Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Update .gitignore * assert fees can be set to zero (#1380) Assert we would have the option to set any of the fee components to zero if we would want. --------- Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * pnpm i && snapshot && forge fmt * Misc golfs and fixes (#1402) Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * Increase max signers (#1405) Improve tests and error checks --------- Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * rename CCIPSendRequested to CCIPMessageSent (#1409) * Skip report execution on curse (#1408) The goal of this PR is to remove reverts on lane cursing for DON execution transactions. If a lane is cursed, reverting will cause the whole execution transaction to fail so any execution reports for other lanes will be blocked. For DON execution transactions the behavior is now to skip the report and emit a `SkippedReportExecution`. For manual execution we still revert, otherwise the transaction will silently fail for the users. --------- Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * remove bootstrapP2PIds (#1388) ## Motivation Bootstrap P2P IDs are no longer needed in the OCR config in CCIPConfig. See #1348's description for more details. ## Solution Remove bootstrap P2P IDs from the OCR config in CCIPConfig. ## Related PRs smartcontractkit/chainlink-ccip#89 * Integrate RMNRemote and OffRamp (#1360) Remove the requirement for self-transmitted RMN blessings Allow the commit DON to include RMN blessings at commitment time This PR has a dependency on changes to [chainlink-ccip](smartcontractkit/chainlink-ccip#84) --------- Co-authored-by: Makram <[email protected]> * Add report vs message source chain selector check (#1413) The goal of this PR is to add an extra check in the execute function to enforce that the report source chain selector matches its messages source chain selector. Extra gas cost is about 50 gas per message. Revert when `report.sourceChainSelector != (message.header.sourceChainSelector` * Enforce signature verification for commit plugin in `OffRamp` (#1416) ## Motivation The goal of this PR is to implement a check to ensure that the OCR3 signature verification is enabled for the commit plugin on config. This reduces misconfig risks and impact because previously an accidental setting of `isSignatureVerificationEnabled=false` for the commit plugin in the `OffRamp` would have required a redeploy to be fixed. ## Solution Add a check enforcing `isSignatureVerificationEnabled=false` for the commit plugin in `_afterOC3Config`. * Revert "reorder fields in MerkleRoot struct" (#1417) ## Motivation Avoid forcing breaking changes on RMN nodes ## Solution This reverts commit da570c5. * Implement getTotalChainConfigurations (#1419) ## Motivation The goal of this PR is to add a getter function to the `CCIPConfig` contract to fetch the total number of chains configured. This value is necessary to correctly call `getAllChainConfigs` and previously, the only way to access it was through events. ## Solution Implement `getTotalChainConfigurations`. * Add sanity check in applyAllowListUpdates (#1420) ## Motivation Currently, in the event of a misconfig where a destination chain's `AllowListConfigArgs` `allowListEnabled` is set to false while providing addresses to add to the allow list, the config will silently be skipped. ## Solution Add a sanity check to detect `!allowListConfigArgs.allowListEnabled && `allowListConfigArgs.addedAllowlistedSenders.length > 0` * Miscellaneous fixes and cleanups (#1421) ## Motivation The goal of this PR is to fix several miscellaneous items. ## Solution - Replaces some magic numbers with constants - Default to `private` visibility for state variables that are not used in test helpers - Standardizes some natspec tags (consistent use of `@dev` instead of `@notice` for state variables) - Add a `ConfigSet` event in `CCIPConfig` - Asserts full equality of `OCRConfigWithMeta[]` in `CCIPConfigTests` - Add clarifying comments in `NonceManager` `applyPreviousRampsUpdates` * CCIP-2815 commit report event updates (#1407) ## Motivation OffRamp contract emits commitReport event as a Struct to make the event Log filtering and searching more optimized, the report properties are emitted as a event fields rather than emitting the struct --------- Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * GasLimitOverride for