Skip to content

Commit

Permalink
use accesscontrol
Browse files Browse the repository at this point in the history
  • Loading branch information
notV4l committed Sep 10, 2024
1 parent a9758dd commit 83746de
Show file tree
Hide file tree
Showing 8 changed files with 67 additions and 292 deletions.
14 changes: 7 additions & 7 deletions packages/contracts/resolver/scripts/deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,13 @@ export ACCOUNT_KEYSTORE="../../../../../cartridge/keystore"

export UDC_ADDRESS="0x41a78e741e5af2fec34b695679bc6891742439f7afb8484ecd7766661ad02bf"

export OWNER_ADDRESS="0x"
export ADMIN_ADDRESS="0x6bd82a20984e638c8e1d45770e2924e274e315b9609eb15c26384eac0094cf1"

export EXECUTOR_PUB_KEY_ASIA="0x180ee4f1a9a0b27a444bf960822003a0748aa0cdd69f34c2792f42e13dc805e"
export EXECUTOR_PUB_KEY_EU="0x717642da0ea4a1dd4551404571b2ff9a4c256328f098e3276e027aeb37038e1"
export EXECUTOR_PUB_KEY_US="0x3acd845dff3a582501a330dec9865865ba3f8cced45c918f66ed5f2b538f082"
export EXECUTOR_ADDRESS_1="0x1"
export EXECUTOR_ADDRESS_2="0x2"
export EXECUTOR_ADDRESS_3="0x6bd82a20984e638c8e1d45770e2924e274e315b9609eb15c26384eac0094cf1"

export RESOLVER_CLASS_HASH="0x"
export RESOLVER_CLASS_HASH="0x0502af1b1d34e7d5f9ff6f9495e0f7a921dd48dd84055c4d8f6fc1b0a2021881"


starkli invoke $UDC_ADDRESS -w --account $ACCOUNT \
Expand All @@ -26,7 +26,7 @@ starkli invoke $UDC_ADDRESS -w --account $ACCOUNT \
0x0 \
0x0 \
0x5 \
$OWNER_ADDRESS \
0x3 $EXECUTOR_PUB_KEY_US $EXECUTOR_PUB_KEY_EU $EXECUTOR_PUB_KEY_ASIA \
$ADMIN_ADDRESS \
0x3 $EXECUTOR_ADDRESS_1 $EXECUTOR_ADDRESS_2 $EXECUTOR_ADDRESS_3 \


2 changes: 1 addition & 1 deletion packages/contracts/resolver/scripts/reset_name.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ export RPC_URL="http://localhost:8001/x/starknet/sepolia"
export ACCOUNT="../../../../../cartridge/account.json"
export ACCOUNT_KEYSTORE="../../../../../cartridge/keystore"

export RESOLVER_ADDRESS="0x"
export RESOLVER_ADDRESS="0x468a75c755cc663618f5424fae7e2c2f85c1a8d7a38157f4b0ecb0f1b815443"

export NAME=$(starkli to-cairo-string $1)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ export RPC_URL="http://localhost:8001/x/starknet/sepolia"
export ACCOUNT="../../../../../cartridge/account.json"
export ACCOUNT_KEYSTORE="../../../../../cartridge/keystore"

export RESOLVER_ADDRESS="0x"
export RESOLVER_ADDRESS="0x468a75c755cc663618f5424fae7e2c2f85c1a8d7a38157f4b0ecb0f1b815443"

export NAME=$(starkli to-cairo-string $1)
export STARKNET=$(starkli to-cairo-string starknet)
Expand Down
23 changes: 23 additions & 0 deletions packages/contracts/resolver/scripts/set_name.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
#!/bin/bash
set -euo pipefail
pushd $(dirname "$0")/..

export RPC_URL="http://localhost:8001/x/starknet/sepolia"
export ACCOUNT="../../../../../cartridge/account.json"
export ACCOUNT_KEYSTORE="../../../../../cartridge/keystore"

export RESOLVER_ADDRESS="0x468a75c755cc663618f5424fae7e2c2f85c1a8d7a38157f4b0ecb0f1b815443"

export NAME=$(starkli to-cairo-string $1)
export STARKNET=$(starkli to-cairo-string starknet)

echo $NAME
echo $STARKNET

starkli invoke \
--rpc $RPC_URL \
--account $ACCOUNT \
--keystore $ACCOUNT_KEYSTORE \
--keystore-password apidev \
$RESOLVER_ADDRESS set_name \
$NAME 0x555 \
6 changes: 0 additions & 6 deletions packages/contracts/resolver/src/interface.cairo
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,3 @@ trait IResolver<TContractState> {
) -> felt252;
}



#[starknet::interface]
trait IExecutorAccount<TContractState> {
fn get_public_key(self: @TContractState) -> felt252;
}
1 change: 0 additions & 1 deletion packages/contracts/resolver/src/lib.cairo
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
mod interface;

mod resolver;
// mod resolver_ccip;
97 changes: 35 additions & 62 deletions packages/contracts/resolver/src/resolver.cairo
Original file line number Diff line number Diff line change
Expand Up @@ -2,49 +2,57 @@
trait IControllerResolverDelegation<TContractState> {
fn set_name(ref self: TContractState, name: felt252, address: starknet::ContractAddress);
fn reset_name(ref self: TContractState, name: felt252);

fn set_owner(ref self: TContractState, new_owner: starknet::ContractAddress);

fn grant_executors(ref self: TContractState, executor_pub_keys: Span<felt252>);
fn revoke_executors(ref self: TContractState, executor_pub_keys: Span<felt252>);
}

const EXECUTOR_ROLE: felt252 = selector!("EXECUTOR_ROLE");

