From d2280c3e26935e4d9785303af587cd64ff8745c6 Mon Sep 17 00:00:00 2001 From: Foivos Date: Mon, 6 Jan 2025 17:43:46 +0200 Subject: [PATCH] feat: addressed ackee's report (#312) Co-authored-by: Milap Sheth --- contracts/InterchainTokenFactory.sol | 44 +++++++++++++++++-- contracts/InterchainTokenService.sol | 40 ++++++++--------- contracts/TokenHandler.sol | 5 +-- .../interfaces/IInterchainTokenFactory.sol | 4 +- .../interfaces/IInterchainTokenService.sol | 1 - .../interfaces/ITokenManagerDeployer.sol | 1 - test/InterchainTokenFactory.js | 28 +++++++----- 7 files changed, 81 insertions(+), 42 deletions(-) diff --git a/contracts/InterchainTokenFactory.sol b/contracts/InterchainTokenFactory.sol index 8b680ac9..53f972a6 100644 --- a/contracts/InterchainTokenFactory.sol +++ b/contracts/InterchainTokenFactory.sol @@ -120,6 +120,7 @@ contract InterchainTokenFactory is IInterchainTokenFactory, Multicall, Upgradabl * @notice Deploys a new interchain token with specified parameters. * @dev Creates a new token and optionally mints an initial amount to a specified minter. * This function is `payable` because non-payable functions cannot be called in a multicall that calls other `payable` functions. + * Cannot deploy tokens with empty supply and no minter. * @param salt The unique salt for deploying the token. * @param name The name of the token. * @param symbol The symbol of the token. @@ -150,6 +151,8 @@ contract InterchainTokenFactory is IInterchainTokenFactory, Multicall, Upgradabl if (minter == address(interchainTokenService)) revert InvalidMinter(minter); minterBytes = minter.toBytes(); + } else { + revert ZeroSupplyToken(); } tokenId = _deployInterchainToken(deploySalt, currentChain, name, symbol, decimals, minterBytes, gasValue); @@ -382,12 +385,14 @@ contract InterchainTokenFactory is IInterchainTokenFactory, Multicall, Upgradabl bytes memory minter, uint256 gasValue ) internal returns (bytes32 tokenId) { + // Ensure that a token is registered locally for the tokenId before allowing a remote deployment bytes32 expectedTokenId = _interchainTokenId(deploySalt); - // Ensure that a local token has been registered for the tokenId - IERC20Named token = IERC20Named(interchainTokenService.registeredTokenAddress(expectedTokenId)); + address tokenAddress = interchainTokenService.registeredTokenAddress(expectedTokenId); // The local token must expose the name, symbol, and decimals metadata - tokenId = _deployInterchainToken(deploySalt, destinationChain, token.name(), token.symbol(), token.decimals(), minter, gasValue); + (string memory name, string memory symbol, uint8 decimals) = _getTokenMetadata(tokenAddress); + + tokenId = _deployInterchainToken(deploySalt, destinationChain, name, symbol, decimals, minter, gasValue); if (tokenId != expectedTokenId) revert InvalidTokenId(tokenId, expectedTokenId); } @@ -403,9 +408,42 @@ contract InterchainTokenFactory is IInterchainTokenFactory, Multicall, Upgradabl string memory currentChain = ''; uint256 gasValue = 0; + // Ensure that the ERC20 token has metadata before registering it + // slither-disable-next-line unused-return + _getTokenMetadata(tokenAddress); + tokenId = interchainTokenService.deployTokenManager(deploySalt, currentChain, TokenManagerType.LOCK_UNLOCK, params, gasValue); } + /** + * @notice Retrieves the metadata of an ERC20 token. Reverts with `NotToken` error if metadata is not available. + * @param tokenAddress The address of the token. + * @return name The name of the token. + * @return symbol The symbol of the token. + * @return decimals The number of decimals for the token. + */ + function _getTokenMetadata(address tokenAddress) internal view returns (string memory name, string memory symbol, uint8 decimals) { + IERC20Named token = IERC20Named(tokenAddress); + + try token.name() returns (string memory name_) { + name = name_; + } catch { + revert NotToken(tokenAddress); + } + + try token.symbol() returns (string memory symbol_) { + symbol = symbol_; + } catch { + revert NotToken(tokenAddress); + } + + try token.decimals() returns (uint8 