Fix issue with InitiateTransfer and UnpaidExecution #7423
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
franciscoaguirre
added
the
A4-needs-backport
|
/cmd prdoc --audience runtime_dev --bump patch |
|
/cmd fmt |
acatangiu
reviewed
Feb 3, 2025
…e unpaid execution
|
/cmd fmt |
raymondkfcheung
approved these changes
Feb 13, 2025
acatangiu
reviewed
Feb 14, 2025
There was a problem hiding this comment.
The executor implementation looks good, just some code factoring comments.
The barrier isn't correct/complete:
- needs to verify against altered origin and not physical origin (unless it relies on other barriers to alter the physical origin to the computed one)
- needs to allow multiple asset transfer instructions before origin alter and unpaid exec instructions
Please also add regression tests for above scenarios ^ before fixing them
Co-authored-by: Adrian Catangiu <[email protected]>
Co-authored-by: Adrian Catangiu <[email protected]>
Co-authored-by: Adrian Catangiu <[email protected]>
Co-authored-by: Adrian Catangiu <[email protected]>
|
/cmd fmt |
acatangiu
reviewed
Feb 18, 2025
acatangiu
approved these changes
Feb 18, 2025
github-merge-queue bot
pushed a commit
that referenced
this pull request
Feb 18, 2025
Fix issue where setting the `remote_fees` field of `InitiateTransfer` to `None` could lead to unintended bypassing of fees in certain conditions. Changes made to fix this: - `remote_fees: None` now results in the `UnpaidExecution` instruction being appended *after* the origin altering instruction, be it `AliasOrigin` or `ClearOrigin`. This means `preserve_origin: true` must be set if you want to have any chance of not paying for fees. - The `AliasOrigin` instruction is not appended if the executor is called with the root location (`Here`) since it would alias to itself. Although this self-aliasing could be done, it needs the ecosystem to add a new aliasing instruction, so we just skip it. - Tweaked the `AllowExplicitUnpaidExecutionFrom` barrier to allow receiving assets (via teleport or reserve asset transfer) and altering the origin before actually using `UnpaidExecution`. This is to allow unpaid teleports to work with `InitiateTransfer`. - For this, the barrier now executes origin altering instructions and keeps track of the modified origin. It then checks if this final origin has enough permissions to not pay for fees. In order to follow the `AliasOrigin` instruction it now takes a new generic `Aliasers` that should be set to the XCM config item of the same name. This new generic has a default value of `()`, effectively disallowing the use of `AliasOrigin`. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Adrian Catangiu <[email protected]>
franciscoaguirre
removed this pull request from the merge queue due to a manual request
|
All GitHub workflows were cancelled due to failure one of the required jobs. |
|
/cmd fmt |
acatangiu
approved these changes
Feb 18, 2025
|
Created backport PR for
Please cherry-pick the changes locally and resolve any conflicts. git fetch origin backport-7423-to-stable2407
git worktree add --checkout .worktree/backport-7423-to-stable2407 backport-7423-to-stable2407
cd .worktree/backport-7423-to-stable2407
git reset --hard HEAD^
git cherry-pick -x c4b41457ccc7a4a81e8b188dfbc14957cdfc002b
git push --force-with-lease |
|
Created backport PR for
Please cherry-pick the changes locally and resolve any conflicts. git fetch origin backport-7423-to-stable2409
git worktree add --checkout .worktree/backport-7423-to-stable2409 backport-7423-to-stable2409
cd .worktree/backport-7423-to-stable2409
git reset --hard HEAD^
git cherry-pick -x c4b41457ccc7a4a81e8b188dfbc14957cdfc002b
git push --force-with-lease |
github-actions bot
pushed a commit
that referenced
this pull request
Feb 18, 2025
