Skip to content

XCM: Deny barrier checks for nested XCMs with specific instructions to be executed on the local chain #7200

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
franciscoaguirre merged 96 commits into from
Feb 19, 2025
Merged

XCM: Deny barrier checks for nested XCMs with specific instructions to be executed on the local chain #7200

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
96 commits
Select commit Hold shift + click to select a range
9c80770
PoC: DenyInstructionsWithXcm for validating nested XCM instructions
bkontur Jan 15, 2025
6c79a06
PoC: DenyInstructionsWithXcm for validating nested XCM instructions
bkontur Jan 15, 2025
a98fc0d
Merge branch 'bko-deny-nested-xcm-barrier' of https://github.com/pari…
raymondkfcheung Jan 28, 2025
a70881e
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Jan 28, 2025
72bec5b
Fix merge conflicts
raymondkfcheung Jan 28, 2025
7aec7fe
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Jan 29, 2025
6f60579
Update from raymondkfcheung running command 'fmt'
github-actions[bot] Jan 29, 2025
06c7e65
Fix merge conflicts
raymondkfcheung Jan 29, 2025
7bd8e10
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Jan 29, 2025
2d3d33d
Update from raymondkfcheung running command 'fmt'
github-actions[bot] Jan 29, 2025
df64f5f
poc(XCM): Deny Nested XCM Barriers (#7351)
raymondkfcheung Jan 31, 2025
797f868
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Jan 31, 2025
72f8fe4
Refactor DenyInstructionsWithXcm with new NestedXcmType
raymondkfcheung Jan 31, 2025
5fe41bc
Rename to DenyNestedLocalInstructions
raymondkfcheung Feb 3, 2025
95ce08d
Remove NestedXcmType
raymondkfcheung Feb 3, 2025
914ba61
Refactor DenyNestedXcmInstructions
raymondkfcheung Feb 3, 2025
97f50a6
Refactor DenyNestedLocalInstructionsThenTry
raymondkfcheung Feb 3, 2025
91d9541
Make DenyNestedXcmInstructions privately
raymondkfcheung Feb 3, 2025
0866f2a
Update comments
raymondkfcheung Feb 3, 2025
b58f7a3
Update tests
raymondkfcheung Feb 3, 2025
255a23a
Fix imports
raymondkfcheung Feb 3, 2025
b5d2777
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 3, 2025
4f8d0af
Update from raymondkfcheung running command 'prdoc --audience runtime…
github-actions[bot] Feb 3, 2025
2a48a71
Move deny_execution logic to DenyNestedLocalInstructions
raymondkfcheung Feb 3, 2025
c6a363d
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 3, 2025
9ca64e7
Update config
raymondkfcheung Feb 3, 2025
9601ee0
Update from raymondkfcheung running command 'fmt'
github-actions[bot] Feb 3, 2025
f2ff48d
Remove for regenerating
raymondkfcheung Feb 3, 2025
b75c40f
Update from raymondkfcheung running command 'prdoc --audience runtime…
github-actions[bot] Feb 3, 2025
a663b43
Update prdoc
raymondkfcheung Feb 3, 2025
19e0b6f
Update prdoc
raymondkfcheung Feb 3, 2025
9f4048d
Update prdoc
raymondkfcheung Feb 3, 2025
211c0d8
Update prdoc
raymondkfcheung Feb 3, 2025
f4662da
Update from raymondkfcheung running command 'prdoc --audience runtime…
github-actions[bot] Feb 3, 2025
1951b39
Update prdoc
raymondkfcheung Feb 3, 2025
f8009f1
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 3, 2025
c69d6c5
Update prdoc
raymondkfcheung Feb 3, 2025
fb948e4
Refactor DenyNestedXcmInstructions
raymondkfcheung Feb 4, 2025
f84b50a
Add more tests
raymondkfcheung Feb 4, 2025
936e56e
Remove `mut`
raymondkfcheung Feb 4, 2025
2994fe2
Update comment for DenyNestedXcmInstructions
raymondkfcheung Feb 4, 2025
85a36a2
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 4, 2025
5443750
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 4, 2025
f3bf860
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 5, 2025
f2f8449
Add comment for RECURSION_LIMIT
raymondkfcheung Feb 5, 2025
3f51889
Rename to DenyLocalInstructions
raymondkfcheung Feb 5, 2025
7329db8
Move dummy filters to tests/barriers.rs
raymondkfcheung Feb 5, 2025
c518c59
Clean up tests
raymondkfcheung Feb 5, 2025
632430e
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 5, 2025
c5ca5e7
Update prdoc
raymondkfcheung Feb 5, 2025
