From c424a24da1f6889a1a80af5d66c6424792ead15f Mon Sep 17 00:00:00 2001 From: YamenMerhi Date: Wed, 30 Aug 2023 13:02:23 +0300 Subject: [PATCH 1/6] chore: apply first batch of QAs from Code4rena --- .../LSP0ERC725AccountCore.sol | 54 +++++++++++-------- .../LSP14Ownable2Step/ILSP14Ownable2Step.sol | 2 +- .../LSP20CallVerification.sol | 2 +- .../LSP6KeyManager/LSP6KeyManagerCore.sol | 27 +++------- .../LSP7DigitalAsset/LSP7DigitalAssetCore.sol | 14 ++--- 5 files changed, 46 insertions(+), 53 deletions(-) diff --git a/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol b/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol index 133318d74..cf3f66558 100644 --- a/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol +++ b/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol @@ -46,7 +46,7 @@ import { _TYPEID_LSP0_OwnershipTransferStarted, _TYPEID_LSP0_OwnershipTransferred_SenderNotification, _TYPEID_LSP0_OwnershipTransferred_RecipientNotification -} from "../LSP0ERC725Account/LSP0Constants.sol"; +} from "./LSP0Constants.sol"; import { _INTERFACEID_LSP1, _LSP1_UNIVERSAL_RECEIVER_DELEGATE_PREFIX, @@ -63,7 +63,8 @@ import { // errors import { - ERC725Y_DataKeysValuesLengthMismatch + ERC725Y_DataKeysValuesLengthMismatch, + ERC725Y_DataKeysValuesEmptyArray } from "@erc725/smart-contracts/contracts/errors.sol"; import { NoExtensionFoundForFunctionSelector @@ -203,16 +204,16 @@ abstract contract LSP0ERC725AccountCore is emit ValueReceived(msg.sender, msg.value); } - address _owner = owner(); + address accountOwner = owner(); // If the caller is the owner perform execute directly - if (msg.sender == _owner) { + if (msg.sender == accountOwner) { return ERC725XCore._execute(operationType, target, value, data); } // If the caller is not the owner, call {lsp20VerifyCall} on the owner // Depending on the magicValue returned, a second call is done after execution - bool verifyAfter = LSP20CallVerification._verifyCall(_owner); + bool verifyAfter = LSP20CallVerification._verifyCall(accountOwner); // Perform the execution bytes memory result = ERC725XCore._execute( @@ -224,7 +225,10 @@ abstract contract LSP0ERC725AccountCore is // if verifyAfter is true, Call {lsp20VerifyCallResult} on the owner if (verifyAfter) { - LSP20CallVerification._verifyCallResult(_owner, abi.encode(result)); + LSP20CallVerification._verifyCallResult( + accountOwner, + abi.encode(result) + ); } return result; @@ -255,10 +259,10 @@ abstract contract LSP0ERC725AccountCore is emit ValueReceived(msg.sender, msg.value); } - address _owner = owner(); + address accountOwner = owner(); // If the caller is the owner perform execute directly - if (msg.sender == _owner) { + if (msg.sender == accountOwner) { return ERC725XCore._executeBatch( operationsType, @@ -270,7 +274,7 @@ abstract contract LSP0ERC725AccountCore is // If the caller is not the owner, call {lsp20VerifyCall} on the owner // Depending on the magicValue returned, a second call is done after execution - bool verifyAfter = LSP20CallVerification._verifyCall(_owner); + bool verifyAfter = LSP20CallVerification._verifyCall(accountOwner); // Perform the execution bytes[] memory results = ERC725XCore._executeBatch( @@ -283,7 +287,7 @@ abstract contract LSP0ERC725AccountCore is // if verifyAfter is true, Call {lsp20VerifyCallResult} on the owner if (verifyAfter) { LSP20CallVerification._verifyCallResult( - _owner, + accountOwner, abi.encode(results) ); } @@ -308,23 +312,23 @@ abstract contract LSP0ERC725AccountCore is emit ValueReceived(msg.sender, msg.value); } - address _owner = owner(); + address accountOwner = owner(); // If the caller is the owner perform setData directly - if (msg.sender == _owner) { + if (msg.sender == accountOwner) { return _setData(dataKey, dataValue); } // If the caller is not the owner, call {lsp20VerifyCall} on the owner // Depending on the magicValue returned, a second call is done after setting data - bool verifyAfter = _verifyCall(_owner); + bool verifyAfter = _verifyCall(accountOwner); _setData(dataKey, dataValue); // If verifyAfter is true, Call {lsp20VerifyCallResult} on the owner // The setData function does not return, second parameter of {_verifyCallResult} will be empty if (verifyAfter) { - _verifyCallResult(_owner, ""); + _verifyCallResult(accountOwner, ""); } } @@ -349,10 +353,14 @@ abstract contract LSP0ERC725AccountCore is revert ERC725Y_DataKeysValuesLengthMismatch(); } - address _owner = owner(); + if (dataKeys.length == 0) { + revert ERC725Y_DataKeysValuesEmptyArray(); + } + + address accountOwner = owner(); // If the caller is the owner perform setData directly - if (msg.sender == _owner) { + if (msg.sender == accountOwner) { for (uint256 i = 0; i < dataKeys.length; ) { _setData(dataKeys[i], dataValues[i]); @@ -366,7 +374,7 @@ abstract contract LSP0ERC725AccountCore is // If the caller is not the owner, call {lsp20VerifyCall} on the owner // Depending on the magicValue returned, a second call is done after setting data - bool verifyAfter = _verifyCall(_owner); + bool verifyAfter = _verifyCall(accountOwner); for (uint256 i = 0; i < dataKeys.length; ) { _setData(dataKeys[i], dataValues[i]); @@ -379,7 +387,7 @@ abstract contract LSP0ERC725AccountCore is // If verifyAfter is true, Call {lsp20VerifyCallResult} on the owner // The setData function does not return, second parameter of {_verifyCallResult} will be empty if (verifyAfter) { - _verifyCallResult(_owner, ""); + _verifyCallResult(accountOwner, ""); } } @@ -584,7 +592,7 @@ abstract contract LSP0ERC725AccountCore is * * @custom:requirements Can be only called by the {owner} or by an authorised address that pass the verification check performed on the owner. * - * @custom:danger Leaves the contract without an owner. Once ownership of the contract has been renounced, any functions that are restricted to be called by the owner will be permanently inaccessible, making these functions not callable anymore and unusable. + * @custom:danger Leaves the contract without an owner. Once ownership of the contract has been renounced, any functions that are restricted to be called by the owner or an address allowed by the owner will be permanently inaccessible, making these functions not callable anymore and unusable. * */ function renounceOwnership() @@ -592,16 +600,16 @@ abstract contract LSP0ERC725AccountCore is virtual override(LSP14Ownable2Step, OwnableUnset) { - address _owner = owner(); + address accountOwner = owner(); // If the caller is the owner perform renounceOwnership directly - if (msg.sender == _owner) { + if (msg.sender == accountOwner) { return LSP14Ownable2Step._renounceOwnership(); } // If the caller is not the owner, call {lsp20VerifyCall} on the owner // Depending on the magicValue returned, a second call is done after transferring ownership - bool verifyAfter = _verifyCall(_owner); + bool verifyAfter = _verifyCall(accountOwner); address previousOwner = owner(); LSP14Ownable2Step._renounceOwnership(); @@ -616,7 +624,7 @@ abstract contract LSP0ERC725AccountCore