added proposal checker

.gitignore

@@ -82,4 +82,6 @@ rust-project.json
 
 # End of https://www.toptal.com/developers/gitignore/api/osx,macos,git,rust,rust-analyzer
 
-artifacts
+artifacts
+proposal.json
+*_*.sh

Cargo.toml

@@ -5,7 +5,14 @@ members = [
     "block_party",
     "staking_party",
     "shielding_party",
-    "shielding_reward_party"
+    "shielding_reward_party",
+]
+
+default-members = [
+    "block_party",
+    "staking_party",
+    "shielding_party",
+    "shielding_reward_party",
 ]
 
 [workspace.package]

builder/parameters/block-party.json

@@ -8,8 +8,8 @@
     "details": "Phasellus quis sem finibus, luctus neque in, vestibulum lectus.",
     "requires": "-1",
     "author": "tnam1qxfj3sf6a0meahdu9t6znp05g8zx4dkjtgyn9gfu",
-    "voting_start_epoch": 189,
-    "voting_end_epoch": 201,
-    "activation_epoch": 205,
+    "voting_start_epoch": 6,
+    "voting_end_epoch": 12,
+    "activation_epoch": 18,
     "wasm_path": "artifacts/block_party.wasm"
 }

check-onchain-wasm/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+name = "check-onchain-wasm"
+description = "Check the integrity of a WASM code attached to a governance proposal."
+authors.workspace = true
+edition.workspace = true
+license.workspace = true
+version.workspace = true
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[[bin]]
+name = "check-onchain-wasm"
+path = "src/main.rs"
+
+[dependencies]
+clap = { version = "4.4.2", features = ["derive", "env"] }
+tendermint-rpc = { version = "0.37.0", features = ["http-client"]}
+namada_sdk = { git = "https://github.com/anoma/namada", tag = "v0.41.0" }
+namada_governance = { git = "https://github.com/anoma/namada", tag = "v0.41.0" }
+tokio = {version = "1.8.2", default-features = false}
+sha2 = "0.10.8"

check-onchain-wasm/README.md

@@ -0,0 +1,24 @@
+# WASM Proposal Checker
+
+Minor CLI tool to check that integrity of a WASM code associated with a proposal.
+
+#### How to build
+
+```
+cd check-onchain-wasm
+cargo build
+```
+
+## How to use
+
+```
+check-onchain-wasm --help                                                                                                             ok  at 18:46:11
+Usage: check-onchain-wasm [OPTIONS] --tendermint-url <TENDERMINT_URL> --proposal-id <PROPOSAL_ID>
+
+Options:
+      --tendermint-url <TENDERMINT_URL>  [env: TENDERMINT_URL=]
+      --proposal-id <PROPOSAL_ID>        [env: PROPOSAL_ID=]
+      --expected-hash <EXPECTED_HASH>    [env: EXPECTED_HASH=]
+      --dump-to <DUMP_TO>                [env: DUMP_TO=]
+  -h, --help                             Print help
+```

check-onchain-wasm/src/config.rs

@@ -0,0 +1,16 @@
+use std::path::PathBuf;
+
+#[derive(clap::Parser)]
+pub struct AppConfig {
+    #[clap(long, env)]
+    pub tendermint_url: String,
+
+    #[clap(long, env)]
+    pub proposal_id: u64,
+
+    #[clap(long, env)]
+    pub expected_hash: Option<String>,
+
+    #[clap(long, env)]
+    pub dump_to: Option<PathBuf>,
+}

check-onchain-wasm/src/main.rs

@@ -0,0 +1,47 @@
+pub mod config;
+
+use std::process;
+
+use clap::Parser;
+use config::AppConfig;
+use namada_sdk::{hash::Hash, rpc::query_storage_value};
+use sha2::{Digest, Sha256};
+use tendermint_rpc::HttpClient;
+use tokio::{fs::File, io::AsyncWriteExt};
+
+#[tokio::main]
+async fn main() {
+    let config = AppConfig::parse();
+
+    let client = HttpClient::new(config.tendermint_url.as_str()).unwrap();
+
+    let proposal_code_key =
+        namada_governance::storage::keys::get_proposal_code_key(config.proposal_id);
+    let proposal_code: Vec<u8> = query_storage_value(&client, &proposal_code_key)
+        .await
+        .unwrap();
+
+    let mut hasher = Sha256::new();
+    hasher.update(&proposal_code);
+
+    let proposal_code_hash = format!("{:x}", hasher.finalize());
+    println!("Proposal Code Hash: {}", proposal_code_hash.to_ascii_uppercase());
+
+    if let Some(expected_hash) = config.expected_hash {
+        if let Err(_) = Hash::try_from(expected_hash.as_str()) {
+            println!("The supplied hash via --expected-hash is not valid");
+            process::exit(1)
+        };
+        let hash_is_correct = proposal_code_hash.eq(&expected_hash);
+        if hash_is_correct {
+            println!("The expected hash correspond to the wasm associated with proposal id: {}", config.proposal_id)
+        } else {
+            println!("The expected hash DOES NOT correspond to the wasm associated with proposal id: {}", config.proposal_id)
+        }
+    }
+
+    if let Some(filepath) = config.dump_to {
+        let mut file = File::create(filepath).await.unwrap();
+        file.write_all(&proposal_code).await.unwrap();
+    }
+}