Add TransferAuthorization for Neutron IBC Transfers (for Smart Contract Granters)

[arlai-mk]

Summary

Add a custom TransferAuthorization implementation for Neutron's /neutron.transfer.MsgTransfer message type, enabling fine-grained authz grants for IBC transfers on behalf of smart contracts.

Problem

Currently, there's a limitation when creating authz grants for IBC transfers from smart contracts on Neutron:

Standard IBC MsgTransfer (/ibc.applications.transfer.v1.MsgTransfer):

• ✅ Has TransferAuthorization with fine-grained restrictions (channel, spend limit, receiver allow list, memo restrictions)
• ❌ Does not support the fee field required for smart contract granters (senders) on Neutron

Neutron MsgTransfer (/neutron.transfer.MsgTransfer):

• ✅ Supports fees via Neutron's fee refunder module (required for smart contract senders)
• ❌ Only supports GenericAuthorization without fine-grained restrictions

This creates a security and usability gap: smart contracts cannot provide granular authz grants for IBC transfers.

Use Case

When a smart contract (granter) wants to delegate IBC transfer permissions to another address (grantee), they currently must choose between:

1. Using standard IBC MsgTransfer authz grant: Provides fine-grained control (specific channels, amounts, receivers) BUT fails because smart contracts require fees
2. Using Generic authz for Neutron MsgTransfer: Allows fees BUT provides no restrictions (grantee can transfer to any chain, any address, any amount)

Real-world scenario: A DAO smart contract wants to authorize a treasury manager to send funds via IBC, but only:

• To a specific channel (e.g., to Cosmos Hub)
• To a specific receiver address (e.g., the DAO's Cosmos Hub wallet)
• Up to a spending limit (e.g., max 10,000 NTRN)
• With empty memo (for security)

This is currently not possible with Neutron's MsgTransfer.

Proposed Solution

Implement a TransferAuthorization for Neutron, mirroring the existing IBC-go implementation but compatible with /neutron.transfer.MsgTransfer.

Key features:

• Per-channel allocations (port + channel specification)
• Spend limits per channel (with support for unbounded spending using sentinel value)
• Receiver allow list (empty list = any receiver allowed)
• Memo restrictions (empty list = no memo allowed, "*" wildcard = any memo allowed)
• Automatic spend limit tracking and authorization deletion when exhausted

Implementation Details

I suggest that the implementation should follow the same pattern as IBC-go's TransferAuthorization, so as to not re-invent the wheel.

Reference Implementation

IBC-go already has this implemented for standard IBC transfers:

• Proto: ibc-go/proto/ibc/applications/transfer/v1/authz.proto
• Go implementation: ibc-go/modules/apps/transfer/types/transfer_authorization.go
• Tests: ibc-go/modules/apps/transfer/types/transfer_authorization_test.go

The Neutron implementation would be nearly identical, with the key difference being:

• Works with /neutron.transfer.MsgTransfer instead of /ibc.applications.transfer.v1.MsgTransfer
• Lives in neutron/x/transfer/types instead of ibc-go/modules/apps/transfer/types

Benefits

1. Security: Fine-grained control over IBC transfers from smart contracts
2. Parity: Smart contracts on Neutron get the same authz capabilities as standard users
3. Composability: Enables new use cases:
   • Automated treasury management with spending limits
   • Secure delegation for cross-chain DeFi strategies
4. Minimal complexity: Follows established patterns from IBC-go

Thank you.