Skip to content

feat(sequencer)!: add ibc_sudo_address to genesis, only allow IbcRelay actions from this address#721

Merged
noot merged 2 commits into
mainfrom
noot/ibc-permissioning
Feb 7, 2024
Merged

feat(sequencer)!: add ibc_sudo_address to genesis, only allow IbcRelay actions from this address#721
noot merged 2 commits into
mainfrom
noot/ibc-permissioning

Conversation

@noot

@noot noot commented Feb 1, 2024

Copy link
Copy Markdown
Contributor

Summary

as title says, make modifying IBC clients/connections/channels permissioned. this allows only a specific key (should be the key used by hermes) to send IbcRelay actions.

Background

we probably don't want IBC channels being arbitrarily opened at this time.

Changes

  • add ibc_sudo_address to genesis
  • store this in state
  • only allow IbcRelay actions from this address

Testing

unit tests

Breaking Changelist

  • updates state by adding ibc_sudo_address

Related Issues

Link any issues that are related, prefer full github links.

closes #720

@github-actions github-actions Bot added the sequencer pertaining to the astria-sequencer crate label Feb 1, 2024
joroshiba
joroshiba approved these changes Feb 2, 2024
View reviewed changes

@joroshiba joroshiba left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not seeing the change in state from sudo_key to sudo_address? Is that implemented somehwere, otherwise LGTM

@noot noot changed the title feat(sequencer): add ibc_sudo_address to genesis, only allow IbcRelay actions from this address feat(sequencer)!: add ibc_sudo_address to genesis, only allow IbcRelay actions from this address Feb 6, 2024
@noot

noot commented Feb 7, 2024

Copy link
Copy Markdown
Contributor Author

@joroshiba the state key doesn't need to be changed, it's unrelated to the name of the field in genesis, so this is fine!

@noot noot merged commit 9a82710 into main Feb 7, 2024
@noot noot deleted the noot/ibc-permissioning branch February 7, 2024 14:42
@SuperFluffy SuperFluffy mentioned this pull request Feb 8, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joroshiba joroshiba joroshiba approved these changes

@SuperFluffy SuperFluffy Awaiting requested review from SuperFluffy

Assignees

No one assigned

Labels

sequencer pertaining to the astria-sequencer crate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

sequencer: permissioning for opening IBC channels

2 participants

@noot @joroshiba