test: add E2E test for power-shaping features

[insumity]

Description

Added some simple E2E tests to verify that the basic behavior of the power-shaping features works as expected. Specifically, we test that validator-set capping, validators-power capping, allowlisting, and denylisting work.

Verified tests run successfully with:

go run ./tests/e2e/... --tc partial-set-security-validator-set-cap
go run ./tests/e2e/... --tc partial-set-security-validators-power-cap
go run ./tests/e2e/... --tc partial-set-security-validators-allowlisted
go run ./tests/e2e/... --tc partial-set-security-validators-denylisted

---

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

• Included the correct type prefix in the PR title
• Targeted the correct branch (see PR Targeting)
• Provided a link to the relevant issue or specification
• Reviewed "Files changed" and left comments if necessary
• Confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

• Confirmed the correct type prefix in the PR title
• Confirmed all author checklist items have been addressed
• Confirmed that this PR does not change production code

Summary by CodeRabbit

• New Features

  • Enhanced testing capabilities by adding new test cases and steps for partial set security scenarios in an Opt-In chain. This includes handling validator-set caps, validators' power caps, allowlists, and denylists.

• Tests

  • Introduced functions to set up specific chain configurations such as validator-set capped, validators-power capped, allowlisted, and denylisted chains in end-to-end tests.

[coderabbitai]

Walkthrough

The recent changes aim to bolster blockchain network control by introducing validator caps, allowlists, and denylists for enhanced security and governance in diverse blockchain scenarios, particularly emphasizing partial set security within Opt-In chains.

Changes

File Path	Change Summary
tests/e2e/actions.go	Added fields to SubmitConsumerAdditionProposalAction struct and updated function usage.
tests/e2e/main.go	Introduced new test cases for partial set security scenarios in Opt-In chains.
tests/e2e/steps_partial_set_security.go	New functions for setting up chains with specific security configurations.
.github/workflows/nightly-e2e.yml	Added new E2E tests for partial set security opt-in, top N, validator set cap, validators power cap, allowlisted validators, and denylisted validators.

🐇🎉
To the land of code where the bits align,
A rabbit hopped with a design so fine.
Caps and lists, both deny and allow,
Secure the chains, the rabbit shows how!
Hop and code, let the blockchain flow! 🚀🌟
🐇🎉

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[p-offtermatt]

LGTM, one nit

[coderabbitai]

Actionable comments posted: 0

Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 454ad62 and 6a610c4.

Files selected for processing (1)

• tests/e2e/steps_partial_set_security.go (1 hunks)

Additional comments not posted (52)

tests/e2e/steps_partial_set_security.go (52)

1004-1005: Function stepsValidatorSetCappedChain starts here.

The function name and comment clearly describe its purpose.

---

1008-1015: Initial chain setup looks good.

The validators and their stakes are correctly initialized.

---

1027-1037: Proposal submission includes the ValidatorSetCap field.

The proposal correctly includes the ValidatorSetCap field to limit the number of validators.

---

1057-1071: Opt-in actions for validators are correctly defined.

The opt-in actions for alice, bob, and carol are correctly defined, ensuring they use the provider's public key.

---

1106-1114: Assigning the consumer key for carol is correctly handled.

The consumer key assignment for carol is correctly handled, ensuring proper configuration.

---

1139-1165: Starting the consumer chain with the validator-set cap is correctly implemented.

The consumer chain start action correctly respects the validator-set cap, ensuring only the top validators are included.

---

1187-1207: Opt-out action for carol is correctly defined.

The opt-out action for carol is correctly defined, ensuring state changes are accurately captured.

---

1210-1234: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

1242-1243: Function stepsValidatorsPowerCappedChain starts here.

The function name and comment clearly describe its purpose.

---

1245-1252: Initial chain setup looks good.

The validators and their stakes are correctly initialized.

---

1264-1273: Proposal submission includes the ValidatorsPowerCap field.