is // If verifyAfter is true, Call {lsp20VerifyCallResult} on the owner // The transferOwnership function does not return, second parameter of {_verifyCallResult} will be empty if (verifyAfter) { - _verifyCallResult(_owner, ""); + _verifyCallResult(accountOwner, ""); } } diff --git a/contracts/LSP14Ownable2Step/ILSP14Ownable2Step.sol b/contracts/LSP14Ownable2Step/ILSP14Ownable2Step.sol index f41b2845b..21f49f154 100644 --- a/contracts/LSP14Ownable2Step/ILSP14Ownable2Step.sol +++ b/contracts/LSP14Ownable2Step/ILSP14Ownable2Step.sol @@ -59,7 +59,7 @@ interface ILSP14Ownable2Step { * @dev Transfer ownership of the contract from the current {owner()} to the {pendingOwner()}. * * Once this function is called: - * - The current {owner()} will loose access to the functions restricted to the {owner()} only. + * - The current {owner()} will lose access to the functions restricted to the {owner()} only. * - The {pendingOwner()} will gain access to the functions restricted to the {owner()} only. * * @notice `msg.sender` is accepting ownership of contract: `address(this)`. diff --git a/contracts/LSP20CallVerification/LSP20CallVerification.sol b/contracts/LSP20CallVerification/LSP20CallVerification.sol index 81f2c5cd2..0cb28a70e 100644 --- a/contracts/LSP20CallVerification/LSP20CallVerification.sol +++ b/contracts/LSP20CallVerification/LSP20CallVerification.sol @@ -39,7 +39,7 @@ abstract contract LSP20CallVerification { if (bytes3(magicValue) != bytes3(ILSP20.lsp20VerifyCall.selector)) revert LSP20InvalidMagicValue(false, returnedData); - return magicValue[3] == 0x01 ? true : false; + return bytes1(magicValue[3]) == 0x01; } /** diff --git a/contracts/LSP6KeyManager/LSP6KeyManagerCore.sol b/contracts/LSP6KeyManager/LSP6KeyManagerCore.sol index a20d146fd..70d435dc2 100644 --- a/contracts/LSP6KeyManager/LSP6KeyManagerCore.sol +++ b/contracts/LSP6KeyManager/LSP6KeyManagerCore.sol @@ -305,13 +305,8 @@ abstract contract LSP6KeyManagerCore is uint256 msgValue, bytes calldata data ) external virtual returns (bytes4) { - bool isSetData = false; - if ( - bytes4(data) == IERC725Y.setData.selector || - bytes4(data) == IERC725Y.setDataBatch.selector - ) { - isSetData = true; - } + bool isSetData = bytes4(data) == IERC725Y.setData.selector || + bytes4(data) == IERC725Y.setDataBatch.selector; // If target is invoking the verification, emit the event and change the reentrancy guard if (msg.sender == _target) { @@ -372,13 +367,8 @@ abstract contract LSP6KeyManagerCore is revert InvalidPayload(payload); } - bool isSetData = false; - if ( - bytes4(payload) == IERC725Y.setData.selector || - bytes4(payload) == IERC725Y.setDataBatch.selector - ) { - isSetData = true; - } + bool isSetData = bytes4(payload) == IERC725Y.setData.selector || + bytes4(payload) == IERC725Y.setDataBatch.selector; bool isReentrantCall = _nonReentrantBefore(isSetData, msg.sender); @@ -437,13 +427,8 @@ abstract contract LSP6KeyManagerCore is LSP25MultiChannelNonce._verifyValidityTimestamps(validityTimestamps); - bool isSetData = false; - if ( - bytes4(payload) == IERC725Y.setData.selector || - bytes4(payload) == IERC725Y.setDataBatch.selector - ) { - isSetData = true; - } + bool isSetData = bytes4(payload) == IERC725Y.setData.selector || + bytes4(payload) == IERC725Y.setDataBatch.selector; bool isReentrantCall = _nonReentrantBefore(isSetData, signer); diff --git a/contracts/LSP7DigitalAsset/LSP7DigitalAssetCore.sol b/contracts/LSP7DigitalAsset/LSP7DigitalAssetCore.sol index 70ae0c706..56daed316 100644 --- a/contracts/LSP7DigitalAsset/LSP7DigitalAssetCore.sol +++ b/contracts/LSP7DigitalAsset/LSP7DigitalAssetCore.sol @@ -219,7 +219,7 @@ abstract contract LSP7DigitalAssetCore is ILSP7DigitalAsset { * It has been added in the LSP7 contract implementation so that it can be used as a prevention mechanism * against the double spending allowance vulnerability. * - * @notice Decrease the allowance of `operator` by -`substractedAmount` + * @notice Decrease the allowance of `operator` by -`subtractedAmount` * * @dev Atomically decreases the allowance granted to `operator` by the caller. * This is an alternative approach to {authorizeOperator} that can be used as a mitigation @@ -227,22 +227,22 @@ abstract contract LSP7DigitalAssetCore is ILSP7DigitalAsset { * * @custom:events * - {AuthorizedOperator} event indicating the updated allowance after decreasing it. - * - {RevokeOperator} event if `substractedAmount` is the full allowance, + * - {RevokeOperator} event if `subtractedAmount` is the full allowance, * indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. * * @param operator the operator to decrease allowance for `msg.sender` - * @param substractedAmount the amount to decrease by in the operator's allowance. + * @param subtractedAmount the amount to decrease by in the operator's allowance. * * @custom:requirements * - `operator` cannot be the zero address. - * - `operator` must have allowance for the caller of at least `substractedAmount`. + * - `operator` must have allowance for the caller of at least `subtractedAmount`. */ function decreaseAllowance( address operator, - uint256 substractedAmount + uint256 subtractedAmount ) public virtual { uint256 currentAllowance = authorizedAmountFor(operator, msg.sender); - if (currentAllowance < substractedAmount) { + if (currentAllowance < subtractedAmount) { revert LSP7DecreasedAllowanceBelowZero(); } @@ -250,7 +250,7 @@ abstract contract LSP7DigitalAssetCore is ILSP7DigitalAsset { _updateOperator( msg.sender, operator, - currentAllowance - substractedAmount + currentAllowance - subtractedAmount ); } } From e38121bf8d8940afbb73d3bab4bd3288591dabf3 Mon Sep 17 00:00:00 2001 From: YamenMerhi Date: Wed, 30 Aug 2023 13:03:14 +0300 Subject: [PATCH 2/6] test: add tests to UniversalProfile --- tests/UniversalProfile.behaviour.ts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/UniversalProfile.behaviour.ts b/tests/UniversalProfile.behaviour.ts index 4f0fedaaa..cddecd707 100644 --- a/tests/UniversalProfile.behaviour.ts +++ b/tests/UniversalProfile.behaviour.ts @@ -133,6 +133,15 @@ export const shouldBehaveLikeLSP3 = ( '0xdaea594e385fc724449e3118b2db7e86dfba1826', ]; + it('should fail when setting empty data keys', async () => { + const keys = []; + const values = []; + + await expect( + context.universalProfile.setDataBatch(keys, values), + ).to.be.revertedWithCustomError(context.universalProfile, 'ERC725Y_DataKeysValuesEmptyArray'); + }); + it('should set the 3 x keys for a basic UP setup => `LSP3Profile`, `LSP12IssuedAssets[]` and `LSP1UniversalReceiverDelegate`', async () => { const keys = [ ERC725YDataKeys.LSP3.LSP3Profile, From 381ad904da0ebd98cf1c7d60abbb8ff0bee14b7c Mon Sep 17 00:00:00 2001 From: CJ42 Date: Thu, 14 Sep 2023 13:16:00 +0100 Subject: [PATCH 3/6] test: add tests in LSP4 to ensure not value can be locked in contract via `setData` and `setDataBatch` --- .../LSP4DigitalAssetMetadata.behaviour.ts | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/LSP4DigitalAssetMetadata/LSP4DigitalAssetMetadata.behaviour.ts