From 2a4d0ec62c6ccead1ff36809bd377005ae1f893d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?colin=20axn=C3=A9r?=
 <25233464+colin-axner@users.noreply.github.com>
Date: Fri, 25 Sep 2020 18:22:52 +0200
Subject: [PATCH] Add solo machine timestamp check (#7392)

* add check in header updates for non decreasing timestamp

Add check in update.go that the header timestamp is non decreasing compared to the consensus state timestamp. Unit test added in update_test.go

* update error message

* update godoc

Co-authored-by: Federico Kunze <31522760+fedekunze@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
---
 x/ibc/light-clients/solomachine/types/update.go      | 12 +++++++++++-
 x/ibc/light-clients/solomachine/types/update_test.go |  9 +++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/x/ibc/light-clients/solomachine/types/update.go b/x/ibc/light-clients/solomachine/types/update.go
index 9dafb1247540..066b2baab96f 100644
--- a/x/ibc/light-clients/solomachine/types/update.go
+++ b/x/ibc/light-clients/solomachine/types/update.go
@@ -11,6 +11,8 @@ import (
 // CheckHeaderAndUpdateState checks if the provided header is valid and updates
 // the consensus state if appropriate. It returns an error if:
 // - the client or header provided are not parseable to solo machine types
+// - the header sequence does not match the current sequence
+// - the header timestamp is less than the consensus state timestamp
 // - the currently registered public key did not provide the update signature
 func (cs ClientState) CheckHeaderAndUpdateState(
 	ctx sdk.Context, cdc codec.BinaryMarshaler, clientStore sdk.KVStore,
@@ -37,7 +39,15 @@ func checkHeader(cdc codec.BinaryMarshaler, clientState *ClientState, header *He
 	if header.Sequence != clientState.Sequence {
 		return sdkerrors.Wrapf(
 			clienttypes.ErrInvalidHeader,
-			"sequence provided in the header does not match the client state sequence (%d != %d)", header.Sequence, clientState.Sequence,
+			"header sequence does not match the client state sequence (%d != %d)", header.Sequence, clientState.Sequence,
+		)
+	}
+
+	// assert update timestamp is not less than current consensus state timestamp
+	if header.Timestamp < clientState.ConsensusState.Timestamp {
+		return sdkerrors.Wrapf(
+			clienttypes.ErrInvalidHeader,
+			"header timestamp is less than to the consensus state timestamp (%d < %d)", header.Timestamp, clientState.ConsensusState.Timestamp,
 		)
 	}
 
diff --git a/x/ibc/light-clients/solomachine/types/update_test.go b/x/ibc/light-clients/solomachine/types/update_test.go
index f58a740e6d44..f07ad69f51ee 100644
--- a/x/ibc/light-clients/solomachine/types/update_test.go
+++ b/x/ibc/light-clients/solomachine/types/update_test.go
@@ -54,6 +54,15 @@ func (suite *SoloMachineTestSuite) TestCheckHeaderAndUpdateState() {
 			},
 			false,
 		},
+		{
+			"invalid timestamp in header",
+			func() {
+				clientState = suite.solomachine.ClientState()
+				h := suite.solomachine.CreateHeader()
+				h.Timestamp--
+				header = h
+			}, false,
+		},
 		{
 			"signature uses wrong sequence",
 			func() {