You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
542 lines
22 KiB
542 lines
22 KiB
const ethSigUtil = require('eth-sig-util');
|
|
const Wallet = require('ethereumjs-wallet').default;
|
|
const { getDomain, domainType } = require('../helpers/eip712');
|
|
const { expectRevertCustomError } = require('../helpers/customError');
|
|
|
|
const { constants, expectRevert, expectEvent, time } = require('@openzeppelin/test-helpers');
|
|
const { expect } = require('chai');
|
|
|
|
const ERC2771Forwarder = artifacts.require('ERC2771Forwarder');
|
|
const CallReceiverMockTrustingForwarder = artifacts.require('CallReceiverMockTrustingForwarder');
|
|
|
|
contract('ERC2771Forwarder', function (accounts) {
|
|
const [, refundReceiver, another] = accounts;
|
|
|
|
const tamperedValues = {
|
|
from: another,
|
|
value: web3.utils.toWei('0.5'),
|
|
data: '0x1742',
|
|
deadline: 0xdeadbeef,
|
|
};
|
|
|
|
beforeEach(async function () {
|
|
this.forwarder = await ERC2771Forwarder.new('ERC2771Forwarder');
|
|
|
|
this.domain = await getDomain(this.forwarder);
|
|
this.types = {
|
|
EIP712Domain: domainType(this.domain),
|
|
ForwardRequest: [
|
|
{ name: 'from', type: 'address' },
|
|
{ name: 'to', type: 'address' },
|
|
{ name: 'value', type: 'uint256' },
|
|
{ name: 'gas', type: 'uint256' },
|
|
{ name: 'nonce', type: 'uint256' },
|
|
{ name: 'deadline', type: 'uint48' },
|
|
{ name: 'data', type: 'bytes' },
|
|
],
|
|
};
|
|
|
|
this.alice = Wallet.generate();
|
|
this.alice.address = web3.utils.toChecksumAddress(this.alice.getAddressString());
|
|
|
|
this.timestamp = await time.latest();
|
|
this.receiver = await CallReceiverMockTrustingForwarder.new(this.forwarder.address);
|
|
this.request = {
|
|
from: this.alice.address,
|
|
to: this.receiver.address,
|
|
value: '0',
|
|
gas: '100000',
|
|
data: this.receiver.contract.methods.mockFunction().encodeABI(),
|
|
deadline: this.timestamp.toNumber() + 60, // 1 minute
|
|
};
|
|
this.requestData = {
|
|
...this.request,
|
|
nonce: (await this.forwarder.nonces(this.alice.address)).toString(),
|
|
};
|
|
|
|
this.forgeData = request => ({
|
|
types: this.types,
|
|
domain: this.domain,
|
|
primaryType: 'ForwardRequest',
|
|
message: { ...this.requestData, ...request },
|
|
});
|
|
this.sign = (privateKey, request) =>
|
|
ethSigUtil.signTypedMessage(privateKey, {
|
|
data: this.forgeData(request),
|
|
});
|
|
this.estimateRequest = request =>
|
|
web3.eth.estimateGas({
|
|
from: this.forwarder.address,
|
|
to: request.to,
|
|
data: web3.utils.encodePacked({ value: request.data, type: 'bytes' }, { value: request.from, type: 'address' }),
|
|
value: request.value,
|
|
gas: request.gas,
|
|
});
|
|
|
|
this.requestData.signature = this.sign(this.alice.getPrivateKey());
|
|
});
|
|
|
|
context('verify', function () {
|
|
context('with valid signature', function () {
|
|
it('returns true without altering the nonce', async function () {
|
|
expect(await this.forwarder.nonces(this.requestData.from)).to.be.bignumber.equal(
|
|
web3.utils.toBN(this.requestData.nonce),
|
|
);
|
|
expect(await this.forwarder.verify(this.requestData)).to.be.equal(true);
|
|
expect(await this.forwarder.nonces(this.requestData.from)).to.be.bignumber.equal(
|
|
web3.utils.toBN(this.requestData.nonce),
|
|
);
|
|
});
|
|
});
|
|
|
|
context('with tampered values', function () {
|
|
for (const [key, value] of Object.entries(tamperedValues)) {
|
|
it(`returns false with tampered ${key}`, async function () {
|
|
