`pallet-treasury`: Ensure we respect `max_amount` for spend across batch calls (#13468)

mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-04-26 15:47:58 +00:00

* `pallet-treasury`: Ensure we respect `max_amount` for spend across batch calls

When calling `spend` the origin defines the `max_amount` of tokens it is allowed to spend. The
problem is that someone can send a `batch(spend, spend)` to circumvent this restriction as we don't
check across different calls that the `max_amount` is respected. This pull request fixes this
behavior by introducing a so-called dispatch context. This dispatch context is created once per
outer most `dispatch` call. For more information see the docs in this pr. The treasury then uses
this dispatch context to attach information about already spent funds per `max_amount` (we assume
that each origin has a different `max_amount` configured). So, a `batch(spend, spend)` is now
checked to stay inside the allowed spending bounds.

Fixes: https://github.com/paritytech/substrate/issues/13167

* Import `Box` for wasm

* FMT

This commit is contained in:

Bastian Köcher

2023-02-27 18:49:16 +01:00

committed by

GitHub

parent 85a5a5db13

commit 6aa4127a74

9 changed files with 353 additions and 24 deletions

									
										substrate/frame/support/src/lib.rs
									
		+1
		
												View File
												
				@@ -78,6 +78,7 @@ pub mod inherent;

				#[macro_use]

				pub mod error;

				pub mod crypto;

				pub mod dispatch_context;

				pub mod instances;

				pub mod migrations;

				pub mod traits;

pallet-treasury: Ensure we respect max_amount for spend across batch calls (#13468)

`pallet-treasury`: Ensure we respect `max_amount` for spend across batch calls (#13468)