Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Explicit bounds for premium config params in VRFCoordinatorV2_5 #12314

Merged
merged 6 commits into from
Mar 12, 2024

Conversation

ibrajer
Copy link
Contributor

@ibrajer ibrajer commented Mar 6, 2024

  • setConfig method will revert if premium percentages are above 155
  • added unit tests for coverage

@ibrajer ibrajer self-assigned this Mar 6, 2024
Copy link
Contributor

github-actions bot commented Mar 6, 2024

I see that you haven't updated any CHANGELOG files. Would it make sense to do so?

Copy link
Contributor

github-actions bot commented Mar 6, 2024

Go solidity wrappers are out-of-date, regenerate them via the make wrappers-all command

@ibrajer ibrajer marked this pull request as ready for review March 6, 2024 17:05
@ibrajer ibrajer requested review from a team as code owners March 6, 2024 17:05
@@ -179,6 +180,9 @@ contract VRFCoordinatorV2_5 is VRF, SubscriptionAPI, IVRFCoordinatorV2Plus {
if (fulfillmentFlatFeeNativePPM > 0 && fulfillmentFlatFeeLinkDiscountPPM >= fulfillmentFlatFeeNativePPM) {
revert LinkDiscountTooHigh(fulfillmentFlatFeeLinkDiscountPPM, fulfillmentFlatFeeNativePPM);
}
if (nativePremiumPercentage > 100 || linkPremiumPercentage > 100) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could define a MAX_PREMIUM_PERCENTAGE constant similar to the MAX_REQUEST_CONFIRMATIONS above. Don't worry about gas cost as constants are replaced during compile time. Defining such a constant will make the boundaries for the config clearer as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense!

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a situation where we would like to charge nativePremiumPercentage or linkPremiumPercentage as 150%. For example, when the value of LINK is very low against native.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to this piece of code I figured that 100 should be the upper bound limit. As for your question about the described situation and what should we do in this case, probably @jinhoonbang is a better person to answer that.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Setting the premium percentage as 150% means we are charging 250% of the gas cost. I don't think the LINK / Native price matters here as we're still getting the same value just denominated in different tokens. I would think the ability to set the premium percentages differently for native or link acts another mechanism to incentive people to pay in one of them.

If we want to be very safe, we can set the limit to the max of 155

@@ -179,6 +180,9 @@ contract VRFCoordinatorV2_5 is VRF, SubscriptionAPI, IVRFCoordinatorV2Plus {
if (fulfillmentFlatFeeNativePPM > 0 && fulfillmentFlatFeeLinkDiscountPPM >= fulfillmentFlatFeeNativePPM) {
revert LinkDiscountTooHigh(fulfillmentFlatFeeLinkDiscountPPM, fulfillmentFlatFeeNativePPM);
}
if (nativePremiumPercentage > 100 || linkPremiumPercentage > 100) {
revert InvalidPremiumPercentage(nativePremiumPercentage, linkPremiumPercentage);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not too sure if we need to follow the pattern of emitting the max value in the event.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where did you see this pattern so I can take a look?

Copy link
Contributor

@leeyikjiun leeyikjiun Mar 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see - would that mean I have to create two categories of errors, one for native and another one for LINK? Or would just one be enough and you should be able to figure it out based on the have and want values returned? Consider I don't want to blow up the contract size just because I want to keep things clear.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would say just the max value is enough? And since each premium percentage has the same max value, we could just keep it to a single error.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we send a string "native" or "link" in the event to identify which premium is over the bounds?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can but I don't think it's needed? Like just stare at the two numbers and see which is over the limit. lol

Copy link
Contributor Author

@ibrajer ibrajer Mar 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought about it at the beginning, but I agree with @leeyikjiun here. Just by looking at the numbers, it should be clear which one is it. No need to increase the contract size with additional data.

jinhoonbang
jinhoonbang previously approved these changes Mar 7, 2024
@kidambisrinivas
Copy link
Collaborator

@ibrajer Please address the merge conflicts

@ibrajer ibrajer force-pushed the chore/VRF-912-invalid-premium-values branch from 21e4dcf to 6548ae0 Compare March 12, 2024 10:15
@ibrajer ibrajer force-pushed the chore/VRF-912-invalid-premium-values branch from 6548ae0 to 9315d5d Compare March 12, 2024 12:55
@cl-sonarqube-production
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@kidambisrinivas kidambisrinivas added this pull request to the merge queue Mar 12, 2024
Merged via the queue into develop with commit 15103b8 Mar 12, 2024
109 checks passed
@kidambisrinivas kidambisrinivas deleted the chore/VRF-912-invalid-premium-values branch March 12, 2024 15:25
ogtownsend pushed a commit that referenced this pull request Mar 14, 2024
* Explicit bounds for premium config params in VRFCoordinatorV2_5

* setConfig method will revert if premium percentages are above 100
* added unit tests for coverage

* Generated Go wrappers and executed prettier tool

* Added constants for percentage bounds and changed revert error

* Removed min boundary

* Added changeset

* Changed upper premium percentage boundary to 155
kidambisrinivas pushed a commit that referenced this pull request Mar 18, 2024
* Explicit bounds for premium config params in VRFCoordinatorV2_5

* setConfig method will revert if premium percentages are above 100
* added unit tests for coverage

* Generated Go wrappers and executed prettier tool

* Added constants for percentage bounds and changed revert error

* Removed min boundary

* Added changeset

* Changed upper premium percentage boundary to 155
kidambisrinivas pushed a commit that referenced this pull request Mar 18, 2024
* Explicit bounds for premium config params in VRFCoordinatorV2_5

* setConfig method will revert if premium percentages are above 100
* added unit tests for coverage

* Generated Go wrappers and executed prettier tool

* Added constants for percentage bounds and changed revert error

* Removed min boundary

* Added changeset

* Changed upper premium percentage boundary to 155
kidambisrinivas pushed a commit that referenced this pull request Mar 18, 2024
* Explicit bounds for premium config params in VRFCoordinatorV2_5

* setConfig method will revert if premium percentages are above 100
* added unit tests for coverage

* Generated Go wrappers and executed prettier tool

* Added constants for percentage bounds and changed revert error

* Removed min boundary

* Added changeset

* Changed upper premium percentage boundary to 155
kidambisrinivas pushed a commit that referenced this pull request Mar 18, 2024
* Explicit bounds for premium config params in VRFCoordinatorV2_5

* setConfig method will revert if premium percentages are above 100
* added unit tests for coverage

* Generated Go wrappers and executed prettier tool

* Added constants for percentage bounds and changed revert error

* Removed min boundary

* Added changeset

* Changed upper premium percentage boundary to 155
kidambisrinivas pushed a commit that referenced this pull request Mar 27, 2024
* Explicit bounds for premium config params in VRFCoordinatorV2_5

* setConfig method will revert if premium percentages are above 100
* added unit tests for coverage

* Generated Go wrappers and executed prettier tool

* Added constants for percentage bounds and changed revert error

* Removed min boundary

* Added changeset

* Changed upper premium percentage boundary to 155
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants