Implement Channel Upgrade Try functionality for 04 channel

[chatton]

Description

closes: #1619

This PR adds the ChanUpgradeTry handshake.

A few smaller items will be addressed in follow up issues.

• Event Emmision
• Clean up upgrade channel inputs
• adding a validateProposedUpgradeChannelFields function
• create a generic k.getConnectionForVerification function
• generic if !connectionEnd.IsOpen()
• Add helper function for configuring upgrade channel see this comment

Commit Message / Changelog Entry

N/A - part of feature branch

see the guidelines for commit messages. (view raw markdown for examples)

---

Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.

• Targeted PR against correct branch (see CONTRIBUTING.md).
• Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
• Code follows the module structure standards and Go style guide.
• Wrote unit and integration tests.
• Updated relevant documentation (docs/) or specification (x/<module>/spec/).
• Added relevant godoc comments.
• Provide a commit message to be used for the changelog entry in the PR description for review.
• Re-reviewed Files changed in the Github PR explorer.
• Review Codecov Report in the comment section below once CI passes.

[crodriguezvega]

Great work so far, @charleenfei and @chatton. This handler is quite a beast! 🐻 I left some comments for now, will take another look again in a couple of days. :)

[crodriguezvega]

Should we use same error message as in INIT?

[crodriguezvega]

Should we have a similar error message as for receive packet?

[crodriguezvega]

Ditto about the error message in receive packet.

[crodriguezvega]

Suggested change

	errorReceipt := types.NewErrorReceipt(upgradeSequence, errorsmod.Wrapf(types.ErrUpgradeAborted, "upgrade sequence %d was not smaller than the counter party chain upgrade sequence %d", upgradeSequence, counterpartyUpgradeSequence))
	errorReceipt := types.NewErrorReceipt(upgradeSequence, errorsmod.Wrapf(types.ErrUpgradeAborted, "counterparty chain upgrade sequence <= upgrade sequence (%d <= %d)", counterpartyUpgradeSequence, upgradeSequence))

[crodriguezvega]

Suggested change

	errorReceipt := types.NewErrorReceipt(upgradeSequence, errorsmod.Wrapf(types.ErrUpgradeAborted, "upgrade sequence %d was not smaller than the counter party chain upgrade sequence %d", upgradeSequence, counterpartyUpgradeSequence))
	errorReceipt := types.NewErrorReceipt(upgradeSequence, errorsmod.Wrap(types.ErrUpgradeAborted, "upgrade sequence not found")

[crodriguezvega]

Suggested change

	errorReceipt := types.NewErrorReceipt(upgradeSequence, errorsmod.Wrapf(types.ErrUpgradeAborted, "upgrade sequence %d was not equal to the counter party chain upgrade sequence %d", upgradeSequence, counterpartyUpgradeSequence))
	errorReceipt := types.NewErrorReceipt(upgradeSequence, errorsmod.Wrapf(types.ErrUpgradeAborted, "upgrade sequence ≠ counterparty chain upgrade sequence (%d ≠ %d)", upgradeSequence, counterpartyUpgradeSequence))

[crodriguezvega]

The upgrade sequence mentioned in this error message could be different than the one in the error receipt if it gets updated in the if clause just above.

[crodriguezvega]

Should this SetChannel (maybe for clarity) be done at the end?

[chatton]

The updated channel state is used just a few lines down and I think separating them out makes things a little harder to follow in this case

[crodriguezvega]

Yes, but to use the channel state you don't need it stored, right? For me it's just that I think it would be more clear if you set the channel when all the checks have passed (like in upgrade init). I know that if there's an error, the state changes will be reverted, but feels like the code would be more clear if it's at the end, instead of in between this complicated logic.

[charleenfei]

I tend to agree with @chatton that it is clearer to keep the logic together, rather than having the channel state being updated in one place and then actually set further down with the potential restore channel logic happening in between

[crodriguezvega]

Maybe it would be good to add something here in the good about the upgrade sequence that is returned, because if this function returns a not nil error, then upgradeSequence will be zero, but in fact the upgrade sequence stored could be different.

