Description

When executing a transaction, Cosmos automatically handles any panics that may occur with the default recovery middleware (see runtx_middleware↗), but this is not the case for anything that runs within an EndBlock or BeginBlock hook. In these cases it is vital that there are no panics and that all errors are handled correctly; otherwise, it will result in a chain halt as all the validators will panic and crash.

The following locations are all reachable from an EndBlock or BeginBlock (AfterEpochEnd is called from a BeginBlock):

• x/inflation/keeper/hooks.go#L64-L64↗

• x/oracle/keeper/slash.go#L52-L52↗

• x/oracle/keeper/update_exchange_rates.go#L80-L80↗

• x/oracle/keeper/reward.go#L71-L71↗

• x/oracle/keeper/reward.go#L60-L60↗

• x/oracle/keeper/ballot.go#L69-L69↗

• x/oracle/types/ballot.go#L111-L111↗

Impact

If any of these error conditions are met, there will be a chain halt as all the validators will crash.

Recommendations

The panics should be replaced with the appropriate error handling for each case and either log the error or fail gracefully.

Remediation

This issue has been acknowledged by Nibiru, and fixes were implemented in the following commits:

• 73d9bfd4↗