expect(await this.forwarder.verify(this.forgeData({ [key]: value }).message)).to.be.equal(false);
|
|
});
|
|
}
|
|
|
|
it('returns false with an untrustful to', async function () {
|
|
expect(await this.forwarder.verify(this.forgeData({ to: another }).message)).to.be.equal(false);
|
|
});
|
|
|
|
it('returns false with tampered signature', async function () {
|
|
const tamperedsign = web3.utils.hexToBytes(this.requestData.signature);
|
|
tamperedsign[42] ^= 0xff;
|
|
this.requestData.signature = web3.utils.bytesToHex(tamperedsign);
|
|
expect(await this.forwarder.verify(this.requestData)).to.be.equal(false);
|
|
});
|
|
|
|
it('returns false with valid signature for non-current nonce', async function () {
|
|
const req = {
|
|
...this.requestData,
|
|
nonce: this.requestData.nonce + 1,
|
|
};
|
|
req.signature = this.sign(this.alice.getPrivateKey(), req);
|
|
expect(await this.forwarder.verify(req)).to.be.equal(false);
|
|
});
|
|
|
|
it('returns false with valid signature for expired deadline', async function () {
|
|
const req = {
|
|
...this.requestData,
|
|
deadline: this.timestamp - 1,
|
|
};
|
|
req.signature = this.sign(this.alice.getPrivateKey(), req);
|
|
expect(await this.forwarder.verify(req)).to.be.equal(false);
|
|
});
|
|
});
|
|
});
|
|
|
|
context('execute', function () {
|
|
context('with valid requests', function () {
|
|
beforeEach(async function () {
|
|
expect(await this.forwarder.nonces(this.requestData.from)).to.be.bignumber.equal(
|
|
web3.utils.toBN(this.requestData.nonce),
|
|
);
|
|
});
|
|
|
|
it('emits an event and consumes nonce for a successful request', async function () {
|
|
const receipt = await this.forwarder.execute(this.requestData);
|
|
await expectEvent.inTransaction(receipt.tx, this.receiver, 'MockFunctionCalled');
|
|
await expectEvent.inTransaction(receipt.tx, this.forwarder, 'ExecutedForwardRequest', {
|
|
signer: this.requestData.from,
|
|
nonce: web3.utils.toBN(this.requestData.nonce),
|
|
success: true,
|
|
});
|
|
expect(await this.forwarder.nonces(this.requestData.from)).to.be.bignumber.equal(
|
|
web3.utils.toBN(this.requestData.nonce + 1),
|
|
);
|
|
});
|
|
|
|
it('reverts with an unsuccessful request', async function () {
|
|
const req = {
|
|
...this.requestData,
|
|
data: this.receiver.contract.methods.mockFunctionRevertsNoReason().encodeABI(),
|
|
};
|
|
req.signature = this.sign(this.alice.getPrivateKey(), req);
|
|
await expectRevertCustomError(this.forwarder.execute(req), 'FailedInnerCall', []);
|
|
});
|
|
});
|
|
|
|
context('with tampered request', function () {
|
|
for (const [key, value] of Object.entries(tamperedValues)) {
|
|
it(`reverts with tampered ${key}`, async function () {
|
|
const data = this.forgeData({ [key]: value });
|
|
await expectRevertCustomError(
|
|
this.forwarder.execute(data.message, {
|
|
value: key == 'value' ? value : 0, // To avoid MismatchedValue error
|
|
}),
|
|
'ERC2771ForwarderInvalidSigner',
|
|
[ethSigUtil.recoverTypedSignature({ data, sig: this.requestData.signature }), data.message.from],
|
|
);
|
|
});
|
|
}
|
|
|
|
it('reverts with an untrustful to', async function () {
|
|
const data = this.forgeData({ to: another });
|
|
await expectRevertCustomError(this.forwarder.execute(data.message), 'ERC2771UntrustfulTarget', [
|
|
data.message.to,
|
|
this.forwarder.address,
|
|
]);
|
|
});
|
|
|
|
it('reverts with tampered signature', async function () {
|
|
const tamperedSig = web3.utils.hexToBytes(this.requestData.signature);
|
|
tamperedSig[42] ^= 0xff;
|
|
