Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

V3.1 audit fixes #255

Merged
merged 52 commits into from
Dec 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
21d74ab
storage naming snake case -> camel case
CostinCarabas Nov 13, 2024
de92e66
multisig: add executed_actions storage
CostinCarabas Nov 13, 2024
81cdbfb
multisig: change_quorum improvement
CostinCarabas Nov 13, 2024
d9d15f1
wrapper: remove dfp_biguint tests
CostinCarabas Nov 14, 2024
bd18c31
wrapper: more audit fixes
CostinCarabas Nov 14, 2024
70a9a35
esdt-safe fix: distribute_fees
CostinCarabas Nov 19, 2024
50657a4
esdt-safe: Add failedRefund storage mapper
CostinCarabas Nov 19, 2024
939ad9d
code refactor, compilation, wasm files, Cargo.locks
CostinCarabas Nov 19, 2024
f25b8ef
esdt-safe: more audit fixes
CostinCarabas Nov 19, 2024
fe6ea58
bridge-proxy: audit fixes
CostinCarabas Nov 19, 2024
e8ad785
esdt-safe: fix unit tests
CostinCarabas Nov 19, 2024
46c4ab2
multi-transfer: unit tests fixes
CostinCarabas Nov 20, 2024
2a63507
multisig: code fixes + unit test fixes
CostinCarabas Nov 21, 2024
82684b2
bridge-proxy: allow empty endpoint only if empty args
CostinCarabas Nov 21, 2024
c7f9490
clippy, compilation, proxy fixes
CostinCarabas Nov 25, 2024
74b68f2
bridge-proxy: sc,test fixes
CostinCarabas Nov 25, 2024
0da9aa3
clean commented code
CostinCarabas Nov 25, 2024
a4f51fa
multi-transfer: batchTransferEsdtToken: refund if TransferRole
CostinCarabas Nov 27, 2024
dab4a14
multi-transfer: move_refund_batch_to_safe fix
CostinCarabas Nov 27, 2024
6c13007
multisig: clearActionsForBatchId
CostinCarabas Dec 2, 2024
2f1b424
esdt-safe: create_transaction add min_bridge_amount
CostinCarabas Dec 2, 2024
87441db
Merge pull request #256 from multiversx/bridge-proxy-refund-refactor
CostinCarabas Dec 2, 2024
0c4a1b2
Merge branch 'feat/v3.1' into v3.5-audit-fixes
CostinCarabas Dec 3, 2024
b620abe
Merge remote-tracking branch 'origin/feat/v3.1' into v3.5-audit-fixes
CostinCarabas Dec 3, 2024
bba190b
Merge remote-tracking branch 'origin/v3.5-audit-fixes' into v3.5-audi…
CostinCarabas Dec 3, 2024
05616f4
multisig: add bridgedTokensWrapperDepositLiquidity
CostinCarabas Dec 4, 2024
b560b2e
fixes after review
CostinCarabas Dec 5, 2024
52f720a
Fix tests
CostinCarabas Dec 6, 2024
bfc081c
test fixes
CostinCarabas Dec 6, 2024
d8637b2
bridge-proxy: Refactor refund storage and endpoint
CostinCarabas Dec 6, 2024
2924e4f
bridge-proxy: tests fixes
CostinCarabas Dec 6, 2024
7499d01
multi-transfer: test fixes
CostinCarabas Dec 6, 2024
65aba3d
multi-transfer: remove commented code
CostinCarabas Dec 6, 2024
566a2a0
bridge-proxy: refund unit test
CostinCarabas Dec 6, 2024
7cc699c
clippy fixes
CostinCarabas Dec 9, 2024
f18a048
multi-transfer: add unit test
CostinCarabas Dec 9, 2024
13d34c7
bridge-proxy: Clear storages after refund
CostinCarabas Dec 9, 2024
5f05e2e
bridge-proxy: Remove cooldown from refund
CostinCarabas Dec 9, 2024
13f8018
Merge pull request #263 from multiversx/bridge-proxy-clear-storages-a…
CostinCarabas Dec 10, 2024
8f1211f
multisig: clear_action fix
CostinCarabas Dec 10, 2024
3e1d993
Merge branch 'feat/v3.1' into v3.5-audit-fixes
CostinCarabas Dec 10, 2024
e6d3095
multisig: test fixes
CostinCarabas Dec 10, 2024
87f80bd
bridge-proxy: fix tests & lower gas limit for callback
CostinCarabas Dec 10, 2024
ad82d8f
Fixes after review
CostinCarabas Dec 12, 2024
227e6da
bridged-tokens-wrapper: fix unit test
CostinCarabas Dec 12, 2024
4f6a6eb
bridge-proxy: add unit test for empty endpoint and non-empty gas limit
CostinCarabas Dec 12, 2024
05515ec
Add events for finish execute
CostinCarabas Dec 12, 2024
7db4577
unit tests fixes after reviews applied
CostinCarabas Dec 12, 2024
247fb5b
multi-transfer: refactor batch_transfer
CostinCarabas Dec 12, 2024
38538b9
multisig: Fix unit tests
CostinCarabas Dec 12, 2024
ddb2146
Merge branch 'feat/v3.1' into v3.5-audit-fixes
CostinCarabas Dec 19, 2024
fdcecd4
Fixes after review
CostinCarabas Dec 19, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 44 additions & 27 deletions bridge-proxy/src/bridge-proxy.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,19 @@
use multiversx_sc::imports::*;

