fix: audit

app/ante/ante.go

@@ -128,6 +128,7 @@ func NewAnteHandler(options HandlerOptions) (sdk.AnteHandler, error) {
 
 func CreateAnteHandlerForOPinit(ak ante.AccountKeeper, signModeHandler *txsigning.HandlerMap) sdk.AnteHandler {
 	return sdk.ChainAnteDecorators(
+		ante.NewValidateBasicDecorator(),
 		ante.NewSetPubKeyDecorator(ak),
 		ante.NewValidateSigCountDecorator(ak),
 		ante.NewSigGasConsumeDecorator(ak, ante.DefaultSigVerificationGasConsumer),

proto/miniwasm/tokenfactory/v1/tx.proto

@@ -2,10 +2,10 @@ syntax = "proto3";
 package miniwasm.tokenfactory.v1;
 
 import "amino/amino.proto";
-import "cosmos_proto/cosmos.proto";
-import "cosmos/base/v1beta1/coin.proto";
 import "cosmos/bank/v1beta1/bank.proto";
+import "cosmos/base/v1beta1/coin.proto";
 import "cosmos/msg/v1/msg.proto";
+import "cosmos_proto/cosmos.proto";
 import "gogoproto/gogo.proto";
 import "miniwasm/tokenfactory/v1/params.proto";
 
@@ -30,17 +30,11 @@ service Msg {
 
   // SetDenomMetadata defines a gRPC service method for setting the metadata of
   // a denom.
-  rpc SetDenomMetadata(MsgSetDenomMetadata)
-      returns (MsgSetDenomMetadataResponse);
+  rpc SetDenomMetadata(MsgSetDenomMetadata) returns (MsgSetDenomMetadataResponse);
 
   // SetBeforeSendHook defines a gRPC service method for setting the before send
   // hook of a denom.
-  rpc SetBeforeSendHook(MsgSetBeforeSendHook)
-      returns (MsgSetBeforeSendHookResponse);
-
-  // ForceTransfer defines a gRPC service method for transferring a token from
-  // one account to another.
-  rpc ForceTransfer(MsgForceTransfer) returns (MsgForceTransferResponse);
+  rpc SetBeforeSendHook(MsgSetBeforeSendHook) returns (MsgSetBeforeSendHookResponse);
 
   // UpdateParams defines an operation for updating the x/tokenfactory module
   // parameters.
@@ -61,16 +55,15 @@ message MsgCreateDenom {
 
   option (amino.name) = "tokenfactory/MsgCreateDenom";
 
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+  string sender = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
   // subdenom can be up to 44 "alphanumeric" characters long.
-  string subdenom = 2 [ (gogoproto.moretags) = "yaml:\"subdenom\"" ];
+  string subdenom = 2 [(gogoproto.moretags) = "yaml:\"subdenom\""];
 }
 
 // MsgCreateDenomResponse is the return value of MsgCreateDenom
 // It returns the full string of the newly created denom
 message MsgCreateDenomResponse {
-  string new_token_denom = 1
-      [ (gogoproto.moretags) = "yaml:\"new_token_denom\"" ];
+  string new_token_denom = 1 [(gogoproto.moretags) = "yaml:\"new_token_denom\""];
 }
 
 // MsgMint is the sdk.Msg type for allowing an admin account to mint
@@ -81,7 +74,7 @@ message MsgMint {
   option (cosmos.msg.v1.signer) = "sender";
   option (amino.name) = "tokenfactory/MsgMint";
 
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+  string sender = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
   cosmos.base.v1beta1.Coin amount = 2 [
     (gogoproto.moretags) = "yaml:\"amount\"",
     (gogoproto.nullable) = false
@@ -104,15 +97,11 @@ message MsgBurn {
   option (cosmos.msg.v1.signer) = "sender";
   option (amino.name) = "tokenfactory/MsgBurn";
 
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+  string sender = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
   cosmos.base.v1beta1.Coin amount = 2 [
     (gogoproto.moretags) = "yaml:\"amount\"",
     (gogoproto.nullable) = false
   ];
-  string burn_from_address = 3 [
-    (gogoproto.moretags) = "yaml:\"burn_from_address\"",
-    (amino.dont_omitempty) = true
-  ];
 }
 
 // MsgBurnResponse defines the response structure for an executed
@@ -125,9 +114,9 @@ message MsgChangeAdmin {
   option (cosmos.msg.v1.signer) = "sender";
   option (amino.name) = "tokenfactory/MsgChangeAdmin";
 
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
-  string denom = 2 [ (gogoproto.moretags) = "yaml:\"denom\"" ];
-  string new_admin = 3 [ (gogoproto.moretags) = "yaml:\"new_admin\"" ];
+  string sender = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
+  string denom = 2 [(gogoproto.moretags) = "yaml:\"denom\""];
+  string new_admin = 3 [(gogoproto.moretags) = "yaml:\"new_admin\""];
 }
 
 // MsgChangeAdminResponse defines the response structure for an executed
@@ -140,8 +129,8 @@ message MsgSetBeforeSendHook {
   option (cosmos.msg.v1.signer) = "sender";
   option (amino.name) = "tokenfactory/MsgSetBeforeSendHook";
 
