realiotech · sontrinh16 · Sep 13, 2024 · Sep 13, 2024 · Sep 13, 2024 · Sep 17, 2024
@@ -126,6 +126,11 @@
 	assetmodulekeeper "github.com/realiotech/realio-network/x/asset/keeper"
 	assetmoduletypes "github.com/realiotech/realio-network/x/asset/types"
 
+	"github.com/realiotech/realio-network/x/asset/priviledges/clawback"
+	"github.com/realiotech/realio-network/x/asset/priviledges/freeze"
+	mintpriviledge "github.com/realiotech/realio-network/x/asset/priviledges/mint"
+	"github.com/realiotech/realio-network/x/asset/priviledges/transfer_auth"
+
 	realionetworktypes "github.com/realiotech/realio-network/types"
 
 	// unnamed import of statik for swagger UI support
@@ -309,6 +314,8 @@
 		// multi-staking keys
 		multistakingtypes.StoreKey,
 		// this line is used by starport scaffolding # stargate/app/storeKey
+		freeze.StoreKey,
+		transfer_auth.StoreKey,
 	)
 
 	// Add the EVM transient store key
@@ -415,6 +422,25 @@
 		app.AccountKeeper,
 	)
 
+	err := app.AssetKeeper.AddPrivilege(mintpriviledge.NewMintPriviledge(app.BankKeeper))
+	if err != nil {
+		panic(err)
+	}
+	err = app.AssetKeeper.AddPrivilege(freeze.NewFreezePriviledge(keys[freeze.StoreKey]))
+	if err != nil {
+		panic(err)
+	}
+	err = app.AssetKeeper.AddPrivilege(transfer_auth.NewTransferAuthPriviledge(keys[transfer_auth.StoreKey]))
+	if err != nil {
+		panic(err)
+	}
+	err = app.AssetKeeper.AddPrivilege(clawback.NewClawbackPriviledge(app.BankKeeper))
+	if err != nil {
+		panic(err)
+	}
+
+	app.BankKeeper.AppendSendRestriction(app.AssetKeeper.AssetSendRestriction)
+
 	// IBC Keeper
 	app.IBCKeeper = ibckeeper.NewKeeper(
 		appCodec, keys[ibchost.StoreKey], app.GetSubspace(ibchost.ModuleName), app.StakingKeeper, app.UpgradeKeeper, scopedIBCKeeper,

@@ -0,0 +1,45 @@
+package apptesting
+
+import (
+	"testing"
+
+	sdk "github.com/cosmos/cosmos-sdk/types"
+	"github.com/stretchr/testify/suite"
+	tmproto "github.com/tendermint/tendermint/proto/tendermint/types"
+
+	bankkeeper "github.com/cosmos/cosmos-sdk/x/bank/keeper"
+	govkeeper "github.com/cosmos/cosmos-sdk/x/gov/keeper"
+	"github.com/realiotech/realio-network/app"
+	"github.com/realiotech/realio-network/x/asset/keeper"
+	"github.com/realiotech/realio-network/x/asset/types"
+)
+
+type KeeperTestSuite struct {
+	suite.Suite
+	app *app.RealioNetwork
+	ctx sdk.Context
+
+	assetKeeper *keeper.Keeper
+	govkeeper   govkeeper.Keeper
+	msgServer   types.MsgServer
+	bankKeeper  bankkeeper.Keeper
+}
+
+func (suite *KeeperTestSuite) SetupTest() {
+	app := app.Setup(false, nil, 3)
+
+	suite.app = app
+	suite.ctx = app.BaseApp.NewContext(false, tmproto.Header{Height: app.LastBlockHeight() + 1})
+	suite.assetKeeper = keeper.NewKeeper(
+		app.AppCodec(), app.InterfaceRegistry(), app.GetKey(types.StoreKey),
+		app.GetMemKey(types.MemStoreKey), app.GetSubspace(types.ModuleName), app.BankKeeper, app.AccountKeeper,
+	)
+	suite.govkeeper = app.GovKeeper
+	suite.bankKeeper = app.BankKeeper
+}
+
+func (suite *KeeperTestSuite) 
+
+func TestKeeperTestSuite(t *testing.T) {
+	suite.Run(t, new(KeeperTestSuite))
+}
@@ -0,0 +1,11 @@
+syntax = "proto3";
+package realionetwork.asset.v1;
+
+option go_package = "github.com/realiotech/realio-network/x/asset/priviledges/clawback";
+
+import "cosmos_proto/cosmos.proto";
+
+message MsgClawbackToken {
+    string account = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+    uint64 amount = 2;
+}
@@ -0,0 +1,14 @@
+syntax = "proto3";
+package realionetwork.asset.v1;
+
+option go_package = "github.com/realiotech/realio-network/x/asset/priviledges/freeze";
+
+import "cosmos_proto/cosmos.proto";
+
+message MsgFreezeToken {
+    repeated string accounts = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+}
+
+message MsgUnfreezeToken {
+    repeated string accounts = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+}
@@ -10,8 +10,6 @@ import "realionetwork/asset/v1/token.proto";
 
 
 message MsgMintToken {
-    string account = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
-    string token_id = 2;
-    string to_account = 3;
-    uint64 amount = 4;
+    string to_account = 1;
+    uint64 amount = 2;
 }
@@ -0,0 +1,11 @@
+syntax = "proto3";
+package realionetwork.asset.v1;
+
+option go_package = "github.com/realiotech/realio-network/x/asset/priviledges/transfer_auth";
+
+import "cosmos_proto/cosmos.proto";
+
+message MsgUpdateAllowList {
+  repeated string allowed_addresses = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+  repeated string disallowed_addresses = 2 [ (cosmos_proto.scalar) = "cosmos.AddressString"];
+}
@@ -0,0 +1,22 @@
+syntax = "proto3";
+package realionetwork.asset.v1;
+
+option go_package = "github.com/realiotech/realio-network/x/asset/priviledges/transfer_auth";
+
+import "cosmos_proto/cosmos.proto";
+
+message QueryWhitelistedAddressesRequest {
+    string token_id = 1;
+}
+
+message QueryWhitelistedAddressesResponse {
+    repeated string whitelisted_addrs = 1;
+}
+
+message QueryIsAddressWhitelistedRequest {
+    string address = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
+}
+
+message QueryIsAddressWhitelistedRespones {
+    bool is_whitelisted = 1;
+}
@@ -21,6 +21,7 @@ message TokenManagement {
   string manager = 1 [ (cosmos_proto.scalar) = "cosmos.AddressString" ];
   bool add_new_privilege = 2;
   repeated string excluded_privileges = 3;
+  repeated string enabled_privileges = 4;
 }
 
 message Balance {

@@ -31,6 +31,7 @@ message MsgCreateToken {
   string description = 6;
   repeated string excluded_privileges = 7;
   bool add_new_privilege = 8;
+  repeated string enabled_privileges = 9;
 }
 
 message MsgCreateTokenResponse {}

@@ -18,13 +18,14 @@ type (
 	Keeper struct {
 		cdc codec.BinaryCodec
 		// registry is used to register privilege interface and implementation.
-		registry         cdctypes.InterfaceRegistry
-		storeKey         storetypes.StoreKey
-		memKey           storetypes.StoreKey
-		paramstore       paramtypes.Subspace
-		bankKeeper       types.BankKeeper
-		ak               types.AccountKeeper
-		PrivilegeManager map[string]types.PrivilegeI
+		registry           cdctypes.InterfaceRegistry
+		storeKey           storetypes.StoreKey
+		memKey             storetypes.StoreKey
+		paramstore         paramtypes.Subspace
+		bankKeeper         types.BankKeeper
+		ak                 types.AccountKeeper
+		PrivilegeManager   map[string]types.PrivilegeI
+		RestrictionChecker map[string]RestrictionChecker
 	}
 )
 
@@ -68,6 +69,12 @@ func (k *Keeper) AddPrivilege(priv types.PrivilegeI) error {
 	// regiester the privilege's interfaces
 	priv.RegisterInterfaces(k.registry)
 
+	checker, ok := priv.(RestrictionChecker)
+	// currently we should only support one restriction checker at a time
+	if ok {
+		k.RestrictionChecker[priv.Name()] = checker
+	}
+
 	return nil
 }
 

@@ -106,8 +106,8 @@ func (m MockPrivilegeI) RegisterInterfaces(registry cdctypes.InterfaceRegistry)
 }
 
 func (m MockPrivilegeI) MsgHandler() types.MsgHandler {
-	return func(context context.Context, privMsg sdk.Msg, tokenID string, privAcc sdk.AccAddress) (proto.Message, error) {
-		typeUrl := sdk.MsgTypeURL(privMsg)
+	return func(context context.Context, privMsg proto.Message, tokenID string, privAcc sdk.AccAddress) (proto.Message, error) {
+		typeUrl := "/" + proto.MessageName(privMsg)
 		if typeUrl != sdk.MsgTypeURL(&types.MsgMock{}) {
 			return nil, errors.New("unsupport msg type")
 		}
@@ -124,7 +124,7 @@ func (m MockPrivilegeI) MsgHandler() types.MsgHandler {
 }
 
 func (m MockPrivilegeI) QueryHandler() types.QueryHandler {
-	return func(context context.Context, privQuery sdk.Msg) (proto.Message, error) {
+	return func(context context.Context, privQuery proto.Message, tokenID string) (proto.Message, error) {
 		return nil, nil
 	}
 }

