-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: audit gas refund logic #24
base: main
Are you sure you want to change the base?
Conversation
@coderabbitai review |
✅ Actions performedReview triggered.
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the 📝 WalkthroughWalkthroughThe pull request introduces a refined error handling mechanism across multiple contracts, specifically in Changes
Sequence DiagramsequenceDiagram
participant Sender
participant Contract
participant Gateway
Sender->>Contract: Initiate Cross-Chain Transfer
Contract->>Gateway: Attempt Gas Token Transfer
alt Gas Transfer Fails
Contract->>Contract: Emit RefundFailed Event
Contract->>Sender: Log Failure Details
else Gas Transfer Succeeds
Gateway->>Contract: Process Transfer
end
The sequence diagram illustrates the new error handling flow, where instead of reverting on a failed gas token transfer, the contract now emits a Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Nitpick comments (2)
contracts/nft/contracts/shared/Events.sol (1)
31-31
: Consider enhancing event parameter naming and indexingThe
RefundFailed
event parameters should be named and indexed for better readability and efficient event filtering.-event RefundFailed(address, uint256); +event RefundFailed(address indexed recipient, uint256 amount);contracts/nft/contracts/evm/UniversalNFT.sol (1)
142-142
: Ensure NFT state consistency with non-blocking refundsWhile the change aligns with UniversalToken.sol, NFTs require special consideration:
- The NFT is minted and ownership transferred before the refund attempt
- Failed refunds could leave users with valid NFTs but lost gas funds
Consider:
- Documenting the new behavior in contract comments
- Adding a recovery mechanism specific to NFT transfers
if (gasAmount > 0) { if (sender == address(0)) revert InvalidAddress(); (bool success, ) = payable(sender).call{value: gasAmount}(""); - if (!success) emit RefundFailed(sender, gasAmount); + if (!success) { + // Document: NFT transfer successful but gas refund failed + emit RefundFailed(sender, gasAmount); + // Consider: Add to a recovery mapping for later claiming + } }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (4)
contracts/nft/contracts/evm/UniversalNFT.sol
(1 hunks)contracts/nft/contracts/shared/Events.sol
(1 hunks)contracts/token/contracts/evm/UniversalToken.sol
(1 hunks)contracts/token/contracts/shared/Events.sol
(1 hunks)
✅ Files skipped from review due to trivial changes (1)
- contracts/token/contracts/shared/Events.sol
🔇 Additional comments (1)
contracts/token/contracts/evm/UniversalToken.sol (1)
115-115
: Consider implications of non-blocking gas refunds
The change from reverting to event emission on refund failure introduces potential silent failures. While this prevents transaction reversion, it may lead to:
- Lost gas refunds without user notification
- Inconsistent state between successful token transfer but failed refund
Consider:
- Adding logging with detailed failure reason
- Implementing a recovery mechanism for failed refunds
@@ -140,7 +139,7 @@ contract UniversalNFT is | |||
if (gasAmount > 0) { | |||
if (sender == address(0)) revert InvalidAddress(); | |||
(bool success, ) = payable(sender).call{value: gasAmount}(""); | |||
if (!success) revert GasTokenTransferFailed(); | |||
if (!success) emit RefundFailed(sender, gasAmount); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i am not sure i understand this, so for example if we refund to smart contract, and it fails, lets say smart contract doesn't have receiver function by mistake - we let tx succeed even though funds are not transfered, do we then transfer funds manually?
it doesn't look like a security issue to me, would be nice to add exploit scenario to issue for better understanding
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right now tokens just remain in the contract. I suppose we can implement a recover function so that the owner can recover these tokens.
function recover(address tokenAddress, uint256 tokenAmount) public onlyOwner {
if (tokenAddress == address(0)) {
payable(owner()).transfer(tokenAmount);
} else {
IERC20(tokenAddress).transfer(owner(), tokenAmount);
}
Summary by CodeRabbit
New Features
RefundFailed
event to log instances of failed gas token transfers in bothUniversalNFT
andUniversalToken
contracts.Bug Fixes
GasTokenTransferFailed
error, improving error handling for gas token transfers by shifting to event-based notifications.