Fix issue where setting the `remote_fees` field of `InitiateTransfer` to `None` could lead to unintended bypassing of fees in certain conditions. Changes made to fix this: - `remote_fees: None` now results in the `UnpaidExecution` instruction being appended *after* the origin altering instruction, be it `AliasOrigin` or `ClearOrigin`. This means `preserve_origin: true` must be set if you want to have any chance of not paying for fees. - The `AliasOrigin` instruction is not appended if the executor is called with the root location (`Here`) since it would alias to itself. Although this self-aliasing could be done, it needs the ecosystem to add a new aliasing instruction, so we just skip it. - Tweaked the `AllowExplicitUnpaidExecutionFrom` barrier to allow receiving assets (via teleport or reserve asset transfer) and altering the origin before actually using `UnpaidExecution`. This is to allow unpaid teleports to work with `InitiateTransfer`. - For this, the barrier now executes origin altering instructions and keeps track of the modified origin. It then checks if this final origin has enough permissions to not pay for fees. In order to follow the `AliasOrigin` instruction it now takes a new generic `Aliasers` that should be set to the XCM config item of the same name. This new generic has a default value of `()`, effectively disallowing the use of `AliasOrigin`. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Adrian Catangiu <[email protected]> (cherry picked from commit c4b4145)
|
Successfully created backport PR for |
EgorPopelyaev
pushed a commit
that referenced
this pull request
Feb 18, 2025
Backport #7423 into `stable2412` from franciscoaguirre. See the [documentation](https://github.com/paritytech/polkadot-sdk/blob/master/docs/BACKPORT.md) on how to use this bot. <!-- # To be used by other automation, do not modify: original-pr-number: #${pull_number} --> --------- Co-authored-by: Francisco Aguirre <[email protected]>
clangenb
pushed a commit
to clangenb/polkadot-sdk
that referenced
this pull request
Feb 19, 2025
Fix issue where setting the `remote_fees` field of `InitiateTransfer` to `None` could lead to unintended bypassing of fees in certain conditions. Changes made to fix this: - `remote_fees: None` now results in the `UnpaidExecution` instruction being appended *after* the origin altering instruction, be it `AliasOrigin` or `ClearOrigin`. This means `preserve_origin: true` must be set if you want to have any chance of not paying for fees. - The `AliasOrigin` instruction is not appended if the executor is called with the root location (`Here`) since it would alias to itself. Although this self-aliasing could be done, it needs the ecosystem to add a new aliasing instruction, so we just skip it. - Tweaked the `AllowExplicitUnpaidExecutionFrom` barrier to allow receiving assets (via teleport or reserve asset transfer) and altering the origin before actually using `UnpaidExecution`. This is to allow unpaid teleports to work with `InitiateTransfer`. - For this, the barrier now executes origin altering instructions and keeps track of the modified origin. It then checks if this final origin has enough permissions to not pay for fees. In order to follow the `AliasOrigin` instruction it now takes a new generic `Aliasers` that should be set to the XCM config item of the same name. This new generic has a default value of `()`, effectively disallowing the use of `AliasOrigin`. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Adrian Catangiu <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix issue where setting the
remote_feesfield ofInitiateTransfertoNonecould lead to unintended bypassing of fees in certain conditions.Changes made to fix this:
remote_fees: Nonenow results in theUnpaidExecutioninstruction being appended after the origin altering instruction, be itAliasOriginorClearOrigin. This meanspreserve_origin: truemust be set if you want to have any chance of not paying for fees.AliasOrigininstruction is not appended if the executor is called with the root location (Here) since it would alias to itself. Although this self-aliasing could be done, it needs the ecosystem to add a new aliasing instruction, so we just skip it.AllowExplicitUnpaidExecutionFrombarrier to allow receiving assets (via teleport or reserve asset transfer) and altering the origin before actually usingUnpaidExecution. This is to allow unpaid teleports to work withInitiateTransfer.AliasOrigininstruction it now takes a new genericAliasersthat should be set to the XCM config item of the same name. This new generic has a default value of(), effectively disallowing the use ofAliasOrigin.