decimals_) { + decimals = decimals_; + } catch { + revert NotToken(tokenAddress); + } + } + /** * @notice Deploys a canonical interchain token on a remote chain. * @param originalTokenAddress The address of the original token on the original chain. diff --git a/contracts/InterchainTokenService.sol b/contracts/InterchainTokenService.sol index e5baea45..b5fd96d1 100644 --- a/contracts/InterchainTokenService.sol +++ b/contracts/InterchainTokenService.sol @@ -415,6 +415,26 @@ contract InterchainTokenService is return _contractCallValue(payload); } + /** + * @notice Executes the cross-chain ITS message. + * @param commandId The unique message id. + * @param sourceChain The chain where the transaction originates from. + * @param sourceAddress The address of the remote ITS where the transaction originates from. + * @param payload The encoded data payload for the transaction. + */ + function execute( + bytes32 commandId, + string calldata sourceChain, + string calldata sourceAddress, + bytes calldata payload + ) external onlyRemoteService(sourceChain, sourceAddress) whenNotPaused { + bytes32 payloadHash = keccak256(payload); + + if (!gateway.validateContractCall(commandId, sourceChain, sourceAddress, payloadHash)) revert NotApprovedByGateway(); + + _execute(commandId, sourceChain, sourceAddress, payload, payloadHash); + } + /** * @notice Express executes operations based on the payload and selector. * @dev This function is `payable` because non-payable functions cannot be called in a multicall that calls other `payable` functions. @@ -666,26 +686,6 @@ contract InterchainTokenService is } } - /** - * @notice Executes operations based on the payload and selector. - * @param commandId The unique message id. - * @param sourceChain The chain where the transaction originates from. - * @param sourceAddress The address of the remote ITS where the transaction originates from. - * @param payload The encoded data payload for the transaction. - */ - function execute( - bytes32 commandId, - string calldata sourceChain, - string calldata sourceAddress, - bytes calldata payload - ) external onlyRemoteService(sourceChain, sourceAddress) whenNotPaused { - bytes32 payloadHash = keccak256(payload); - - if (!gateway.validateContractCall(commandId, sourceChain, sourceAddress, payloadHash)) revert NotApprovedByGateway(); - - _execute(commandId, sourceChain, sourceAddress, payload, payloadHash); - } - /** * @notice Processes the payload data for a send token call. * @param commandId The unique message id. diff --git a/contracts/TokenHandler.sol b/contracts/TokenHandler.sol index be794e9a..8db4492d 100644 --- a/contracts/TokenHandler.sol +++ b/contracts/TokenHandler.sol @@ -4,7 +4,7 @@ pragma solidity ^0.8.0; import { ITokenHandler } from './interfaces/ITokenHandler.sol'; import { IERC20 } from '@axelar-network/axelar-gmp-sdk-solidity/contracts/interfaces/IERC20.sol'; -import { SafeTokenTransfer, SafeTokenTransferFrom, SafeTokenCall } from '@axelar-network/axelar-gmp-sdk-solidity/contracts/libs/SafeTransfer.sol'; +import { SafeTokenTransferFrom, SafeTokenCall } from '@axelar-network/axelar-gmp-sdk-solidity/contracts/libs/SafeTransfer.sol'; import { ReentrancyGuard } from '@axelar-network/axelar-gmp-sdk-solidity/contracts/utils/ReentrancyGuard.sol'; import { Create3AddressFixed } from './utils/Create3AddressFixed.sol'; @@ -16,12 +16,11 @@ import { IERC20BurnableFrom } from './interfaces/IERC20BurnableFrom.sol'; /** * @title TokenHandler - * @notice This interface is responsible for handling tokens before initiating an interchain token transfer, or after receiving one. + * @notice This contract is responsible for handling tokens before initiating an interchain token transfer, or after receiving one. */ contract TokenHandler is ITokenHandler, ITokenManagerType, ReentrancyGuard, Create3AddressFixed { using SafeTokenTransferFrom for IERC20; using SafeTokenCall for IERC20; - using SafeTokenTransfer for IERC20; /** * @notice This function gives token to a specified address from the token manager. diff --git