cosmos-sdk-codeql icon indicating copy to clipboard operation
cosmos-sdk-codeql copied to clipboard

Published 20 hours ago verified publisher icon crypto-com

feat: update system-time rule to not trigger on `time.Now().Round(0).UTC()`

Open julienrbrt opened this issue 2 years ago • 2 comments

ref: https://github.com/cosmos/cosmos-sdk/pull/18239#discussion_r1376005648

I am not too familiar with CodeQL expression, so I have used GitHub Copilot to help me.

julienrbrt avatar Oct 30 '23 11:10 julienrbrt

Hello @julienrbrt , thank you for your PR and sorry the late reply.

I read your Cosmos SDK reference and understand the use of time.Now() are at the genesis generation and test cases, which are legit cases.

However, I believe the existence of this rule is for a wider context that inside any state transition there shouldn't be use of time.Now() anywhere to avoid non-determinism.

As a result, I don't think we should loosen this rule or suggest to use UTC time.

Happy to discuss further here.

calvinaco avatar Dec 05 '23 03:12 calvinaco

That is definitely true. Do you think there is a way to tweak this rule better then?

julienrbrt avatar Dec 06 '23 09:12 julienrbrt