24dd3e3
Remove DenyNestedLocalInstructionsThenTry
raymondkfcheung Feb 5, 2025
a1b3454
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 5, 2025
4c4b9ec
Rename to xcm
raymondkfcheung Feb 5, 2025
63b0df1
Remove DenyNestedLocalInstructionsThenTry
raymondkfcheung Feb 5, 2025
632f2b6
Remove DenyNestedXcmInstructions
raymondkfcheung Feb 5, 2025
66af360
Apply fmt
raymondkfcheung Feb 5, 2025
758e871
Simplify the recursion
raymondkfcheung Feb 5, 2025
5a817a8
Update polkadot/xcm/xcm-builder/src/barriers.rs
bkontur Feb 5, 2025
c03412e
Merge branch 'master' into bko-deny-nested-xcm-barrier
bkontur Feb 5, 2025
ede0da7
Update prdoc/pr_7200.prdoc
bkontur Feb 5, 2025
b625ecc
Update prdoc/pr_7200.prdoc
bkontur Feb 6, 2025
30d7688
Add scenario test
raymondkfcheung Feb 6, 2025
cc50283
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 6, 2025
d871197
Merge branch 'master' into bko-deny-nested-xcm-barrier
bkontur Feb 6, 2025
5130c23
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 7, 2025
790b0ad
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 10, 2025
d10872b
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 11, 2025
a5aaee8
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 12, 2025
a9dc849
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 13, 2025
106561a
Update polkadot/xcm/xcm-builder/src/tests/barriers.rs
raymondkfcheung Feb 13, 2025
c8e5879
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 14, 2025
3b945a7
Add DenyNothing
raymondkfcheung Feb 14, 2025
79f45bb
Rename to Executable
raymondkfcheung Feb 14, 2025
cf235c1
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 14, 2025
813d652
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 14, 2025
5abd904
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 17, 2025
ab72d64
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 18, 2025
7170543
Update polkadot/xcm/xcm-builder/src/barriers.rs
raymondkfcheung Feb 18, 2025
19ef51c
Rename to DenyRecursively
raymondkfcheung Feb 18, 2025
51e9c12
Update PR Doc
raymondkfcheung Feb 18, 2025
1c21271
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 18, 2025
d75ce48
Update comments
raymondkfcheung Feb 18, 2025
488636c
Flat the return of deny_recursively
raymondkfcheung Feb 18, 2025
5ab11b9
Use flatten
raymondkfcheung Feb 18, 2025
f208bae
Revert to use unwrap_or
raymondkfcheung Feb 18, 2025
ff42492
Update comments
raymondkfcheung Feb 18, 2025
1faaaf0
Fix format
raymondkfcheung Feb 18, 2025
acc8570
minor refactor
acatangiu Feb 18, 2025
e74fc03
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 18, 2025
3268565
Use flatten
raymondkfcheung Feb 18, 2025
8a76030
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 18, 2025
adb8068
Merge branch 'master' into bko-deny-nested-xcm-barrier
raymondkfcheung Feb 19, 2025
c31cefd
Update polkadot/xcm/xcm-executor/src/lib.rs
raymondkfcheung Feb 19, 2025
5b4692d
Update prdoc/pr_7200.prdoc
raymondkfcheung Feb 19, 2025
bc92335
Update prdoc/pr_7200.prdoc
raymondkfcheung Feb 19, 2025
864c58d
Update PR Doc
raymondkfcheung Feb 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions cumulus/parachains/runtimes/assets/asset-hub-rococo/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ use xcm::latest::{prelude::*, ROCOCO_GENESIS_HASH, WESTEND_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AliasChildLocation, AllowExplicitUnpaidExecutionFrom,
AllowHrmpNotificationsFromRelayChain, AllowKnownQueryResponses, AllowSubscriptionsFrom,
AllowTopLevelPaidExecutionFrom, DenyReserveTransferToRelayChain, DenyThenTry,
AllowTopLevelPaidExecutionFrom, DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry,
DescribeAllTerminal, DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor,
FungibleAdapter, FungiblesAdapter, GlobalConsensusParachainConvertsFor, HashedDescription,
IsConcrete, LocalMint, MatchedConvertedConcreteId, NetworkExportTableItem, NoChecking,
Expand Down Expand Up @@ -269,7 +269,7 @@ impl Contains<Location> for ParentOrParentsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