a/contracts/interfaces/IInterchainTokenFactory.sol b/contracts/interfaces/IInterchainTokenFactory.sol index 61ca4ac4..6876b166 100644 --- a/contracts/interfaces/IInterchainTokenFactory.sol +++ b/contracts/interfaces/IInterchainTokenFactory.sol @@ -17,11 +17,11 @@ interface IInterchainTokenFactory is ITokenManagerType, IUpgradable, IMulticall error InvalidChainName(); error InvalidMinter(address minter); error NotMinter(address minter); - error NotOperator(address operator); - error NotServiceOwner(address sender); error NotSupported(); error RemoteDeploymentNotApproved(); error InvalidTokenId(bytes32 tokenId, bytes32 expectedTokenId); + error ZeroSupplyToken(); + error NotToken(address tokenAddress); /// @notice Emitted when a minter approves a deployer for a remote interchain token deployment that uses a custom destinationMinter address. event DeployRemoteInterchainTokenApproval( diff --git a/contracts/interfaces/IInterchainTokenService.sol b/contracts/interfaces/IInterchainTokenService.sol index 5cf23995..e048e2c3 100644 --- a/contracts/interfaces/IInterchainTokenService.sol +++ b/contracts/interfaces/IInterchainTokenService.sol @@ -29,7 +29,6 @@ interface IInterchainTokenService is IAddressTracker, IUpgradable { - error InvalidTokenManagerImplementationType(address implementation); error InvalidChainName(); error NotRemoteService(); error TokenManagerDoesNotExist(bytes32 tokenId); diff --git a/contracts/interfaces/ITokenManagerDeployer.sol b/contracts/interfaces/ITokenManagerDeployer.sol index 8e9acdd6..5478d0c1 100644 --- a/contracts/interfaces/ITokenManagerDeployer.sol +++ b/contracts/interfaces/ITokenManagerDeployer.sol @@ -7,7 +7,6 @@ pragma solidity ^0.8.0; * @notice This interface is used to deploy new instances of the TokenManagerProxy contract. */ interface ITokenManagerDeployer { - error AddressZero(); error TokenManagerDeploymentFailed(); /** diff --git a/test/InterchainTokenFactory.js b/test/InterchainTokenFactory.js index fa9e687e..1bc83ca2 100644 --- a/test/InterchainTokenFactory.js +++ b/test/InterchainTokenFactory.js @@ -115,6 +115,15 @@ describe('InterchainTokenFactory', () => { .withArgs(tokenId, tokenManagerAddress, LOCK_UNLOCK, params); }); + it('Should not register a non-existing token', async () => { + await expectRevert( + (gasOptions) => tokenFactory.registerCanonicalInterchainToken(tokenFactory.address, { gasOptions }), + tokenFactory, + 'NotToken', + [tokenFactory.address], + ); + }); + it('Should initiate a remote interchain token deployment with no original chain name provided', async () => { const gasValue = 1234; const payload = defaultAbiCoder.encode( @@ -232,21 +241,16 @@ describe('InterchainTokenFactory', () => { await checkRoles(tokenManager, minter); }); - it('Should register a token if the mint amount is zero and minter is the zero address', async () => { + it('Should revert when trying to register a token if the mint amount is zero and minter is the zero address', async () => { const salt = keccak256('0x123456'); tokenId = await tokenFactory.interchainTokenId(wallet.address, salt); - const tokenAddress = await service.interchainTokenAddress(tokenId); - const minterBytes = new Uint8Array(); - const params = defaultAbiCoder.encode(['bytes', 'address'], [minterBytes, tokenAddress]); - const tokenManager = await getContractAt('TokenManager', await service.tokenManagerAddress(tokenId), wallet); - - await expect(tokenFactory.deployInterchainToken(salt, name, symbol, decimals, 0, AddressZero)) - .to.emit(service, 'InterchainTokenDeployed') - .withArgs(tokenId, tokenAddress, AddressZero, name, symbol, decimals) - .and.to.emit(service, 'TokenManagerDeployed') - .withArgs(tokenId, tokenManager.address, NATIVE_INTERCHAIN_TOKEN, params); - await checkRoles(tokenManager, AddressZero); + await expectRevert( + (gasOptions) => tokenFactory.deployInterchainToken(salt, name, symbol, decimals, 0, AddressZero, { gasOptions }), + tokenFactory, + 'ZeroSupplyToken', + [], + ); }); it('Should register a token if the mint amount is greater than zero and the minter is the zero address', async () => {