-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bank and Supply are not pruning zero coins causing invariants to break #9159
Comments
It is possible I didn't configure something correctly when updating, but the error message seems to clearly indicate there exists a 0 coin The branch I'm using can be found here |
I figured it out. Burning coins is currently on master subtracting from the supply coin by coin. Previous behaviour used
Thus the old behaviour pruned zero coins from the total supply. The issue is two fold
|
I added to v0.43 milestone as it needs to be fixed for the next release |
This should be pretty straightforward to fix in bank. It also strikes me as strange that |
Yes I completely agree. The mechanics of coin need to be revisited/audited/documented imo. There's a lot of subtle details that can easily lead to misuse. There's other oddities like bank allowing empty coin sets as valid no-ops |
We are looking into it with @atheeshp |
BTW, why do we need |
I realize I left some details off. I believe the issue is here As you can see, GetSupply() returns sdk.Coin. Thus we end up here and here which results in a 0denom coin being set in supply If coins was used, we would end up here and safeSub calls safeAdd, which I believe removes zero coins. Partially related, but I didn't find any indication that bank prunes 0 amount balances as well (technically not a bug, for now). I will link code in a second |
If we send our entire balance away, we should expect our entire balance to be deducted (and pruned) in |
I think there are a variety of fixes here and I'm not sure what is the best approach, but one simple approach is to the check if the amount.IsZero() on |
It'd be great if simulations could be updated to randomly burn the entire supply of some coin (that would catch the existing bug) |
There is one more bug in the |
I think this is safe since These sort of idiosyncrasies are not well documented. Another good example of why I think the entire design of Coin needs to be audited and documented in an ADR #7046. It'd be a lot easier to reason about the safety of Bank or other modules with coins if it was clearly documented how everything functioned and what assumptions are made at each step |
While updating to the latest SDK commit
045c45f5507315834415c45b6eae5b1755cf002a
on a branch inibc-go
, one of our ICS20 transfer tests broke:I have just run into this issue and have not spent time looking into it. Based on the error message, it appears the bank balance is not being pruned after it hits 0 causing the invariant to trigger. This error occurs when we send from A -> B and then B -> A causing the tokens to be fully sent out of the account
cc @AdityaSripal
For Admin Use
The text was updated successfully, but these errors were encountered: