-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature(AuthMultisig): removing auth logic from the gateway #110
Conversation
# Conflicts: # contracts/AxelarGateway.sol # contracts/AxelarGatewayMultisig.sol # contracts/AxelarGatewaySinglesig.sol # contracts/interfaces/IAxelarGateway.sol
contracts/AxelarAuthMultisig.sol
Outdated
uint256 operatorsCount = operators.length; | ||
uint256 operatorsIndex = 0; | ||
uint256 signatureCount = signatures.length; | ||
|
||
// looking for signers within operators | ||
// assuming that both operators and signers are sorted | ||
for (uint256 i; i < signatureCount; ++i) { | ||
address signer = ECDSA.recover(messageHash, signatures[i]); | ||
if (signer == operators[operatorsIndex]) { | ||
++operatorsIndex; | ||
} else { | ||
// keep looping through operators to find the signer | ||
while (operatorsIndex < operatorsCount) { | ||
++operatorsIndex; | ||
if (signer == operators[operatorsIndex]) break; | ||
} | ||
// check if we ran out of operators | ||
if (operatorsIndex < operatorsCount) { | ||
++operatorsIndex; | ||
} else { | ||
revert MalformedSigners(); | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
uint256 operatorsCount = operators.length; | |
uint256 operatorsIndex = 0; | |
uint256 signatureCount = signatures.length; | |
// looking for signers within operators | |
// assuming that both operators and signers are sorted | |
for (uint256 i; i < signatureCount; ++i) { | |
address signer = ECDSA.recover(messageHash, signatures[i]); | |
if (signer == operators[operatorsIndex]) { | |
++operatorsIndex; | |
} else { | |
// keep looping through operators to find the signer | |
while (operatorsIndex < operatorsCount) { | |
++operatorsIndex; | |
if (signer == operators[operatorsIndex]) break; | |
} | |
// check if we ran out of operators | |
if (operatorsIndex < operatorsCount) { | |
++operatorsIndex; | |
} else { | |
revert MalformedSigners(); | |
} | |
} | |
} | |
uint256 j = 0; | |
// looking for signers within operators | |
// assuming that both operators and signatures are sorted | |
for (uint256 i; i < signatures.length; ++i) { | |
address signer = ECDSA.recover(messageHash, signatures[i]); | |
for (; j < operators.length && signer != operators[j]; ++j) {} | |
if (j == operators.length) revert MalformedSigners(); | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice simplification! It became this
uint256 j = 0;
// looking for signers within operators
// assuming that both operators and signatures are sorted
for (uint256 i = 0; i < signatures.length; ++i) {
address signer = ECDSA.recover(messageHash, signatures[i]);
// looping through remaining operators to find a match
for (; j < operators.length && signer != operators[j]; ++j) {}
if (j == operators.length) revert MalformedSigners();
// increasing operators index if match was found
++j;
}
contracts/AxelarGateway.sol
Outdated
tokenAddress, | ||
abi.encodeWithSelector(IERC20.transferFrom.selector, sender, address(this), amount) | ||
); | ||
if (operatorshipParams.length > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When should operatorshipParams
be empty?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we don't want to transfer operatorship on upgrade?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On initial deployment we want to pass admins, but not the operators, because gateway is not the owner of the auth yet
contracts/AxelarAuthMultisig.sol
Outdated
|
||
uint8 internal constant OLD_KEY_RETENTION = 16; | ||
|
||
constructor(bytes memory recentOperators) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
constructor(bytes memory recentOperators) { | |
constructor(bytes[] memory recentOperators) { |
why not just?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea
contracts/AxelarGateway.sol
Outdated
uint256 signersRole; | ||
(chainId, signersRole, commandIds, commands, params) = abi.decode(executeData, (uint256, uint256, bytes32[], string[], bytes[])); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
uint256 signersRole; | |
(chainId, signersRole, commandIds, commands, params) = abi.decode(executeData, (uint256, uint256, bytes32[], string[], bytes[])); | |
(chainId, , commandIds, commands, params) = abi.decode(executeData, (uint256, uint256, bytes32[], string[], bytes[])); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Applied, my IDE is complaining, but it compiles with no problems
contracts/AxelarGateway.sol
Outdated
bytes[] memory params_ | ||
) { | ||
(chainId, commandIds, commands, params) = (chainId_, commandIds_, commands_, params_); | ||
} catch (bytes memory) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
} catch (bytes memory) { | |
} catch { |
AxelarGatewayMultisig
andAxelarGatewaySinglesig
implementationsAxelarGateway
IAxelarAuthModule
interfaceAxelarAuthMultisig
module implementing the interface