this.requestData.signature = web3.utils.bytesToHex(tamperedSig);
|
|
await expectRevertCustomError(this.forwarder.execute(this.requestData), 'ERC2771ForwarderInvalidSigner', [
|
|
ethSigUtil.recoverTypedSignature({ data: this.forgeData(), sig: tamperedSig }),
|
|
this.requestData.from,
|
|
]);
|
|
});
|
|
|
|
it('reverts with valid signature for non-current nonce', async function () {
|
|
// Execute first a request
|
|
await this.forwarder.execute(this.requestData);
|
|
|
|
// And then fail due to an already used nonce
|
|
await expectRevertCustomError(this.forwarder.execute(this.requestData), 'ERC2771ForwarderInvalidSigner', [
|
|
ethSigUtil.recoverTypedSignature({
|
|
data: this.forgeData({ ...this.requestData, nonce: this.requestData.nonce + 1 }),
|
|
sig: this.requestData.signature,
|
|
}),
|
|
this.requestData.from,
|
|
]);
|
|
});
|
|
|
|
it('reverts with valid signature for expired deadline', async function () {
|
|
const req = {
|
|
...this.requestData,
|
|
deadline: this.timestamp - 1,
|
|
};
|
|
req.signature = this.sign(this.alice.getPrivateKey(), req);
|
|
await expectRevertCustomError(this.forwarder.execute(req), 'ERC2771ForwarderExpiredRequest', [
|
|
this.timestamp - 1,
|
|
]);
|
|
});
|
|
|
|
it('reverts with valid signature but mismatched value', async function () {
|
|
const value = 100;
|
|
const req = {
|
|
...this.requestData,
|
|
value,
|
|
};
|
|
req.signature = this.sign(this.alice.getPrivateKey(), req);
|
|
await expectRevertCustomError(this.forwarder.execute(req), 'ERC2771ForwarderMismatchedValue', [0, value]);
|
|
});
|
|
});
|
|
|
|
it('bubbles out of gas', async function () {
|
|
this.requestData.data = this.receiver.contract.methods.mockFunctionOutOfGas().encodeABI();
|
|
this.requestData.gas = 1_000_000;
|
|
this.requestData.signature = this.sign(this.alice.getPrivateKey());
|
|
|
|
const gasAvailable = 100_000;
|
|
await expectRevert.assertion(this.forwarder.execute(this.requestData, { gas: gasAvailable }));
|
|
|
|
const { transactions } = await web3.eth.getBlock('latest');
|
|
const { gasUsed } = await web3.eth.getTransactionReceipt(transactions[0]);
|
|
|
|
expect(gasUsed).to.be.equal(gasAvailable);
|
|
});
|
|
|
|
it('bubbles out of gas forced by the relayer', async function () {
|
|
// If there's an incentive behind executing requests, a malicious relayer could grief
|
|
// the forwarder by executing requests and providing a top-level call gas limit that
|
|
// is too low to successfully finish the request after the 63/64 rule.
|
|
|
|
// We set the baseline to the gas limit consumed by a successful request if it was executed
|
|
// normally. Note this includes the 21000 buffer that also the relayer will be charged to
|
|
// start a request execution.
|
|
const estimate = await this.estimateRequest(this.request);
|
|
|
|
// Because the relayer call consumes gas until the `CALL` opcode, the gas left after failing
|
|
// the subcall won't enough to finish the top level call (after testing), so we add a
|
|
// moderated buffer.
|
|
const gasAvailable = estimate + 2_000;
|
|
|
|
// The subcall out of gas should be caught by the contract and then bubbled up consuming
|
|
// the available gas with an `invalid` opcode.
|
|
await expectRevert.outOfGas(this.forwarder.execute(this.requestData, { gas: gasAvailable }));
|
|
|
|
const { transactions } = await web3.eth.getBlock('latest');
|
|
const { gasUsed } = await web3.eth.getTransactionReceipt(transactions[0]);
|
|
|
|
// We assert that indeed the gas was totally consumed.
