-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathGranularGuardianAccessControl.sol
128 lines (115 loc) · 5.37 KB
/
GranularGuardianAccessControl.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.8;
import {ICrossChainForwarder} from '../interfaces/ICrossChainForwarder.sol';
import {ICrossChainControllerWithEmergencyMode} from '../interfaces/ICrossChainControllerWithEmergencyMode.sol';
import {IGranularGuardianAccessControl, Envelope, ICrossChainReceiver} from './IGranularGuardianAccessControl.sol';
import {AccessControlEnumerable} from 'openzeppelin-contracts/contracts/access/extensions/AccessControlEnumerable.sol';
import {IWithGuardian} from 'solidity-utils/contracts/access-control/OwnableWithGuardian.sol';
import {ICrossChainControllerWithEmergencyModeDeprecated} from '../interfaces/ICrossChainControllerWithEmergencyModeDeprecated.sol';
/**
* @title GranularGuardianAccessControl
* @author BGD Labs
* @notice Contract to manage a granular access to the methods safeguarded by guardian on CrossChainController
*/
contract GranularGuardianAccessControl is AccessControlEnumerable, IGranularGuardianAccessControl {
/// @inheritdoc IGranularGuardianAccessControl
address public immutable CROSS_CHAIN_CONTROLLER;
/// @inheritdoc IGranularGuardianAccessControl
bytes32 public constant SOLVE_EMERGENCY_ROLE = keccak256('SOLVE_EMERGENCY_ROLE');
/// @inheritdoc IGranularGuardianAccessControl
bytes32 public constant RETRY_ROLE = keccak256('RETRY_ROLE');
/**
* @param initialGuardians object with the initial guardians to assign the roles to
* @param crossChainController address of the CrossChainController
*/
constructor(InitialGuardians memory initialGuardians, address crossChainController) {
if (crossChainController == address(0)) {
revert CrossChainControllerCantBe0();
}
if (initialGuardians.defaultAdmin == address(0)) {
revert DefaultAdminCantBe0();
}
CROSS_CHAIN_CONTROLLER = crossChainController;
_grantRole(DEFAULT_ADMIN_ROLE, initialGuardians.defaultAdmin);
if (initialGuardians.solveEmergencyGuardian != address(0)) {
_grantRole(SOLVE_EMERGENCY_ROLE, initialGuardians.solveEmergencyGuardian);
}
if (initialGuardians.retryGuardian != address(0)) {
_grantRole(RETRY_ROLE, initialGuardians.retryGuardian);
}
}
/// @inheritdoc IGranularGuardianAccessControl
function retryEnvelope(
Envelope memory envelope,
uint256 gasLimit
) external onlyRole(RETRY_ROLE) returns (bytes32) {
return ICrossChainForwarder(CROSS_CHAIN_CONTROLLER).retryEnvelope(envelope, gasLimit);
}
/// @inheritdoc IGranularGuardianAccessControl
function retryTransaction(
bytes memory encodedTransaction,
uint256 gasLimit,
address[] memory bridgeAdaptersToRetry
) external onlyRole(RETRY_ROLE) {
ICrossChainForwarder(CROSS_CHAIN_CONTROLLER).retryTransaction(
encodedTransaction,
gasLimit,
bridgeAdaptersToRetry
);
}
/// @inheritdoc IGranularGuardianAccessControl
function solveEmergency(
ICrossChainReceiver.ConfirmationInput[] memory newConfirmations,
ICrossChainReceiver.ValidityTimestampInput[] memory newValidityTimestamp,
ICrossChainReceiver.ReceiverBridgeAdapterConfigInput[] memory receiverBridgeAdaptersToAllow,
ICrossChainReceiver.ReceiverBridgeAdapterConfigInput[] memory receiverBridgeAdaptersToDisallow,
address[] memory sendersToApprove,
address[] memory sendersToRemove,
ICrossChainForwarder.ForwarderBridgeAdapterConfigInput[] memory forwarderBridgeAdaptersToEnable,
ICrossChainForwarder.BridgeAdapterToDisable[] memory forwarderBridgeAdaptersToDisable,
ICrossChainForwarder.OptimalBandwidthByChain[] memory optimalBandwidthByChain
) external onlyRole(SOLVE_EMERGENCY_ROLE) {
ICrossChainControllerWithEmergencyMode(CROSS_CHAIN_CONTROLLER).solveEmergency(
newConfirmations,
newValidityTimestamp,
receiverBridgeAdaptersToAllow,
receiverBridgeAdaptersToDisallow,
sendersToApprove,
sendersToRemove,
forwarderBridgeAdaptersToEnable,
forwarderBridgeAdaptersToDisable,
optimalBandwidthByChain
);
}
/// @inheritdoc IGranularGuardianAccessControl
function solveEmergencyDeprecated(
ICrossChainReceiver.ConfirmationInput[] memory newConfirmations,
ICrossChainReceiver.ValidityTimestampInput[] memory newValidityTimestamp,
ICrossChainReceiver.ReceiverBridgeAdapterConfigInput[] memory receiverBridgeAdaptersToAllow,
ICrossChainReceiver.ReceiverBridgeAdapterConfigInput[] memory receiverBridgeAdaptersToDisallow,
address[] memory sendersToApprove,
address[] memory sendersToRemove,
ICrossChainForwarder.ForwarderBridgeAdapterConfigInput[] memory forwarderBridgeAdaptersToEnable,
ICrossChainForwarder.BridgeAdapterToDisable[] memory forwarderBridgeAdaptersToDisable
) external onlyRole(SOLVE_EMERGENCY_ROLE) {
ICrossChainControllerWithEmergencyModeDeprecated(CROSS_CHAIN_CONTROLLER).solveEmergency(
newConfirmations,
newValidityTimestamp,
receiverBridgeAdaptersToAllow,
receiverBridgeAdaptersToDisallow,
sendersToApprove,
sendersToRemove,
forwarderBridgeAdaptersToEnable,
forwarderBridgeAdaptersToDisable
);
}
/// @inheritdoc IGranularGuardianAccessControl
function updateGuardian(
address newCrossChainControllerGuardian
) external onlyRole(DEFAULT_ADMIN_ROLE) {
if (newCrossChainControllerGuardian == address(0)) {
revert NewGuardianCantBe0();
}
IWithGuardian(CROSS_CHAIN_CONTROLLER).updateGuardian(newCrossChainControllerGuardian);
}
}