The proposal correctly includes the ValidatorsPowerCap field to limit the voting power of validators.

---

1294-1307: Opt-in actions for validators are correctly defined.

The opt-in actions for alice, bob, and carol are correctly defined, ensuring they use the provider's public key.

---

1342-1350: Assigning the consumer key for carol is correctly handled.

The consumer key assignment for carol is correctly handled, ensuring proper configuration.

---

1375-1401: Starting the consumer chain with the power cap is correctly implemented.

The consumer chain start action correctly respects the power cap, ensuring no validator exceeds the specified power limit.

---

1424-1443: Opt-out action for carol is correctly defined.

The opt-out action for carol is correctly defined, ensuring state changes are accurately captured.

---

1446-1470: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator power distribution is accurately reflected.

---

1478-1479: Function stepsValidatorsAllowlistedChain starts here.

The function name and comment clearly describe its purpose.

---

1481-1488: Initial chain setup looks good.

The validators and their stakes are correctly initialized.

---

1500-1511: Proposal submission includes the Allowlist field.

The proposal correctly includes the Allowlist field to specify which validators are allowed.

---

1531-1544: Opt-in actions for validators are correctly defined.

The opt-in actions for alice, bob, and carol are correctly defined, ensuring they use the provider's public key.

---

1579-1587: Assigning the consumer key for carol is correctly handled.

The consumer key assignment for carol is correctly handled, ensuring proper configuration.

---

1612-1637: Starting the consumer chain with the allowlist is correctly implemented.

The consumer chain start action correctly respects the allowlist, ensuring only the specified validators are included.

---

1659-1680: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

1687-1688: Function stepsValidatorsDenylistedChain starts here.

The function name and comment clearly describe its purpose.

---

1691-1698: Initial chain setup looks good.

The validators and their stakes are correctly initialized.

---

1710-1719: Proposal submission includes the Denylist field.

The proposal correctly includes the Denylist field to specify which validators are denied.

---

1740-1753: Opt-in actions for validators are correctly defined.

The opt-in actions for alice, bob, and carol are correctly defined, ensuring they use the provider's public key.

---

1788-1796: Assigning the consumer key for carol is correctly handled.

The consumer key assignment for carol is correctly handled, ensuring proper configuration.

---

1821-1846: Starting the consumer chain with the denylist is correctly implemented.

The consumer chain start action correctly respects the denylist, ensuring the specified validators are excluded.

---

1868-1889: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 1-3: Function stepsOptInChain starts here.

The function name and comment clearly describe its purpose.

---

Line range hint 5-15: Initial chain setup looks good.

The validators and their stakes are correctly initialized.

---

Line range hint 17-32: Proposal submission is correctly defined.

The proposal submission for adding a consumer chain is correctly defined, including all necessary fields.

---

Line range hint 34-47: Opt-in actions for validators are correctly defined.

The opt-in actions for alice and bob are correctly defined, ensuring they use the provider's public key.

---

Line range hint 49-65: Voting on the proposal is correctly handled.

The voting action for the proposal is correctly handled, ensuring the proposal status is updated.

---

Line range hint 67-84: Starting the consumer chain is correctly implemented.

The consumer chain start action is correctly implemented, ensuring the validators are properly initialized.

---

Line range hint 86-89: Adding IBC connection is correctly defined.

The action to add an IBC connection is correctly defined.

---

Line range hint 91-96: Adding IBC channel is correctly defined.

The action to add an IBC channel is correctly defined.

---

Line range hint 98-107: Opt-in action for carol is correctly defined.

The opt-in action for carol is correctly defined, ensuring state changes are accurately captured.

---

Line range hint 109-115: Assigning the consumer key for carol is correctly handled.

The consumer key assignment for carol is correctly handled, ensuring proper configuration.

---

Line range hint 117-134: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 136-143: Opt-out action for bob is correctly defined.