b/tests/LSP4DigitalAssetMetadata/LSP4DigitalAssetMetadata.behaviour.ts index d56ea1e7a..dd552e53b 100644 --- a/tests/LSP4DigitalAssetMetadata/LSP4DigitalAssetMetadata.behaviour.ts +++ b/tests/LSP4DigitalAssetMetadata/LSP4DigitalAssetMetadata.behaviour.ts @@ -24,6 +24,32 @@ export const shouldBehaveLikeLSP4DigitalAssetMetadata = ( }); describe('when setting data on ERC725Y storage', () => { + describe('when sending value while setting data', () => { + it('should revert with `setData`', async () => { + const msgValue = ethers.utils.parseEther('2'); + const key = ethers.utils.keccak256(ethers.utils.toUtf8Bytes('My Key')); + const value = ethers.utils.hexlify(ethers.utils.randomBytes(256)); + + await expect( + context.contract + .connect(context.deployParams.owner) + .setData(key, value, { value: msgValue }), + ).to.be.revertedWithCustomError(context.contract, 'ERC725Y_MsgValueDisallowed'); + }); + + it('should revert with `setDataBatch`', async () => { + const msgValue = ethers.utils.parseEther('2'); + const key = [ethers.utils.keccak256(ethers.utils.toUtf8Bytes('My Key'))]; + const value = [ethers.utils.hexlify(ethers.utils.randomBytes(256))]; + + await expect( + context.contract + .connect(context.deployParams.owner) + .setDataBatch(key, value, { value: msgValue }), + ).to.be.revertedWithCustomError(context.contract, 'ERC725Y_MsgValueDisallowed'); + }); + }); + it('should revert when trying to edit Token Name', async () => { const key = ERC725YDataKeys.LSP4['LSP4TokenName']; const value = ethers.utils.hexlify(ethers.utils.toUtf8Bytes('Overriden Token Name')); From 26c301d077cb29bed5e1249f862f69f3dc7d8ee7 Mon Sep 17 00:00:00 2001 From: YamenMerhi Date: Tue, 26 Sep 2023 12:24:22 +0300 Subject: [PATCH 4/6] chore: add latest QA --- .../LSP0ERC725AccountCore.sol | 3 ++ .../LSP20CallVerification.sol | 6 ++- .../LSP20CallVerification/LSP20Errors.sol | 6 +++ .../LSP0ERC725Account/LSP0ERC725Account.md | 54 ++++++++++++++++++- .../LSP14Ownable2Step/LSP14Ownable2Step.md | 2 +- .../LSP7DigitalAsset/LSP7DigitalAsset.md | 10 ++-- .../extensions/LSP7Burnable.md | 10 ++-- .../extensions/LSP7CappedSupply.md | 10 ++-- .../extensions/LSP7CompatibleERC20.md | 10 ++-- .../presets/LSP7CompatibleERC20Mintable.md | 10 ++-- .../LSP7DigitalAsset/presets/LSP7Mintable.md | 10 ++-- docs/contracts/LSP9Vault/LSP9Vault.md | 2 +- docs/contracts/UniversalProfile.md | 54 ++++++++++++++++++- .../LSP20CallVerification.behaviour.ts | 24 ++++----- .../LSP20WithLSP14.behaviour.ts | 28 +++++----- tests/UniversalProfile.behaviour.ts | 6 +-- 16 files changed, 179 insertions(+), 66 deletions(-) diff --git a/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol b/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol index 46591997f..eea9ba0ce 100644 --- a/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol +++ b/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol @@ -232,6 +232,9 @@ abstract contract LSP0ERC725AccountCore is * - If the operation type is `CREATE` (1) or `CREATE2` (2), `target` must be `address(0)`. * - If the operation type is `STATICCALL` (3) or `DELEGATECALL` (4), `value` transfer is disallowed and must be 0. * + * @custom:warning + * - The `msg.value` should not be trusted for any method called with `operationType`: `DELEGATECALL` (4). + * * @custom:events * - {Executed} event for each call that uses under `operationType`: `CALL` (0), `STATICCALL` (3) and `DELEGATECALL` (4). (each iteration) * - {ContractCreated} event, when a contract is created under `operationType`: `CREATE` (1) and `CREATE2` (2) (each iteration) diff --git a/contracts/LSP20CallVerification/LSP20CallVerification.sol b/contracts/LSP20CallVerification/LSP20CallVerification.sol index 380759cec..311f027f3 100644 --- a/contracts/LSP20CallVerification/LSP20CallVerification.sol +++ b/contracts/LSP20CallVerification/LSP20CallVerification.sol @@ -8,7 +8,8 @@ import {ILSP20CallVerifier as ILSP20} from "./ILSP20CallVerifier.sol"; // errors import { LSP20InvalidMagicValue, - LSP20CallingVerifierFailed + LSP20CallingVerifierFailed, + EOACannotVerifyCall } from "./LSP20Errors.sol"; /** @@ -26,6 +27,9 @@ abstract contract LSP20CallVerification { function _verifyCall( address logicVerifier ) internal virtual returns (bool verifyAfter) { + if (logicVerifier.code.length == 0) + revert EOACannotVerifyCall(logicVerifier); + (bool success, bytes memory returnedData) = logicVerifier.call( abi.encodeWithSelector( ILSP20.lsp20VerifyCall.selector, diff --git a/contracts/LSP20CallVerification/LSP20Errors.sol b/contracts/LSP20CallVerification/LSP20Errors.sol index 264f2971e..252f12de6 100644 --- a/contracts/LSP20CallVerification/LSP20Errors.sol +++ b/contracts/LSP20CallVerification/LSP20Errors.sol @@ -13,3 +13,9 @@ error LSP20CallingVerifierFailed(bool postCall); * @param returnedData The data returned by the call to the logic verifier */ error LSP20InvalidMagicValue(bool postCall, bytes returnedData); + +/** + * @dev reverts when the logicVerifier is an EOA that cannot return magicValue + * @param logicVerifier The address of the logic verifier + */ +error EOACannotVerifyCall(address logicVerifier); diff --git a/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md b/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md index a49f56ccc..3f785bc73 100644 --- a/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md +++ b/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md @@ -216,7 +216,7 @@ _`msg.sender` is accepting ownership of contract: `address(this)`._ Transfer ownership of the contract from the current [`owner()`](#owner) to the [`pendingOwner()`](#pendingowner). Once this function is called: -- The current [`owner()`](#owner) will loose access to the functions restricted to the [`owner()`](#owner) only. +- The current [`owner()`](#owner) will lose access to the functions restricted to the [`owner()`](#owner) only. - The [`pendingOwner()`](#pendingowner) will gain access to the functions restricted to the [`owner()`](#owner) only. @@ -350,6 +350,12 @@ Generic executor function to: ::: +:::caution Warning + +- The `msg.value` should not be trusted for any method called with `operationType`: `DELEGATECALL` (4). + +::: + ```solidity function executeBatch( uint256[] operationsType, @@ -588,7 +594,7 @@ The address that ownership of the contract is transferred to. This address may u :::danger -Leaves the contract without an owner. Once ownership of the contract has been renounced, any functions that are restricted to be called by the owner will be permanently inaccessible, making these functions not callable anymore and unusable. +Leaves the contract without an owner. Once ownership of the contract has been renounced, any functions that are restricted to be called by the owner or an address allowed by the owner will be permanently inaccessible, making these functions not callable anymore and unusable. ::: @@ -1496,6 +1502,31 @@ Reverts when trying to transfer ownership to the `address(this)`.
