontur Committed by github-actions[bot] 1 month ago

XCM: Deny barrier checks for nested XCMs with specific instructions to be...

XCM: Deny barrier checks for nested XCMs with specific instructions to be executed on the local chain (#7200)

Resolves (partially):
https://github.com/paritytech/polkadot-sdk/issues/7148
Depends on: https://github.com/paritytech/polkadot-sdk/pull/7169

# Description

This PR addresses partially #7148 (Problem 2) and ensures the proper
checking of nested local instructions. It introduces a new barrier -
`DenyRecursively` - to provide more refined control over instruction
denial. The main change is the replacement of `DenyThenTry<Deny, Allow>`
with `DenyThenTry<DenyRecursively<Deny>, Allow>` which handles both
top-level and nested local instructions by applying allow condition
after denial.

For context and additional information, please refer to [_Problem 2 -
Barrier vs nested XCM
validation_](https://github.com/paritytech/polkadot-sdk/issues/7148).

# TODO
- [x] Evaluate PoC, more details at #7351:
    - **DenyNestedXcmInstructions**: Keep it as it is and be explicit:
        1. Name the Deny barriers for the top level.
2. Name the Deny barrier for nested with `DenyInstructionsWithXcm`.
- **DenyThenTry<DenyInstructionsWithXcm<Deny>, Allow>**: Alternatively,
hard-code those three instructions in `DenyThenTry`, so we wouldn’t need
`DenyInstructionsWithXcm`. However, this approach wouldn’t be as
general.
- **DenyInstructionsWithXcmFor**: Another possibility is to check
`DenyInstructionsWithXcm::Inner` for the actual `message`, so we don’t
need duplication for top-level and nested (not sure, maybe be explicit
is good thing) - see _Problem2 - example_. Instead of this:
   ```
  DenyThenTry<
                (
                               // Deny for top level XCM program
                               DenyReserveTransferToRelayChain,
// Dedicated barrier for nested XCM programs
                               DenyInstructionsWithXcmFor<
// Repeat all Deny filters here
DenyReserveTransferToRelayChain,
                                >
                ),
   ```
  we could just use:
   ```
  DenyThenTry<
                (
                               // Dedicated barrier for XCM programs
                               DenyInstructionsWithXcmFor<
// Add all `Deny` filters here
DenyReserveTransferToRelayChain,
                                                ...
                                >
                ),
   ```
- [POC
Evaluation](https://github.com/paritytech/polkadot-sdk/pull/7200#discussion_r1939288792)
- [x] Consider better name `DenyInstructionsWithXcm` =>
`DenyRecursively`, more details at
[here](https://github.com/paritytech/polkadot-sdk/pull/7200#discussion_r1958588973)
- [x] Clean-up and docs
- [x] Merge https://github.com/paritytech/polkadot-sdk/pull/7169 or
rebase this branch on the top of `yrong:fix-for-deny-then-try`
- [x] Set for the runtimes where we use `DenyThenTry<Deny, Allow>` =>
`DenyThenTry<DenyRecursively<Deny>, Allow>`
- [ ] Schedule sec.audit

---------

Co-authored-by: Raymond Cheung <178801527+raymondkfcheung@users.noreply.github.com>
Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: ron <yrong1997@gmail.com>
Co-authored-by: Francisco Aguirre <franciscoaguirreperez@gmail.com>
Co-authored-by: Clara van Staden <claravanstaden64@gmail.com>
Co-authored-by: Adrian Catangiu <adrian@parity.io>
(cherry picked from commit bd7cf119)