Skip to content

Commit

Permalink
refactor: CallerChecker
Browse files Browse the repository at this point in the history
  • Loading branch information
@gzeoneth
gzeoneth committed Oct 3, 2024
1 parent a562642 commit 9febcfe
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 15 deletions.
7 changes: 3 additions & 4 deletions src/bridge/AbsInbox.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,19 +8,19 @@ import {
DataTooLarge,
Deprecated,
GasLimitTooLarge,
HasCode,
InsufficientValue,
InsufficientSubmissionCost,
L1Forked,
NotAllowedOrigin,
NotOrigin,
NotTopLevel,
NotRollupOrOwner,
RetryableData
} from "../libraries/Error.sol";
import "./IInboxBase.sol";
import "./ISequencerInbox.sol";
import "./IBridge.sol";
import "../libraries/AddressAliasHelper.sol";
import "../libraries/CallerChecker.sol";
import "../libraries/DelegateCallAware.sol";
import {
L1MessageType_submitRetryableTx,
Expand Down Expand Up @@ -142,8 +142,7 @@ abstract contract AbsInbox is DelegateCallAware, PausableUpgradeable, IInboxBase
) external whenNotPaused onlyAllowed returns (uint256) {
if (_chainIdChanged()) revert L1Forked();
// solhint-disable-next-line avoid-tx-origin
if (msg.sender != tx.origin) revert NotOrigin();
if (msg.sender.code.length != 0) revert HasCode();
if (!CallerChecker.isCallerTopLevel()) revert NotTopLevel();
if (messageData.length > maxDataSize) revert DataTooLarge(messageData.length, maxDataSize);
uint256 msgNum = _deliverToBridge(L2_MSG, msg.sender, keccak256(messageData), 0);
emit InboxMessageDeliveredFromOrigin(msgNum);
Expand Down
13 changes: 5 additions & 8 deletions src/bridge/SequencerInbox.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,14 @@ import {
DelayedBackwards,
DelayedTooFar,
ForceIncludeBlockTooSoon,
HasCode,
IncorrectMessagePreimage,
NotBatchPoster,
BadSequencerNumber,
AlreadyValidDASKeyset,
NoSuchKeyset,
NotForked,
NotBatchPosterManager,
NotTopLevel,
RollupNotChanged,
DataBlobsNotSupported,
InitParamZero,
Expand All @@ -43,6 +43,7 @@ import "../rollup/IRollupLogic.sol";
import "./Messages.sol";
import "../precompiles/ArbGasInfo.sol";
import "../precompiles/ArbSys.sol";
import "../libraries/CallerChecker.sol";
import "../libraries/IReader4844.sol";

import "../libraries/DelegateCallAware.sol";
Expand Down Expand Up @@ -334,9 +335,7 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
uint256 prevMessageCount,
uint256 newMessageCount
) external refundsGas(gasRefunder, IReader4844(address(0))) {
// solhint-disable-next-line avoid-tx-origin
if (msg.sender != tx.origin) revert NotOrigin();
if (msg.sender.code.length != 0) revert HasCode();
if (!CallerChecker.isCallerTopLevel()) revert NotTopLevel();
if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
if (isDelayProofRequired(afterDelayedMessagesRead)) revert DelayProofRequired();

Expand Down Expand Up @@ -389,9 +388,7 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
uint256 newMessageCount,
DelayProof calldata delayProof
) external refundsGas(gasRefunder, IReader4844(address(0))) {
// solhint-disable-next-line avoid-tx-origin
if (msg.sender != tx.origin) revert NotOrigin();
if (msg.sender.code.length != 0) revert HasCode();
if (!CallerChecker.isCallerTopLevel()) revert NotTopLevel();
if (!isBatchPoster[msg.sender]) revert NotBatchPoster();
if (!isDelayBufferable) revert NotDelayBufferable();

Expand Down Expand Up @@ -442,7 +439,7 @@ contract SequencerInbox is DelegateCallAware, GasRefundEnabled, ISequencerInbox
// same as using calldata, we only submit spending report if the caller is the origin of the tx
// such that one cannot "double-claim" batch posting refund in the same tx
// solhint-disable-next-line avoid-tx-origin
if (msg.sender == tx.origin && msg.sender.code.length == 0 && !isUsingFeeToken) {
if (CallerChecker.isCallerTopLevel() && !isUsingFeeToken) {
submitBatchSpendingReport(dataHash, seqMessageIndex, block.basefee, blobGas);
}
}
Expand Down
16 changes: 16 additions & 0 deletions src/libraries/CallerChecker.sol
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
// Copyright 2021-2024, Offchain Labs, Inc.
// For license information, see https://github.com/OffchainLabs/nitro-contracts/blob/main/LICENSE
// SPDX-License-Identifier: BUSL-1.1

pragma solidity ^0.8.0;

library CallerChecker {
/**
* @notice A EIP-7702 safe check for top level caller, used to ensure the calldata is available in the tx
* @return bool true if the caller is a top level caller, false otherwise
*/
function isCallerTopLevel() internal view returns (bool) {
// solhint-disable-next-line avoid-tx-origin
return msg.sender == tx.origin && msg.sender.code.length == 0;
}
}
4 changes: 2 additions & 2 deletions src/libraries/Error.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ error HadZeroInit();
/// @dev Thrown when post upgrade init validation fails
error BadPostUpgradeInit();

/// @dev Thrown when the sender has code
error HasCode();
/// @dev Thrown when the caller is not a top level caller
error NotTopLevel();

/// @dev Thrown when non owner tries to access an only-owner function
/// @param sender The msg.sender who is not the owner
Expand Down
3 changes: 2 additions & 1 deletion src/libraries/GasRefundEnabled.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ pragma solidity ^0.8.0;

import "./IReader4844.sol";
import "./IGasRefunder.sol";
import "../libraries/CallerChecker.sol";

abstract contract GasRefundEnabled {
uint256 internal immutable gasPerBlob = 2 ** 17;
Expand All @@ -25,7 +26,7 @@ abstract contract GasRefundEnabled {
// if triggered in a contract call, the spender may be overrefunded by appending dummy data to the call
// so we check if it is a top level call, which would mean the sender paid calldata as part of tx.input
// solhint-disable-next-line avoid-tx-origin
if (msg.sender != tx.origin || msg.sender.code.length != 0) {
if (!CallerChecker.isCallerTopLevel()) {
// We can't be sure if this calldata came from the top level tx,
// so to be safe we tell the gas refunder there was no calldata.
calldataSize = 0;
Expand Down

0 comments on commit 9febcfe

Please sign in to comment.