circuit

package module

v0.1.1 Latest Latest Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 22 Imported by: 45

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Repository URL not available.

Links

Open Source Insights

README ¶

`x/circuit`

Concepts

Circuit Breaker is a module that is meant to avoid a chain needing to halt/shut down in the presence of a vulnerability, instead the module will allow specific messages or all messages to be disabled. When operating a chain, if it is app specific then a halt of the chain is less detrimental, but if there are applications built on top of the chain then halting is expensive due to the disturbance to applications.

Circuit Breaker works with the idea that an address or set of addresses have the right to block messages from being executed and/or included in the mempool. Any address with a permission is able to reset the circuit breaker for the message.

The transactions are checked and can be rejected at two points:

In CircuitBreakerDecorator ante handler:

https://github.com/cosmos/cosmos-sdk/blob/x/circuit/v0.1.0/x/circuit/ante/circuit.go#L27-L41

With a message router check:

https://github.com/cosmos/cosmos-sdk/blob/v0.50.1/baseapp/msg_service_router.go#L104-L115

:::note The CircuitBreakerDecorator works for most use cases, but does not check the inner messages of a transaction. This some transactions (such as x/authz transactions or some x/gov transactions) may pass the ante handler. This does not affect the circuit breaker as the message router check will still fail the transaction. This tradeoff is to avoid introducing more dependencies in the x/circuit module. Chains can re-define the CircuitBreakerDecorator to check for inner messages if they wish to do so. :::

State

Accounts

AccountPermissions 0x1 | account_address -> ProtocolBuffer(CircuitBreakerPermissions)

type level int32

const (
    // LEVEL_NONE_UNSPECIFIED indicates that the account will have no circuit
    // breaker permissions.
    LEVEL_NONE_UNSPECIFIED = iota
    // LEVEL_SOME_MSGS indicates that the account will have permission to
    // trip or reset the circuit breaker for some Msg type URLs. If this level
    // is chosen, a non-empty list of Msg type URLs must be provided in
    // limit_type_urls.
    LEVEL_SOME_MSGS
    // LEVEL_ALL_MSGS indicates that the account can trip or reset the circuit
    // breaker for Msg's of all type URLs.
    LEVEL_ALL_MSGS 
    // LEVEL_SUPER_ADMIN indicates that the account can take all circuit breaker
    // actions and can grant permissions to other accounts.
    LEVEL_SUPER_ADMIN
)

type Access struct {
	level int32 
	msgs []string // if full permission, msgs can be empty
}

Disable List

List of type urls that are disabled.

DisableList 0x2 | msg_type_url -> []byte{}

State Transitions

Authorize

Authorize, is called by the module authority (default governance module account) or any account with LEVEL_SUPER_ADMIN to give permission to disable/enable messages to another account. There are three levels of permissions that can be granted. LEVEL_SOME_MSGS limits the number of messages that can be disabled. LEVEL_ALL_MSGS permits all messages to be disabled. LEVEL_SUPER_ADMIN allows an account to take all circuit breaker actions including authorizing and deauthorizing other accounts.

  // AuthorizeCircuitBreaker allows a super-admin to grant (or revoke) another
  // account's circuit breaker permissions.
  rpc AuthorizeCircuitBreaker(MsgAuthorizeCircuitBreaker) returns (MsgAuthorizeCircuitBreakerResponse);

Trip

Trip, is called by an authorized account to disable message execution for a specific msgURL. If empty, all the msgs will be disabled.

  // TripCircuitBreaker pauses processing of Msg's in the state machine.
  rpc TripCircuitBreaker(MsgTripCircuitBreaker) returns (MsgTripCircuitBreakerResponse);

Reset

Reset is called by an authorized account to enable execution for a specific msgURL of previously disabled message. If empty, all the disabled messages will be enabled.

  // ResetCircuitBreaker resumes processing of Msg's in the state machine that
  // have been been paused using TripCircuitBreaker.
  rpc ResetCircuitBreaker(MsgResetCircuitBreaker) returns (MsgResetCircuitBreakerResponse);

Messages

MsgAuthorizeCircuitBreaker

https://github.com/cosmos/cosmos-sdk/blob/main/proto/cosmos/circuit/v1/tx.proto#L25-L75

This message is expected to fail if:

the granter is not an account with permission level LEVEL_SUPER_ADMIN or the module authority

MsgTripCircuitBreaker

https://github.com/cosmos/cosmos-sdk/blob/main/proto/cosmos/circuit/v1/tx.proto#L77-L93

This message is expected to fail if:

if the signer does not have a permission level with the ability to disable the specified type url message

MsgResetCircuitBreaker

https://github.com/cosmos/cosmos-sdk/blob/main/proto/cosmos/circuit/v1/tx.proto#L95-109

This message is expected to fail if:

if the type url is not disabled

Events - list and describe event tags

The circuit module emits the following events:

