improve lending msg validation and errors

Author: keithsue

x/lending/keeper/msg_server.go

@@ -22,14 +22,12 @@ type msgServer struct {
 
 // CreateLoan implements types.MsgServer.
 func (m msgServer) Apply(goCtx context.Context, msg *types.MsgApply) (*types.MsgApplyResponse, error) {
+	if err := msg.ValidateBasic(); err != nil {
+		return nil, err
+	}
 
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
-	// _borrower, errb := sdk.AccAddressFromBech32(msg.Borrower)
-	// if errb != nil {
-	// 	return nil, errb
-	// }
-
 	if !m.dlcKeeper.HasEvent(ctx, msg.EventId) {
 		return nil, types.ErrInvalidPriceEvent
 	}
@@ -143,16 +141,19 @@ func (m msgServer) Apply(goCtx context.Context, msg *types.MsgApply) (*types.Msg
 
 // Approve implements types.MsgServer.
 func (m msgServer) Approve(goCtx context.Context, msg *types.MsgApprove) (*types.MsgApproveResponse, error) {
+	if err := msg.ValidateBasic(); err != nil {
+		return nil, err
+	}
 
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
 	if !m.HasDepositLog(ctx, msg.DepositTxId) {
-		return nil, types.ErrDepositTxNotExists
+		return nil, types.ErrDepositTxDoesNotExist
 	}
 
 	log := m.GetDepositLog(ctx, msg.DepositTxId)
 	if !m.HasLoan(ctx, log.VaultAddress) {
-		return nil, types.ErrLoanNotExists
+		return nil, types.ErrLoanDoesNotExist
 	}
 
 	if _, _, err := m.btcbridgeKeeper.ValidateTransaction(ctx, log.DepositTx, "", msg.BlockHash, msg.Proof); err != nil {
@@ -176,6 +177,10 @@ func (m msgServer) Approve(goCtx context.Context, msg *types.MsgApprove) (*types
 
 // Redeem implements types.MsgServer.
 func (m msgServer) Redeem(goCtx context.Context, msg *types.MsgRedeem) (*types.MsgRedeemResponse, error) {
+	if err := msg.ValidateBasic(); err != nil {
+		return nil, err
+	}
+
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
 	borrower, err := sdk.AccAddressFromBech32(msg.Borrower)
@@ -184,7 +189,7 @@ func (m msgServer) Redeem(goCtx context.Context, msg *types.MsgRedeem) (*types.M
 	}
 
 	if !m.HasLoan(ctx, msg.LoanId) {
-		return nil, types.ErrLoanNotExists
+		return nil, types.ErrLoanDoesNotExist
 	}
 
 	loan := m.GetLoan(ctx, msg.LoanId)
@@ -194,7 +199,7 @@ func (m msgServer) Redeem(goCtx context.Context, msg *types.MsgRedeem) (*types.M
 	}
 
 	if types.HashLoanSecret(msg.LoanSecret) != loan.HashLoanSecret {
-		return nil, types.ErrMismatchLoanSecret
+		return nil, types.ErrMismatchedLoanSecret
 	}
 
 	m.bankKeeper.SendCoinsFromModuleToAccount(ctx, types.ModuleName, borrower, sdk.NewCoins(*loan.BorrowAmount))
@@ -214,6 +219,10 @@ func (m msgServer) Redeem(goCtx context.Context, msg *types.MsgRedeem) (*types.M
 
 // Repay implements types.MsgServer.
 func (m msgServer) Repay(goCtx context.Context, msg *types.MsgRepay) (*types.MsgRepayResponse, error) {
+	if err := msg.ValidateBasic(); err != nil {
+		return nil, err
+	}
+
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
 	borrower, err := sdk.AccAddressFromBech32(msg.Borrower)
@@ -222,7 +231,7 @@ func (m msgServer) Repay(goCtx context.Context, msg *types.MsgRepay) (*types.Msg
 	}
 
 	if !m.HasLoan(ctx, msg.LoanId) {
-		return nil, types.ErrLoanNotExists
+		return nil, types.ErrLoanDoesNotExist
 	}
 
 	loan := m.GetLoan(ctx, msg.LoanId)
@@ -282,7 +291,7 @@ func (m msgServer) SubmitRepaymentAdaptorSignature(goCtx context.Context, msg *t
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
 	if !m.HasLoan(ctx, msg.LoanId) {
-		return nil, types.ErrLoanNotExists
+		return nil, types.ErrLoanDoesNotExist
 	}
 
 	if !m.HasRepayment(ctx, msg.LoanId) {
@@ -320,10 +329,14 @@ func (m msgServer) SubmitRepaymentAdaptorSignature(goCtx context.Context, msg *t
 
 // Close implements types.MsgServer.
 func (m msgServer) Close(goCtx context.Context, msg *types.MsgClose) (*types.MsgCloseResponse, error) {
+	if err := msg.ValidateBasic(); err != nil {
+		return nil, err
+	}
+
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
 	if !m.HasLoan(ctx, msg.LoanId) {
-		return nil, types.ErrLoanNotExists
+		return nil, types.ErrLoanDoesNotExist
 	}
 
 	if !m.HasRepayment(ctx, msg.LoanId) {

x/lending/keeper/pool.go

@@ -62,7 +62,7 @@ func (m msgServer) AddLiquidity(goCtx context.Context, msg *types.MsgAddLiquidit
 	}
 
 	if !m.HasPool(ctx, msg.PoolId) {
-		return nil, types.ErrPootNotExists
+		return nil, types.ErrPoolDoesNotExist
 	}
 
 	pool := m.GetPool(ctx, msg.PoolId)
@@ -127,7 +127,7 @@ func (m msgServer) RemoveLiquidity(goCtx context.Context, msg *types.MsgRemoveLi
 	}
 
 	if !m.HasPool(ctx, msg.Shares.Denom) {
-		return nil, types.ErrPootNotExists
+		return nil, types.ErrPoolDoesNotExist
 	}
 
 	pool := m.GetPool(ctx, msg.Shares.Denom)

x/lending/types/errors.go

@@ -7,38 +7,39 @@ import (
 )
 
 var (
-	ErrEmptySender   = errorsmod.Register(ModuleName, 1000, "invalid tx sender")
-	ErrInvalidAmount = errorsmod.Register(ModuleName, 1100, "invalid amount")
-	ErrInvalidParams = errorsmod.Register(ModuleName, 1101, "invalid params")
+	ErrInvalidAmount = errorsmod.Register(ModuleName, 1000, "invalid amount")
+	ErrInvalidParams = errorsmod.Register(ModuleName, 1001, "invalid params")
 	ErrInvalidSender = errorsmod.Register(ModuleName, 1002, "invalid tx sender")
 
-	ErrInvalidLiquidation = errorsmod.Register(ModuleName, 2100, "invalid liquidation")
-	ErrEmptyPoolId        = errorsmod.Register(ModuleName, 2200, "invalid pool id")
-	ErrNotAuthorized      = errorsmod.Register(ModuleName, 2201, "not authorized")
-	ErrDuplicatedPoolId   = errorsmod.Register(ModuleName, 2202, "duplicated pool id")
-	ErrPootNotExists      = errorsmod.Register(ModuleName, 2203, "pool not exists")
-	ErrInactivePool       = errorsmod.Register(ModuleName, 2203, "inactive pool")
+	ErrInvalidLiquidity    = errorsmod.Register(ModuleName, 2100, "invalid liquidity")
+	ErrInvalidPoolId       = errorsmod.Register(ModuleName, 2200, "invalid pool id")
+	ErrInvalidLendingAsset = errorsmod.Register(ModuleName, 2201, "invalid lending asset")
+	ErrNotAuthorized       = errorsmod.Register(ModuleName, 2202, "not authorized")
+	ErrDuplicatedPoolId    = errorsmod.Register(ModuleName, 2203, "duplicated pool id")
+	ErrPoolDoesNotExist    = errorsmod.Register(ModuleName, 2204, "pool does not exist")
+	ErrInactivePool        = errorsmod.Register(ModuleName, 2205, "inactive pool")
 