manuallyExecute (#1375) ## Motivation 1. OffRamp should now use destExecData to extract the gas used for 2. Manual execution should enable user to override the gas amount for releaseOrMint per token. ## Solution 1. Removed int32 `maxTokenTransferGas` & `maxPoolReleaseOrMintGas` and used the gas encoded in `RampTokenAmount.destExecData` 2. add a new Struct which holds the receiverExecutionGasLimit and transferGasAmounts ``` struct GasLimitOverride { uint256 receiverExecutionGasLimit; uint256[] tokenGasOverrides; } ``` tokenGasOverrides is an array of GasLimits to be used during the relaseOrMint call for the specific tokenPool associated with token Note: The gas limit can not be lowered as that could cause the message to fail. If manual execution is done from an UNTOUCHED state and we would allow lower gas limit, anyone could grief by executing the message with lower gas limit than the DON would have used. This results in the message being marked FAILURE and the DON would not attempt it with the correct gas limit. for the above we have kept a check that `tokenGasOverrides` < gas encoded in `RampTokenAmount.destExecData` --------- Signed-off-by: 0xsuryansh <[email protected]> Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * Change data feeds from default to fallback in `FeeQuoter` (#1430) ## Motivation Due to the gas cost of reading from data feeds, it is unlikely to be the default option, we can therefore optimize the `getTokenPrice()` function by defaulting to state instead of data feeds. ## Solution Default to state reported prices and only fall back on data feed external call if the reported prices are stale. * Zp/update mockrouter (#1427) Specifically, allow for empty message with zero gas. ## Motivation EVM2EVMOffRamp checks the message for content and gaslimit and skips calling ccip receive if they're not present. Consequently the mock errors (ReceiverError) when sending only tokens to a smart contract. This update will help chainlink-local correctly process fork-based tests too. ## Solution The MockRouter implementation of _routeMessage was last updated in smartcontractkit/ccip#669 and is out of sync with the logic in EVM2EVMOffRamp. * Hybrid Token Pools: Remove problematic liquidity functions and add incoming supply lock (#1396) ## Motivation Minor Changes to the HybridLockReleaseTokenPool to better meet Circle's bridge requirements 1. Add additional supply lock on incoming messages when a proposal has been created. I.E When a proposal for a chain selector is active, new tokens cannot be released or locked to ensure better security control on the destination-chain's token supply. 2. `withdrawLiquidity()` and `transferLiqudity()` have been removed to avoid issues with the supply lock. Allowing for withdrawing liquidity that has been provided would allow for the supply on the destination chain to be greater than the locked amount on the source chain, preventing a successful migration from occuring. 3. Comment fixes for invariants * Make onRamp mutable in OffRamp (#1422) ## Motivation The goal of this PR is to reduce the misconfig risk on the `OffRamp` with the `onRamp` address. Currently, if we accidentally configure the wrong `onRamp` address on an existing `OffRamp`, the fix would involve a full redeployment + reconfig. ## Solution - Make the `onRamp` mutable in the `OffRamp`. - Add `onRamp` address verification in the `commit()` function - Only allow `onRamp` address modification when `minSeqNr == 1` --------- Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * update offramp layout (#1434) ## Motivation Some header are outdated. The exec logic is above the commit logic, but then after the commit logic we have the token handling logic, which is only used for exec. It has been moved to be above the commit logic * add CCIPEncodingUtils contract and gethwrapper (#1429) ## Motivation I encountered a scenario w/ RMN where offchain needs to abi.encode a [struct](https://github.com/smartcontractkit/ccip/blob/fc50683640bcfd73f0074d791fbaf7cdb6b29c71/contracts/src/v0.8/ccip/rmn/RMNRemote.sol#L90:L97) that is not included in any public contract functions (as input param or return value) and so it is not a part of the ABI or the go wrapper. Offchain is currently doing a manual encoding by re-defining the type, which I usually try to avoid at all costs. In the past, we've used a Utils contract ([ex here](https://github.com/smartcontractkit/chainlink/blob/develop/contracts/src/v0.8/automation/AutomationCompatibleUtils.sol) from automation) to expose all private structs in public functions so that offchain components can use E2E type safety when encoding / decoding. ## Solution Create a `CCIPEncodingUtils` contract and accompanying gethwrapper * Remove TODO and rename messageValidator to messageInterceptor (#1438) - Replaces `CCIPConfigTypes.ConfigState` `/// TODO: explain rollbacks?