Update vault clone method

[nullpointer0x00]

closes: #171

Summary by CodeRabbit

• Bug Fixes

  • Fixed vault cloning behavior and added a changelog entry.

• Chores

  • Bumped Go toolchain and modernized core and ecosystem dependencies.

• Refactor

  • Vault initialization updated to use cloned vault instances; attribute constructor API expanded with an additional parameter.

• Tests

  • Updated simulation and unit tests and benchmarks to accommodate the revised constructor and calling patterns.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Replaces legacy gogoproto cloning in VaultAccount with a proto-v2-compatible clone via protoadapt + gproto.Clone; InitGenesis now uses the cloned VaultAccount; simulation helpers now require txConfig; dependency/go toolchain bumps applied; changelog entry added; attribute constructor signature updated and callsites adjusted.

Changes

Cohort / File(s)	Summary
Changelog Entry .changelog/unreleased/bug-fixes/171-fix-vault-gogoproto-clone.md	Adds a changelog entry documenting the Vault gogoproto clone fix (issue #171).
Root Go Modules go.mod	Bumps Go toolchain and refreshes many dependencies (cosmossdk.io modules, cosmos-sdk → v0.53.5, gogoproto → v1.7.2, protobuf/grpc/testify updates, many indirects and replace mappings).
Simapp Go Module simapp/go.mod	Updates simapp-specific module pins and replacements to align with root dependency changes and provenance/provlabs module re-routing.
Vault Types types/vault.go	Replaces proto.Clone(&v) with protoadapt.MessageV1Of(gproto.Clone(protoadapt.MessageV2Of(&v))); adds protobuf compatibility imports to avoid gogoproto merge errors involving math/big types.
Keeper Genesis keeper/genesis.go	InitGenesis now validates VaultAccountI and passes v.Clone() into SetVaultLookup instead of downcasting to *types.VaultAccount, removing the previous cast path.
Simulation Tests / Helpers simapp/sim_test.go, simapp/sim_bench_test.go	Callsites updated to BuildSimulationOperations(..., txConfig) (new txConfig parameter) and test store-skip logic/imports extended for vault/attribute prefixes.
Keeper Tests (attribute API) keeper/msg_server_test.go, keeper/vault_test.go	Updated callsites to match expanded attrtypes.NewAttribute(..., extra string) signature (passes additional empty-string arg).

Sequence Diagram(s)

(omitted)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Resolve InitGenesis Vault bug #173: Closely related — also modifies Vault init/cloning behavior and InitGenesis handling for the same panic scenario.
• Set payment denom to underlying denom if single asset vault #157: Related — touches VaultAccount fields and validation/constructors that interact with cloning/validation logic.
• Vault validation using set vault account consistently #147: Related — changes vault account storage/validation plumbing and lookup usage that overlap with InitGenesis adjustments.

Suggested reviewers

• Taztingo
• iramiller

Poem

🐰
I twitched my nose and hopped the line,
Swapped old Clone for a friendlier sign.
No panics now where big words hide,
gproto and protoadapt walk beside. 🥕

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating the vault clone method to fix the gogoproto panic issue.
Linked Issues check	✅ Passed	All code changes align with issue #171's requirements: vault clone method fixed using protobuf-v2 adaptor, dependencies upgraded for SDK v0.53 compatibility, and supporting code updated accordingly.
Out of Scope Changes check	✅ Passed	All changes are within scope of issue #171: vault clone fix, dependency updates for SDK v0.53, and required call-site updates for API changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch nullpointer0x00/171-vault-big-word-fix

---

No actionable comments were generated in the recent review. 🎉

🧹 Recent nitpick comments

simapp/go.mod (1)

362-368: Consider resolving the TODO on the cosmos-sdk replace.

Line 363 has a TODO: might not need to do this... for the cosmos-sdk replace. If the provenance fork is required (as it appears to be for the root module too), remove the TODO. If it's genuinely uncertain, track it as a follow-up issue.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In `@go.mod`:
- Around line 3-5: The go.mod currently declares "go 1.23.2" and a toolchain of
"go1.24.1"; update the toolchain directive to a more recent patch release (e.g.,
change "toolchain go1.24.1" to "toolchain go1.24.12" or to the latest stable
like "toolchain go1.25.6") so the project uses a secure, up-to-date Go toolchain
while leaving the module "go" version unchanged unless you intend to upgrade
language features.
- Line 16: Update the dependency entry for github.com/cometbft/cometbft in
go.mod from v0.38.20 to v0.38.21 (or later) to pull the CRITICAL consensus
vulnerability fix; after editing the line for github.com/cometbft/cometbft, run
the module update commands (e.g., go get github.com/cometbft/cometbft@v0.38.21
&& go mod tidy) and rebuild/run tests to ensure compatibility with any API
changes.

In `@types/vault.go`:
- Around line 93-96: Update the stale comment on the VaultAccount.Clone method
to refer to VaultAccount (not MarkerAccount), and make the return type assertion
defensive: call protoadapt.MessageV1Of(gproto.Clone(protoadapt.MessageV2Of(&v)))
but instead of a naked type assertion to (*VaultAccount) which can panic,
perform a safe comma-ok type assertion and handle the failure (e.g., return nil
or log/error) before returning; reference the VaultAccount.Clone function and
the protoadapt.MessageV1Of / gproto.Clone / protoadapt.MessageV2Of calls when
making the change.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@go.mod`:
- Line 16: Update the cometbft dependency in go.mod by changing the version
string for the module "github.com/cometbft/cometbft" from v0.38.20 to v0.38.21
to pull in the GHSA-c32p-wcqj-j677 fix; after updating run "go mod tidy" and
rebuild/tests to ensure compatibility, and then audit any protocol logic that
relies on block timestamps to verify behavior remains correct with the patched
release.

In `@types/vault.go`:
- Around line 93-96: The comment for the Clone method is incorrect/outdated: it
mentions "MarkerAccount" but the method is defined on VaultAccount. Update the
comment above the VaultAccount.Clone method to refer to VaultAccount (e.g.,
"Clone makes a VaultAccount instance copy.") so the docstring matches the
receiver and method name VaultAccount.Clone.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@keeper/genesis.go`:
- Line 27: The call to SetVaultLookup at k.SetVaultLookup(ctx, v.Clone()) is
ignoring its returned error; change this to capture the error and handle it the
same way as the later call (panic on failure). Specifically, update the code
around that invocation to: err := k.SetVaultLookup(ctx, v.Clone()); if err !=
nil { panic(fmt.Errorf("failed to set vault lookup: %w", err)) } (use the same
panic/message style as the later check) so failures during genesis import are
not silently dropped.

🧹 Nitpick comments (2)

go.mod (1)

5-5: Consider updating the Go toolchain to a more recent patch release.

Per previous review feedback, Go 1.24.12 (or Go 1.25.6) includes additional security and bug fixes compared to go1.24.1.

simapp/go.mod (1)

5-5: Consider updating the Go toolchain to a more recent patch release.

As noted in the main module, Go 1.24.12 (or Go 1.25.6) includes additional security and bug fixes compared to go1.24.1.