[crodriguezvega]

Suggested change

	ErrUpgradeErrorNotFound = errorsmod.Register(SubModuleName, 32, "upgrade error receipt not found")
	ErrUpgradeErrorReceiptNotFound = errorsmod.Register(SubModuleName, 32, "upgrade error receipt not found")

[colin-axner]

Ay, excellent work y'all!! Looking good 😎 🌞

I left a lot of thoughts/suggestions for improvements. I've only gotten part way through the upgradeTry handler. Will continue my review later

[colin-axner]

we should emit the channel order as well since it can change. Looks like it is missing in Init as well

[colin-axner]

This should panic in my opinion. Then we can remove the error on this function. Write/Set functions should either succeed or panic

[colin-axner]

I don't think this is necessary, our existing handlers are responsible for validation of the provided argument

[colin-axner]

note: I'm fairly certain this is unnecessary, see spec issue. I would be so happy to see these unnecessary checks removed 😄

[colin-axner]

this looks really nice. Should we add a comment indicating that this is accounting for crossing hellos?

[colin-axner]

counterpartyUpgradeChannel?

[colin-axner]

ditto on Counterparty.PortId

[colin-axner]

Lets add a helper function to the Timeout type. This function should take in the current height and the current timestamp, it should return an error if the timeout has passed. The error can then indicate if it is the block height or the timestamp that has passed (or potentially both), but it appears the same logic is performed within both if statements:

if timeoutInfo, hasPassed := timeout.Status(currentHeight, currentTimestamp); hasPassed {
    // restore channel logic
    
    return 0, "", errorsmod.Wrapf(types.ErrUpgradeAborted, timeoutInfo)
}

This could be done in a follow up pr

[colin-axner]

So we are verifying 3 things:

• channel
• sequence
• timeout

From my understanding, there is no particular reason that sequence and timeout are separated within the provable store (they could be under the same upgrade type). The channel is under its' own path for no strong reason, but one benefit is that you can be certain the counterparty has paused packet processing. There could be a construction where all 3 are under the same provable upgrade type:

interface Upgrade {
    proposedChannel Channel
    sequence uint64
    timeout Timeout
}

We could add a k.connectionKeeper.VerifyUpgrade which does all 3, but I don't have a strong preference, just mentioning as food for thought. The main downside of such a function is passing 3 proofs/values at once. The argument list would be very large:

(ctx, connectionEnd, channel.Counterparty.PortId, channel.Counterparty.ChannelId, proofHeight, proofChannel, counterpartyChannel, proofUpgradeTimeout, upgradeTimeout, proofUpgradeSequence, upgradeSequence

After seeing that argument list, I think I actually prefer doing the split here

[colin-axner]

This should be 1?

[charleenfei]

shouldn't it actually still be 0 because we are in channel state OPEN? we update the sequence further down the code block

[AdityaSripal]

Looking good. Have a couple comments for discussion

[AdityaSripal]

Should we move this check up and just abort the tx, the relayer can call timout at this point if needed.

However, we get into an awkward situation if we are also at UPGRADE_INIT, then we would have to wait for timeout on the other side as well

[AdityaSripal]

I still prefer getting the previousVersion separately in a new store call.

I know its more gas, but just sat for a couple minutes wondering why this would return previous version.

[chatton]

Actually technically it's not more gas, the current code was doing a call to the restore channel in order to return it anyway, I'm happy enough to pull this out to the msg server level.

[crodriguezvega]

You guys are rockin' it with this one. 🪨 🎸
Left a couple of extra comments. :)

[crodriguezvega]

Nit: this code updating the channel fields is duplicated in WriteUpgradeInitChannel. Maybe we can have a method on the channel end struct to update all upgradable fields?

[chatton]

Are you happy if we introduce a helper function in a follow up?

[crodriguezvega]

Yes, more than happy! :)

[crodriguezvega]

Why was this removed? In WriteUpgradeInitChannel the version of the channel is updated with the one in the proposed upgrade channel, but without this, we wouldn't take into account the version returned by the application callback. Maybe instead of modifying the proposed upgrade channel, the version can be passed as a separate argument, as it is done in this PR for WriteUpgradeTryChannel.

[chatton]

Nice catch! It looks like this is an oversight from a refactor that we did to WriteUpgradeTryChannel

that refactor was intended to be more explicit by not modifying the input message and passing the version directly. I think we should still not modify the message, but we should pass the version into WriteUpgradeInit in the same way we do in the linked code.

[crodriguezvega]

Restoring the channel and writing a receipt here would only be needed if the channel state is in INITUPGRADE, right? (crossing hello). Otherwise, just aborting the transaction and calling timeout on the counterparty would be enough, right? I think the same applies for the timestamp check below.

[chatton]

yes you're right, this actually ended up happening in #3418 which is probably not where that change should have been introduced 😅

[charleenfei]

closing in favour of #3478