pub mod config;
mod events;

use sc_proxies::bridged_tokens_wrapper_proxy;
use sc_proxies::esdt_safe_proxy;
use transaction::{CallData, EthTransaction};
const MIN_GAS_LIMIT_FOR_SC_CALL: u64 = 10_000_000;
const MAX_GAS_LIMIT_FOR_SC_CALL: u64 = 249999999;
const DEFAULT_GAS_LIMIT_FOR_REFUND_CALLBACK: u64 = 20_000_000; // 20 million
const DELAY_BEFORE_OWNER_CAN_CANCEL_TRANSACTION: u64 = 300;
const DEFAULT_GAS_LIMIT_FOR_REFUND_CALLBACK: u64 = 1_000_000; // 1 million

#[multiversx_sc::contract]
pub trait BridgeProxyContract:
config::ConfigModule
+ events::EventsModule
+ multiversx_sc_modules::pause::PauseModule
+ storage_module::CommonStorageModule
{
Expand Down Expand Up @@ -103,39 +104,28 @@ pub trait BridgeProxyContract:
tx_call.register_promise();
}

// TODO: will activate endpoint in a future release
// #[endpoint(cancel)]
fn cancel(&self, tx_id: usize) {
let tx_start_round = self.ongoing_execution(tx_id).get();
let current_block_round = self.blockchain().get_block_round();
require!(
current_block_round - tx_start_round > DELAY_BEFORE_OWNER_CAN_CANCEL_TRANSACTION,
"Transaction can't be cancelled yet"
);

let tx = self.get_pending_transaction_by_id(tx_id);
let payment = self.payments(tx_id).get();
self.tx().to(tx.to).payment(payment).transfer();
self.cleanup_transaction(tx_id);
}
#[promises_callback]
fn execution_callback(&self, #[call_result] result: ManagedAsyncCallResult<()>, tx_id: usize) {
if result.is_err() {
self.refund_transaction(tx_id);
self.add_pending_tx_to_refund(tx_id);
self.execute_generated_refund(tx_id);
} else {
self.execute_succesfully_finished(tx_id);
}
self.cleanup_transaction(tx_id);
self.pending_transactions().remove(&tx_id);
}

fn refund_transaction(&self, tx_id: usize) {
let tx = self.get_pending_transaction_by_id(tx_id);
#[endpoint(executeRefundTransaction)]
fn execute_refund_transaction(&self, tx_id: usize) {
let tx = self.get_refund_transaction_by_id(tx_id);
let esdt_safe_contract_address = self.get_esdt_safe_address();