+### EOACannotVerifyCall + +:::note References + +- Specification details: [**LSP-0-ERC725Account**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-0-ERC725Account.md#eoacannotverifycall) +- Solidity implementation: [`LSP0ERC725Account.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/LSP0ERC725Account/LSP0ERC725Account.sol) +- Error signature: `EOACannotVerifyCall(address)` +- Error hash: `0xc3911c1e` + +::: + +```solidity +error EOACannotVerifyCall(address logicVerifier); +``` + +reverts when the logicVerifier is an EOA that cannot return magicValue + +#### Parameters + +| Name | Type | Description | +| --------------- | :-------: | --------------------------------- | +| `logicVerifier` | `address` | The address of the logic verifier | + +
+ ### ERC725X_ContractDeploymentFailed :::note References @@ -1680,6 +1711,25 @@ Reverts when the `operationTypeProvided` is none of the default operation types
+### ERC725Y_DataKeysValuesEmptyArray + +:::note References + +- Specification details: [**LSP-0-ERC725Account**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-0-ERC725Account.md#erc725y_datakeysvaluesemptyarray) +- Solidity implementation: [`LSP0ERC725Account.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/LSP0ERC725Account/LSP0ERC725Account.sol) +- Error signature: `ERC725Y_DataKeysValuesEmptyArray()` +- Error hash: `0x97da5f95` + +::: + +```solidity +error ERC725Y_DataKeysValuesEmptyArray(); +``` + +Reverts when one of the array parameter provided to [`setDataBatch`](#setdatabatch) function is an empty array. + +
+ ### ERC725Y_DataKeysValuesLengthMismatch :::note References diff --git a/docs/contracts/LSP14Ownable2Step/LSP14Ownable2Step.md b/docs/contracts/LSP14Ownable2Step/LSP14Ownable2Step.md index a6e0464f0..cd4120269 100644 --- a/docs/contracts/LSP14Ownable2Step/LSP14Ownable2Step.md +++ b/docs/contracts/LSP14Ownable2Step/LSP14Ownable2Step.md @@ -98,7 +98,7 @@ _`msg.sender` is accepting ownership of contract: `address(this)`._ Transfer ownership of the contract from the current [`owner()`](#owner) to the [`pendingOwner()`](#pendingowner). Once this function is called: -- The current [`owner()`](#owner) will loose access to the functions restricted to the [`owner()`](#owner) only. +- The current [`owner()`](#owner) will lose access to the functions restricted to the [`owner()`](#owner) only. - The [`pendingOwner()`](#pendingowner) will gain access to the functions restricted to the [`owner()`](#owner) only. diff --git a/docs/contracts/LSP7DigitalAsset/LSP7DigitalAsset.md b/docs/contracts/LSP7DigitalAsset/LSP7DigitalAsset.md index eb78e271a..b40733a0f 100644 --- a/docs/contracts/LSP7DigitalAsset/LSP7DigitalAsset.md +++ b/docs/contracts/LSP7DigitalAsset/LSP7DigitalAsset.md @@ -206,12 +206,12 @@ This is a non-standard function, not part of the LSP7 standard interface. It has ```solidity function decreaseAllowance( address operator, - uint256 substractedAmount, + uint256 subtractedAmount, bytes operatorNotificationData ) external nonpayable; ``` -_Decrease the allowance of `operator` by -`substractedAmount`_ +_Decrease the allowance of `operator` by -`subtractedAmount`_ Atomically decreases the allowance granted to `operator` by the caller. This is an alternative approach to [`authorizeOperator`](#authorizeoperator) that can be used as a mitigation for the double spending allowance problem. @@ -220,7 +220,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Requirements:** - `operator` cannot be the zero address. -- `operator` must have allowance for the caller of at least `substractedAmount`. +- `operator` must have allowance for the caller of at least `subtractedAmount`. @@ -229,7 +229,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Emitted events:** - [`AuthorizedOperator`](#authorizedoperator) event indicating the updated allowance after decreasing it. -- [`RevokeOperator`](#revokeoperator) event if `substractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. +- [`RevokeOperator`](#revokeoperator) event if `subtractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. @@ -238,7 +238,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is | Name | Type | Description | | -------------------------- | :-------: | ------------------------------------------------------ | | `operator` | `address` | the operator to decrease allowance for `msg.sender` | -| `substractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | +| `subtractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | | `operatorNotificationData` | `bytes` | - |
diff --git a/docs/contracts/LSP7DigitalAsset/extensions/LSP7Burnable.md b/docs/contracts/LSP7DigitalAsset/extensions/LSP7Burnable.md index 75e286eb6..14084bc92 100644 --- a/docs/contracts/LSP7DigitalAsset/extensions/LSP7Burnable.md +++ b/docs/contracts/LSP7DigitalAsset/extensions/LSP7Burnable.md @@ -231,12 +231,12 @@ This is a non-standard function, not part of the LSP7 standard interface. It has ```solidity function decreaseAllowance( address operator, - uint256 substractedAmount, + uint256 subtractedAmount, bytes operatorNotificationData ) external nonpayable; ``` -_Decrease the allowance of `operator` by -`substractedAmount`_ +_Decrease the allowance of `operator` by -`subtractedAmount`_ Atomically decreases the allowance granted to `operator` by the caller. This is an alternative approach to [`authorizeOperator`](#authorizeoperator) that can be used as a mitigation for the double spending allowance problem. @@ -245,7 +245,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Requirements:** - `operator` cannot be the zero address. -- `operator` must have allowance for the caller of at least `substractedAmount`. +- `operator` must have allowance for the caller of at least `subtractedAmount`. @@ -254,7 +254,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Emitted events:** - [`AuthorizedOperator`](#authorizedoperator) event indicating the updated allowance after decreasing it. -- [`RevokeOperator`](#revokeoperator) event if `substractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. +- [`RevokeOperator`](#revokeoperator) event if `subtractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. @@ -263,7 +263,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is | Name | Type | Description | | -------------------------- | :-------: | ------------------------------------------------------ | | `operator` | `address` | the operator to decrease allowance for `msg.sender` | -| `substractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | +| `subtractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | | `operatorNotificationData` | `bytes` | - |
