TxSigLimit checking logic bug

[Hyung-bharvest]

Summary of Bug

when checking the limit of signature number, it does not use the parameter from genesis.json but it use default value.

Steps to Reproduce

cosmos-sdk/x/auth/stdtx.go

Lines 62 to 64 in 65be4db

	if uint64(sigCount) > DefaultTxSigLimit {
	return sdk.ErrTooManySignatures(
	fmt.Sprintf("signatures: %d, limit: %d", sigCount, DefaultTxSigLimit),

at line 62&64, DefaultTxSigLimit should be replaced by TxSigLimit.

additionally, gaiacli should check whether the number of signature is approvable in the context of current params in genesis when user creates a multisig account. Because, if not, multisig generation with more than limit number of signature will succeed without any error, so that user can misunderstand that the multisig account is successfully created so he/she can send atoms to the account. Unfortunately user never be able to control the multisig account because of TxSigLimit, causing losing the atoms forever.

---

For Admin Use

• Not duplicate issue
• Appropriate labels applied
• Appropriate contributors tagged
• Contributor assigned/self-assigned

[alexanderbez]

wow...good catch @dlguddus. Unfortunately, we'll have to move this check out of ValidateBasic and into the ante-handler because we need access to the params. Not a big deal I suppose.

With regards to multisig creation/generation, it might be a bit difficult to do that. The gaia CLI does not have access to genesis. Even if it did, it would not matter because the param could change through governance. At best, I think we should just improve the documentation to state that you should not create more signatures than the parameter allows. It will be up to the user to ensure this.

[Hyung-bharvest]

Thanks for fixing this ! For gaiacli, yes I think you are right because creating multisig happens offline.

[alexanderbez]

Correct :)