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
-  string denom = 2 [ (gogoproto.moretags) = "yaml:\"denom\"" ];
+  string sender = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
+  string denom = 2 [(gogoproto.moretags) = "yaml:\"denom\""];
   string cosmwasm_address = 3 [
     (gogoproto.moretags) = "yaml:\"cosmwasm_address\"",
     (amino.dont_omitempty) = true
@@ -158,7 +147,7 @@ message MsgSetDenomMetadata {
   option (cosmos.msg.v1.signer) = "sender";
   option (amino.name) = "tokenfactory/MsgSetDenomMetadata";
 
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+  string sender = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
   cosmos.bank.v1beta1.Metadata metadata = 2 [
     (gogoproto.moretags) = "yaml:\"metadata\"",
     (gogoproto.nullable) = false
@@ -169,40 +158,21 @@ message MsgSetDenomMetadata {
 // MsgSetDenomMetadata message.
 message MsgSetDenomMetadataResponse {}
 
-// MsgForceTransfer is the sdk.Msg type for allowing an admin account to
-// transfer a token from one account to another
-message MsgForceTransfer {
-  option (cosmos.msg.v1.signer) = "sender";
-  option (amino.name) = "tokenfactory/MsgForceTransfer";
-
-  string sender = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
-  cosmos.base.v1beta1.Coin amount = 2 [
-    (gogoproto.moretags) = "yaml:\"amount\"",
-    (gogoproto.nullable) = false
-  ];
-  string transfer_from_address = 3
-      [ (gogoproto.moretags) = "yaml:\"transfer_from_address\"" ];
-  string transfer_to_address = 4
-      [ (gogoproto.moretags) = "yaml:\"transfer_to_address\"" ];
-}
-
-// MsgForceTransferResponse defines the response structure for an executed
-// MsgForceTransfer message.
-message MsgForceTransferResponse {}
-
 // MsgUpdateParams is the Msg/UpdateParams request type.
 message MsgUpdateParams {
   option (cosmos.msg.v1.signer) = "authority";
   option (amino.name) = "move/MsgUpdateParams";
 
   // authority is the address that controls the module
   // (defaults to x/gov unless overwritten).
-  string authority = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+  string authority = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
   // params defines the x/staking parameters to update.
   //
   // NOTE: All parameters must be supplied.
-  Params params = 2
-      [ (gogoproto.nullable) = false, (amino.dont_omitempty) = true ];
+  Params params = 2 [
+    (gogoproto.nullable) = false,
+    (amino.dont_omitempty) = true
+  ];
 }
 
 // MsgUpdateParamsResponse defines the response structure for executing a

x/bank/keeper/msg_server.go

@@ -91,7 +91,8 @@ func (k msgServer) MultiSend(goCtx context.Context, msg *types.MsgMultiSend) (*t
 		return nil, types.ErrNoOutputs
 	}
 
-	if err := types.ValidateInputOutputs(msg.Inputs[0], msg.Outputs); err != nil {
+	input := msg.Inputs[0]
+	if err := types.ValidateInputOutputs(input, msg.Outputs); err != nil {
 		return nil, err
 	}
 
@@ -104,18 +105,29 @@ func (k msgServer) MultiSend(goCtx context.Context, msg *types.MsgMultiSend) (*t
 		}
 	}
 
+	inAddr, err := k.ak.AddressCodec().StringToBytes(input.Address)
+	if err != nil {
+		return nil, err
+	}
+
 	for _, out := range msg.Outputs {
-		accAddr, err := k.ak.AddressCodec().StringToBytes(out.Address)
+		outAddr, err := k.ak.AddressCodec().StringToBytes(out.Address)
 		if err != nil {
 			return nil, err
 		}
 
-		if k.BlockedAddr(accAddr) {
+		if k.BlockedAddr(outAddr) {
 			return nil, errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive funds", out.Address)
 		}
+
+		if err := k.BlockBeforeSend(ctx, inAddr, outAddr, out.Coins); err != nil {
+			return nil, err
+		}
+
+		k.TrackBeforeSend(ctx, inAddr, outAddr, out.Coins)
 	}
 
-	err := k.InputOutputCoins(ctx, msg.Inputs[0], msg.Outputs)
+	err = k.InputOutputCoins(ctx, input, msg.Outputs)
 	if err != nil {
 		return nil, err
 	}

x/tokenfactory/client/cli/tx.go

@@ -108,9 +108,9 @@ func NewMintCmd(ac address.Codec) *cobra.Command {
 
 func NewBurnCmd(ac address.Codec) *cobra.Command {
 	cmd := &cobra.Command{
-		Use:   "burn [amount] [burn-from-address] [flags]",
+		Use:   "burn [amount] [flags]",
 		Short: "Burn tokens from an address. Must have admin authority to do so.",
-		Args:  cobra.RangeArgs(1, 2),
+		Args:  cobra.ExactArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
 			clientCtx, err := client.GetClientTxContext(cmd)
 			if err != nil {
@@ -127,15 +127,9 @@ func NewBurnCmd(ac address.Codec) *cobra.Command {
 				return err
 			}
 
-			burnFromAddress := ""
-			if len(args) == 2 {
-				burnFromAddress = args[1]
-			}
-
-			msg := types.NewMsgBurnFrom(
+			msg := types.NewMsgBurn(
 				fromAddr,
 				amount,
-				burnFromAddress,
 			)
 
 			if err = msg.Validate(ac); err != nil {