diff --git a/docs/contracts/LSP7DigitalAsset/extensions/LSP7CappedSupply.md b/docs/contracts/LSP7DigitalAsset/extensions/LSP7CappedSupply.md index 405a2233d..13868b9d0 100644 --- a/docs/contracts/LSP7DigitalAsset/extensions/LSP7CappedSupply.md +++ b/docs/contracts/LSP7DigitalAsset/extensions/LSP7CappedSupply.md @@ -204,12 +204,12 @@ This is a non-standard function, not part of the LSP7 standard interface. It has ```solidity function decreaseAllowance( address operator, - uint256 substractedAmount, + uint256 subtractedAmount, bytes operatorNotificationData ) external nonpayable; ``` -_Decrease the allowance of `operator` by -`substractedAmount`_ +_Decrease the allowance of `operator` by -`subtractedAmount`_ Atomically decreases the allowance granted to `operator` by the caller. This is an alternative approach to [`authorizeOperator`](#authorizeoperator) that can be used as a mitigation for the double spending allowance problem. @@ -218,7 +218,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Requirements:** - `operator` cannot be the zero address. -- `operator` must have allowance for the caller of at least `substractedAmount`. +- `operator` must have allowance for the caller of at least `subtractedAmount`. @@ -227,7 +227,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Emitted events:** - [`AuthorizedOperator`](#authorizedoperator) event indicating the updated allowance after decreasing it. -- [`RevokeOperator`](#revokeoperator) event if `substractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. +- [`RevokeOperator`](#revokeoperator) event if `subtractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. @@ -236,7 +236,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is | Name | Type | Description | | -------------------------- | :-------: | ------------------------------------------------------ | | `operator` | `address` | the operator to decrease allowance for `msg.sender` | -| `substractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | +| `subtractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | | `operatorNotificationData` | `bytes` | - |
diff --git a/docs/contracts/LSP7DigitalAsset/extensions/LSP7CompatibleERC20.md b/docs/contracts/LSP7DigitalAsset/extensions/LSP7CompatibleERC20.md index 61d68ae45..8905143e7 100644 --- a/docs/contracts/LSP7DigitalAsset/extensions/LSP7CompatibleERC20.md +++ b/docs/contracts/LSP7DigitalAsset/extensions/LSP7CompatibleERC20.md @@ -270,12 +270,12 @@ This is a non-standard function, not part of the LSP7 standard interface. It has ```solidity function decreaseAllowance( address operator, - uint256 substractedAmount, + uint256 subtractedAmount, bytes operatorNotificationData ) external nonpayable; ``` -_Decrease the allowance of `operator` by -`substractedAmount`_ +_Decrease the allowance of `operator` by -`subtractedAmount`_ Atomically decreases the allowance granted to `operator` by the caller. This is an alternative approach to [`authorizeOperator`](#authorizeoperator) that can be used as a mitigation for the double spending allowance problem. @@ -284,7 +284,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Requirements:** - `operator` cannot be the zero address. -- `operator` must have allowance for the caller of at least `substractedAmount`. +- `operator` must have allowance for the caller of at least `subtractedAmount`. @@ -293,7 +293,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Emitted events:** - [`AuthorizedOperator`](#authorizedoperator) event indicating the updated allowance after decreasing it. -- [`RevokeOperator`](#revokeoperator) event if `substractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. +- [`RevokeOperator`](#revokeoperator) event if `subtractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. @@ -302,7 +302,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is | Name | Type | Description | | -------------------------- | :-------: | ------------------------------------------------------ | | `operator` | `address` | the operator to decrease allowance for `msg.sender` | -| `substractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | +| `subtractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | | `operatorNotificationData` | `bytes` | - |
diff --git a/docs/contracts/LSP7DigitalAsset/presets/LSP7CompatibleERC20Mintable.md b/docs/contracts/LSP7DigitalAsset/presets/LSP7CompatibleERC20Mintable.md index cd80c23f3..a80ed6335 100644 --- a/docs/contracts/LSP7DigitalAsset/presets/LSP7CompatibleERC20Mintable.md +++ b/docs/contracts/LSP7DigitalAsset/presets/LSP7CompatibleERC20Mintable.md @@ -275,12 +275,12 @@ This is a non-standard function, not part of the LSP7 standard interface. It has ```solidity function decreaseAllowance( address operator, - uint256 substractedAmount, + uint256 subtractedAmount, bytes operatorNotificationData ) external nonpayable; ``` -_Decrease the allowance of `operator` by -`substractedAmount`_ +_Decrease the allowance of `operator` by -`subtractedAmount`_ Atomically decreases the allowance granted to `operator` by the caller. This is an alternative approach to [`authorizeOperator`](#authorizeoperator) that can be used as a mitigation for the double spending allowance problem. @@ -289,7 +289,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Requirements:** - `operator` cannot be the zero address. -- `operator` must have allowance for the caller of at least `substractedAmount`. +- `operator` must have allowance for the caller of at least `subtractedAmount`. @@ -298,7 +298,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Emitted events:** - [`AuthorizedOperator`](#authorizedoperator) event indicating the updated allowance after decreasing it. -- [`RevokeOperator`](#revokeoperator) event if `substractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. +- [`RevokeOperator`](#revokeoperator) event if `subtractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. @@ -307,7 +307,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is | Name | Type | Description | | -------------------------- | :-------: | ------------------------------------------------------ | | `operator` | `address` | the operator to decrease allowance for `msg.sender` | -| `substractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | +| `subtractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | | `operatorNotificationData` | `bytes` | - |
diff --git a/docs/contracts/LSP7DigitalAsset/presets/LSP7Mintable.md b/docs/contracts/LSP7DigitalAsset/presets/LSP7Mintable.md index 52c57a89c..ddf2e1b70 100644 --- a/docs/contracts/LSP7DigitalAsset/presets/LSP7Mintable.md +++ b/docs/contracts/LSP7DigitalAsset/presets/LSP7Mintable.md @@ -235,12 +235,12 @@ This is a non-standard function, not part of the LSP7 standard interface. It has ```solidity function decreaseAllowance( address operator, - uint256 substractedAmount, + uint256 subtractedAmount, bytes operatorNotificationData ) external nonpayable; ``` -_Decrease the allowance of `operator` by -`substractedAmount`_ +_Decrease the allowance of `operator` by -`subtractedAmount`_ Atomically decreases the allowance granted to `operator` by the caller. This is an alternative approach to [`authorizeOperator`](#authorizeoperator) that can be used as a mitigation for the double spending allowance problem. @@ -249,7 +249,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Requirements:** - `operator` cannot be the zero address. -- `operator` must have allowance for the caller of at least `substractedAmount`. +- `operator` must have allowance for the caller of at least `subtractedAmount`. @@ -258,7 +258,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is **Emitted events:** - [`AuthorizedOperator`](#authorizedoperator) event indicating the updated allowance after decreasing it. -- [`RevokeOperator`](#revokeoperator) event if `substractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. +- [`RevokeOperator`](#revokeoperator) event if `subtractedAmount` is the full allowance, indicating `operator` does not have any alauthorizedAmountForlowance left for `msg.sender`. @@ -267,7 +267,7 @@ Atomically decreases the allowance granted to `operator` by the caller. This is | Name | Type | Description | | -------------------------- | :-------: | ------------------------------------------------------ | | `operator` | `address` | the operator to decrease allowance for `msg.sender` | -| `substractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | +| `subtractedAmount` | `uint256` | the amount to decrease by in the operator's allowance. | | `operatorNotificationData` | `bytes` | - |
