remove duplicate validation (#102)

* remove duplicate validation * add e2e test for antehandler checks on invalid machine attestation requests * added comment * adjusted openapi docs Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com> Signed-off-by: Jürgen Eckel <juergen@riddleandcode.com> Co-authored-by: Jürgen Eckel <juergen@riddleandcode.com>
2026-03-15 21:05:00 +00:00 · 2023-09-29 09:09:27 +02:00
parent 579cb9c0cf
commit e80ce7e894
2 changed files with 53 additions and 7 deletions
--- a/tests/e2e/machine/suite.go
+++ b/tests/e2e/machine/suite.go
@@ -133,3 +133,53 @@ func (s *E2ETestSuite) TestAttestMachine() {
 	_, err = clitestutil.ExecTestCLICmd(val.ClientCtx, machinecli.CmdGetMachineByPublicKey(), args)
 	s.Require().NoError(err)
 }
+
+func (s *E2ETestSuite) TestInvalidAttestMachine() {
+	val := s.network.Validators[0]
+
+	// already used in REST test case
+	prvKey, pubKey := sample.KeyPair(1)
+
+	k, err := val.ClientCtx.Keyring.Key(sample.Name)
+	s.Require().NoError(err)
+	addr, _ := k.GetAddress()
+
+	machine := sample.Machine(sample.Name, pubKey, prvKey, addr.String())
+	machineJSON, err := json.Marshal(&machine)
+	s.Require().NoError(err)
+
+	args := []string{
+		fmt.Sprintf("--%s=%s", flags.FlagChainID, s.network.Config.ChainID),
+		fmt.Sprintf("--%s=%s", flags.FlagFrom, sample.Name),
+		fmt.Sprintf("--%s=%s", flags.FlagFees, sample.Fees),
+		"--yes",
+		string(machineJSON),
+	}
+
+	out, err := clitestutil.ExecTestCLICmd(val.ClientCtx, machinecli.CmdAttestMachine(), args)
+	s.Require().NoError(err)
+
+	txResponse, err := clitestutil.GetTxResponseFromOut(out)
+	s.Require().NoError(err)
+	s.Require().Equal(int(txResponse.Code), int(4))
+
+	unregisteredPubKey, unregisteredPrivKey := sample.KeyPair(2)
+	machine = sample.Machine(sample.Name, unregisteredPubKey, unregisteredPrivKey, addr.String())
+	machineJSON, err = json.Marshal(&machine)
+	s.Require().NoError(err)
+
+	args = []string{
+		fmt.Sprintf("--%s=%s", flags.FlagChainID, s.network.Config.ChainID),
+		fmt.Sprintf("--%s=%s", flags.FlagFrom, sample.Name),
+		fmt.Sprintf("--%s=%s", flags.FlagFees, sample.Fees),
+		"--yes",
+		string(machineJSON),
+	}
+
+	out, err = clitestutil.ExecTestCLICmd(val.ClientCtx, machinecli.CmdAttestMachine(), args)
+	s.Require().NoError(err)
+
+	txResponse, err = clitestutil.GetTxResponseFromOut(out)
+	s.Require().NoError(err)
+	s.Require().Equal(int(txResponse.Code), int(3))
+}
--- a/x/machine/keeper/msg_server_attest_machine.go
+++ b/x/machine/keeper/msg_server_attest_machine.go
@@ -25,13 +25,9 @@ func (k msgServer) isNFTCreationRequest(machine *types.Machine) bool {
 func (k msgServer) AttestMachine(goCtx context.Context, msg *types.MsgAttestMachine) (*types.MsgAttestMachineResponse, error) {
 	ctx := sdk.UnwrapSDKContext(goCtx)

-	ta, activated, found := k.GetTrustAnchor(ctx, msg.Machine.MachineId)
-	if !found {
-		return nil, errors.New("no preregistered trust anchor found for machine id")
-	}
-	if activated {
-		return nil, errors.New("trust anchor has already been used for attestation")
-	}
+	// the ante handler verifies that the MachineID exists. Additional result checks got moved to the ante-handler
+	// and removed from here due to inconsistency or checking the same thing over and over again.
+	ta, _, _ := k.GetTrustAnchor(ctx, msg.Machine.MachineId)

 	isValidMachineId, err := util.ValidateSignature(msg.Machine.MachineId, msg.Machine.MachineIdSignature, msg.Machine.MachineId)
 	if !isValidMachineId {