How are the transactions of a cosmos sdk application are validated

when i study cosmos sdk application development, i have a confusion about how its transactions are validated. It looks to me only the application itself know how to validate its transactions, then how validators can do the validation.

Every node (including validator node) runs a copy of the application, so the validation (CheckTx) is done by the application in the validator node.

The blockchain acts as a state replication machine, so all copies of the application should (eventually) get to the same state.

can someone help