` by rollbacks comment - Renames `messageValidator` to `messageInterceptor` in ramps --------- Co-authored-by: Rens Rooimans <[email protected]> * update diagram (#1439) * Make forwardFromRouter non reentrant (#1437) ## Motivation Currently the `OnRamp` performs 3 separate calls to the `FeeQuoter` on the hot path, including 2 in the `forwardFromRouter` function: 1. `getValidatedFee` 2. `processMessageArgs` 3. `processPoolReturnData` This is done to follow the CEI pattern and guard against reentrancy due to the untrusted calls to the pools. This is not optimal for gas but it also makes contract interactions more complex. ## Solution Implement a non reentrant flag and reorder the `forwardFromRouter` function layout. The calls to the pools are now performed first, relying on the reentrancy protection. We reduce the `FeeQuoter` calls in `forwardFromRouter` to a single `processMessageArgs` call. ## Notes Optimizer runs had to be decreased due to contract size which is why gas diffs are showing a gas increase. At equivalent runs diffs are: ``` test_ForwardFromRouterExtraArgsV2_Success() (gas: -65 (-0.045%)) test_ForwardFromRouterSuccessLegacyExtraArgs() (gas: -65 (-0.045%)) test_ForwardFromRouterSuccessCustomExtraArgs() (gas: -65 (-0.045%)) test_ForwardFromRouter_Success() (gas: -65 (-0.045%)) test_ForwardFromRouterSuccessEmptyExtraArgs() (gas: -66 (-0.046%)) test_ForwardFromRouterExtraArgsV2AllowOutOfOrderTrue_Success() (gas: -65 (-0.057%)) test_forwardFromRouter_WithValidation_Success() (gas: 318 (0.113%)) test_E2E_3MessagesMMultiOffRampSuccess_gas() (gas: -1139 (-0.074%)) ``` * Standardize message hashing functions (#1424) ## Motivation The goal of this PR is to standardize the message hashing functions. Currently we have equivalent but inconsistent message hashing functions: ```solidity function _hash(Any2EVMRampMessage memory original, bytes memory onRamp) internal pure returns (bytes32) ``` and ```solidity function _hash(EVM2AnyRampMessage memory original, bytes32 metadataHash) internal pure returns (bytes32) ``` ## Solution Standardize to `function _hash(message, metadataHash)` and consistently encode dynamic fields. --------- Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * Validate transmitter lengths against F values (#1432) ## Motivation Improves validations for OCR3 and CCIPConfig contracts ## Solution Covers validations: * `fChain <= F`, since `F` represents the full role DON * Allows setting empty transmitters in CCIPConfig to allow `len(transmitters) <= len(signers)`, while still enforcing `len(transmitters) >= 3 * fChain + 1` * Validates non-zero transmitters length in MultiOCR3 * Validates `len(signers) >= len(transmitters)` in MultiOCR3 ### Tooling implications * When setting OCR configs on OffRamp contracts, the list from CCIPConfig must be filtered to exclude 0-bytes addresses. The reason for this is that the MultiOCR3Base disallows zero addresses and duplicates * Signer and transmitter duplication must be checked in tooling scripts off-chain prior to setting CCIPConfig (otherwise it will result in OffRamp breakage) * `chainConfigs` must be set before OCR3 configs due to the added `fChain == F` validation * If `fChain` becomes higher than `F` after updates, existing OCR3 configs get invalidated without an on-chain check (since it is difficult to do). There should be an off-chain validation script that prevents this (first, F should be increased for all configs, only after which fChain can be increased) * `OffRamp` transmitters.length should be validated such that it meets the `3 * fChain + 1` criteria off-chain, since `fChain` is not tracked in the `OffRamp` ### Gas | Function Name | min | avg | median | max | # calls | |---------------------------------------------------------------------------|-----------------|--------|--------|---------|---------| | validateConfig (without loop check) | 7040 | 20701 | 8436 | 122591 | 11 | | validateConfig (with loop check) | 7040 | 21006 | 9132 | 123442 | 11 | * Split RampTokenAmount into EVM2AnyTokenTransfer and Any2EVMTokenTransfer (#1435) * Productionize RMN remote contract (#1431) [Original PR](smartcontractkit/ccip#1308) - there is some discussion here that is possibly still relevant) [Open PR to add cursing](smartcontractkit/ccip#1400) - I copied the relevant parts for the `RMNRemote`. Note: we are intentionally separating `RMNRemote` and `RMNHome` since they have different timelines. Productionize the RMNRemote and include it in integration tests --------- Co-authored-by: Makram <[email protected]> * Add RMN_V1_6_ANY2EVM_REPORT to RMNRemote and make public (#1447) ## Motivation smartcontractkit/ccip#1431 (comment) ## Solution Expose the constant as public * merge FeePaid event into CCIPMessageSent (#1456) ## Motivation Not sure actually why this was needed. Request was [made here](https://smartcontract-it.atlassian.net/browse/CCIP-3446?atlOrigin=eyJpIjoiMTQ4ODMwNzU2N2I3NDI0NGE0ZDhiOTIyZTYwOTNjN2IiLCJwIjoiaiJ9). This is the 2nd version, that alters the MessageSent struct. First version [here](smartcontractkit/ccip#1452). ## Solution Merge fields from FeePaid event into CCIPMessageSent event * Add RMNHomeAddress in the OCR3Config (#1449) Adding `rmnHomeAddress` in the `OCR3Config` struct + generated wrappers. * Update pragma to most restrictive dependency or feature (#1466) ## Motivation We have several contracts using `^0.8.0` but also custom errors, or a child contract with custom errors. We also have several contracts at `^0.8.0` but a dependency locked at `0.8.24`. ## Solution Update all pragmas to the pragma of the most restrictive dep or the minimum to enable custom errors (`0.8.4`) * RMNHome (#1469) New PR to have this be standalone * ccip home (#1473) Fresh PR * fix snapshots * Update gethwrappers * [WIP] fix basic offchain logic (#14613) * fix basic offchain logic * type fixes * bump chainlink-common, general fixes * fix message hashing * small fixes * Update chainlink-common * Fix commit-codec test. * Fix error messages. * Fix ccip reader tests (#14619) * Fix exec codec. * Launcher integration tests (#14648) * CCIPHome basic usage framework * Fix homeChain usage * Fix calls in launcher test * Add encoded configs * Add more asserts * Calling right function 😢 * new assertions and logging error * Add don only once and update for all next operations * Fix typo --------- Co-authored-by: Makram Kamaleddine <[email protected]> * core/capabilities/ccip: fix usdc reader test (#14652) * fix lint * Rename bluegreen to deployment and use active candidate naming (#14662) * Fix smoke tests (#14655) * Initial commit - fix AddDon in deployment tests * Fix types and add logs * more explicit config setting * Rename bluegreen to deployment and use active candidate naming (#14662) * contracts/ccip/capability: per (donId, pluginType) active config indexes (#1488) * Add CCIPHome fixes * Commit Encoding with new structs * Update gethwrappers * Commit Encode/Decode with new structure * fix encoding, bump cl-ccip * Update gethwrappers * logging updates * add rmn home and remote configuration * fixes * working int test, still some failing tests * bump chainlink-ccip * some more fixes * lint, build * more lint --------- Co-authored-by: Makram Kamaleddine <[email protected]> Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> --------- Co-authored-by: Makram Kamaleddine <[email protected]> Co-authored-by: Will Winder <[email protected]> Co-authored-by: Abdelrahman Soliman (Boda) <[email protected]> Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> * tidy * lint again * remove stale files * bump chainlink-ccip again * bump with cl-ccip from main * fix build * fix --------- Signed-off-by: 0xsuryansh <[email protected]> Co-authored-by: app-token-issuer-infra-releng[bot] <120227048+app-token-issuer-infra-releng[bot]@users.noreply.github.com> Co-authored-by: Suryansh <[email protected]> Co-authored-by: Ryan <[email protected]> Co-authored-by: Makram <[email protected]> Co-authored-by: Ryan Hall <[email protected]> Co-authored-by: kanth <[email protected]> Co-authored-by: Zubin <[email protected]> Co-authored-by: Josh Weintraub <[email protected]> Co-authored-by: Evaldas Latoškinas <[email protected]> Co-authored-by: nogo <[email protected]> Co-authored-by: Will Winder <[email protected]> Co-authored-by: Abdelrahman Soliman (Boda) <[email protected]>
- Loading branch information