From fac55699e9765c9e5938559209621fe885944630 Mon Sep 17 00:00:00 2001 From: Adrian Catangiu Date: Thu, 5 Sep 2024 12:52:52 +0300 Subject: [PATCH] Allow signed origins to send arbitrary XCMs from some system chains (#407) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Relaxing the `SendXcmOrigin` filter for some of the System chains: - Relay Kusama: already open to signed origins and pluralities ✅ - Relay Polkadot: relax to same level as Kusama ^ ✅ - Asset Hubs (P and K): open up to signed origins ✅ - People (P and K): allow signed origins ✅ - Encointer: allow signed origins ✅ - Collectives Polkadot: **no change**, only Fellows collective allowed ❌ - Bridge Hubs (P and K): **no change**, no arbitrary XCM sends allowed ❌ - Coretime (P and K): **no change**, no arbitrary XCM sends allowed ❌ We could allow it on all chains but on some of them there are no usecases afaict, so starting out conservative, opening it up only on chains where it's wanted. --------- Co-authored-by: fellowship-merge-bot[bot] <151052383+fellowship-merge-bot[bot]@users.noreply.github.com> --- CHANGELOG.md | 6 ++++++ relay/kusama/src/xcm_config.rs | 8 ++++---- relay/polkadot/src/xcm_config.rs | 13 ++++++++----- .../asset-hubs/asset-hub-kusama/src/xcm_config.rs | 12 ++++++------ .../asset-hubs/asset-hub-polkadot/src/xcm_config.rs | 12 ++++++------ .../bridge-hubs/bridge-hub-kusama/src/xcm_config.rs | 8 ++++---- .../bridge-hub-polkadot/src/xcm_config.rs | 8 ++++---- .../collectives-polkadot/src/xcm_config.rs | 10 +++++----- .../coretime/coretime-kusama/src/xcm_config.rs | 8 ++++---- .../coretime/coretime-polkadot/src/xcm_config.rs | 8 ++++---- system-parachains/encointer/src/xcm_config.rs | 12 ++++++------ .../people/people-kusama/src/xcm_config.rs | 12 ++++++------ .../people/people-polkadot/src/xcm_config.rs | 12 ++++++------ 13 files changed, 69 insertions(+), 60 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c9e9397901..46be51afea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,12 @@ Changelog for the runtimes governed by the Polkadot Fellowship. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [Unreleased] + +### Changed + +- Allow signed origins to send arbitrary XCMs from some system chains ([polkadot-fellows/runtimes#407](https://github.com/polkadot-fellows/runtimes/pull/407)) + ## [1.3.2] 27.08.2024 ### Fixed diff --git a/relay/kusama/src/xcm_config.rs b/relay/kusama/src/xcm_config.rs index 2ea2a41688..e29b4cc2da 100644 --- a/relay/kusama/src/xcm_config.rs +++ b/relay/kusama/src/xcm_config.rs @@ -241,7 +241,7 @@ parameter_types! { /// Type to convert an `Origin` type value into a `Location` value which represents an interior /// location of this chain. pub type LocalOriginToLocation = ( - // And a usual Signed origin to be used in XCM as a corresponding AccountId32 + // And a usual Signed origin to be used in XCM as a corresponding `AccountId32`. SignedToAccountId32, ); @@ -265,14 +265,14 @@ pub type LocalPalletOrSignedOriginToLocation = ( StakingAdminToPlurality, // Fellows origin to be used in XCM as a corresponding Plurality `Location` value. FellowsToPlurality, - // And a usual Signed origin to be used in XCM as a corresponding AccountId32 + // And a usual Signed origin to be used in XCM as a corresponding `AccountId32`. SignedToAccountId32, ); impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // This is basically safe to enable for everyone (safe the possibility of someone spamming the - // parachain if they're willing to pay the KSM to send from the Relay-chain). + // This is safe to enable for everyone (save the possibility of someone spamming a parachain + // if they're willing to pay the KSM to send from the Relay-chain). type SendXcmOrigin = xcm_builder::EnsureXcmOrigin; type XcmRouter = XcmRouter; diff --git a/relay/polkadot/src/xcm_config.rs b/relay/polkadot/src/xcm_config.rs index f02af1cef6..cc77bbe4ab 100644 --- a/relay/polkadot/src/xcm_config.rs +++ b/relay/polkadot/src/xcm_config.rs @@ -267,7 +267,7 @@ pub type GeneralAdminToPlurality = /// location of this chain. pub type LocalOriginToLocation = ( GeneralAdminToPlurality, - // And a usual Signed origin to be used in XCM as a corresponding AccountId32 + // And a usual Signed origin to be used in XCM as a corresponding `AccountId32`. SignedToAccountId32, ); @@ -284,7 +284,7 @@ pub type TreasurerToPlurality = OriginToPluralityVoice, ); impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // We only allow the root, the general admin, the fellowship admin and the staking admin to send - // messages. - type SendXcmOrigin = xcm_builder::EnsureXcmOrigin; + // This is safe to enable for everyone (save the possibility of someone spamming a parachain + // if they're willing to pay the DOT to send from the Relay-chain). + type SendXcmOrigin = + xcm_builder::EnsureXcmOrigin; type XcmRouter = XcmRouter; // Anyone can execute XCM messages locally. type ExecuteXcmOrigin = xcm_builder::EnsureXcmOrigin; diff --git a/system-parachains/asset-hubs/asset-hub-kusama/src/xcm_config.rs b/system-parachains/asset-hubs/asset-hub-kusama/src/xcm_config.rs index b043a9874e..6b39e1ed43 100644 --- a/system-parachains/asset-hubs/asset-hub-kusama/src/xcm_config.rs +++ b/system-parachains/asset-hubs/asset-hub-kusama/src/xcm_config.rs @@ -388,9 +388,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. +/// Converts a local signed origin into an XCM `Location`. /// Forms the basis for local origins sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// For routing XCM messages which do not cross local consensus boundary. type LocalXcmRouter = ( @@ -413,11 +413,11 @@ pub type XcmRouter = WithUniqueTopic<( impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // We want to disallow users sending (arbitrary) XCMs from this chain. - type SendXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can send XCM messages. + type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/asset-hubs/asset-hub-polkadot/src/xcm_config.rs b/system-parachains/asset-hubs/asset-hub-polkadot/src/xcm_config.rs index 66fbf44c88..c1076523eb 100644 --- a/system-parachains/asset-hubs/asset-hub-polkadot/src/xcm_config.rs +++ b/system-parachains/asset-hubs/asset-hub-polkadot/src/xcm_config.rs @@ -460,9 +460,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. +/// Converts a local signed origin into an XCM `Location`. /// Forms the basis for local origins sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// For routing XCM messages which do not cross local consensus boundary. type LocalXcmRouter = ( @@ -492,11 +492,11 @@ pub type XcmRouter = WithUniqueTopic<( impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // We want to disallow users sending (arbitrary) XCMs from this chain. - type SendXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can send XCM messages. + type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/bridge-hubs/bridge-hub-kusama/src/xcm_config.rs b/system-parachains/bridge-hubs/bridge-hub-kusama/src/xcm_config.rs index b95d9b6ef1..c02b8fe1ee 100644 --- a/system-parachains/bridge-hubs/bridge-hub-kusama/src/xcm_config.rs +++ b/system-parachains/bridge-hubs/bridge-hub-kusama/src/xcm_config.rs @@ -214,9 +214,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. +/// Converts a local signed origin into an XCM `Location`. /// Forms the basis for local origins sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -232,8 +232,8 @@ impl pallet_xcm::Config for Runtime { // We want to disallow users sending (arbitrary) XCMs from this chain. type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/bridge-hubs/bridge-hub-polkadot/src/xcm_config.rs b/system-parachains/bridge-hubs/bridge-hub-polkadot/src/xcm_config.rs index 4af51d0fdd..352d14c578 100644 --- a/system-parachains/bridge-hubs/bridge-hub-polkadot/src/xcm_config.rs +++ b/system-parachains/bridge-hubs/bridge-hub-polkadot/src/xcm_config.rs @@ -250,9 +250,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. +/// Converts a local signed origin into an XCM `Location`. /// Forms the basis for local origins sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -268,8 +268,8 @@ impl pallet_xcm::Config for Runtime { // We want to disallow users sending (arbitrary) XCMs from this chain. type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/collectives/collectives-polkadot/src/xcm_config.rs b/system-parachains/collectives/collectives-polkadot/src/xcm_config.rs index dd20acca0b..efb2fe532f 100644 --- a/system-parachains/collectives/collectives-polkadot/src/xcm_config.rs +++ b/system-parachains/collectives/collectives-polkadot/src/xcm_config.rs @@ -244,9 +244,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. +/// Converts a local signed origin into an XCM `Location`. /// Forms the basis for local origins sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -262,11 +262,11 @@ pub type FellowsToPlurality = OriginToPluralityVoice; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/coretime/coretime-kusama/src/xcm_config.rs b/system-parachains/coretime/coretime-kusama/src/xcm_config.rs index e16aa9f94b..df0adb72c4 100644 --- a/system-parachains/coretime/coretime-kusama/src/xcm_config.rs +++ b/system-parachains/coretime/coretime-kusama/src/xcm_config.rs @@ -232,9 +232,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM `Location``. Forms the basis for local origins +/// Converts a local signed origin into an XCM `Location`. Forms the basis for local origins /// sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -250,8 +250,8 @@ impl pallet_xcm::Config for Runtime { // We want to disallow users sending (arbitrary) XCM programs from this chain. type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/coretime/coretime-polkadot/src/xcm_config.rs b/system-parachains/coretime/coretime-polkadot/src/xcm_config.rs index 5b79f20286..c75c0a574c 100644 --- a/system-parachains/coretime/coretime-polkadot/src/xcm_config.rs +++ b/system-parachains/coretime/coretime-polkadot/src/xcm_config.rs @@ -255,9 +255,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM `Location``. Forms the basis for local origins +/// Converts a local signed origin into an XCM `Location`. Forms the basis for local origins /// sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -273,8 +273,8 @@ impl pallet_xcm::Config for Runtime { // We want to disallow users sending (arbitrary) XCM programs from this chain. type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/encointer/src/xcm_config.rs b/system-parachains/encointer/src/xcm_config.rs index d1cddcc958..50cacb1e5b 100644 --- a/system-parachains/encointer/src/xcm_config.rs +++ b/system-parachains/encointer/src/xcm_config.rs @@ -199,9 +199,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. +/// Converts a local signed origin into an XCM `Location`. /// Forms the basis for local origins sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; pub type PriceForParentDelivery = polkadot_runtime_common::xcm_sender::ExponentialPrice< FeeAssetId, @@ -226,11 +226,11 @@ parameter_types! { impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // We want to disallow users sending (arbitrary) XCMs from this chain. - type SendXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can send XCM messages. + type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/people/people-kusama/src/xcm_config.rs b/system-parachains/people/people-kusama/src/xcm_config.rs index a2e3e9c173..54b0c75b66 100644 --- a/system-parachains/people/people-kusama/src/xcm_config.rs +++ b/system-parachains/people/people-kusama/src/xcm_config.rs @@ -235,9 +235,9 @@ impl xcm_executor::Config for XcmConfig { type HrmpChannelClosingHandler = (); } -/// Converts a local signed origin into an XCM location. Forms the basis for local origins +/// Converts a local signed origin into an XCM `Location`. Forms the basis for local origins /// sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -250,11 +250,11 @@ pub type XcmRouter = WithUniqueTopic<( impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // We want to disallow users sending (arbitrary) XCM programs from this chain. - type SendXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can send XCM messages. + type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything; diff --git a/system-parachains/people/people-polkadot/src/xcm_config.rs b/system-parachains/people/people-polkadot/src/xcm_config.rs index c0af93c27c..2a0e80d4d3 100644 --- a/system-parachains/people/people-polkadot/src/xcm_config.rs +++ b/system-parachains/people/people-polkadot/src/xcm_config.rs @@ -258,9 +258,9 @@ impl xcm_executor::Config for XcmConfig { type XcmRecorder = (); } -/// Converts a local signed origin into an XCM location. Forms the basis for local origins +/// Converts a local signed origin into an XCM `Location`. Forms the basis for local origins /// sending/executing XCMs. -pub type LocalOriginToLocation = SignedToAccountId32; +pub type LocalSignedOriginToLocation = SignedToAccountId32; /// The means for routing XCM messages which are not for local execution into the right message /// queues. @@ -273,11 +273,11 @@ pub type XcmRouter = WithUniqueTopic<( impl pallet_xcm::Config for Runtime { type RuntimeEvent = RuntimeEvent; - // We want to disallow users sending (arbitrary) XCM programs from this chain. - type SendXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can send XCM messages. + type SendXcmOrigin = EnsureXcmOrigin; type XcmRouter = XcmRouter; - // Anyone can execute XCM messages locally. - type ExecuteXcmOrigin = EnsureXcmOrigin; + // Any local signed origin can execute XCM messages. + type ExecuteXcmOrigin = EnsureXcmOrigin; type XcmExecuteFilter = Everything; type XcmExecutor = XcmExecutor; type XcmTeleportFilter = Everything;