fix: crosscheck UpdateTokenMetadata decimals with ERC20 contracts and bank metadata

[Thaleszh]

Description

Crosscheck UpdateTokenMetadata decimals with ERC20 contracts and bank metadata to avoid any possible mismatch

Type of change

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Added simple checks for both ERC20 and bank metadata infos

PR Checklist:

Make sure each step was done:

• Updated changelog with PR's intent
• Lint with make lint-fix

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 11d6c615-1614-47a2-85e9-ac52a1c1efcd

📥 Commits

Reviewing files that changed from the base of the PR and between 2af7bb8 and 51b6f11.

📒 Files selected for processing (1)

• x/feeabstraction/keeper/msg_server.go

---

Walkthrough

Adds pre-update validation in UpdateFeeTokens to ensure each UpdateTokenMetadata.Decimals matches canonical metadata: for ERC20-prefixed denoms it queries the ERC20 contract via QueryERC20 and verifies contract decimals; for non-ERC20 denoms it checks bank denom metadata via GetDenomMetaData and compares the max denom unit exponent. Validation rejects mismatches with an error; bank denoms without metadata are skipped. A new unexported validateFeeTokenDecimals helper centralizes checks. Keeper interfaces gained QueryERC20 and GetDenomMetaData methods. Tests exercising ERC20, bank, and unknown-denom paths were added. CHANGELOG updated.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Summary

• Added decimals validation to UpdateFeeTokens: compares proposed UpdateTokenMetadata.Decimals against ERC20 contract decimals (via QueryERC20) or bank denom metadata (via GetDenomMetaData), rejecting mismatches.
• Introduced an unexported validateFeeTokenDecimals helper used by UpdateFeeTokens.
• Extended expected keeper interfaces to include QueryERC20 and GetDenomMetaData.
• Added tests (TestUpdateFeeTokensDecimalsMismatch) covering ERC20, bank metadata, and unknown-denom scenarios.
• Updated CHANGELOG with a fixed entry about decimals enforcement.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and specifically summarizes the main change: adding decimal validation between UpdateTokenMetadata and ERC20/bank sources.
Description check	✅ Passed	The description is related to the changeset, explaining the purpose of the decimal crosscheck and confirming testing was added.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/crosscheck-updatetoken-decimals

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@x/feeabstraction/keeper/msg_server.go`:
- Around line 173-176: The code path in msg_server.go currently skips validation
when ms.bankKeeper.GetDenomMetaData(ctx, token.Denom) returns !found; change
this to fail-closed by returning an error (reject the update) unless metadata
exists, or implement an explicit allowlist lookup before bypassing;
specifically, in the handler that calls ms.bankKeeper.GetDenomMetaData for
token.Denom, replace the unconditional "return nil" on !found with a rejection
(e.g., return an sdk error) or consult an explicit allowlist (e.g., a
function/isAllowedNativeDenom) and only bypass if the denom is in that
allowlist. Ensure the error message clearly references the missing metadata and
the denom.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 11dec457-a6a3-4f4d-9a7b-1a19c3836c3a

📥 Commits

Reviewing files that changed from the base of the PR and between 643a819 and 2af7bb8.

📒 Files selected for processing (4)

• CHANGELOG.md
• x/feeabstraction/keeper/msg_server.go
• x/feeabstraction/keeper/msg_server_test.go
• x/feeabstraction/types/expected_keepers.go

[codecov]

Codecov Report

❌ Patch coverage is 0% with 33 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
x/feeabstraction/keeper/msg_server.go	0.00%	33 Missing ⚠️

📢 Thoughts on this report? Let us know!