restrict power set calls to not allow zero

futureversecom · Jan 16, 2024 · 94af5c5 · 94af5c5
1 parent 2f87c39
commit 94af5c5
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 1 deletion.
diff --git a/contracts/SeekerPowerOracle.sol b/contracts/SeekerPowerOracle.sol
@@ -35,6 +35,7 @@ contract SeekerPowerOracle is ISeekerPowerOracle, Initializable, Ownable2StepUpg
 
     error UnauthorizedRegisterSeekerPowerCall();
     error NonceCannotBeReused();
+    error PowerCannotBeZero();
 
     function initialize(address _oracle) external initializer {
         Ownable2StepUpgradeable.__Ownable2Step_init();
@@ -61,6 +62,10 @@ contract SeekerPowerOracle is ISeekerPowerOracle, Initializable, Ownable2StepUpg
             revert UnauthorizedRegisterSeekerPowerCall();
         }
 
+        if (power == 0) {
+            revert PowerCannotBeZero();
+        }
+
         seekerPowers[seekerId] = power;
         emit SeekerPowerUpdated(seekerId, power);
     }
@@ -81,6 +86,10 @@ contract SeekerPowerOracle is ISeekerPowerOracle, Initializable, Ownable2StepUpg
             revert NonceCannotBeReused();
         }
 
+        if (power == 0) {
+            revert PowerCannotBeZero();
+        }
+
         bytes memory proofMessage = getProofMessage(seekerId, power, nonce);
         bytes32 ecdsaHash = ECDSA.toEthSignedMessageHash(proofMessage);
 

diff --git a/test/seekerOracle.test.ts b/test/seekerOracle.test.ts
@@ -188,6 +188,39 @@ describe('Seeker Power Oracle', () => {
     );
   });
 
+  it('can not set seeker power to 0', async () => {
+    const seekerId = 111;
+
+    await expect(
+      contracts.seekerPowerOracle.registerSeekerPowerRestricted(seekerId, 0),
+    ).to.be.revertedWithCustomError(
+      contracts.seekerPowerOracle,
+      'PowerCannotBeZero',
+    );
+
+    const seekerPower = 0;
+    const nonce = randomBytes(32);
+
+    const proofMessage = await contracts.seekerPowerOracle.getProofMessage(
+      seekerId,
+      seekerPower,
+      nonce,
+    );
+
+    const proof = await accounts[1].signMessage(
+      Buffer.from(proofMessage.slice(2), 'hex'),
+    );
+
+    await expect(
+      contracts.seekerPowerOracle
+        .connect(accounts[2])
+        .registerSeekerPower(seekerId, seekerPower, nonce, proof),
+    ).to.be.revertedWithCustomError(
+      contracts.seekerPowerOracle,
+      'PowerCannotBeZero',
+    );
+  });
+
   it('can update multiple seeker powers', async () => {
     for (let i = 1; i < 11; i++) {
       const seekerId = i;
@@ -216,7 +249,7 @@ describe('Seeker Power Oracle', () => {
   });
 
   it('can update the same seeker power multiple times', async () => {
-    for (let i = 0; i < 5; i++) {
+    for (let i = 1; i < 6; i++) {
       const seekerId = 1;
       const seekerPower = i * 1111;
       const nonce = randomBytes(32);