|
|
expect(gasUsed).to.be.equal(gasAvailable);
|
|
});
|
|
});
|
|
|
|
context('executeBatch', function () {
|
|
const batchValue = requestDatas => requestDatas.reduce((value, request) => value + Number(request.value), 0);
|
|
|
|
beforeEach(async function () {
|
|
this.bob = Wallet.generate();
|
|
this.bob.address = web3.utils.toChecksumAddress(this.bob.getAddressString());
|
|
|
|
this.eve = Wallet.generate();
|
|
this.eve.address = web3.utils.toChecksumAddress(this.eve.getAddressString());
|
|
|
|
this.signers = [this.alice, this.bob, this.eve];
|
|
|
|
this.requestDatas = await Promise.all(
|
|
this.signers.map(async ({ address }) => ({
|
|
...this.requestData,
|
|
from: address,
|
|
nonce: (await this.forwarder.nonces(address)).toString(),
|
|
value: web3.utils.toWei('10', 'gwei'),
|
|
})),
|
|
);
|
|
|
|
this.requestDatas = this.requestDatas.map((requestData, i) => ({
|
|
...requestData,
|
|
signature: this.sign(this.signers[i].getPrivateKey(), requestData),
|
|
}));
|
|
|
|
this.msgValue = batchValue(this.requestDatas);
|
|
|
|
this.gasUntil = async reqIdx => {
|
|
const gas = 0;
|
|
const estimations = await Promise.all(
|
|
new Array(reqIdx + 1).fill().map((_, idx) => this.estimateRequest(this.requestDatas[idx])),
|
|
);
|
|
return estimations.reduce((acc, estimation) => acc + estimation, gas);
|
|
};
|
|
});
|
|
|
|
context('with valid requests', function () {
|
|
beforeEach(async function () {
|
|
for (const request of this.requestDatas) {
|
|
expect(await this.forwarder.verify(request)).to.be.equal(true);
|
|
}
|
|
|
|
this.receipt = await this.forwarder.executeBatch(this.requestDatas, another, { value: this.msgValue });
|
|
});
|
|
|
|
it('emits events', async function () {
|
|
for (const request of this.requestDatas) {
|
|
await expectEvent.inTransaction(this.receipt.tx, this.receiver, 'MockFunctionCalled');
|
|
await expectEvent.inTransaction(this.receipt.tx, this.forwarder, 'ExecutedForwardRequest', {
|
|
signer: request.from,
|
|
nonce: web3.utils.toBN(request.nonce),
|
|
success: true,
|
|
});
|
|
}
|
|
});
|
|
|
|
it('increase nonces', async function () {
|
|
for (const request of this.requestDatas) {
|
|
expect(await this.forwarder.nonces(request.from)).to.be.bignumber.eq(web3.utils.toBN(request.nonce + 1));
|
|
}
|
|
});
|
|
});
|
|
|
|
context('with tampered requests', function () {
|
|
beforeEach(async function () {
|
|
this.idx = 1; // Tampered idx
|
|
});
|
|
|
|
it('reverts with mismatched value', async function () {
|
|
this.requestDatas[this.idx].value = 100;
|
|
this.requestDatas[this.idx].signature = this.sign(
|
|
this.signers[this.idx].getPrivateKey(),
|
|
this.requestDatas[this.idx],
|
|
);
|
|
await expectRevertCustomError(
|
|
this.forwarder.executeBatch(this.requestDatas, another, { value: this.msgValue }),
|
|
'ERC2771ForwarderMismatchedValue',
|
|
[batchValue(this.requestDatas), this.msgValue],
|
|
);
|
|
});
|
|
|
|
context('when the refund receiver is the zero address', function () {
|
|
beforeEach(function () {
|
|
this.refundReceiver = constants.ZERO_ADDRESS;
|
|
});
|
|
|
|
for (const [key, value] of Object.entries(tamperedValues)) {
|
|
it(`reverts with at least one tampered request ${key}`, async function () {
|
|
const data = this.forgeData({ ...this.requestDatas[this.idx], [key]: value });
|
|
|
|
this.requestDatas[this.idx] = data.message;
|
|
|
|
await expectRevertCustomError(
|
|
this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, { value: this.msgValue }),
|
|
'ERC2771ForwarderInvalidSigner',
|
|
[
|
|