diff --git a/docs/contracts/LSP9Vault/LSP9Vault.md b/docs/contracts/LSP9Vault/LSP9Vault.md index f314f378e..84821b6df 100644 --- a/docs/contracts/LSP9Vault/LSP9Vault.md +++ b/docs/contracts/LSP9Vault/LSP9Vault.md @@ -202,7 +202,7 @@ _`msg.sender` is accepting ownership of contract: `address(this)`._ Transfer ownership of the contract from the current [`owner()`](#owner) to the [`pendingOwner()`](#pendingowner). Once this function is called: -- The current [`owner()`](#owner) will loose access to the functions restricted to the [`owner()`](#owner) only. +- The current [`owner()`](#owner) will lose access to the functions restricted to the [`owner()`](#owner) only. - The [`pendingOwner()`](#pendingowner) will gain access to the functions restricted to the [`owner()`](#owner) only. diff --git a/docs/contracts/UniversalProfile.md b/docs/contracts/UniversalProfile.md index dfcadcad8..060a18dc0 100644 --- a/docs/contracts/UniversalProfile.md +++ b/docs/contracts/UniversalProfile.md @@ -159,7 +159,7 @@ _`msg.sender` is accepting ownership of contract: `address(this)`._ Transfer ownership of the contract from the current [`owner()`](#owner) to the [`pendingOwner()`](#pendingowner). Once this function is called: -- The current [`owner()`](#owner) will loose access to the functions restricted to the [`owner()`](#owner) only. +- The current [`owner()`](#owner) will lose access to the functions restricted to the [`owner()`](#owner) only. - The [`pendingOwner()`](#pendingowner) will gain access to the functions restricted to the [`owner()`](#owner) only. @@ -293,6 +293,12 @@ Generic executor function to: ::: +:::caution Warning + +- The `msg.value` should not be trusted for any method called with `operationType`: `DELEGATECALL` (4). + +::: + ```solidity function executeBatch( uint256[] operationsType, @@ -531,7 +537,7 @@ The address that ownership of the contract is transferred to. This address may u :::danger -Leaves the contract without an owner. Once ownership of the contract has been renounced, any functions that are restricted to be called by the owner will be permanently inaccessible, making these functions not callable anymore and unusable. +Leaves the contract without an owner. Once ownership of the contract has been renounced, any functions that are restricted to be called by the owner or an address allowed by the owner will be permanently inaccessible, making these functions not callable anymore and unusable. ::: @@ -1439,6 +1445,31 @@ Reverts when trying to transfer ownership to the `address(this)`.
+### EOACannotVerifyCall + +:::note References + +- Specification details: [**UniversalProfile**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-3-UniversalProfile-Metadata.md#eoacannotverifycall) +- Solidity implementation: [`UniversalProfile.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/UniversalProfile.sol) +- Error signature: `EOACannotVerifyCall(address)` +- Error hash: `0xc3911c1e` + +::: + +```solidity +error EOACannotVerifyCall(address logicVerifier); +``` + +reverts when the logicVerifier is an EOA that cannot return magicValue + +#### Parameters + +| Name | Type | Description | +| --------------- | :-------: | --------------------------------- | +| `logicVerifier` | `address` | The address of the logic verifier | + +
+ ### ERC725X_ContractDeploymentFailed :::note References @@ -1623,6 +1654,25 @@ Reverts when the `operationTypeProvided` is none of the default operation types
+### ERC725Y_DataKeysValuesEmptyArray + +:::note References + +- Specification details: [**UniversalProfile**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-3-UniversalProfile-Metadata.md#erc725y_datakeysvaluesemptyarray) +- Solidity implementation: [`UniversalProfile.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/UniversalProfile.sol) +- Error signature: `ERC725Y_DataKeysValuesEmptyArray()` +- Error hash: `0x97da5f95` + +::: + +```solidity +error ERC725Y_DataKeysValuesEmptyArray(); +``` + +Reverts when one of the array parameter provided to [`setDataBatch`](#setdatabatch) function is an empty array. + +
+ ### ERC725Y_DataKeysValuesLengthMismatch :::note References diff --git a/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts b/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts index 89e2c3734..8935eab74 100644 --- a/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts +++ b/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts @@ -56,8 +56,8 @@ export const shouldBehaveLikeLSP20 = (buildContext: () => Promise Promise Promise Promise Promise Promise { @@ -209,14 +209,14 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( .connect(previousOwner) .execute(OPERATION_TYPES.CALL, recipient.address, amount, '0x'), ) - .to.be.revertedWithCustomError(context.contract, 'LSP20InvalidMagicValue') - .withArgs(false, '0x'); + .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .withArgs(newOwner.address); }); it('should revert when calling `renounceOwnership(...)`', async () => { await expect(context.contract.connect(previousOwner).renounceOwnership()) - .to.be.revertedWithCustomError(context.contract, 'LSP20InvalidMagicValue') - .withArgs(false, '0x'); + .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .withArgs(newOwner.address); }); }); @@ -257,8 +257,8 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( const tx = context.contract.connect(context.accounts[5]).renounceOwnership(); await expect(tx) - .to.be.revertedWithCustomError(context.contract, 'LSP20InvalidMagicValue') - .withArgs(false, '0x'); + .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .withArgs(newOwner.address); }); }); @@ -468,8 +468,8 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( const value = ethers.utils.hexlify(ethers.utils.toUtf8Bytes('Random Value')); await expect(context.contract.connect(context.deployParams.owner).setData(key, value)) - .to.be.revertedWithCustomError(context.contract, 'LSP20InvalidMagicValue') - .withArgs(false, '0x'); + .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .withArgs(ethers.constants.AddressZero); }); it('transfer LYX via `execute(...)`', async () => { @@ -481,8 +481,8 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( .connect(context.deployParams.owner) .execute(OPERATION_TYPES.CALL, recipient, amount, '0x'), ) - .to.be.revertedWithCustomError(context.contract, 'LSP20InvalidMagicValue') - .withArgs(false, '0x'); + .