TakeWeightCredit,
// Expected responses are OK.
Expand Down
4 changes: 2 additions & 2 deletions cumulus/parachains/runtimes/assets/asset-hub-westend/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ use xcm::latest::{prelude::*, ROCOCO_GENESIS_HASH, WESTEND_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AliasChildLocation, AllowExplicitUnpaidExecutionFrom,
AllowHrmpNotificationsFromRelayChain, AllowKnownQueryResponses, AllowSubscriptionsFrom,
AllowTopLevelPaidExecutionFrom, DenyReserveTransferToRelayChain, DenyThenTry,
AllowTopLevelPaidExecutionFrom, DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry,
DescribeAllTerminal, DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor,
FungibleAdapter, FungiblesAdapter, GlobalConsensusParachainConvertsFor, HashedDescription,
IsConcrete, LocalMint, MatchedConvertedConcreteId, NetworkExportTableItem, NoChecking,
Expand Down Expand Up @@ -281,7 +281,7 @@ impl Contains<Location> for AmbassadorEntities {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
TakeWeightCredit,
// Expected responses are OK.
Expand Down
14 changes: 7 additions & 7 deletions cumulus/parachains/runtimes/bridge-hubs/bridge-hub-rococo/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,12 @@ use xcm::latest::{prelude::*, ROCOCO_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HandleFee, HashedDescription,
IsConcrete, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative, SendXcmFeeToAccount,
SiblingParachainAsNative, SiblingParachainConvertsVia, SignedAccountId32AsNative,
SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit, TrailingSetTopicAsId,
UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HandleFee,
HashedDescription, IsConcrete, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative,
SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
};
use xcm_executor::{
traits::{FeeManager, FeeReason, FeeReason::Export},
Expand Down Expand Up @@ -131,7 +131,7 @@ impl Contains<Location> for ParentOrParentsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
14 changes: 7 additions & 7 deletions cumulus/parachains/runtimes/bridge-hubs/bridge-hub-westend/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,12 +43,12 @@ use xcm::latest::{prelude::*, WESTEND_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HandleFee, HashedDescription,
IsConcrete, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative, SendXcmFeeToAccount,
SiblingParachainAsNative, SiblingParachainConvertsVia, SignedAccountId32AsNative,
SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit, TrailingSetTopicAsId,
UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HandleFee,
HashedDescription, IsConcrete, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative,
SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
};
use xcm_executor::{
traits::{FeeManager, FeeReason, FeeReason::Export},
Expand Down Expand Up @@ -129,7 +129,7 @@ impl Contains<Location> for ParentOrParentsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
16 changes: 8 additions & 8 deletions cumulus/parachains/runtimes/collectives/collectives-westend/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,13 @@ use xcm_builder::{
AccountId32Aliases, AliasChildLocation, AliasOriginRootUsingFilter,
AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HashedDescription, IsConcrete,
LocatableAssetId, OriginToPluralityVoice, ParentAsSuperuser, ParentIsPreset,
RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
XcmFeeManagerFromComponents,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter,
HashedDescription, IsConcrete, LocatableAssetId, OriginToPluralityVoice, ParentAsSuperuser,
ParentIsPreset, RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative,
SiblingParachainConvertsVia, SignedAccountId32AsNative, SignedToAccountId32,
SovereignSignedViaLocation, TakeWeightCredit, TrailingSetTopicAsId, UsingComponents,
WeightInfoBounds, WithComputedOrigin, WithUniqueTopic, XcmFeeManagerFromComponents,
};
use xcm_executor::XcmExecutor;

