Verify Source origin in TargetChainVerifier (#558)

* Make sure to verify sender's origin. * Make sure to use dispatch verification. * Add tests. * cargo fmt --all * Remove superfluous lifetime. * Move the check to MessageLanVerifier. * cargo fmt --all * Fix docs.
2026-05-31 13:21:01 +00:00 · 2020-12-08 23:29:32 +01:00
parent f57b7e9de0
commit 6f6c8c2417
7 changed files with 154 additions and 67 deletions
@@ -17,7 +17,7 @@
 //! Implementation of `MessageDeliveryAndDispatchPayment` trait on top of `Currency` trait.
 //! All payments are instant.

-use bp_message_lane::source_chain::MessageDeliveryAndDispatchPayment;
+use bp_message_lane::source_chain::{MessageDeliveryAndDispatchPayment, Sender};
 use codec::Encode;
 use frame_support::traits::{Currency as CurrencyT, ExistenceRequirement};
 use sp_std::fmt::Debug;
@@ -37,11 +37,20 @@ where
 	type Error = &'static str;

 	fn pay_delivery_and_dispatch_fee(
-		submitter: &AccountId,
+		submitter: &Sender<AccountId>,
 		fee: &Currency::Balance,
 		relayer_fund_account: &AccountId,
 	) -> Result<(), Self::Error> {
-		Currency::transfer(submitter, relayer_fund_account, *fee, ExistenceRequirement::AllowDeath).map_err(Into::into)
+		match submitter {
+			Sender::Signed(submitter) => {
+				Currency::transfer(submitter, relayer_fund_account, *fee, ExistenceRequirement::AllowDeath)
+					.map_err(Into::into)
+			}
+			Sender::Root | Sender::None => {
+				// fixme: we might want to add root account id to this struct.
+				Err("Root and None account is not allowed to send regular messages.")
+			}
+		}
 	}

 	fn pay_relayer_reward(
@@ -255,18 +255,19 @@ decl_module! {
 			delivery_and_dispatch_fee: T::OutboundMessageFee,
 		) -> DispatchResult {
 			ensure_operational::<T, I>()?;
-			let submitter = ensure_signed(origin)?;
+			let submitter = origin.into().map_err(|_| BadOrigin)?;

 			// let's first check if message can be delivered to target chain
-			T::TargetHeaderChain::verify_message(&payload).map_err(|err| {
-				frame_support::debug::trace!(
-					"Message to lane {:?} is rejected by target chain: {:?}",
-					lane_id,
-					err,
-				);
+			T::TargetHeaderChain::verify_message(&payload)
+				.map_err(|err| {
+					frame_support::debug::trace!(
+						"Message to lane {:?} is rejected by target chain: {:?}",
+						lane_id,
+						err,
+					);

-				Error::<T, I>::MessageRejectedByChainVerifier
-			})?;
+					Error::<T, I>::MessageRejectedByChainVerifier
+				})?;

 			// now let's enforce any additional lane rules
 			T::LaneMessageVerifier::verify_message(
@@ -17,7 +17,7 @@
 use crate::Trait;

 use bp_message_lane::{
-	source_chain::{LaneMessageVerifier, MessageDeliveryAndDispatchPayment, TargetHeaderChain},
+	source_chain::{LaneMessageVerifier, MessageDeliveryAndDispatchPayment, Sender, TargetHeaderChain},
 	target_chain::{DispatchMessage, MessageDispatch, ProvedLaneMessages, ProvedMessages, SourceHeaderChain},
 	InboundLaneData, LaneId, Message, MessageData, MessageKey, MessageNonce,
 };
@@ -209,7 +209,7 @@ impl LaneMessageVerifier<AccountId, TestPayload, TestMessageFee> for TestLaneMes
 	type Error = &'static str;

 	fn verify_message(
-		_submitter: &AccountId,
+		_submitter: &Sender<AccountId>,
 		delivery_and_dispatch_fee: &TestMessageFee,
 		_lane: &LaneId,
 		_payload: &TestPayload,
@@ -234,7 +234,7 @@ impl TestMessageDeliveryAndDispatchPayment {

 	/// Returns true if given fee has been paid by given submitter.
 	pub fn is_fee_paid(submitter: AccountId, fee: TestMessageFee) -> bool {
-		frame_support::storage::unhashed::get(b":message-fee:") == Some((submitter, fee))
+		frame_support::storage::unhashed::get(b":message-fee:") == Some((Sender::Signed(submitter), fee))
 	}

 	/// Returns true if given relayer has been rewarded with given balance. The reward-paid flag is
@@ -249,7 +249,7 @@ impl MessageDeliveryAndDispatchPayment<AccountId, TestMessageFee> for TestMessag
 	type Error = &'static str;

 	fn pay_delivery_and_dispatch_fee(
-		submitter: &AccountId,
+		submitter: &Sender<AccountId>,
 		fee: &TestMessageFee,
 		_relayer_fund_account: &AccountId,
 	) -> Result<(), Self::Error> {