fix: BRI-03

VenusProtocol · Dec 12, 2023 · 7c63f14 · 7c63f14
1 parent f57a9ab
commit 7c63f14
Show file tree

Hide file tree

Showing 5 changed files with 97 additions and 7 deletions.
diff --git a/contracts/Bridge/BaseXVSProxyOFT.sol b/contracts/Bridge/BaseXVSProxyOFT.sol
@@ -106,6 +106,8 @@ abstract contract BaseXVSProxyOFT is Pausable, ExponentialNoError, BaseOFTV2 {
      * @custom:error ZeroAddressNotAllowed is thrown when token contract address is zero.
      * @custom:error ZeroAddressNotAllowed is thrown when lzEndpoint contract address is zero.
      * @custom:error ZeroAddressNotAllowed is thrown when oracle contract address is zero.
+     * @custom:event Emits InnerTokenAdded with token address.
+     * @custom:event Emits OracleChanged with zero address and oracle address.
      */
     constructor(
         address tokenAddress_,
@@ -231,6 +233,8 @@ abstract contract BaseXVSProxyOFT is Pausable, ExponentialNoError, BaseOFTV2 {
     /**
      * @notice Remove trusted remote from storage.
      * @param remoteChainId_ The chain's id corresponds to setting the trusted remote to empty.
+     * @custom:access Only owner.
+     * @custom:event Emits TrustedRemoteRemoved once chain id is removed from trusted remote.
      */
     function removeTrustedRemote(uint16 remoteChainId_) external onlyOwner {
         delete trustedRemoteLookup[remoteChainId_];
@@ -261,11 +265,18 @@ abstract contract BaseXVSProxyOFT is Pausable, ExponentialNoError, BaseOFTV2 {
 
     /**
      * @notice Return's the address of the inner token of this bridge.
+     * @return Address of the inner token of this bridge.
      */
     function token() public view override returns (address) {
         return address(innerToken);
     }
 
+    /**
+     * @notice Checks if the sender is eligible to send tokens
+     * @param from_ Sender's address sending tokens
+     * @param dstChainId_ Chain id on which tokens should be sent
+     * @param amount_ Amount of tokens to be sent
+     */
     function _isEligibleToSend(address from_, uint16 dstChainId_, uint256 amount_) internal {
         // Check if the sender's address is whitelisted
         bool isWhiteListedUser = whitelist[from_];
@@ -304,6 +315,12 @@ abstract contract BaseXVSProxyOFT is Pausable, ExponentialNoError, BaseOFTV2 {
         chainIdToLast24HourTransferred[dstChainId_] = transferredInWindow;
     }
 
+    /**
+     * @notice Checks if receiver is able to receive tokens
+     * @param toAddress_ Receiver address
+     * @param srcChainId_ Source chain id from which token is send
+     * @param receivedAmount_ Amount of tokens received
+     */
     function _isEligibleToReceive(address toAddress_, uint16 srcChainId_, uint256 receivedAmount_) internal {
         // Check if the recipient's address is whitelisted
         bool isWhiteListedUser = whitelist[toAddress_];
@@ -343,6 +360,13 @@ abstract contract BaseXVSProxyOFT is Pausable, ExponentialNoError, BaseOFTV2 {
         chainIdToLast24HourReceived[srcChainId_] = receivedInWindow;
     }
 
+    /**
+     * @notice Transfer tokens from sender to receiver account.
+     * @param from_ Address from which token has to be transferred(Sender).
+     * @param to_ Address on which token will be tranferred(Receiver).
+     * @param amount_ Amount of token to be transferred.
+     * @return Actual balance difference.
+     */
     function _transferFrom(
         address from_,
         address to_,
@@ -357,6 +381,10 @@ abstract contract BaseXVSProxyOFT is Pausable, ExponentialNoError, BaseOFTV2 {
         return innerToken.balanceOf(to_) - before;
     }
 
+    /**
+     * @notice Returns Conversion rate factor from large decimals to shared decimals.
+     * @return Conversion rate factor.
+     */
     function _ld2sdRate() internal view override returns (uint256) {
         return ld2sdRate;
     }

diff --git a/contracts/Bridge/XVSBridgeAdmin.sol b/contracts/Bridge/XVSBridgeAdmin.sol
@@ -21,7 +21,9 @@ contract XVSBridgeAdmin is AccessControlledV8 {
      */
     mapping(bytes4 => string) public functionRegistry;
 
-    // Event emitted when function registry updated
+    /**
+     * @notice emitted when function registry updated
+     */
     event FunctionRegistryChanged(string signature, bool active);
 
     /// @custom:oz-upgrades-unsafe-allow constructor
@@ -39,7 +41,8 @@ contract XVSBridgeAdmin is AccessControlledV8 {
     }
 