#[starknet::contract]
mod ControllerResolverDelegation {
use core::panics::panic_with_byte_array;
use starknet::{get_caller_address, ContractAddress, ClassHash, storage::Map};
use starknet::contract_address::ContractAddressZeroable;
use resolver::interface::{
IResolver, IExecutorAccount, IExecutorAccountDispatcher, IExecutorAccountDispatcherTrait
};
use resolver::interface::IResolver;

use openzeppelin::upgrades::UpgradeableComponent;
use openzeppelin::upgrades::interface::IUpgradeable;
use openzeppelin::introspection::src5::SRC5Component;
use openzeppelin::access::accesscontrol::AccessControlComponent;
use openzeppelin::access::accesscontrol::DEFAULT_ADMIN_ROLE;
use super::EXECUTOR_ROLE;

// Upgradeable

component!(path: UpgradeableComponent, storage: upgradeable, event: UpgradeableEvent);
component!(path: AccessControlComponent, storage: accesscontrol, event: AccessControlEvent);
component!(path: SRC5Component, storage: src5, event: SRC5Event);

#[abi(embed_v0)]
impl AccessControlMixinImpl = AccessControlComponent::AccessControlMixinImpl<ContractState>;

impl UpgradeableInternalImpl = UpgradeableComponent::InternalImpl<ContractState>;

impl AccessControlInternalImpl = AccessControlComponent::InternalImpl<ContractState>;

#[storage]
struct Storage {
// name -> address
name_owners: Map::<felt252, ContractAddress>,
// pub_key -> allowed
executor_pub_keys: Map::<felt252, bool>,
// owner
owner: ContractAddress,
// upgradeable
#[substorage(v0)]
upgradeable: UpgradeableComponent::Storage,
#[substorage(v0)]
accesscontrol: AccessControlComponent::Storage,
#[substorage(v0)]
src5: SRC5Component::Storage,
}

#[event]
#[derive(Drop, starknet::Event)]
enum Event {
DomainToAddressUpdate: DomainToAddressUpdate,
#[flat]
UpgradeableEvent: UpgradeableComponent::Event
UpgradeableEvent: UpgradeableComponent::Event,
#[flat]
AccessControlEvent: AccessControlComponent::Event,
#[flat]
SRC5Event: SRC5Component::Event,
}

#[derive(Drop, starknet::Event)]
Expand All @@ -57,13 +65,16 @@ mod ControllerResolverDelegation {

#[constructor]
fn constructor(
ref self: ContractState, owner: ContractAddress, mut executor_pub_keys: Span<felt252>
ref self: ContractState, admin: ContractAddress, mut executors: Span<ContractAddress>
) {
self.owner.write(owner);
self.accesscontrol.initializer();

while let Option::Some(pub_key) = executor_pub_keys.pop_front() {
self.executor_pub_keys.write(*pub_key, true);
self.accesscontrol._grant_role(DEFAULT_ADMIN_ROLE, admin);

while let Option::Some(executor) = executors.pop_front() {
self.accesscontrol._grant_role(EXECUTOR_ROLE, *executor);
}

}

#[abi(embed_v0)]
Expand All @@ -88,7 +99,7 @@ mod ControllerResolverDelegation {
#[abi(embed_v0)]
impl ControllerResolverDelegationImpl of super::IControllerResolverDelegation<ContractState> {
fn set_name(ref self: ContractState, name: felt252, address: ContractAddress) {
self.assert_executor();
self.accesscontrol.assert_only_role(EXECUTOR_ROLE);

let owner = self.name_owners.read(name);
assert(owner == ContractAddressZeroable::zero(), 'Name is already taken');
Expand All @@ -103,57 +114,19 @@ mod ControllerResolverDelegation {
}

fn reset_name(ref self: ContractState, name: felt252) {
self.assert_executor();
self.accesscontrol.assert_only_role(EXECUTOR_ROLE);

self.name_owners.write(name, ContractAddressZeroable::zero());
}

fn set_owner(ref self: ContractState, new_owner: ContractAddress) {
self.assert_owner();
self.owner.write(new_owner);
}


fn grant_executors(ref self: ContractState, mut executor_pub_keys: Span<felt252>) {
self.assert_owner();

while let Option::Some(pub_key) = executor_pub_keys.pop_front() {
self.executor_pub_keys.write(*pub_key, true);
}
}

fn revoke_executors(ref self: ContractState, mut executor_pub_keys: Span<felt252>) {
self.assert_owner();

while let Option::Some(pub_key) = executor_pub_keys.pop_front() {
self.executor_pub_keys.write(*pub_key, false);
}
}
}

#[abi(embed_v0)]
impl UpgradeableImpl of IUpgradeable<ContractState> {
fn upgrade(ref self: ContractState, new_class_hash: ClassHash) {
self.assert_owner();
self.upgradeable.upgrade(new_class_hash);
}
}

#[generate_trait]
impl InternalImpl of InternalTrait {
fn assert_owner(self: @ContractState) {
let caller = get_caller_address();
let owner = self.owner.read();
assert(caller == owner, 'caller is not owner');
}

fn assert_executor(self: @ContractState) {
// retrieve caller public key
let caller_disp = IExecutorAccountDispatcher { contract_address: get_caller_address() };
let public_key = caller_disp.get_public_key();
self.accesscontrol.assert_only_role(DEFAULT_ADMIN_ROLE);

let is_executor = self.executor_pub_keys.read(public_key);
assert(is_executor, 'caller is not executor');
self.upgradeable.upgrade(new_class_hash);
}
}
}
Loading

0 comments on commit 83746de

Please sign in to comment.