Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(rfq-api): check both relayer role and quoter role #3399

Merged
merged 7 commits into from
Nov 22, 2024
Merged

feat(rfq-api): check both relayer role and quoter role #3399

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
557d5c3
Fix: regen
dwasse Nov 18, 2024
f1ac158
Fix: build
dwasse Nov 18, 2024
13d978c
Feat: check both quoter role and relayer role
dwasse Nov 18, 2024
acb1919
logging nit
parodime Nov 18, 2024
ef1b603
Merge branch 'feat/relayer-arb-call' into feat/quoter-role-no-relayer
dwasse Nov 20, 2024
67e96e0
Feat: parallelize role checking
dwasse Nov 20, 2024
d5b702e
Merge branch 'feat/relayer-arb-call' into feat/quoter-role-no-relayer
dwasse Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions services/rfq/api/rest/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -358,17 +358,18 @@ type roleContract interface {
func (r *QuoterAPIServer) checkRoleParallel(c *gin.Context, destChainID uint32) (addressRecovered common.Address, err error) {
g := new(errgroup.Group)
var v1Addr, v2Addr common.Address
var v1Ok, v2Ok bool
var v1Err, v2Err error

var v1Ok, v2Ok bool
quoterRole := crypto.Keccak256Hash([]byte("QUOTER_ROLE"))
relayerRole := crypto.Keccak256Hash([]byte("RELAYER_ROLE"))
g.Go(func() error {
v1Addr, v1Err = r.checkRole(c, destChainID, true)
v1Addr, v1Err = r.checkRole(c, destChainID, true, relayerRole)
v1Ok = v1Err == nil
return v1Err
})

g.Go(func() error {
v2Addr, v2Err = r.checkRole(c, destChainID, false)
v2Addr, v2Err = r.checkRole(c, destChainID, false, quoterRole)
v2Ok = v2Err == nil
return v2Err
})
Expand All @@ -387,7 +388,7 @@ func (r *QuoterAPIServer) checkRoleParallel(c *gin.Context, destChainID uint32)
return common.Address{}, fmt.Errorf("role check failed for both v1 and v2")
}

func (r *QuoterAPIServer) checkRole(c *gin.Context, destChainID uint32, useV1 bool) (addressRecovered common.Address, err error) {
func (r *QuoterAPIServer) checkRole(c *gin.Context, destChainID uint32, useV1 bool, role [32]byte) (addressRecovered common.Address, err error) {
var bridge roleContract
var roleCache *ttlcache.Cache[string, bool]
var ok bool
Expand All @@ -408,7 +409,6 @@ func (r *QuoterAPIServer) checkRole(c *gin.Context, destChainID uint32, useV1 bo
}

ops := &bind.CallOpts{Context: c}
relayerRole := crypto.Keccak256Hash([]byte("RELAYER_ROLE"))

// authenticate relayer signature with EIP191
deadline := time.Now().Unix() - 1000 // TODO: Replace with some type of r.cfg.AuthExpiryDelta
Expand All @@ -424,9 +424,9 @@ func (r *QuoterAPIServer) checkRole(c *gin.Context, destChainID uint32, useV1 bo

if cachedRoleItem == nil || cachedRoleItem.IsExpired() {
// Cache miss or expired, check on-chain
hasRole, err = bridge.HasRole(ops, relayerRole, addressRecovered)
hasRole, err = bridge.HasRole(ops, role, addressRecovered)
if err != nil {
return addressRecovered, fmt.Errorf("unable to check relayer role on-chain: %w", err)
return addressRecovered, fmt.Errorf("unable to check role on-chain: %w", err)
}
// Update cache
roleCache.Set(addressRecovered.Hex(), hasRole, cacheInterval)
Expand Down
Loading
Loading