     /**
-     * @notice Invoked when called function does not exist in the contract
+     * @notice Invoked when called function does not exist in the contract.
+     * @return Response of low level call.
      * @custom:access Controlled by AccessControlManager.
      */
     fallback(bytes calldata data) external returns (bytes memory) {
@@ -52,8 +55,10 @@ contract XVSBridgeAdmin is AccessControlledV8 {
     }
 
     /**
+     * @notice Sets trusted remote on particular chain.
      * @param remoteChainId_ Chain Id of the destination chain.
      * @param remoteAddress_ Address of the destination bridge.
+     * @custom:access Controlled by AccessControlManager.
      * @custom:error ZeroAddressNotAllowed is thrown when remoteAddress_ contract address is zero.
      */
     function setTrustedRemoteAddress(uint16 remoteChainId_, bytes calldata remoteAddress_) external {
@@ -67,6 +72,8 @@ contract XVSBridgeAdmin is AccessControlledV8 {
      * @notice A setter for the registry of functions that are allowed to be executed from proposals.
      * @param signatures_  Function signature to be added or removed.
      * @param active_ bool value, should be true to add function.
+     * @custom:access Only owner.
+     * @custom:event Emits FunctionRegistryChanged if bool value of function changes.
      */
     function upsertSignature(string[] calldata signatures_, bool[] calldata active_) external onlyOwner {
         uint256 signatureLength = signatures_.length;
@@ -98,10 +105,11 @@ contract XVSBridgeAdmin is AccessControlledV8 {
     }
 
     /**
-     * @notice Returns bool = true if srcAddress_ is trustedRemote corresponds to chainId_.
+     * @notice Returns true if remote address is trustedRemote corresponds to chainId_.
      * @param remoteChainId_ Chain Id of the destination chain.
      * @param remoteAddress_ Address of the destination bridge.
      * @custom:error ZeroAddressNotAllowed is thrown when remoteAddress_ contract address is zero.
+     * @return Bool indicating whether the remote chain is trusted or not.
      */
     function isTrustedRemote(uint16 remoteChainId_, bytes calldata remoteAddress_) external returns (bool) {
         require(remoteChainId_ != 0, "ChainId must not be zero");
@@ -116,11 +124,18 @@ contract XVSBridgeAdmin is AccessControlledV8 {
 
     /**
      * @dev Returns function name string associated with function signature.
+     * @param signature_ Four bytes of function signature.
+     * @return Function signature corresponding to its hash.
      */
     function _getFunctionName(bytes4 signature_) internal view returns (string memory) {
         return functionRegistry[signature_];
     }
 
+    /**
+     * @notice Converts given bytes into address.
+     * @param b Bytes to be converted into address.
+     * @return Converted address of given bytes.
+     */
     function bytesToAddress(bytes calldata b) private pure returns (address) {
         return address(uint160(bytes20(b)));
     }

diff --git a/contracts/Bridge/XVSProxyOFTDest.sol b/contracts/Bridge/XVSProxyOFTDest.sol
@@ -25,10 +25,13 @@ contract XVSProxyOFTDest is BaseXVSProxyOFT {
         address oracle_
     ) BaseXVSProxyOFT(tokenAddress_, sharedDecimals_, lzEndpoint_, oracle_) {}
 
-    /** @notice Clear failed messages from the storage.
+    /**
+     * @notice Clear failed messages from the storage.
      * @param srcChainId_ Chain id of source
      * @param srcAddress_ Address of source followed by current bridge address
      * @param nonce_ Nonce_ of the transaction
+     * @custom:access Only owner
+     * @custom:event Emits DropFailedMessage on clearance of failed message.
      */
     function dropFailedMessage(uint16 srcChainId_, bytes memory srcAddress_, uint64 nonce_) external onlyOwner {
         failedMessages[srcChainId_][srcAddress_][nonce_] = bytes32(0);
@@ -37,11 +40,19 @@ contract XVSProxyOFTDest is BaseXVSProxyOFT {
 
     /**
      * @notice Returns the total circulating supply of the token on the destination chain i.e (total supply).
+     * @return total circulating supply of the token on the destination chain.
      */
     function circulatingSupply() public view override returns (uint256) {
         return innerToken.totalSupply();
     }
 
+    /**
+     * @notice Debit tokens from the given address
+     * @param from_  Address from which tokens to be debited
+     * @param dstChainId_ Destination chain id
+     * @param amount_ Amount of tokens to be debited
+     * @return Actual amount debited
+     */
     function _debitFrom(
         address from_,
         uint16 dstChainId_,
@@ -54,6 +65,13 @@ contract XVSProxyOFTDest is BaseXVSProxyOFT {
         return amount_;
     }
 