Message Events

MsgAuthorizeCircuitBreaker

Type	Attribute Key	Attribute Value
string	granter	{granterAddress}
string	grantee	{granteeAddress}
string	permission	{granteePermissions}
message	module	circuit
message	action	authorize_circuit_breaker

MsgTripCircuitBreaker

Type	Attribute Key	Attribute Value
string	authority	{authorityAddress}
[]string	msg_urls	[]string{msg_urls}
message	module	circuit
message	action	trip_circuit_breaker

ResetCircuitBreaker

Type	Attribute Key	Attribute Value
string	authority	{authorityAddress}
[]string	msg_urls	[]string{msg_urls}
message	module	circuit
message	action	reset_circuit_breaker

Keys - list of key prefixes used by the circuit module

AccountPermissionPrefix - 0x01
DisableListPrefix - 0x02

Client - list and describe CLI commands and gRPC and REST endpoints

Documentation ¶

Index ¶

Constants
type AppModule
- func NewAppModule(cdc codec.Codec, keeper keeper.Keeper) AppModule
type AppModuleBasic
type ModuleInputs
type ModuleOutputs
- func ProvideModule(in ModuleInputs) ModuleOutputs

Constants ¶

View Source

const ConsensusVersion = 1

ConsensusVersion defines the current circuit module consensus version.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AppModule ¶

type AppModule struct {
	AppModuleBasic
	// contains filtered or unexported fields
}

AppModule implements an application module for the circuit module.

func NewAppModule ¶

func NewAppModule(cdc codec.Codec, keeper keeper.Keeper) AppModule

NewAppModule creates a new AppModule object

func (AppModule) AutoCLIOptions ¶

func (am AppModule) AutoCLIOptions() *autocliv1.ModuleOptions

func (AppModule) ConsensusVersion ¶

func (AppModule) ConsensusVersion() uint64

ConsensusVersion implements AppModule/ConsensusVersion.

func (AppModule) ExportGenesis ¶

func (am AppModule) ExportGenesis(ctx sdk.Context, cdc codec.JSONCodec) json.RawMessage

ExportGenesis returns the exported genesis state as raw bytes for the circuit module.

func (AppModule) InitGenesis ¶

func (am AppModule) InitGenesis(ctx sdk.Context, cdc codec.JSONCodec, data json.RawMessage)

InitGenesis performs genesis initialization for the circuit module. It returns no validator updates.

func (AppModule) IsAppModule ¶

func (am AppModule) IsAppModule()

IsAppModule implements the appmodule.AppModule interface.

func (AppModule) IsOnePerModuleType ¶

func (am AppModule) IsOnePerModuleType()

IsOnePerModuleType implements the depinject.OnePerModuleType interface.

func (AppModule) RegisterServices ¶

func (am AppModule) RegisterServices(cfg module.Configurator)

RegisterServices registers module services.

type AppModuleBasic ¶

type AppModuleBasic struct {
	// contains filtered or unexported fields
}

AppModuleBasic defines the basic application module used by the circuit module.

func (AppModuleBasic) DefaultGenesis ¶

func (AppModuleBasic) DefaultGenesis(cdc codec.JSONCodec) json.RawMessage

DefaultGenesis returns default genesis state as raw bytes for the circuit module.

func (AppModuleBasic) Name ¶

func (AppModuleBasic) Name() string

Name returns the circuit module's name.

func (AppModuleBasic) RegisterGRPCGatewayRoutes ¶

func (AppModuleBasic) RegisterGRPCGatewayRoutes(clientCtx client.Context, mux *gwruntime.ServeMux)

RegisterGRPCGatewayRoutes registers the gRPC Gateway routes for the circuit module.

func (AppModuleBasic) RegisterInterfaces ¶

func (AppModuleBasic) RegisterInterfaces(registry codectypes.InterfaceRegistry)

RegisterInterfaces registers interfaces and implementations of the circuit module.

func (AppModuleBasic) RegisterLegacyAminoCodec ¶

func (AppModuleBasic) RegisterLegacyAminoCodec(cdc *codec.LegacyAmino)

RegisterLegacyAminoCodec registers the circuit module's types on the LegacyAmino codec.

func (AppModuleBasic) ValidateGenesis ¶

func (AppModuleBasic) ValidateGenesis(cdc codec.JSONCodec, _ client.TxEncodingConfig, bz json.RawMessage) error

ValidateGenesis performs genesis state validation for the circuit module.

type ModuleInputs ¶

type ModuleInputs struct {
	depinject.In

	Config       *modulev1.Module
	Cdc          codec.Codec
	StoreService store.KVStoreService

	AddressCodec address.Codec
}

type ModuleOutputs ¶

type ModuleOutputs struct {
	depinject.Out

	CircuitKeeper  keeper.Keeper
	Module         appmodule.AppModule
	BaseappOptions runtime.BaseAppOption
}

func ProvideModule ¶

func ProvideModule(in ModuleInputs) ModuleOutputs

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
ante
keeper
types Package types is a reverse proxy.	Package types is a reverse proxy.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL