From 0afae196a14fde34965716bcbb6f9c7da38ba54c Mon Sep 17 00:00:00 2001
From: Julink <julien.fontanel12@gmail.com>
Date: Wed, 17 Apr 2024 17:37:57 +0200
Subject: [PATCH] feat: verify msg.sender to be the owner when calling
 registerPoh

---
 .../ethregistrar/ETHRegistrarController.sol   | 26 ++++++++++++-------
 .../TestEthRegistrarController.js             |  2 +-
 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/packages/l2-contracts/contracts/ethregistrar/ETHRegistrarController.sol b/packages/l2-contracts/contracts/ethregistrar/ETHRegistrarController.sol
index e85b7b0d2..6b89ddf2c 100644
--- a/packages/l2-contracts/contracts/ethregistrar/ETHRegistrarController.sol
+++ b/packages/l2-contracts/contracts/ethregistrar/ETHRegistrarController.sol
@@ -29,6 +29,9 @@ error InsufficientValue();
 error Unauthorised(bytes32 node);
 error MaxCommitmentAgeTooLow();
 error MaxCommitmentAgeTooHigh();
+error PohVerificationFailed(address owner);
+error OwnerAlreadyRegistered(address owner);
+error SenderNotOwner(address owner, address sender);
 
 /**
  * @dev A registrar controller for registering and renewing names at fixed cost.
@@ -177,15 +180,20 @@ contract ETHRegistrarController is
         uint16 ownerControlledFuses,
         bytes memory signature
     ) public {
-        // Check if the address has already registered using registerPoh
-        require(
-            !hasRegisteredPoh[owner],
-            "Address has already registered using PoH"
-        );
-        require(
-            pohVerifier.verify(signature, owner),
-            "POH verification failed"
-        );
+        // The sender of the transaction needs to be the owner
+        if (msg.sender != owner) {
+            revert SenderNotOwner(owner, msg.sender);
+        }
+
+        // An andress can own only one domain using its PoH
+        if (hasRegisteredPoh[owner]) {
+            revert OwnerAlreadyRegistered(owner);
+        }
+
+        // Check that the signature sent is valid, this is the reference for an address to have a valid PoH
+        if (!pohVerifier.verify(signature, owner)) {
+            revert PohVerificationFailed(owner);
+        }
 
         // Mark this address as having successfully registered
         hasRegisteredPoh[owner] = true;
diff --git a/packages/l2-contracts/test/ethregistrar/TestEthRegistrarController.js b/packages/l2-contracts/test/ethregistrar/TestEthRegistrarController.js
index 3167ee60e..530102262 100644
--- a/packages/l2-contracts/test/ethregistrar/TestEthRegistrarController.js
+++ b/packages/l2-contracts/test/ethregistrar/TestEthRegistrarController.js
@@ -273,7 +273,7 @@ contract('ETHRegistrarController', function () {
     const name = 'pohname'
     const duration = 28 * 24 * 60 * 60 // 28 days in seconds
     const secret = ethers.utils.formatBytes32String('secret')
-    const human = signers[1].address
+    const human = signers[0].address
     const signature = ethers.utils.hexlify(ethers.utils.randomBytes(65)) // Mock signature
 
     // Generate a commitment for the registration