let unwrapped_token = self.unwrap_token(&tx.token_id, tx_id);
let batch_id = self.batch_id(tx_id).get();

self.tx()
.to(esdt_safe_contract_address)
.typed(esdt_safe_proxy::EsdtSafeProxy)
.create_transaction(
.create_refund_transaction(
tx.from,
OptionalValue::Some(esdt_safe_proxy::RefundInfo {
address: tx.to,
Expand All @@ -149,6 +139,8 @@ pub trait BridgeProxyContract:
&unwrapped_token.amount,
)
.sync_call();

self.finish_refund(tx_id);
}

fn unwrap_token(&self, requested_token: &TokenIdentifier, tx_id: usize) -> EsdtTokenPayment {
Expand Down Expand Up @@ -184,13 +176,20 @@ pub trait BridgeProxyContract:
}

fn finish_execute_gracefully(&self, tx_id: usize) {
self.refund_transaction(tx_id);
self.cleanup_transaction(tx_id);
self.add_pending_tx_to_refund(tx_id);
self.pending_transactions().remove(&tx_id);
}

fn cleanup_transaction(&self, tx_id: usize) {
self.pending_transactions().remove(&tx_id);
fn finish_refund(&self, tx_id: usize) {
self.ongoing_execution(tx_id).clear();
self.payments(tx_id).clear();
self.batch_id(tx_id).clear();
self.refund_transactions().remove(&tx_id);
}

fn add_pending_tx_to_refund(&self, tx_id: usize) {
let tx = self.get_pending_transaction_by_id(tx_id);
self.refund_transactions().insert(tx_id, tx);
}

fn get_next_tx_id(&self) -> usize {
Expand All @@ -217,4 +216,22 @@ pub trait BridgeProxyContract:
}
transactions
}

#[view(getRefundTransactionById)]
fn get_refund_transaction_by_id(&self, tx_id: usize) -> EthTransaction<Self::Api> {
let tx = self.refund_transactions().get(&tx_id);
require!(tx.is_some(), "Invalid tx id");
tx.unwrap()
}

#[view(getRefundTransactions)]
fn get_refund_transactions(
&self,
) -> MultiValueEncoded<MultiValue2<usize, EthTransaction<Self::Api>>> {
let mut transactions = MultiValueEncoded::new();
for (tx_id, tx) in self.refund_transactions().iter() {
transactions.push(MultiValue2((tx_id, tx)));
}
transactions
}
}
10 changes: 7 additions & 3 deletions bridge-proxy/src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,21 @@ use transaction::EthTransaction;

#[multiversx_sc::module]
pub trait ConfigModule {
#[storage_mapper("pending_transactions")]
#[storage_mapper("pendingTransactions")]
fn pending_transactions(&self) -> MapMapper<usize, EthTransaction<Self::Api>>;

#[view(refundTransactions)]
#[storage_mapper("refundTransactions")]
fn refund_transactions(&self) -> MapMapper<usize, EthTransaction<Self::Api>>;

#[storage_mapper("payments")]
fn payments(&self, tx_id: usize) -> SingleValueMapper<EsdtTokenPayment<Self::Api>>;

#[storage_mapper("batch_id")]
#[storage_mapper("batchId")]
fn batch_id(&self, tx_id: usize) -> SingleValueMapper<u64>;

#[view(highestTxId)]
#[storage_mapper("highest_tx_id")]
#[storage_mapper("highestTxId")]
fn highest_tx_id(&self) -> SingleValueMapper<usize>;

#[storage_mapper("ongoingExecution")]
Expand Down
8 changes: 8 additions & 0 deletions bridge-proxy/src/events.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#[multiversx_sc::module]
pub trait EventsModule {
#[event("executeSuccesfullyFinished")]
fn execute_succesfully_finished(&self, #[indexed] tx_id: usize);

#[event("executeGeneratedRefund")]
fn execute_generated_refund(&self, #[indexed] tx_id: usize);
}
Loading
Loading