ethSigUtil.recoverTypedSignature({ data, sig: this.requestDatas[this.idx].signature }),
|
|
data.message.from,
|
|
],
|
|
);
|
|
});
|
|
}
|
|
|
|
it('reverts with at least one untrustful to', async function () {
|
|
const data = this.forgeData({ ...this.requestDatas[this.idx], to: another });
|
|
|
|
this.requestDatas[this.idx] = data.message;
|
|
|
|
await expectRevertCustomError(
|
|
this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, { value: this.msgValue }),
|
|
'ERC2771UntrustfulTarget',
|
|
[this.requestDatas[this.idx].to, this.forwarder.address],
|
|
);
|
|
});
|
|
|
|
it('reverts with at least one tampered request signature', async function () {
|
|
const tamperedSig = web3.utils.hexToBytes(this.requestDatas[this.idx].signature);
|
|
tamperedSig[42] ^= 0xff;
|
|
|
|
this.requestDatas[this.idx].signature = web3.utils.bytesToHex(tamperedSig);
|
|
|
|
await expectRevertCustomError(
|
|
this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, { value: this.msgValue }),
|
|
'ERC2771ForwarderInvalidSigner',
|
|
[
|
|
ethSigUtil.recoverTypedSignature({
|
|
data: this.forgeData(this.requestDatas[this.idx]),
|
|
sig: this.requestDatas[this.idx].signature,
|
|
}),
|
|
this.requestDatas[this.idx].from,
|
|
],
|
|
);
|
|
});
|
|
|
|
it('reverts with at least one valid signature for non-current nonce', async function () {
|
|
// Execute first a request
|
|
await this.forwarder.execute(this.requestDatas[this.idx], { value: this.requestDatas[this.idx].value });
|
|
|
|
// And then fail due to an already used nonce
|
|
await expectRevertCustomError(
|
|
this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, { value: this.msgValue }),
|
|
'ERC2771ForwarderInvalidSigner',
|
|
[
|
|
ethSigUtil.recoverTypedSignature({
|
|
data: this.forgeData({ ...this.requestDatas[this.idx], nonce: this.requestDatas[this.idx].nonce + 1 }),
|
|
sig: this.requestDatas[this.idx].signature,
|
|
}),
|
|
this.requestDatas[this.idx].from,
|
|
],
|
|
);
|
|
});
|
|
|
|
it('reverts with at least one valid signature for expired deadline', async function () {
|
|
this.requestDatas[this.idx].deadline = this.timestamp.toNumber() - 1;
|
|
this.requestDatas[this.idx].signature = this.sign(
|
|
this.signers[this.idx].getPrivateKey(),
|
|
this.requestDatas[this.idx],
|
|
);
|
|
await expectRevertCustomError(
|
|
this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, { value: this.msgValue }),
|
|
'ERC2771ForwarderExpiredRequest',
|
|
[this.timestamp.toNumber() - 1],
|
|
);
|
|
});
|
|
});
|
|
|
|
context('when the refund receiver is a known address', function () {
|
|
beforeEach(async function () {
|
|
this.refundReceiver = refundReceiver;
|
|
this.initialRefundReceiverBalance = web3.utils.toBN(await web3.eth.getBalance(this.refundReceiver));
|
|
this.initialTamperedRequestNonce = await this.forwarder.nonces(this.requestDatas[this.idx].from);
|
|
});
|
|
|
|
for (const [key, value] of Object.entries(tamperedValues)) {
|
|
it(`ignores a request with tampered ${key} and refunds its value`, async function () {
|
|
const data = this.forgeData({ ...this.requestDatas[this.idx], [key]: value });
|
|
|
|
this.requestDatas[this.idx] = data.message;
|
|
|
|
const receipt = await this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, {
|
|
value: batchValue(this.requestDatas),
|
|
});
|
|
expect(receipt.logs.filter(({ event }) => event === 'ExecutedForwardRequest').length).to.be.equal(2);
|
|
});
|
|
}
|
|
|
|
it('ignores a request with a valid signature for non-current nonce', async function () {
|
|
// Execute first a request
|
|