-	ErrEmptyBorrowerPubkey    = errorsmod.Register(ModuleName, 3001, "invalid pubkey of borrower")
+	ErrInvalidBorrowerPubkey  = errorsmod.Register(ModuleName, 3001, "invalid pubkey of borrower")
 	ErrInvalidMaturityTime    = errorsmod.Register(ModuleName, 3002, "maturity time great than 0")
 	ErrInvalidFinalTimeout    = errorsmod.Register(ModuleName, 3003, "final time great than maturity time")
-	ErrInvalidLoanSecret      = errorsmod.Register(ModuleName, 3003, "invalid loan secret")
-	ErrDuplicatedVault        = errorsmod.Register(ModuleName, 3004, "duplicated vault address")
-	ErrInvalidPriceEvent      = errorsmod.Register(ModuleName, 3005, "invalid price event")
-	ErrInvalidFunding         = errorsmod.Register(ModuleName, 3006, "invalid funding")
-	ErrInvalidCET             = errorsmod.Register(ModuleName, 3007, "invalid cet")
-	ErrInsufficientCollateral = errorsmod.Register(ModuleName, 3008, "insufficient collateral")
-	ErrLoanNotExists          = errorsmod.Register(ModuleName, 3009, "loan not exists")
-
-	ErrEmptyDepositTx     = errorsmod.Register(ModuleName, 4001, "invalid deposit tx")
-	ErrInvalidProof       = errorsmod.Register(ModuleName, 4002, "invalid proof")
-	ErrDepositTxNotExists = errorsmod.Register(ModuleName, 4002, "deposit not exists")
-
-	ErrMismatchedBorrower = errorsmod.Register(ModuleName, 5001, "mismatched borrower")
-	ErrEmptyLoanSecret    = errorsmod.Register(ModuleName, 5002, "invalid loan secret")
-	ErrMismatchLoanSecret = errorsmod.Register(ModuleName, 5003, "mismatch loan secret")
-
-	ErrEmptyAdaptorPoint                = errorsmod.Register(ModuleName, 6001, "invalid adaptor point")
+	ErrInvalidLoanSecret      = errorsmod.Register(ModuleName, 3004, "invalid loan secret")
+	ErrDuplicatedVault        = errorsmod.Register(ModuleName, 3005, "duplicated vault address")
+	ErrInvalidPriceEvent      = errorsmod.Register(ModuleName, 3006, "invalid price event")
+	ErrInvalidFunding         = errorsmod.Register(ModuleName, 3007, "invalid funding")
+	ErrInvalidCET             = errorsmod.Register(ModuleName, 3008, "invalid cet")
+	ErrInsufficientCollateral = errorsmod.Register(ModuleName, 3009, "insufficient collateral")
+	ErrLoanDoesNotExist       = errorsmod.Register(ModuleName, 3010, "loan does not exist")
+
+	ErrInvalidDepositTx      = errorsmod.Register(ModuleName, 4001, "invalid deposit tx")
+	ErrInvalidBlockHash      = errorsmod.Register(ModuleName, 4002, "invalid block hash")
+	ErrInvalidProof          = errorsmod.Register(ModuleName, 4003, "invalid proof")
+	ErrDepositTxDoesNotExist = errorsmod.Register(ModuleName, 4004, "deposit tx does not exist")
+
+	ErrMismatchedBorrower    = errorsmod.Register(ModuleName, 5001, "mismatched borrower")
+	ErrInvalidLoanSecretHash = errorsmod.Register(ModuleName, 5002, "invalid loan secret hash")
+	ErrMismatchedLoanSecret  = errorsmod.Register(ModuleName, 5003, "mismatched loan secret")
+
+	ErrInvalidAdaptorPoint              = errorsmod.Register(ModuleName, 6001, "invalid adaptor point")
 	ErrInvalidRepayment                 = errorsmod.Register(ModuleName, 6002, "invalid repayment")
 	ErrInvalidRepaymentTx               = errorsmod.Register(ModuleName, 6003, "invalid repayment tx")
 	ErrInvalidRepaymentSecret           = errorsmod.Register(ModuleName, 6004, "invalid repayment secret")

x/lending/types/lending.go

@@ -6,6 +6,17 @@ import (
 	sdkmath "cosmossdk.io/math"
 )
 
+const (
+	// minimum pool id length
+	MinPoolIdLength = 2
+
+	// loan secret length
+	LoanSecretLength = 32
+
+	// loan secret hash length
+	LoanSecretHashLength = 32
+)
+
 // GetLiquidationPrice gets the liquidation price according to the liquidation LTV
 func GetLiquidationPrice(collateralAmout sdkmath.Int, borrowedAmount sdkmath.Int, lltv sdkmath.Int) sdkmath.Int {
 	liquidationValue := new(big.Int).Div(borrowedAmount.BigInt(), lltv.BigInt())

x/lending/types/msg_add_liquidity.go

@@ -1,6 +1,9 @@
 package types
 
 import (
+	fmt "fmt"
+
+	errorsmod "cosmossdk.io/errors"
 	"cosmossdk.io/math"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
@@ -9,20 +12,24 @@ var _ sdk.Msg = &MsgAddLiquidity{}
 
 func NewMsgAddLiquidity(lender string, poolId string, amount sdk.Coin) *MsgAddLiquidity {
 	return &MsgAddLiquidity{
-		PoolId: poolId,
 		Lender: lender,
+		PoolId: poolId,
 		Amount: &amount,
 	}
 }
 
 // ValidateBasic performs basic MsgAddLiquidity message validation.
 func (m *MsgAddLiquidity) ValidateBasic() error {
-	if m.Amount.Amount.LTE(math.NewInt(0)) {
-		return ErrInvalidLiquidation
+	if _, err := sdk.AccAddressFromBech32(m.Lender); err != nil {
+		return errorsmod.Wrap(err, "invalid sender address")
 	}
 