@@ -3,7 +3,7 @@
 import (
 	"context"
 	"fmt"
 	"slices"
 	"strings"

 	errorsmod "cosmossdk.io/errors"
@@ -47,10 +47,10 @@
 	k.SetToken(ctx, tokenId, token)
 	k.bankKeeper.SetDenomMetaData(ctx, bank.Metadata{
 		Base: tokenId, Symbol: lowerCaseSymbol, Name: lowerCaseName,
-		DenomUnits: []*bank.DenomUnit{{Denom: lowerCaseSymbol, Exponent: msg.Decimal}, {Denom: tokenId, Exponent: 0}},
+		DenomUnits: []*bank.DenomUnit{{Denom: tokenId, Exponent: msg.Decimal}},
 	})
 
-	tokenManage := types.NewTokenManagement(msg.Manager, msg.AddNewPrivilege, msg.ExcludedPrivileges)
+	tokenManage := types.NewTokenManagement(msg.Manager, msg.AddNewPrivilege, msg.ExcludedPrivileges, msg.EnabledPrivileges)
 	k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 	ctx.EventManager().EmitEvent(
@@ -135,8 +135,13 @@
 	if tm.Manager != msg.Manager {
 		return nil, errorsmod.Wrapf(sdkerrors.ErrUnauthorized, "sender is not token manager")
 	}
-	if slices.Contains(tm.ExcludedPrivileges, msg.Privilege) {
-		return nil, errorsmod.Wrapf(sdkerrors.ErrInvalidRequest, "privilege %s is excluded", msg.Privilege)
+	if !slices.Contains(tm.EnabledPrivileges, msg.GetPrivilege()) {
+		if !tm.AddNewPrivilege {
+			return nil, errorsmod.Wrapf(sdkerrors.ErrInvalidRequest, "can't add new privilege")
+		} else if slices.Contains(tm.ExcludedPrivileges, msg.Privilege) {
+			return nil, errorsmod.Wrapf(sdkerrors.ErrInvalidRequest, "privilege %s is excluded", msg.Privilege)
+		}
+		tm.EnabledPrivileges = append(tm.EnabledPrivileges, msg.Privilege)
 	}
 
 	for _, user := range msg.AssignedTo {
@@ -145,6 +150,7 @@
 			return nil, err
 		}
 		k.SetTokenPrivilegeAccount(ctx, msg.TokenId, msg.Privilege, userAcc)
+		k.SetTokenManagement(ctx, msg.TokenId, tm)
 	}
 
 	return &types.MsgAssignPrivilegeResponse{}, nil

@@ -87,7 +87,7 @@ func (s *KeeperTestSuite) TestUpdateToken() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				return &types.MsgUpdateToken{
@@ -162,7 +162,7 @@ func (s *KeeperTestSuite) TestAllocateToken() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				return &types.MsgAllocateToken{
@@ -235,7 +235,7 @@ func (s *KeeperTestSuite) TestAssignPrivilege() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				return &types.MsgAssignPrivilege{
@@ -307,7 +307,7 @@ func (s *KeeperTestSuite) TestUnassignPrivilege() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				k.SetTokenPrivilegeAccount(ctx, tokenId, creatorAddr.String(), userAddr1)
@@ -382,7 +382,7 @@ func (s *KeeperTestSuite) TestDisablePrivilege() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				return &types.MsgDisablePrivilege{
@@ -447,7 +447,7 @@ func (s *KeeperTestSuite) TestExecutePrivilege() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				k.SetTokenPrivilegeAccount(ctx, tokenId, "test", userAddr1)
@@ -483,7 +483,7 @@ func (s *KeeperTestSuite) TestExecutePrivilege() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				k.SetTokenPrivilegeAccount(ctx, tokenId, "test", userAddr1)
@@ -543,7 +543,7 @@ func (s *KeeperTestSuite) TestExecutePrivilege() {
 				token := types.NewToken(tokenId, strings.ToLower(name), lowerCaseSymbol, 2, description)
 				k.SetToken(ctx, tokenId, token)
 
-				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{})
+				tokenManage := types.NewTokenManagement(managerAddr.String(), true, []string{}, []string{})
 				k.SetTokenManagement(ctx, tokenId, tokenManage)
 
 				k.SetTokenPrivilegeAccount(ctx, tokenId, creatorAddr.String(), userAddr1)