Expand Down Expand Up @@ -146,7 +146,7 @@ impl Contains<Location> for LocalPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
8 changes: 4 additions & 4 deletions cumulus/parachains/runtimes/contracts/contracts-rococo/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,9 @@ use xcm::latest::{prelude::*, ROCOCO_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
EnsureXcmOrigin, FixedWeightBounds, FrameTransactionalProcessor, FungibleAdapter,
HashedDescription, IsConcrete, NativeAsset, ParentAsSuperuser, ParentIsPreset,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, EnsureXcmOrigin, FixedWeightBounds, FrameTransactionalProcessor,
FungibleAdapter, HashedDescription, IsConcrete, NativeAsset, ParentAsSuperuser, ParentIsPreset,
RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WithComputedOrigin, WithUniqueTopic,
Expand Down Expand Up @@ -134,7 +134,7 @@ impl Contains<Location> for ParentOrParentsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
TakeWeightCredit,
// Expected responses are OK.
Expand Down
14 changes: 7 additions & 7 deletions cumulus/parachains/runtimes/coretime/coretime-rococo/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,12 @@ use xcm::latest::{prelude::*, ROCOCO_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HashedDescription, IsConcrete,
NonFungibleAdapter, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative, SendXcmFeeToAccount,
SiblingParachainAsNative, SiblingParachainConvertsVia, SignedAccountId32AsNative,
SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit, TrailingSetTopicAsId,
UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter,
HashedDescription, IsConcrete, NonFungibleAdapter, ParentAsSuperuser, ParentIsPreset,
RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
XcmFeeManagerFromComponents,
};
use xcm_executor::XcmExecutor;
Expand Down Expand Up @@ -145,7 +145,7 @@ impl Contains<Location> for ParentOrParentsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
14 changes: 7 additions & 7 deletions cumulus/parachains/runtimes/coretime/coretime-westend/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,12 @@ use xcm_builder::{
AccountId32Aliases, AliasChildLocation, AliasOriginRootUsingFilter,
AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter, HashedDescription, IsConcrete,
NonFungibleAdapter, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative, SendXcmFeeToAccount,
SiblingParachainAsNative, SiblingParachainConvertsVia, SignedAccountId32AsNative,
SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit, TrailingSetTopicAsId,
UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter,
HashedDescription, IsConcrete, NonFungibleAdapter, ParentAsSuperuser, ParentIsPreset,
RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
XcmFeeManagerFromComponents,
};
use xcm_executor::XcmExecutor;
Expand Down Expand Up @@ -154,7 +154,7 @@ impl Contains<Location> for FellowsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
10 changes: 5 additions & 5 deletions cumulus/parachains/runtimes/people/people-rococo/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,10 @@ use xcm::latest::{prelude::*, ROCOCO_GENESIS_HASH};
use xcm_builder::{
AccountId32Aliases, AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
DescribeTerminus, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter,
HashedDescription, IsConcrete, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative,
SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, DescribeTerminus, EnsureXcmOrigin, FrameTransactionalProcessor,
FungibleAdapter, HashedDescription, IsConcrete, ParentAsSuperuser, ParentIsPreset,
RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
XcmFeeManagerFromComponents,
Expand Down Expand Up @@ -153,7 +153,7 @@ impl Contains<Location> for ParentOrParentsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
10 changes: 5 additions & 5 deletions cumulus/parachains/runtimes/people/people-westend/src/xcm_config.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,10 @@ use xcm_builder::{
AccountId32Aliases, AliasChildLocation, AliasOriginRootUsingFilter,
AllowExplicitUnpaidExecutionFrom, AllowHrmpNotificationsFromRelayChain,
AllowKnownQueryResponses, AllowSubscriptionsFrom, AllowTopLevelPaidExecutionFrom,
DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal, DescribeFamily,
DescribeTerminus, EnsureXcmOrigin, FrameTransactionalProcessor, FungibleAdapter,
HashedDescription, IsConcrete, ParentAsSuperuser, ParentIsPreset, RelayChainAsNative,
SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
DenyRecursively, DenyReserveTransferToRelayChain, DenyThenTry, DescribeAllTerminal,
DescribeFamily, DescribeTerminus, EnsureXcmOrigin, FrameTransactionalProcessor,
FungibleAdapter, HashedDescription, IsConcrete, ParentAsSuperuser, ParentIsPreset,
RelayChainAsNative, SendXcmFeeToAccount, SiblingParachainAsNative, SiblingParachainConvertsVia,
SignedAccountId32AsNative, SignedToAccountId32, SovereignSignedViaLocation, TakeWeightCredit,
TrailingSetTopicAsId, UsingComponents, WeightInfoBounds, WithComputedOrigin, WithUniqueTopic,
XcmFeeManagerFromComponents,
Expand Down Expand Up @@ -162,7 +162,7 @@ impl Contains<Location> for FellowsPlurality {