-	if len(m.PoolId) == 0 {
-		return ErrEmptyPoolId
+	if len(m.PoolId) < MinPoolIdLength {
+		return errorsmod.Wrap(ErrInvalidPoolId, fmt.Sprintf("minimum length of the pool id is %d", MinPoolIdLength))
+	}
+
+	if m.Amount.Amount.LTE(math.NewInt(0)) {
+		return ErrInvalidLiquidity
 	}
 
 	return nil

x/lending/types/msg_apply.go

@@ -1,6 +1,11 @@
 package types
 
 import (
+	"encoding/hex"
+
+	"github.com/btcsuite/btcd/btcec/v2/schnorr"
+
+	errorsmod "cosmossdk.io/errors"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
 
@@ -18,6 +23,10 @@ func NewMsgApply(borrower string, borrowerPubkey string, hashLoanSecret string,
 
 // ValidateBasic performs basic MsgAddLiquidity message validation.
 func (m *MsgApply) ValidateBasic() error {
+	if _, err := sdk.AccAddressFromBech32(m.Borrower); err != nil {
+		return errorsmod.Wrap(err, "invalid sender address")
+	}
+
 	if m.MaturityTime <= 0 {
 		return ErrInvalidMaturityTime
 	}
@@ -26,16 +35,17 @@ func (m *MsgApply) ValidateBasic() error {
 		return ErrInvalidFinalTimeout
 	}
 
-	if len(m.Borrower) == 0 {
-		return ErrEmptySender
+	if secretHashBytes, err := hex.DecodeString(m.LoanSecretHash); err != nil || len(secretHashBytes) != LoanSecretHashLength {
+		return ErrInvalidLoanSecretHash
 	}
 
-	if len(m.LoanSecretHash) == 0 {
-		return ErrInvalidLoanSecret
+	pubKeyBytes, err := hex.DecodeString(m.BorrowerPubkey)
+	if err != nil {
+		return ErrInvalidBorrowerPubkey
 	}
 
-	if len(m.BorrowerPubkey) == 0 {
-		return ErrEmptyBorrowerPubkey
+	if _, err := schnorr.ParsePubKey(pubKeyBytes); err != nil {
+		return ErrInvalidBorrowerPubkey
 	}
 
 	return nil

x/lending/types/msg_approve.go

@@ -1,6 +1,9 @@
 package types
 
 import (
+	"github.com/btcsuite/btcd/chaincfg/chainhash"
+
+	errorsmod "cosmossdk.io/errors"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
 
@@ -17,8 +20,16 @@ func NewMsgApprove(relayer string, depositTxId string, blockHash string, proof [
 
 // ValidateBasic performs basic MsgAddLiquidity message validation.
 func (m *MsgApprove) ValidateBasic() error {
-	if len(m.DepositTxId) == 0 {
-		return ErrEmptyDepositTx
+	if _, err := sdk.AccAddressFromBech32(m.Relayer); err != nil {
+		return errorsmod.Wrap(err, "invalid sender address")
+	}
+
+	if _, err := chainhash.NewHashFromStr(m.DepositTxId); err != nil {
+		return ErrInvalidDepositTx
+	}
+
+	if _, err := chainhash.NewHashFromStr(m.BlockHash); err != nil {
+		return ErrInvalidBlockHash
 	}
 
 	if len(m.Proof) == 0 {

x/lending/types/msg_close.go

@@ -1,6 +1,11 @@
 package types
 
 import (
+	"encoding/hex"
+
+	"github.com/btcsuite/btcd/btcec/v2/schnorr"
+
+	errorsmod "cosmossdk.io/errors"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
 
@@ -16,15 +21,20 @@ func NewMsgClose(relayer string, loanId string, signature string) *MsgClose {
 
 // ValidateBasic performs basic message validation.
 func (m *MsgClose) ValidateBasic() error {
-	if len(m.Relayer) == 0 {
-		return ErrEmptySender
+	if _, err := sdk.AccAddressFromBech32(m.Relayer); err != nil {
+		return errorsmod.Wrap(err, "invalid sender address")
 	}
 
 	if len(m.LoanId) == 0 {
 		return ErrEmptyLoanId
 	}
 
-	if len(m.Signature) == 0 {
+	sigBytes, err := hex.DecodeString(m.Signature)
+	if err != nil {
+		return ErrInvalidSignature
+	}
+
+	if _, err := schnorr.ParseSignature(sigBytes); err != nil {
 		return ErrInvalidSignature
 	}