ensure empty funds and no empty vectors for some exec msgs

osmosis-labs · Apr 17, 2024 · 56e0e0b · 56e0e0b
1 parent d03a8e7
commit 56e0e0b
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 4 deletions.
diff --git a/contracts/transmuter/src/contract.rs b/contracts/transmuter/src/contract.rs
@@ -4,7 +4,7 @@ use crate::{
     alloyed_asset::AlloyedAsset,
     asset::{Asset, AssetConfig},
     ensure_admin_authority, ensure_moderator_authority,
-    error::ContractError,
+    error::{non_empty_input_required, nonpayable, ContractError},
     limiter::{Limiter, LimiterParams, Limiters},
     math::rescale,
     role::Role,
@@ -80,7 +80,9 @@ impl Transmuter<'_> {
         admin: Option<String>,
         moderator: Option<String>,
     ) -> Result<Response, ContractError> {
-        let (deps, env, _info) = ctx;
+        let (deps, env, info) = ctx;
+
+        nonpayable(&info.funds)?;
 
         // store contract version for migration info
         cw2::set_contract_version(deps.storage, CONTRACT_NAME, CONTRACT_VERSION)?;
@@ -158,6 +160,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only admin can rescale normalization factor
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -192,6 +196,9 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        non_empty_input_required("asset_configs", &asset_configs)?;
+        nonpayable(&info.funds)?;
+
         // only admin can add new assets
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -236,6 +243,9 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        non_empty_input_required("denoms", &denoms)?;
+        nonpayable(&info.funds)?;
+
         // only moderator can mark corrupted assets
         ensure_moderator_authority!(info.sender, self.role.moderator, deps.as_ref());
 
@@ -256,6 +266,9 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        non_empty_input_required("denoms", &denoms)?;
+        nonpayable(&info.funds)?;
+
         // only moderator can unmark corrupted assets
         ensure_moderator_authority!(info.sender, self.role.moderator, deps.as_ref());
 
@@ -278,6 +291,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only admin can register limiter
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -333,6 +348,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only admin can deregister limiter
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -358,6 +375,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only admin can set boundary offset
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -390,6 +409,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only admin can set upper limit
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -416,6 +437,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only admin can set denom metadata
         ensure_admin_authority!(info.sender, self.role.admin, deps.as_ref());
 
@@ -437,6 +460,8 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, _env, info) = ctx;
 
+        nonpayable(&info.funds)?;
+
         // only moderator can set active status
         ensure_moderator_authority!(info.sender, self.role.moderator, deps.as_ref());
 
@@ -477,6 +502,9 @@ impl Transmuter<'_> {
     ) -> Result<Response, ContractError> {
         let (deps, env, info) = ctx;
 
+        // it will deduct shares directly from the sender's account
+        nonpayable(&info.funds)?;
+
         self.swap_alloyed_asset_to_tokens(
             Entrypoint::Exec,
             SwapFromAlloyedConstraint::ExactOut {
@@ -1295,7 +1323,7 @@ mod tests {
             denoms: corrupted_denoms.clone(),
         });
 
-        let info = mock_info(moderator, &liquidity);
+        let info = mock_info(moderator, &[]);
         let res = execute(
             deps.as_mut(),
             env.clone(),

diff --git a/contracts/transmuter/src/error.rs b/contracts/transmuter/src/error.rs
@@ -14,8 +14,11 @@ pub enum ContractError {
     #[error("{0}")]
     VersionError(#[from] cw2::VersionError),
 
+    #[error("`{field}` must not be empty")]
+    NonEmptyInputRequired { field: String },
+
     #[error("Funds must be empty")]
-    EmptyFundsExpected {},
+    Nonpayable {},
 
     #[error("Funds must contain exactly one token")]
     SingleTokenExpected {},
@@ -204,3 +207,21 @@ pub enum ContractError {
     #[error("")]
     Never,
 }
+
+pub fn nonpayable(funds: &[Coin]) -> Result<(), ContractError> {
+    if funds.is_empty() {
+        Ok(())
+    } else {
+        Err(ContractError::Nonpayable {})
+    }
+}
+
+pub fn non_empty_input_required<T>(field_name: &str, value: &[T]) -> Result<(), ContractError> {
+    if value.is_empty() {
+        Err(ContractError::NonEmptyInputRequired {
+            field: field_name.to_string(),
+        })
+    } else {
+        Ok(())
+    }
+}