pub type Barrier = TrailingSetTopicAsId<
DenyThenTry<
DenyReserveTransferToRelayChain,
DenyRecursively<DenyReserveTransferToRelayChain>,
(
// Allow local users to buy weight credit.
TakeWeightCredit,
Expand Down
5 changes: 4 additions & 1 deletion polkadot/xcm/xcm-builder/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ workspace = true

[dependencies]
codec = { features = ["derive"], workspace = true }
environmental = { workspace = true }
frame-support = { workspace = true }
frame-system = { workspace = true }
impl-trait-for-tuples = { workspace = true }
Expand All @@ -21,6 +22,7 @@ pallet-asset-conversion = { workspace = true }
pallet-transaction-payment = { workspace = true }
scale-info = { features = ["derive"], workspace = true }
sp-arithmetic = { workspace = true }
sp-core = { workspace = true }
sp-io = { workspace = true }
sp-runtime = { workspace = true }
sp-weights = { workspace = true }
Expand All @@ -39,7 +41,6 @@ polkadot-primitives = { workspace = true, default-features = true }
polkadot-runtime-parachains = { workspace = true, default-features = true }
polkadot-test-runtime = { workspace = true }
primitive-types = { features = ["codec", "num-traits", "scale-info"], workspace = true }
sp-core = { workspace = true, default-features = true }

[features]
default = ["std"]
Expand All @@ -62,6 +63,7 @@ runtime-benchmarks = [
]
std = [
"codec/std",
"environmental/std",
"frame-support/std",
"frame-system/std",
"log/std",
Expand All @@ -71,6 +73,7 @@ std = [
"primitive-types/std",
"scale-info/std",
"sp-arithmetic/std",
"sp-core/std",
"sp-io/std",
"sp-runtime/std",
"sp-weights/std",
Expand Down
93 changes: 93 additions & 0 deletions polkadot/xcm/xcm-builder/src/barriers.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -573,3 +573,96 @@ impl DenyExecution for DenyReserveTransferToRelayChain {
Ok(())
}
}

environmental::environmental!(recursion_count: u8);

