-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #205 from etherfi-protocol/syko/audits/oft-upgrade
weETH OFT adapter contract upgrade
- Loading branch information
Showing
3 changed files
with
58 additions
and
0 deletions.
There are no files selected for viewing
13 changes: 13 additions & 0 deletions
13
operations/20241203_oft_adapter_upgrade_add_rate_limits/execute-oft-adapter-upgrade.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| { | ||
| "chainId": "1", | ||
| "meta": { | ||
| "txBuilderVersion": "1.16.5" | ||
| }, | ||
| "transactions": [ | ||
| { | ||
| "to": "0x9f26d4c958fd811a1f59b01b86be7dffc9d20761", | ||
| "value": "0", | ||
| "data": "0x134008d3000000000000000000000000a9e9bbf04f95688d7fd82036f83544630e463cac000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e49623609d000000000000000000000000cd2eb13d6831d4602d80e5db9230a57596cdca63000000000000000000000000a82cc578927058af14fd84d96a817dc85ac4f94600000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000044485cc9550000000000000000000000002aca71020de61bb532008049e1bd41e451ae8adc0000000000000000000000002aca71020de61bb532008049e1bd41e451ae8adc0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" | ||
| } | ||
| ] | ||
| } |
13 changes: 13 additions & 0 deletions
13
operations/20241203_oft_adapter_upgrade_add_rate_limits/schedule-oft-adapter-upgrade.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| { | ||
| "chainId": "1", | ||
| "meta": { | ||
| "txBuilderVersion": "1.16.5" | ||
| }, | ||
| "transactions": [ | ||
| { | ||
| "to": "0x9f26d4c958fd811a1f59b01b86be7dffc9d20761", | ||
| "value": "0", | ||
| "data": "0x01d5062a000000000000000000000000a9e9bbf04f95688d7fd82036f83544630e463cac000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f48000000000000000000000000000000000000000000000000000000000000000e49623609d000000000000000000000000cd2eb13d6831d4602d80e5db9230a57596cdca63000000000000000000000000a82cc578927058af14fd84d96a817dc85ac4f94600000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000044485cc9550000000000000000000000002aca71020de61bb532008049e1bd41e451ae8adc0000000000000000000000002aca71020de61bb532008049e1bd41e451ae8adc0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| # [NM-0217] OFT Security Upgrades | ||
|
|
||
| **File(s)**: [EtherfiOFTUpgradable.sol](https://github.com/etherfi-protocol/weETH-cross-chain/blob/3c8b05409395f4da4f58550afcf63987d633de03/contracts/EtherfiOFTUpgradeable.sol#L1), [PairwiseRateLimiter.sol](https://github.com/etherfi-protocol/weETH-cross-chain/blob/3c8b05409395f4da4f58550afcf63987d633de03/contracts/PairwiseRatelimiter.sol#L1), | ||
| [EtherFiOFTAdapterUpgradeable.sol](https://github.com/etherfi-protocol/weETH-cross-chain/blob/3c8b05409395f4da4f58550afcf63987d633de03/contracts/EtherFiOFTAdapterUpgradeable.sol#L9) | ||
|
|
||
| ### Summary | ||
|
|
||
| The reviewed PR is meant to introduce security improvements to the cross chain contracts considering that OFT Adapter migration was completed. This PR adds: | ||
|
|
||
| - OFT bridge pausing functionality. It introduces the `PAUSER_ROLE` that can be shared with hypernative to pause bridging to and from the native chain. It uses OpenZeppelin's `AccessControlUpgradeable` contract to achieve this. | ||
|
|
||
| - Pairwise rate limiting. The current iteration of the OFT contracts only rate limits outbound transfers on the token contract. This PR extends the LayerZero `RateLimter` contract to allow for the rate limiting of inbound transfers as well. It also integrates rate limiting into the `UpgradeableOFTAdapter` contract. | ||
|
|
||
| - Deprecate default admin. Before the update, there were 2 roles that could set critical parameters, `Owner` and `Default_Admin`. They were merged into one, `Owner`. | ||
|
|
||
| --- | ||
|
|
||
| ### Findings | ||
|
|
||
| ### [Info] Wrong import won't allow the contract to compile | ||
|
|
||
| **File(s)**: [EtherfiOFTUpgradeable.sol](https://github.com/etherfi-protocol/weETH-cross-chain/blob/3c8b05409395f4da4f58550afcf63987d633de03/contracts/EtherfiOFTUpgradeable.sol#L10) | ||
|
|
||
| **Description**: The `EtherfiOFTUpgradeable` file imports `import {PairwiseRateLimiter} from "./PairwiseRateLimiter.sol";`, the problem is that the actual file's name is `PairwiseRatelimiter` with lowercase `l` instead of `L`. Because of this we get the error `Source "contracts/PairwiseRateLimiter.sol" not found: File not found.` | ||
|
|
||
| **Recommendation(s)**: Rename the `PairwiseRatelimiter.sol` file accordingly. | ||
|
|
||
| **Update from client**: | ||
| Updated to ensure consistency across different operating systems: | ||
| https://github.com/etherfi-protocol/weETH-cross-chain/pull/14/commits/6a0834b208a33a59036fbbc9cd90afafe0f48f5f | ||
|
|
||
| --- |