await this.forwarder.execute(this.requestDatas[this.idx], { value: this.requestDatas[this.idx].value });
|
|
this.initialTamperedRequestNonce++; // Should be already incremented by the individual `execute`
|
|
|
|
// And then ignore the same request in a batch due to an already used nonce
|
|
const receipt = await this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, {
|
|
value: this.msgValue,
|
|
});
|
|
expect(receipt.logs.filter(({ event }) => event === 'ExecutedForwardRequest').length).to.be.equal(2);
|
|
});
|
|
|
|
it('ignores a request with a valid signature for expired deadline', async function () {
|
|
this.requestDatas[this.idx].deadline = this.timestamp.toNumber() - 1;
|
|
this.requestDatas[this.idx].signature = this.sign(
|
|
this.signers[this.idx].getPrivateKey(),
|
|
this.requestDatas[this.idx],
|
|
);
|
|
|
|
const receipt = await this.forwarder.executeBatch(this.requestDatas, this.refundReceiver, {
|
|
value: this.msgValue,
|
|
});
|
|
expect(receipt.logs.filter(({ event }) => event === 'ExecutedForwardRequest').length).to.be.equal(2);
|
|
});
|
|
|
|
afterEach(async function () {
|
|
// The invalid request value was refunded
|
|
expect(await web3.eth.getBalance(this.refundReceiver)).to.be.bignumber.equal(
|
|
this.initialRefundReceiverBalance.add(web3.utils.toBN(this.requestDatas[this.idx].value)),
|
|
);
|
|
|
|
// The invalid request from's nonce was not incremented
|
|
expect(await this.forwarder.nonces(this.requestDatas[this.idx].from)).to.be.bignumber.eq(
|
|
web3.utils.toBN(this.initialTamperedRequestNonce),
|
|
);
|
|
});
|
|
});
|
|
|
|
it('bubbles out of gas', async function () {
|
|
this.requestDatas[this.idx].data = this.receiver.contract.methods.mockFunctionOutOfGas().encodeABI();
|
|
this.requestDatas[this.idx].gas = 1_000_000;
|
|
this.requestDatas[this.idx].signature = this.sign(
|
|
this.signers[this.idx].getPrivateKey(),
|
|
this.requestDatas[this.idx],
|
|
);
|
|
|
|
const gasAvailable = 300_000;
|
|
await expectRevert.assertion(
|
|
this.forwarder.executeBatch(this.requestDatas, constants.ZERO_ADDRESS, {
|
|
gas: gasAvailable,
|
|
value: this.requestDatas.reduce((acc, { value }) => acc + Number(value), 0),
|
|
}),
|
|
);
|
|
|
|
const { transactions } = await web3.eth.getBlock('latest');
|
|
const { gasUsed } = await web3.eth.getTransactionReceipt(transactions[0]);
|
|
|
|
expect(gasUsed).to.be.equal(gasAvailable);
|
|
});
|
|
|
|
it('bubbles out of gas forced by the relayer', async function () {
|
|
// Similarly to the single execute, a malicious relayer could grief requests.
|
|
|
|
// We estimate until the selected request as if they were executed normally
|
|
const estimate = await this.gasUntil(this.requestDatas, this.idx);
|
|
|
|
// We add a Buffer to account for all the gas that's used before the selected call.
|
|
// Note is slightly bigger because the selected request is not the index 0 and it affects
|
|
// the buffer needed.
|
|
const gasAvailable = estimate + 10_000;
|
|
|
|
// The subcall out of gas should be caught by the contract and then bubbled up consuming
|
|
// the available gas with an `invalid` opcode.
|
|
await expectRevert.outOfGas(
|
|
this.forwarder.executeBatch(this.requestDatas, constants.ZERO_ADDRESS, { gas: gasAvailable }),
|
|
);
|
|
|
|
const { transactions } = await web3.eth.getBlock('latest');
|
|
const { gasUsed } = await web3.eth.getTransactionReceipt(transactions[0]);
|
|
|
|
// We assert that indeed the gas was totally consumed.
|
|
expect(gasUsed).to.be.equal(gasAvailable);
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|