Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: use nonReentrant only on functions interacting with arbitrary contracts #395

Merged
merged 6 commits into from
Oct 23, 2024
Merged

fix: use nonReentrant only on functions interacting with arbitrary contracts #395

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
acd0c41
remove non reentrant from execute methods
skosito Oct 16, 2024
17d9590
remove lib
skosito Oct 16, 2024
905691f
Merge branch 'main' into non-reentrant-fixes
skosito Oct 21, 2024
4df01e3
fix nonReentrant modifier usage
skosito Oct 21, 2024
39e72fe
cleanup
skosito Oct 23, 2024
36c6a2e
generate
skosito Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 5 additions & 17 deletions v2/contracts/evm/GatewayEVM.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,9 +110,9 @@ contract GatewayEVM is
)
public
payable
nonReentrant
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unnecessary nonReentrant modifier

The executeRevert function only interacts with contracts implementing the Revertable interface and doesn't make arbitrary external calls. The nonReentrant modifier is not necessary here as the function enforces a specific interface.

    function executeRevert(
        address destination,
        bytes calldata data,
        RevertContext calldata revertContext
    )
        public
        payable
-       nonReentrant
        onlyRole(TSS_ROLE)
        whenNotPaused
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
nonReentrant
function executeRevert(
address destination,
bytes calldata data,
RevertContext calldata revertContext
)
public
payable
onlyRole(TSS_ROLE)
whenNotPaused

onlyRole(TSS_ROLE)
whenNotPaused
nonReentrant
{
if (destination == address(0)) revert ZeroAddress();
(bool success,) = destination.call{ value: msg.value }("");
Expand All @@ -135,9 +135,9 @@ contract GatewayEVM is
)
external
payable
nonReentrant
onlyRole(TSS_ROLE)
whenNotPaused
nonReentrant
returns (bytes memory)
{
if (destination == address(0)) revert ZeroAddress();
Expand Down Expand Up @@ -172,9 +172,9 @@ contract GatewayEVM is
bytes calldata data
)
public
nonReentrant
onlyRole(ASSET_HANDLER_ROLE)
whenNotPaused
nonReentrant
{
if (amount == 0) revert InsufficientERC20Amount();
if (to == address(0)) revert ZeroAddress();
Expand Down Expand Up @@ -217,9 +217,9 @@ contract GatewayEVM is
RevertContext calldata revertContext
)
external
nonReentrant
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Remove unnecessary nonReentrant modifier

The revertWithERC20 function only interacts with contracts implementing the Revertable interface and doesn't make arbitrary external calls. The nonReentrant modifier is not necessary here as the function enforces a specific interface.

    function revertWithERC20(
        address token,
        address to,
        uint256 amount,
        bytes calldata data,
        RevertContext calldata revertContext
    )
        external
-       nonReentrant
        onlyRole(ASSET_HANDLER_ROLE)
        whenNotPaused
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
nonReentrant
onlyRole(ASSET_HANDLER_ROLE)

