-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multi-whitelisted operators [audited] #299
Conversation
if (!s.operators[operatorId].whitelisted) s.operators[operatorId].whitelisted = true; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
im not sure this is the best flow, what if you want to add a bunch of whitelists then make yourself public
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@andrew-blox Done. This change requires the operator owner to call the setOperatorsPrivateUnchecked
function to make the operator private. If not, anyone can register validators using it even having whitelisted addresses.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@arielssv i know you already know just affirming it here
s.operatorsWhitelist[operatorId] = address(whitelistingContract); | ||
} | ||
|
||
emit OperatorWhitelistingContractUpdated(operatorIds, address(whitelistingContract)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it worth to emit the old whitelist address as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it is enough to emit the new one. Using off-chain tools, all previous addresses can be retrieved.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed
} else { | ||
operator.whitelisted = true; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure i understand why this is in an else? seems like if there is not already an address there then we wont make whitelisted to true?
personally i dont think we should be changing whitelisted to true or false only if they request via the function that is made now (comment about this above)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@andrew-blox Done. This change requires the operator owner to call the setOperatorsPrivateUnchecked function to make the operator private.
Also, the logic of whitelisted changed a bit. Thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is no code nor tests dealing with whitelisted operators upon reactivation, this must be included
contracts/modules/SSVViews.sol
Outdated
function getWhitelistedOperators( | ||
uint64[] calldata operatorIds, | ||
address whitelistedAddress | ||
) external view override returns (uint64[] memory whitelistedOperatorIds) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be nice if this function works with external contracts as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done: isAddressWhitelistedInWhitelistingContract
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I carefully reviewed every modified or added code, and everything looks good to merge into the branch
The new feature allows operators to whitelist multiple EOAs/generic contracts and one external whitelisting contract.
EOAs/generic contracts
Whitelisting contracts
ISSVWhitelistingContract
and comply with ERC165