The opt-out action for bob is correctly defined, ensuring state changes are accurately captured.

---

Line range hint 145-161: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 163-172: Re-opt-in action for bob is correctly defined.

The re-opt-in action for bob is correctly defined, ensuring state changes are accurately captured.

---

Line range hint 174-189: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 191-198: Downtime slash action for alice is correctly defined.

The downtime slash action for alice is correctly defined, ensuring state changes are accurately captured.

---

Line range hint 200-215: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 217-232: Unjail action for alice is correctly defined.

The unjail action for alice is correctly defined, ensuring state changes are accurately captured.

---

Line range hint 234-249: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 251-258: Downtime slash action for alice is correctly defined.

The downtime slash action for alice is correctly defined, ensuring state changes are accurately captured.

---

Line range hint 260-275: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

---

Line range hint 277-292: Relay packets action correctly updates the state.

The relay packets action correctly updates the state, ensuring the validator set is accurately reflected.

[MSalopek]

Can you add an entry into the nightly tests? Otherwise it would never run.
https://github.com/cosmos/interchain-security/blob/main/.github/workflows/nightly-e2e.yml#L0-L1

[coderabbitai]

Actionable comments posted: 1

Out of diff range and nitpick comments (1)

.github/workflows/nightly-e2e.yml (1)

184-199: Ensure consistency in job naming conventions.

The job name partial-set-security-opt-in-test follows a different naming convention compared to other existing jobs which do not include the word "test" at the end. Consider renaming for consistency.

Review Details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 6a610c4 and a0227d5.

Files selected for processing (1)

• .github/workflows/nightly-e2e.yml (2 hunks)

Additional comments not posted (1)

.github/workflows/nightly-e2e.yml (1)

292-297: Good addition of dependency management for the failure notification job.

The use of the needs keyword to ensure that the nightly-test-fail job runs only after all test jobs have completed is a good practice. This helps in managing dependencies between jobs effectively.

[coderabbitai]

Tip

Codebase Verification

The search results indicate that the test command parameters are defined in the Makefile. However, the specific parameter partial-set-security-opt-in used in the GitHub Actions workflow is not found in the Makefile. This discrepancy suggests that the parameter might be incorrect or missing from the Makefile.

Action Required: Verify Test Command Parameters

The test command parameter partial-set-security-opt-in used in the GitHub Actions workflow does not match any parameters found in the Makefile. Please verify the correctness of this parameter and ensure it is defined appropriately in the Makefile or other relevant files.

• File: .github/workflows/nightly-e2e.yml
• Lines: 184-199

Also applies to:

• Lines 201-215
• Lines 217-231
• Lines 233-247
• Lines 249-263
• Lines 265-279

Analysis chain

Validate the test command parameters.

Ensure that the parameters used in the run commands for each test job match the test cases described in the PR. This is crucial to ensure that the tests are targeting the correct functionalities.

Also applies to: 201-215, 217-231, 233-247, 249-263, 265-279

Scripts Executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify that the test command parameters match the expected test cases as per PR description.

# Test: Search for the test command usage in the e2e test files. Expect: Parameters should match those described in the PR.
rg --type go $'go run ./tests/e2e/... --tc' ./tests/e2e/

Length of output: 57

---

---

Script:

#!/bin/bash
# Description: Verify that the test command parameters match the expected test cases as per PR description.

# Test: Search for the test command usage in the e2e test files. Expect: Parameters should match those described in the PR.
# Refine the search pattern to ensure we capture the relevant test command usage.
rg --type go 'go run .*/tests/e2e/.* --tc' ./tests/e2e/

Length of output: 57

---

---

Script:

#!/bin/bash
# Description: Verify that the test command parameters match the expected test cases as per PR description.

# Test: Search for the test command usage across the entire repository. Expect: Parameters should match those described in the PR.
rg 'go run .*/tests/e2e/.* --tc'

Length of output: 485