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .withArgs(ethers.constants.AddressZero); }); }); }); diff --git a/tests/UniversalProfile.behaviour.ts b/tests/UniversalProfile.behaviour.ts index cddecd707..9699f8d6d 100644 --- a/tests/UniversalProfile.behaviour.ts +++ b/tests/UniversalProfile.behaviour.ts @@ -133,7 +133,7 @@ export const shouldBehaveLikeLSP3 = ( '0xdaea594e385fc724449e3118b2db7e86dfba1826', ]; - it('should fail when setting empty data keys', async () => { + it('should fail when passing empty arrays of data keys / values', async () => { const keys = []; const values = []; @@ -440,8 +440,8 @@ export const shouldBehaveLikeLSP3 = ( await expect( context.universalProfile.connect(context.accounts[4]).batchCalls([setDataPayload]), ) - .to.be.revertedWithCustomError(context.universalProfile, 'LSP20InvalidMagicValue') - .withArgs(false, '0x'); + .to.be.revertedWithCustomError(context.universalProfile, 'EOACannotVerifyCall') + .withArgs(context.deployParams.owner.address); }); }); From 7c3b00b40b0503f0dab4fae01491c817bcc0e9db Mon Sep 17 00:00:00 2001 From: YamenMerhi Date: Wed, 27 Sep 2023 12:39:37 +0300 Subject: [PATCH 5/6] chore: suggested changes --- .../LSP0ERC725AccountCore.sol | 2 +- .../LSP20CallVerification.sol | 4 +- .../LSP20CallVerification/LSP20Errors.sol | 4 +- .../LSP0ERC725Account/LSP0ERC725Account.md | 52 +++++++++---------- docs/contracts/UniversalProfile.md | 52 +++++++++---------- .../LSP20CallVerification.behaviour.ts | 12 ++--- .../LSP20WithLSP14.behaviour.ts | 14 ++--- tests/UniversalProfile.behaviour.ts | 2 +- 8 files changed, 71 insertions(+), 71 deletions(-) diff --git a/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol b/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol index 4ae4cb4f3..acf930d68 100644 --- a/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol +++ b/contracts/LSP0ERC725Account/LSP0ERC725AccountCore.sol @@ -233,7 +233,7 @@ abstract contract LSP0ERC725AccountCore is * - If the operation type is `STATICCALL` (3) or `DELEGATECALL` (4), `value` transfer is disallowed and must be 0. * * @custom:warning - * - The `msg.value` should not be trusted for any method called with `operationType`: `DELEGATECALL` (4). + * - The `msg.value` should not be trusted for any method called within the batch with `operationType`: `DELEGATECALL` (4). * * @custom:events * - {Executed} event for each call that uses under `operationType`: `CALL` (0), `STATICCALL` (3) and `DELEGATECALL` (4). (each iteration) diff --git a/contracts/LSP20CallVerification/LSP20CallVerification.sol b/contracts/LSP20CallVerification/LSP20CallVerification.sol index 890dce885..9f3780ca5 100644 --- a/contracts/LSP20CallVerification/LSP20CallVerification.sol +++ b/contracts/LSP20CallVerification/LSP20CallVerification.sol @@ -9,7 +9,7 @@ import {ILSP20CallVerifier as ILSP20} from "./ILSP20CallVerifier.sol"; import { LSP20InvalidMagicValue, LSP20CallingVerifierFailed, - EOACannotVerifyCall + LSP20EOACannotVerifyCall } from "./LSP20Errors.sol"; /** @@ -28,7 +28,7 @@ abstract contract LSP20CallVerification { address logicVerifier ) internal virtual returns (bool verifyAfter) { if (logicVerifier.code.length == 0) - revert EOACannotVerifyCall(logicVerifier); + revert LSP20EOACannotVerifyCall(logicVerifier); (bool success, bytes memory returnedData) = logicVerifier.call( abi.encodeWithSelector( diff --git a/contracts/LSP20CallVerification/LSP20Errors.sol b/contracts/LSP20CallVerification/LSP20Errors.sol index 252f12de6..4ed0d42e0 100644 --- a/contracts/LSP20CallVerification/LSP20Errors.sol +++ b/contracts/LSP20CallVerification/LSP20Errors.sol @@ -15,7 +15,7 @@ error LSP20CallingVerifierFailed(bool postCall); error LSP20InvalidMagicValue(bool postCall, bytes returnedData); /** - * @dev reverts when the logicVerifier is an EOA that cannot return magicValue + * @dev Reverts when the logic verifier is an Externally Owned Account (EOA) that cannot return the LSP20 magic value. * @param logicVerifier The address of the logic verifier */ -error EOACannotVerifyCall(address logicVerifier); +error LSP20EOACannotVerifyCall(address logicVerifier); diff --git a/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md b/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md index 3f785bc73..d0b664f76 100644 --- a/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md +++ b/docs/contracts/LSP0ERC725Account/LSP0ERC725Account.md @@ -352,7 +352,7 @@ Generic executor function to: :::caution Warning -- The `msg.value` should not be trusted for any method called with `operationType`: `DELEGATECALL` (4). +- The `msg.value` should not be trusted for any method called within the batch with `operationType`: `DELEGATECALL` (4). ::: @@ -1502,31 +1502,6 @@ Reverts when trying to transfer ownership to the `address(this)`.
-### EOACannotVerifyCall - -:::note References - -- Specification details: [**LSP-0-ERC725Account**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-0-ERC725Account.md#eoacannotverifycall) -- Solidity implementation: [`LSP0ERC725Account.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/LSP0ERC725Account/LSP0ERC725Account.sol) -- Error signature: `EOACannotVerifyCall(address)` -- Error hash: `0xc3911c1e` - -::: - -```solidity -error EOACannotVerifyCall(address logicVerifier); -``` - -reverts when the logicVerifier is an EOA that cannot return magicValue - -#### Parameters - -| Name | Type | Description | -| --------------- | :-------: | --------------------------------- | -| `logicVerifier` | `address` | The address of the logic verifier | - -
- ### ERC725X_ContractDeploymentFailed :::note References @@ -1795,6 +1770,31 @@ reverts when the call to the owner fail with no revert reason
+### LSP20EOACannotVerifyCall + +:::note References + +- Specification details: [**LSP-0-ERC725Account**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-0-ERC725Account.md#lsp20eoacannotverifycall) +- Solidity implementation: [`LSP0ERC725Account.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/LSP0ERC725Account/LSP0ERC725Account.sol) +- Error signature: `LSP20EOACannotVerifyCall(address)` +- Error hash: `0x0c392301` + +::: + +```solidity +error LSP20EOACannotVerifyCall(address logicVerifier); +``` + +Reverts when the logic verifier is an Externally Owned Account (EOA) that cannot return the LSP20 magic value. + +#### Parameters + +| Name | Type | Description | +| --------------- | :-------: | --------------------------------- | +| `logicVerifier` | `address` | The address of the logic verifier | + +
+ ### LSP20InvalidMagicValue :::note References diff --git a/docs/contracts/UniversalProfile.md b/docs/contracts/UniversalProfile.md index 060a18dc0..1516eb39e 100644 --- a/docs/contracts/UniversalProfile.md +++ b/docs/contracts/UniversalProfile.md @@ -295,7 +295,7 @@ Generic executor function to: :::caution Warning -- The `msg.value` should not be trusted for any method called with `operationType`: `DELEGATECALL` (4). +- The `msg.value` should not be trusted for any method called within the batch with `operationType`: `DELEGATECALL` (4). ::: @@ -1445,31 +1445,6 @@ Reverts when trying to transfer ownership to the `address(this)`.
