Skip to content

Commit

Permalink
feat(protocol): upgrade to use OZ 4.9.6 (#16360)
Browse files Browse the repository at this point in the history
Co-authored-by: D <51912515+adaki2004@users.noreply.github.com>
Co-authored-by: Keszey Dániel <keszeyd@MacBook-Pro.local>
Co-authored-by: d1onys1us <13951458+d1onys1us@users.noreply.github.com>
  • Loading branch information
4 people authored Mar 9, 2024
1 parent 5c3f2b2 commit 2a0fe95
Show file tree
Hide file tree
Showing 4 changed files with 46 additions and 49 deletions.
54 changes: 20 additions & 34 deletions packages/protocol/contracts/L1/gov/TaikoGovernor.sol
Original file line number Diff line number Diff line change
@@ -1,22 +1,19 @@
// SPDX-License-Identifier: MIT
pragma solidity 0.8.24;

import "@openzeppelin/contracts-upgradeable/governance/GovernorUpgradeable.sol";
import
"@openzeppelin/contracts-upgradeable/governance/compatibility/GovernorCompatibilityBravoUpgradeable.sol";
import "@openzeppelin/contracts-upgradeable/governance/extensions/GovernorVotesUpgradeable.sol";
import
"@openzeppelin/contracts-upgradeable/governance/extensions/GovernorVotesQuorumFractionUpgradeable.sol";
import
"@openzeppelin/contracts-upgradeable/governance/extensions/GovernorTimelockControlUpgradeable.sol";
import "../../common/EssentialContract.sol";
import "@openzeppelin/contracts-upgradeable/access/Ownable2StepUpgradeable.sol";

/// @title TaikoGovernor
/// @custom:security-contact security@taiko.xyz
contract TaikoGovernor is
EssentialContract,
Ownable2StepUpgradeable,
GovernorCompatibilityBravoUpgradeable,
GovernorVotesUpgradeable,
GovernorVotesQuorumFractionUpgradeable,
GovernorTimelockControlUpgradeable
{
Expand All @@ -36,9 +33,8 @@ contract TaikoGovernor is
external
initializer
{
__Essential_init(_owner);
_transferOwnership(_owner == address(0) ? msg.sender : _owner);
__Governor_init("TaikoGovernor");
__GovernorCompatibilityBravo_init();
__GovernorVotes_init(_token);
__GovernorVotesQuorumFraction_init(4);
__GovernorTimelockControl_init(_timelock);
Expand All @@ -58,33 +54,6 @@ contract TaikoGovernor is
return super.propose(_targets, _values, _calldatas, _description);
}

/// @notice An overwrite of GovernorCompatibilityBravoUpgradeable's propose() as that one does
/// not check that the length of signatures equal the calldata.
/// @dev See vulnerability description here:
/// https://github.com/taikoxyz/taiko-mono/security/dependabot/114
/// See fix in OZ 4.8.3 here (URL broken down for readability):
/// https://github.com/OpenZeppelin/openzeppelin-contracts/blob/
/// 0a25c1940ca220686588c4af3ec526f725fe2582/contracts/governance/compatibility/GovernorCompatibilityBravo.sol#L72
/// See {GovernorCompatibilityBravoUpgradeable-propose}
function propose(
address[] memory _targets,
uint256[] memory _values,
string[] memory _signatures,
bytes[] memory _calldatas,
string memory _description
)
public
virtual
override(GovernorCompatibilityBravoUpgradeable)
returns (uint256)
{
if (_signatures.length != _calldatas.length) revert TG_INVALID_SIGNATURES_LENGTH();

return GovernorCompatibilityBravoUpgradeable.propose(
_targets, _values, _signatures, _calldatas, _description
);
}

/// @dev See {GovernorUpgradeable-supportsInterface}
function supportsInterface(bytes4 _interfaceId)
public
Expand Down Expand Up @@ -124,6 +93,23 @@ contract TaikoGovernor is
return 1_000_000_000 ether / 10_000; // 0.01% of Taiko Token
}

/// @dev Cancel a proposal with GovernorBravo logic.
function cancel(
address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
)
public
virtual
override(IGovernorUpgradeable, GovernorUpgradeable, GovernorCompatibilityBravoUpgradeable)
returns (uint256)
{
return GovernorCompatibilityBravoUpgradeable.cancel(
targets, values, calldatas, descriptionHash
);
}

function _execute(
uint256 _proposalId,
address[] memory _targets,
Expand Down
4 changes: 2 additions & 2 deletions packages/protocol/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,8 @@
"typescript": "^5.2.2"
},
"dependencies": {
"@openzeppelin/contracts": "4.8.2",
"@openzeppelin/contracts-upgradeable": "4.8.2",
"@openzeppelin/contracts": "4.9.6",
"@openzeppelin/contracts-upgradeable": "4.9.6",
"ds-test": "github:dapphub/ds-test#e282159d5170298eb2455a6c05280ab5a73a4ef0",
"forge-std": "github:foundry-rs/forge-std#v1.7.5",
"merkletreejs": "^0.3.11",
Expand Down
5 changes: 0 additions & 5 deletions packages/protocol/test/L1/gov/TaikoGovernor.t.sol
Original file line number Diff line number Diff line change
Expand Up @@ -99,11 +99,6 @@ contract TestTaikoGovernor is TaikoL1TestBase {
true,
"Incorrect supports interface"
);
assertEq(
taikoGovernor.supportsInterface(type(IGovernorUpgradeable).interfaceId),
true,
"Incorrect supports interface"
);
assertEq(
taikoGovernor.supportsInterface(type(IERC1155ReceiverUpgradeable).interfaceId),
true,
Expand Down
32 changes: 24 additions & 8 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 2a0fe95

Please sign in to comment.