-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
store relayer on relay [SLT-182] (#3170)
* store relayer on relay [SLT-182] * +tests, zeroAddr check, fmt
- Loading branch information
Showing
3 changed files
with
45 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -36,8 +36,8 @@ contract FastBridgeV2 is Admin, IFastBridgeV2, IFastBridgeV2Errors { | |
mapping(bytes32 => BridgeStatus) public bridgeStatuses; | ||
/// @notice Proof of relayed bridge tx on origin chain | ||
mapping(bytes32 => BridgeProof) public bridgeProofs; | ||
/// @notice Whether bridge has been relayed on destination chain | ||
mapping(bytes32 => bool) public bridgeRelays; | ||
/// @notice Relay details on destination chain | ||
mapping(bytes32 => BridgeRelay) public bridgeRelayDetails; | ||
|
||
/// @dev to prevent replays | ||
uint256 public nonce; | ||
|
@@ -132,16 +132,19 @@ contract FastBridgeV2 is Admin, IFastBridgeV2, IFastBridgeV2Errors { | |
|
||
/// @inheritdoc IFastBridgeV2 | ||
function relay(bytes memory request, address relayer) public payable { | ||
if (relayer == address(0)) revert ZeroAddress(); | ||
bytes32 transactionId = keccak256(request); | ||
BridgeTransaction memory transaction = getBridgeTransaction(request); | ||
if (transaction.destChainId != uint32(block.chainid)) revert ChainIncorrect(); | ||
|
||
// check haven't exceeded deadline for relay to happen | ||
if (block.timestamp > transaction.deadline) revert DeadlineExceeded(); | ||
|
||
if (bridgeRelayDetails[transactionId].relayer != address(0)) revert TransactionRelayed(); | ||
|
||
// mark bridge transaction as relayed | ||
if (bridgeRelays[transactionId]) revert TransactionRelayed(); | ||
bridgeRelays[transactionId] = true; | ||
bridgeRelayDetails[transactionId] = | ||
BridgeRelay({blockNumber: uint48(block.number), blockTimestamp: uint48(block.timestamp), relayer: relayer}); | ||
|
||
// transfer tokens to recipient on destination chain and gas rebate if requested | ||
address to = transaction.destRecipient; | ||
|
@@ -175,6 +178,12 @@ contract FastBridgeV2 is Admin, IFastBridgeV2, IFastBridgeV2Errors { | |
); | ||
} | ||
Check notice Code scanning / Slither Reentrancy vulnerabilities Low
Reentrancy in FastBridgeV2.relay(bytes,address):
External calls: - _pullToken(to,token,amount) - returndata = address(token).functionCall(data) - IERC20(token).safeTransferFrom(msg.sender,recipient,amount) - (success,returndata) = target.call{value: value}(data) - (success,None) = to.call{value: value}() - token.universalTransfer(recipient,amount) - IERC20(token).safeTransfer(to,value) - _pullToken(to,token,amount + rebate) - returndata = address(token).functionCall(data) - IERC20(token).safeTransferFrom(msg.sender,recipient,amount) - (success,returndata) = target.call{value: value}(data) - (success,None) = to.call{value: value}() - token.universalTransfer(recipient,amount) - IERC20(token).safeTransfer(to,value) - _pullToken(to,token,amount) - returndata = address(token).functionCall(data) - IERC20(token).safeTransferFrom(msg.sender,recipient,amount) - (success,returndata) = target.call{value: value}(data) - (success,None) = to.call{value: value}() - token.universalTransfer(recipient,amount) - IERC20(token).safeTransfer(to,value) - _pullToken(to,UniversalTokenLib.ETH_ADDRESS,rebate) - returndata = address(token).functionCall(data) - IERC20(token).safeTransferFrom(msg.sender,recipient,amount) - (success,returndata) = target.call{value: value}(data) - (success,None) = to.call{value: value}() - token.universalTransfer(recipient,amount) - IERC20(token).safeTransfer(to,value) External calls sending eth: - _pullToken(to,token,amount) - (success,returndata) = target.call{value: value}(data) - (success,None) = to.call{value: value}() - _pullToken(to,token,amount + rebate) - (success,returndata) = target.call{value: value}(data) - [(success,None) = to.call{value: Check notice Code scanning / Slither Block timestamp Low
FastBridgeV2.relay(bytes,address) uses timestamp for comparisons
Dangerous comparisons: - block.timestamp > transaction.deadline |
||
|
||
/// @inheritdoc IFastBridgeV2 | ||
function bridgeRelays(bytes32 transactionId) public view returns (bool) { | ||
// has this transactionId been relayed? | ||
return bridgeRelayDetails[transactionId].relayer != address(0); | ||
} | ||
|
||
/// @inheritdoc IFastBridge | ||
function prove(bytes memory request, bytes32 destTxHash) external { | ||
bytes32 transactionId = keccak256(request); | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters