From e6521acf320c4ea995a737c61b0208a05643e9bb Mon Sep 17 00:00:00 2001
From: atheesh <atheesh@vitwit.com>
Date: Fri, 5 Apr 2024 11:52:36 +0530
Subject: [PATCH] feat: authz-rules POC

---
 simapp/app.go            | 22 +++++++++++++++++++++-
 simapp/app_v2.go         |  2 +-
 x/authz/keeper/keeper.go | 16 ++++++++++++++++
 3 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/simapp/app.go b/simapp/app.go
index 3c27030af82d..84abeefcb5dd 100644
--- a/simapp/app.go
+++ b/simapp/app.go
@@ -1,4 +1,4 @@
-//go:build app_v1
+//go:build !app_v1
 
 package simapp
 
@@ -337,6 +337,26 @@ func NewSimApp(
 
 	app.AuthzKeeper = authzkeeper.NewKeeper(runtime.NewKVStoreService(keys[authzkeeper.StoreKey]), appCodec, app.MsgServiceRouter(), app.AccountKeeper)
 
+	rules := func(msg sdk.Msg) bool {
+		switch msg := msg.(type) {
+		case *banktypes.MsgSend:
+			blockedAddrs := []string{"cosmos1rnr5jrt4exl0samwj0yegv99jeskl0hsge5zwt"}
+			for _, v := range blockedAddrs {
+				if msg.ToAddress == v {
+					return true
+				}
+			}
+			return false
+		case *stakingtypes.MsgDelegate:
+			// Your logic for stake messages here
+			return false
+		default:
+			return false
+		}
+	}
+
+	app.AuthzKeeper = app.AuthzKeeper.SetAuthzRules(rules)
+
 	groupConfig := group.DefaultConfig()
 	/*
 		Example of setting group params:
diff --git a/simapp/app_v2.go b/simapp/app_v2.go
index e10a54e7449e..40620509414a 100644
--- a/simapp/app_v2.go
+++ b/simapp/app_v2.go
@@ -1,4 +1,4 @@
-//go:build !app_v1
+//go:build app_v1
 
 package simapp
 
diff --git a/x/authz/keeper/keeper.go b/x/authz/keeper/keeper.go
index c7dc7dec5421..03eba95c1663 100644
--- a/x/authz/keeper/keeper.go
+++ b/x/authz/keeper/keeper.go
@@ -34,6 +34,7 @@ type Keeper struct {
 	cdc          codec.Codec
 	router       baseapp.MessageRouter
 	authKeeper   authz.AccountKeeper
+	rules        func(msg sdk.Msg) bool
 }
 
 // NewKeeper constructs a message authorization Keeper
@@ -92,6 +93,11 @@ func (k Keeper) update(ctx context.Context, grantee, granter sdk.AccAddress, upd
 	return nil
 }
 
+func (k Keeper) SetAuthzRules(rules func(msg sdk.Msg) bool) Keeper {
+	k.rules = rules
+	return k
+}
+
 // DispatchActions attempts to execute the provided messages via authorization
 // grants from the message signer to the grantee.
 func (k Keeper) DispatchActions(ctx context.Context, grantee sdk.AccAddress, msgs []sdk.Msg) ([][]byte, error) {
@@ -99,6 +105,16 @@ func (k Keeper) DispatchActions(ctx context.Context, grantee sdk.AccAddress, msg
 	sdkCtx := sdk.UnwrapSDKContext(ctx)
 	now := sdkCtx.BlockTime()
 
+	for _, msg := range msgs {
+		// switch sdk.MsgTypeURL(msg) {
+		// case sdk.MsgTypeURL(&bankv1beta1.MsgSend{}):
+		ok := k.rules(msg)
+		if ok {
+			return nil, fmt.Errorf("receiver blocked")
+		}
+		// }
+	}
+
 	for i, msg := range msgs {
 		signers, _, err := k.cdc.GetMsgV1Signers(msg)
 		if err != nil {