+    /**
+     * @notice Credit tokens in the given account
+     * @param srcChainId_  Source chain id
+     * @param toAddress_ Address on which token will be credited
+     * @param amount_ Amount of tokens to be credited
+     * @return Actual amount credited
+     */
     function _creditTo(
         uint16 srcChainId_,
         address toAddress_,

diff --git a/contracts/Bridge/XVSProxyOFTSrc.sol b/contracts/Bridge/XVSProxyOFTSrc.sol
@@ -36,10 +36,13 @@ contract XVSProxyOFTSrc is BaseXVSProxyOFT {
         address oracle_
     ) BaseXVSProxyOFT(tokenAddress_, sharedDecimals_, lzEndpoint_, oracle_) {}
 
-    /** @notice Only call it when there is no way to recover the failed message.
+    /**
+     * @notice Only call it when there is no way to recover the failed message.
      * `dropFailedMessage` must be called first if transaction is from remote->local chain to avoid double spending.
      * @param to_ The address to withdraw to
      * @param amount_ The amount of withdrawal
+     * @custom:access Only owner.
+     * @custom:event Emits FallbackWithdraw, once done with transfer.
      */
     function fallbackWithdraw(address to_, uint256 amount_) external onlyOwner {
         require(outboundAmount >= amount_, "Withdraw amount should be less than outbound amount");
@@ -50,10 +53,13 @@ contract XVSProxyOFTSrc is BaseXVSProxyOFT {
         emit FallbackWithdraw(to_, amount_);
     }
 
-    /** @notice Clear failed messages from the storage.
+    /**
+     * @notice Clear failed messages from the storage.
      * @param srcChainId_ Chain id of source
      * @param srcAddress_ Address of source followed by current bridge address
      * @param nonce_ Nonce_ of the transaction
+     * @custom:access Only owner.
+     * @custom:event Emits DropFailedMessage on clearance of failed message.
      */
     function dropFailedMessage(uint16 srcChainId_, bytes memory srcAddress_, uint64 nonce_) external onlyOwner {
         failedMessages[srcChainId_][srcAddress_][nonce_] = bytes32(0);
@@ -62,11 +68,19 @@ contract XVSProxyOFTSrc is BaseXVSProxyOFT {
 
     /**
      * @notice Returns the total circulating supply of the token on the source chain i.e (total supply - locked in this contract).
+     * @return Returns total supply of the token.
      */
     function circulatingSupply() public view override returns (uint256) {
         return innerToken.totalSupply() - outboundAmount;
     }
 
+    /**
+     * @notice Debit tokens from the given address
+     * @param from_  Address from which tokens to be debited
+     * @param dstChainId_ Destination chain id
+     * @param amount_ Amount of tokens to be debited
+     * @return Actual amount debited
+     */
     function _debitFrom(
         address from_,
         uint16 dstChainId_,
@@ -81,6 +95,13 @@ contract XVSProxyOFTSrc is BaseXVSProxyOFT {
         return amount;
     }
 
+    /**
+     * @notice Credit tokens in the given account
+     * @param srcChainId_  Source chain id
+     * @param toAddress_ Address on which token will be credited
+     * @param amount_ Amount of tokens to be credited
+     * @return Actual amount credited
+     */
     function _creditTo(
         uint16 srcChainId_,
         address toAddress_,

diff --git a/contracts/Bridge/token/TokenController.sol b/contracts/Bridge/token/TokenController.sol
@@ -151,6 +151,9 @@ contract TokenController is Ownable, Pausable {
      * @param from_  Minter address.
      * @param to_  Receiver address.
      * @param amount_  Amount to be mint.
+     * @custom:error MintNotAllowed is thrown when user is in blacklist
+     * @custom:error MintLimitExceed is thrown when minting limit exceeds the cap.
+     * @custom:event Emits MintLimitDecreased with minter address and available limits.
      */
     function _isEligibleToMint(address from_, address to_, uint256 amount_) internal {
         if (_blacklist[to_]) {
@@ -175,6 +178,7 @@ contract TokenController is Ownable, Pausable {
      * @dev This is post hook of burn function, increases minting limit of the minter.
      * @param from_ Minter address.
      * @param amount_  Amount burned.
+     * @custom:event Emits MintLimitIncreased with minter address and availabe limit.
      */
     function _increaseMintLimit(address from_, uint256 amount_) internal {
         uint256 totalMintedOld = minterToMintedAmount[from_];
@@ -184,7 +188,11 @@ contract TokenController is Ownable, Pausable {
         emit MintLimitIncreased(from_, availableLimit);
     }
 
-    /// @dev Checks the caller is allowed to call the specified fuction
+    /**
+     * @dev Checks the caller is allowed to call the specified fuction.
+     * @param functionSig_ Function signatureon which access is to be checked.
+     * @custom:error Unauthorized, thrown when unauthorised user try to access function.
+     */
     function _ensureAllowed(string memory functionSig_) internal view {
         if (!IAccessControlManagerV8(accessControlManager).isAllowedToCall(msg.sender, functionSig_)) {
             revert Unauthorized();