onlyRole(ASSET_HANDLER_ROLE)
whenNotPaused
nonReentrant
{
if (amount == 0) revert InsufficientERC20Amount();
if (to == address(0)) revert ZeroAddress();
Expand All @@ -233,15 +233,7 @@ contract GatewayEVM is
/// @notice Deposits ETH to the TSS address.
/// @param receiver Address of the receiver.
/// @param revertOptions Revert options.
function deposit(
address receiver,
RevertOptions calldata revertOptions
)
external
payable
whenNotPaused
nonReentrant
{
function deposit(address receiver, RevertOptions calldata revertOptions) external payable whenNotPaused {
if (msg.value == 0) revert InsufficientETHAmount();
if (receiver == address(0)) revert ZeroAddress();
if (revertOptions.revertMessage.length > MAX_PAYLOAD_SIZE) revert PayloadSizeExceeded();
Expand All @@ -266,7 +258,6 @@ contract GatewayEVM is
)
external
whenNotPaused
nonReentrant
{
if (amount == 0) revert InsufficientERC20Amount();
if (receiver == address(0)) revert ZeroAddress();
Expand All @@ -289,7 +280,6 @@ contract GatewayEVM is
external
payable
whenNotPaused
nonReentrant
{
if (msg.value == 0) revert InsufficientETHAmount();
if (receiver == address(0)) revert ZeroAddress();
Expand Down Expand Up @@ -317,7 +307,6 @@ contract GatewayEVM is
)
external
whenNotPaused
nonReentrant
{
if (amount == 0) revert InsufficientERC20Amount();
if (receiver == address(0)) revert ZeroAddress();
Expand All @@ -339,7 +328,6 @@ contract GatewayEVM is
)
external
whenNotPaused
nonReentrant
{
if (receiver == address(0)) revert ZeroAddress();
if (payload.length + revertOptions.revertMessage.length > MAX_PAYLOAD_SIZE) revert PayloadSizeExceeded();
Expand Down
19 changes: 13 additions & 6 deletions v2/contracts/zevm/GatewayZEVM.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,6 @@ contract GatewayZEVM is
RevertOptions calldata revertOptions
)
external
nonReentrant
whenNotPaused
{
if (receiver.length == 0) revert ZeroAddress();
Expand Down Expand Up @@ -178,7 +177,6 @@ contract GatewayZEVM is
RevertOptions calldata revertOptions
)
external
nonReentrant
whenNotPaused
{
if (receiver.length == 0) revert ZeroAddress();
Expand Down Expand Up @@ -212,7 +210,6 @@ contract GatewayZEVM is
RevertOptions calldata /*revertOptions*/
)
external
nonReentrant
whenNotPaused
{
// TODO: remove error and comment out code once ZETA supported back
Expand Down Expand Up @@ -255,7 +252,6 @@ contract GatewayZEVM is
RevertOptions calldata /*revertOptions*/
)
external
nonReentrant
whenNotPaused
{
// TODO: remove error and comment out code once ZETA supported back
Expand Down Expand Up @@ -288,7 +284,6 @@ contract GatewayZEVM is
RevertOptions calldata revertOptions
)
external
nonReentrant
whenNotPaused
{
if (callOptions.gasLimit == 0) revert InsufficientGasLimit();
Expand Down Expand Up @@ -343,6 +338,7 @@ contract GatewayZEVM is
bytes calldata message
)
external
nonReentrant
onlyProtocol
whenNotPaused
{
Expand All @@ -365,6 +361,7 @@ contract GatewayZEVM is
bytes calldata message
)
external
nonReentrant
onlyProtocol
whenNotPaused
{
Expand All @@ -388,6 +385,7 @@ contract GatewayZEVM is
bytes calldata message
)
external
nonReentrant
onlyProtocol
whenNotPaused
{
Expand All @@ -402,7 +400,15 @@ contract GatewayZEVM is
/// @notice Revert a user-specified contract on ZEVM.
/// @param target The target contract to call.
/// @param revertContext Revert context to pass to onRevert.
function executeRevert(address target, RevertContext calldata revertContext) external onlyProtocol whenNotPaused {
function executeRevert(
address target,
RevertContext calldata revertContext
)
external
nonReentrant
onlyProtocol
whenNotPaused
{
if (target == address(0)) revert ZeroAddress();

Revertable(target).onRevert(revertContext);
Expand All @@ -420,6 +426,7 @@ contract GatewayZEVM is
RevertContext calldata revertContext
)
external
nonReentrant
onlyProtocol
whenNotPaused
{
Expand Down
34 changes: 12 additions & 22 deletions v2/docs/src/contracts/evm/GatewayEVM.sol/contract.GatewayEVM.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,9 +164,9 @@ function executeRevert(
)
public
payable
nonReentrant
onlyRole(TSS_ROLE)
whenNotPaused
nonReentrant;
whenNotPaused;
```
**Parameters**

Expand All @@ -192,9 +192,9 @@ function execute(
)
external
payable
nonReentrant
onlyRole(TSS_ROLE)
whenNotPaused
nonReentrant
returns (bytes memory);
```
**Parameters**
Expand Down Expand Up @@ -229,9 +229,9 @@ function executeWithERC20(
bytes calldata data
)
public
nonReentrant
onlyRole(ASSET_HANDLER_ROLE)
whenNotPaused
nonReentrant;
whenNotPaused;
```
**Parameters**

Expand Down Expand Up @@ -260,9 +260,9 @@ function revertWithERC20(
RevertContext calldata revertContext
)
external
nonReentrant
onlyRole(ASSET_HANDLER_ROLE)
whenNotPaused
nonReentrant;
whenNotPaused;
```
**Parameters**

Expand All @@ -281,7 +281,7 @@ Deposits ETH to the TSS address.


```solidity
function deposit(address receiver, RevertOptions calldata revertOptions) external payable whenNotPaused nonReentrant;
function deposit(address receiver, RevertOptions calldata revertOptions) external payable whenNotPaused;
```
**Parameters**

Expand All @@ -304,8 +304,7 @@ function deposit(
RevertOptions calldata revertOptions
)
external
whenNotPaused
nonReentrant;
whenNotPaused;
```
**Parameters**

Expand All @@ -330,8 +329,7 @@ function depositAndCall(
)
external
payable
whenNotPaused
nonReentrant;
whenNotPaused;
```
**Parameters**

Expand All @@ -356,8 +354,7 @@ function depositAndCall(
RevertOptions calldata revertOptions
)
external
whenNotPaused
nonReentrant;
whenNotPaused;
```
**Parameters**

Expand All @@ -376,14 +373,7 @@ Calls an omnichain smart contract without asset transfer.


```solidity
function call(
address receiver,
bytes calldata payload,
RevertOptions calldata revertOptions
)
external
whenNotPaused
nonReentrant;
function call(address receiver, bytes calldata payload, RevertOptions calldata revertOptions) external whenNotPaused;
```
**Parameters**

Expand Down
19 changes: 13 additions & 6 deletions v2/docs/src/contracts/zevm/GatewayZEVM.sol/contract.GatewayZEVM.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,6 @@ function withdraw(
RevertOptions calldata revertOptions
)
external
nonReentrant
whenNotPaused;
```
**Parameters**
Expand Down Expand Up @@ -218,7 +217,6 @@ function withdrawAndCall(
RevertOptions calldata revertOptions
)
external
nonReentrant
whenNotPaused;
```
**Parameters**
Expand All @@ -239,7 +237,7 @@ Withdraw ZETA tokens to an external chain.


```solidity
function withdraw(bytes memory, uint256, uint256, RevertOptions calldata) external nonReentrant whenNotPaused;
function withdraw(bytes memory, uint256, uint256, RevertOptions calldata) external whenNotPaused;
```

### withdrawAndCall
Expand All @@ -257,7 +255,6 @@ function withdrawAndCall(
RevertOptions calldata
)
external
nonReentrant
whenNotPaused;
```

Expand All @@ -275,7 +272,6 @@ function call(
RevertOptions calldata revertOptions
)
external
nonReentrant
whenNotPaused;
```
**Parameters**
Expand Down Expand Up @@ -334,6 +330,7 @@ function execute(
bytes calldata message
)
external
nonReentrant
onlyProtocol
whenNotPaused;
```
Expand Down Expand Up @@ -362,6 +359,7 @@ function depositAndCall(
bytes calldata message
)
external
nonReentrant
onlyProtocol
whenNotPaused;
```
Expand Down Expand Up @@ -389,6 +387,7 @@ function depositAndCall(
bytes calldata message
)
external
nonReentrant
onlyProtocol
whenNotPaused;
```
Expand All @@ -408,7 +407,14 @@ Revert a user-specified contract on ZEVM.


```solidity
function executeRevert(address target, RevertContext calldata revertContext) external onlyProtocol whenNotPaused;
function executeRevert(
address target,
RevertContext calldata revertContext
)
external
nonReentrant
onlyProtocol
whenNotPaused;
```
**Parameters**

Expand All @@ -431,6 +437,7 @@ function depositAndRevert(
RevertContext calldata revertContext
)
external
nonReentrant
onlyProtocol
whenNotPaused;
```
Expand Down
2 changes: 1 addition & 1 deletion v2/pkg/erc20custody.t.sol/erc20custodytest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayevm.sol/gatewayevm.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayevm.t.sol/gatewayevminboundtest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayevm.t.sol/gatewayevmtest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayevmzevm.t.sol/gatewayevmzevmtest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayzevm.sol/gatewayzevm.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayzevm.t.sol/gatewayzevminboundtest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/gatewayzevm.t.sol/gatewayzevmoutboundtest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/zetaconnectornative.t.sol/zetaconnectornativetest.go
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion v2/pkg/zetaconnectornonnative.t.sol/zetaconnectornonnativetest.go
View file
Open in desktop

Large diffs are not rendered by default.

Loading
Loading