/// Denies execution if the XCM contains instructions not meant to run on this chain,
/// first checking at the top-level and then **recursively**.
///
/// This barrier only applies to **locally executed** XCM instructions (`SetAppendix`,
/// `SetErrorHandler`, and `ExecuteWithOrigin`). Remote parts of the XCM are expected to be
/// validated by the receiving chain's barrier.
///
/// Note: Ensures that restricted instructions do not execute on the local chain, enforcing stricter
/// execution policies while allowing remote chains to enforce their own rules.
pub struct DenyRecursively<Inner>(PhantomData<Inner>);

impl<Inner: DenyExecution> DenyRecursively<Inner> {
/// Recursively applies the deny filter to a nested XCM.
///
/// Ensures that restricted instructions are blocked at any depth within the XCM.
/// Uses a **recursion counter** to prevent stack overflows from deep nesting.
fn deny_recursively<RuntimeCall>(
origin: &Location,
xcm: &mut Xcm<RuntimeCall>,
max_weight: Weight,
properties: &mut Properties,
) -> Result<ControlFlow<()>, ProcessMessageError> {
// Initialise recursion counter for this execution context.
recursion_count::using_once(&mut 1, || {
// Prevent stack overflow by enforcing a recursion depth limit.
recursion_count::with(|count| {
if *count > xcm_executor::RECURSION_LIMIT {
log::debug!(
target: "xcm::barriers",
"Recursion limit exceeded (count: {count}), origin: {:?}, xcm: {:?}, max_weight: {:?}, properties: {:?}",
origin, xcm, max_weight, properties
);
return None;
}
*count = count.saturating_add(1);
Some(())
}).flatten().ok_or(ProcessMessageError::StackLimitReached)?;
Copy link
Copy Markdown
Contributor Author

@bkontur bkontur Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@raymondkfcheung let's do this also for: https://github.com/paritytech/polkadot-sdk/blob/master/polkadot/xcm/xcm-executor/src/lib.rs#L803

Copy link
Copy Markdown
Contributor

@raymondkfcheung raymondkfcheung Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done


// Ensure the counter is decremented even if an early return occurs.
sp_core::defer! {
recursion_count::with(|count| {
*count = count.saturating_sub(1);
});
}

// Recursively check the nested XCM instructions.
Self::deny_execution(origin, xcm.inner_mut(), max_weight, properties)
})?;

Ok(ControlFlow::Continue(()))
}
}

impl<Inner: DenyExecution> DenyExecution for DenyRecursively<Inner> {
/// Denies execution of restricted local nested XCM instructions.
///
/// This checks for `SetAppendix`, `SetErrorHandler`, and `ExecuteWithOrigin` instruction
/// applying the deny filter **recursively** to any nested XCMs found.
fn deny_execution<RuntimeCall>(
origin: &Location,
instructions: &mut [Instruction<RuntimeCall>],
max_weight: Weight,
properties: &mut Properties,
) -> Result<(), ProcessMessageError> {
// First, check if the top-level message should be denied.
Inner::deny_execution(origin, instructions, max_weight, properties).inspect_err(|e| {
log::warn!(
target: "xcm::barriers",
"DenyRecursively::Inner denied execution, origin: {:?}, instructions: {:?}, max_weight: {:?}, properties: {:?}, error: {:?}",
origin, instructions, max_weight, properties, e
);
})?;

// If the top-level check passes, check nested instructions recursively.
instructions.matcher().match_next_inst_while(
|_| true,
|inst| match inst {
SetAppendix(nested_xcm) |
SetErrorHandler(nested_xcm) |
ExecuteWithOrigin { xcm: nested_xcm, .. } => Self::deny_recursively::<RuntimeCall>(
origin, nested_xcm, max_weight, properties,
),
_ => Ok(ControlFlow::Continue(())),
},
)?;

// Permit everything else
Ok(())
}
}
Loading
Loading