-### EOACannotVerifyCall - -:::note References - -- Specification details: [**UniversalProfile**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-3-UniversalProfile-Metadata.md#eoacannotverifycall) -- Solidity implementation: [`UniversalProfile.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/UniversalProfile.sol) -- Error signature: `EOACannotVerifyCall(address)` -- Error hash: `0xc3911c1e` - -::: - -```solidity -error EOACannotVerifyCall(address logicVerifier); -``` - -reverts when the logicVerifier is an EOA that cannot return magicValue - -#### Parameters - -| Name | Type | Description | -| --------------- | :-------: | --------------------------------- | -| `logicVerifier` | `address` | The address of the logic verifier | - -
- ### ERC725X_ContractDeploymentFailed :::note References @@ -1738,6 +1713,31 @@ reverts when the call to the owner fail with no revert reason
+### LSP20EOACannotVerifyCall + +:::note References + +- Specification details: [**UniversalProfile**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-3-UniversalProfile-Metadata.md#lsp20eoacannotverifycall) +- Solidity implementation: [`UniversalProfile.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/UniversalProfile.sol) +- Error signature: `LSP20EOACannotVerifyCall(address)` +- Error hash: `0x0c392301` + +::: + +```solidity +error LSP20EOACannotVerifyCall(address logicVerifier); +``` + +Reverts when the logic verifier is an Externally Owned Account (EOA) that cannot return the LSP20 magic value. + +#### Parameters + +| Name | Type | Description | +| --------------- | :-------: | --------------------------------- | +| `logicVerifier` | `address` | The address of the logic verifier | + +
+ ### LSP20InvalidMagicValue :::note References diff --git a/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts b/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts index 8935eab74..6ec1ff3d8 100644 --- a/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts +++ b/tests/LSP20CallVerification/LSP20CallVerification.behaviour.ts @@ -56,7 +56,7 @@ export const shouldBehaveLikeLSP20 = (buildContext: () => Promise Promise Promise Promise Promise Promise { await expect(context.contract.connect(previousOwner).renounceOwnership()) - .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .to.be.revertedWithCustomError(context.contract, 'LSP20EOACannotVerifyCall') .withArgs(newOwner.address); }); }); @@ -257,7 +257,7 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( const tx = context.contract.connect(context.accounts[5]).renounceOwnership(); await expect(tx) - .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .to.be.revertedWithCustomError(context.contract, 'LSP20EOACannotVerifyCall') .withArgs(newOwner.address); }); }); @@ -468,7 +468,7 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( const value = ethers.utils.hexlify(ethers.utils.toUtf8Bytes('Random Value')); await expect(context.contract.connect(context.deployParams.owner).setData(key, value)) - .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .to.be.revertedWithCustomError(context.contract, 'LSP20EOACannotVerifyCall') .withArgs(ethers.constants.AddressZero); }); @@ -481,7 +481,7 @@ export const shouldBehaveLikeLSP14WithLSP20 = ( .connect(context.deployParams.owner) .execute(OPERATION_TYPES.CALL, recipient, amount, '0x'), ) - .to.be.revertedWithCustomError(context.contract, 'EOACannotVerifyCall') + .to.be.revertedWithCustomError(context.contract, 'LSP20EOACannotVerifyCall') .withArgs(ethers.constants.AddressZero); }); }); diff --git a/tests/UniversalProfile.behaviour.ts b/tests/UniversalProfile.behaviour.ts index 9699f8d6d..1831cc4ad 100644 --- a/tests/UniversalProfile.behaviour.ts +++ b/tests/UniversalProfile.behaviour.ts @@ -440,7 +440,7 @@ export const shouldBehaveLikeLSP3 = ( await expect( context.universalProfile.connect(context.accounts[4]).batchCalls([setDataPayload]), ) - .to.be.revertedWithCustomError(context.universalProfile, 'EOACannotVerifyCall') + .to.be.revertedWithCustomError(context.universalProfile, 'LSP20EOACannotVerifyCall') .withArgs(context.deployParams.owner.address); }); }); From 16dedbf25e02ef654fe3f5fba39eaba25c9f8d3b Mon Sep 17 00:00:00 2001 From: CJ42 Date: Wed, 27 Sep 2023 11:02:04 +0100 Subject: [PATCH 6/6] fix: re-fetch token owner after `_beforeTokenTransfer` hooks --- .../LSP8IdentifiableDigitalAssetCore.sol | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/contracts/LSP8IdentifiableDigitalAsset/LSP8IdentifiableDigitalAssetCore.sol b/contracts/LSP8IdentifiableDigitalAsset/LSP8IdentifiableDigitalAssetCore.sol index 518bdb4f5..7691db56c 100644 --- a/contracts/LSP8IdentifiableDigitalAsset/LSP8IdentifiableDigitalAssetCore.sol +++ b/contracts/LSP8IdentifiableDigitalAsset/LSP8IdentifiableDigitalAssetCore.sol @@ -374,6 +374,11 @@ abstract contract LSP8IdentifiableDigitalAssetCore is _beforeTokenTransfer(address(0), to, tokenId); + // Check that `tokenId` was not minted inside the `_beforeTokenTransfer` hook + if (_exists(tokenId)) { + revert LSP8TokenIdAlreadyMinted(tokenId); + } + // token being minted ++_existingTokens; @@ -411,6 +416,10 @@ abstract contract LSP8IdentifiableDigitalAssetCore is _beforeTokenTransfer(tokenOwner, address(0), tokenId); + // Re-fetch and update `tokenOwner` in case `tokenId` + // was transferred inside the `_beforeTokenTransfer` hook + tokenOwner = tokenOwnerOf(tokenId); + // token being burned --_existingTokens; @@ -475,6 +484,10 @@ abstract contract LSP8IdentifiableDigitalAssetCore is _beforeTokenTransfer(from, to, tokenId); + // Re-fetch and update `tokenOwner` in case `tokenId` + // was transferred inside the `_beforeTokenTransfer` hook + tokenOwner = tokenOwnerOf(tokenId); + _clearOperators(from, tokenId); _ownedTokens[from].remove(tokenId);