Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Abdk audit 5 #17

Merged
merged 7 commits into from
Jun 19, 2024
Merged

Abdk audit 5 #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b57ebb9
fix cvf-2
zkbenny Jun 19, 2024
bb04f08
fix cvf-26
zkbenny Jun 19, 2024
ae192f4
fix cvf-27
zkbenny Jun 19, 2024
e01340e
fix cvf-28
zkbenny Jun 19, 2024
3da3d14
fix cvf-36
zkbenny Jun 19, 2024
111ff57
fix cvf-38
zkbenny Jun 19, 2024
7c9d405
fix cvf-41
zkbenny Jun 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 0 additions & 31 deletions contracts/governance/Governance.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,18 +132,6 @@ contract Governance is IGovernance, Ownable2Step {
emit TransparentOperationScheduled(id, _delay, _operation);
}

/// @notice Propose "shadow" upgrade, upgrade data is not publishing on-chain.
/// @notice The owner will be able to execute the proposal either:
/// - With a `delay` timelock on its own.
/// - With security council instantly.
/// @dev Only the current owner can propose an upgrade.
/// @param _id The operation hash (see `hashOperation` function)
/// @param _delay The delay time (in seconds) after which the proposed upgrade may be executed by the owner.
// function scheduleShadow(bytes32 _id, uint256 _delay) external onlyOwner {
// _schedule(_id, _delay);
// emit ShadowOperationScheduled(_id, _delay);
// }

/*//////////////////////////////////////////////////////////////
CANCELING CALLS
//////////////////////////////////////////////////////////////*/
Expand Down Expand Up @@ -180,25 +168,6 @@ contract Governance is IGovernance, Ownable2Step {
emit OperationExecuted(id);
}

/// @notice Executes the scheduled operation with the security council instantly.
/// @dev Only the security council may execute an operation instantly.
/// @param _operation The operation parameters will be executed with the upgrade.
// function executeInstant(Operation calldata _operation) external payable onlySecurityCouncil {
// bytes32 id = hashOperation(_operation);
// // Check if the predecessor operation is completed.
// _checkPredecessorDone(_operation.predecessor);
// // Ensure that the operation is in a pending state before proceeding.
// require(isOperationPending(id), "Operation must be pending before execution");
// // Execute operation.
// _execute(_operation.calls);
// // Reconfirming that the operation is still pending before execution.
// // This is needed to avoid unexpected reentrancy attacks of re-executing the same operation.
// require(isOperationPending(id), "Operation must be pending after execution");
// // Set operation to be done
// timestamps[id] = EXECUTED_PROPOSAL_TIMESTAMP;
// emit OperationExecuted(id);
// }

/// @dev Returns the identifier of an operation.
/// @param _operation The operation object to compute the identifier for.
function hashOperation(Operation calldata _operation) public pure returns (bytes32) {
Expand Down
6 changes: 1 addition & 5 deletions contracts/governance/IGovernance.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,10 @@ interface IGovernance {

function scheduleTransparent(Operation calldata _operation, uint256 _delay) external;

// function scheduleShadow(bytes32 _id, uint256 _delay) external;

function cancel(bytes32 _id) external;

function execute(Operation calldata _operation) external payable;

// function executeInstant(Operation calldata _operation) external payable;

function hashOperation(Operation calldata _operation) external pure returns (bytes32);

function updateDelay(uint256 _newDelay) external;
Expand All @@ -71,7 +67,7 @@ interface IGovernance {
event OperationExecuted(bytes32 indexed _id);

/// @notice Emitted when the security council address is changed.
event ChangeSecurityCouncil(address _securityCouncilBefore, address _securityCouncilAfter);
event ChangeSecurityCouncil(address indexed _securityCouncilBefore, address indexed _securityCouncilAfter);

/// @notice Emitted when the minimum delay for future operations is modified.
event ChangeMinDelay(uint256 _delayBefore, uint256 _delayAfter);
Expand Down
4 changes: 3 additions & 1 deletion contracts/interfaces/IERC20MergeToken.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
// SPDX-License-Identifier: MIT
pragma solidity 0.8.23;
pragma solidity ^0.8.0;

interface IERC20MergeToken {
/// @notice Mint merge token
/// @dev The caller must be the portal contract
function mint(address _receiver, uint256 _amount) external;

/// @notice Burn merge token
/// @dev The caller must be the portal contract
function burn(address _from, uint256 _amount) external;
}
2 changes: 1 addition & 1 deletion contracts/interfaces/IMergeTokenPortal.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
// SPDX-License-Identifier: MIT
pragma solidity 0.8.23;
pragma solidity ^0.8.0;

interface IMergeTokenPortal {
event DepositToMerge(
Expand Down
14 changes: 9 additions & 5 deletions contracts/merge/MergeTokenPortal.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,10 +110,10 @@ contract MergeTokenPortal is IMergeTokenPortal, UUPSUpgradeable, OwnableUpgradea

/// @notice Add source token
function addSourceToken(address _sourceToken, address _mergeToken, uint256 _depositLimit) external onlyOwner {
require(_sourceToken != address(0) && _mergeToken != address(0), "Invalid token address");
bool isSupported = sourceTokenInfoMap[_sourceToken].isSupported;
require(!isSupported, "Source token is already supported");
require(!isMergeTokenSupported[_mergeToken][_sourceToken], "Merge token is already supported");
require(_sourceToken != address(0) && _mergeToken != address(0), "Invalid token address");
require(_sourceToken != _mergeToken, "Should not Match");
uint8 _sourceTokenDecimals = IERC20MetadataUpgradeable(_sourceToken).decimals();
uint8 _mergeTokenDecimals = IERC20MetadataUpgradeable(_mergeToken).decimals();
Expand Down Expand Up @@ -150,9 +150,11 @@ contract MergeTokenPortal is IMergeTokenPortal, UUPSUpgradeable, OwnableUpgradea
SourceTokenInfo storage tokenInfo = sourceTokenInfoMap[_sourceToken];
require(tokenInfo.isSupported, "Source token is not supported");

tokenInfo.isLocked = _isLocked;
if (tokenInfo.isLocked != _isLocked) {
tokenInfo.isLocked = _isLocked;

emit SourceTokenStatusUpdated(_sourceToken, _isLocked);
emit SourceTokenStatusUpdated(_sourceToken, _isLocked);
}
}

/// @notice Set deposit limit
Expand All @@ -161,9 +163,11 @@ contract MergeTokenPortal is IMergeTokenPortal, UUPSUpgradeable, OwnableUpgradea
require(tokenInfo.isSupported, "Source token is not supported");
require(_limit >= tokenInfo.balance, "Invalid Specification");

tokenInfo.depositLimit = _limit;
if (tokenInfo.depositLimit != _limit) {
tokenInfo.depositLimit = _limit;

emit DepositLimitUpdated(_sourceToken, _limit);
emit DepositLimitUpdated(_sourceToken, _limit);
}
}

/// @notice Grant security council role
Expand Down
Loading