@bloxchain/contracts 1.0.0-alpha.15 → 1.0.0-alpha.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/abi/BaseStateMachine.abi.json +5 -0
- package/abi/GuardController.abi.json +5 -0
- package/abi/GuardControllerDefinitions.abi.json +5 -0
- package/abi/IDefinition.abi.json +5 -0
- package/abi/RuntimeRBAC.abi.json +5 -0
- package/abi/RuntimeRBACDefinitions.abi.json +5 -0
- package/abi/SecureOwnable.abi.json +5 -0
- package/abi/SecureOwnableDefinitions.abi.json +5 -0
- package/core/access/lib/definitions/RuntimeRBACDefinitions.sol +290 -288
- package/core/base/BaseStateMachine.sol +947 -943
- package/core/execution/GuardController.sol +1 -0
- package/core/execution/lib/definitions/GuardControllerDefinitions.sol +514 -506
- package/core/lib/EngineBlox.sol +32 -7
- package/core/security/lib/definitions/SecureOwnableDefinitions.sol +802 -786
- package/package.json +1 -1
|
@@ -1,506 +1,514 @@
|
|
|
1
|
-
// SPDX-License-Identifier: MPL-2.0
|
|
2
|
-
pragma solidity 0.8.34;
|
|
3
|
-
|
|
4
|
-
import "@openzeppelin/contracts/utils/introspection/IERC165.sol";
|
|
5
|
-
import "../../../lib/EngineBlox.sol";
|
|
6
|
-
import "../../../lib/interfaces/IDefinition.sol";
|
|
7
|
-
import "../../interface/IGuardController.sol";
|
|
8
|
-
|
|
9
|
-
/**
|
|
10
|
-
* @title GuardControllerDefinitions
|
|
11
|
-
* @dev Library containing predefined definitions for GuardController initialization
|
|
12
|
-
* This library holds static data that can be used to initialize GuardController contracts
|
|
13
|
-
* without increasing the main contract size
|
|
14
|
-
*
|
|
15
|
-
* This library implements the IDefinition interface and provides both function schema definitions
|
|
16
|
-
* and role permissions for GuardController's public execution functions.
|
|
17
|
-
*
|
|
18
|
-
* Key Features:
|
|
19
|
-
* - Registers all 6 GuardController public execution functions
|
|
20
|
-
* - Defines role permissions for OWNER_ROLE and BROADCASTER_ROLE
|
|
21
|
-
* - Supports time-delay and meta-transaction workflows
|
|
22
|
-
* - Matches EngineBloxDefinitions pattern for consistency
|
|
23
|
-
*
|
|
24
|
-
* Role Permissions:
|
|
25
|
-
* - OWNER_ROLE: Can sign/request time-delay and meta-transaction operations (8 permissions)
|
|
26
|
-
* - BROADCASTER_ROLE: Can execute meta-transaction operations (5 permissions)
|
|
27
|
-
*
|
|
28
|
-
* @notice This definition provides complete initialization data including both function schemas
|
|
29
|
-
* and role permissions, matching the EngineBloxDefinitions pattern.
|
|
30
|
-
* @custom:security-contact security@particlecrypto.com
|
|
31
|
-
*/
|
|
32
|
-
library GuardControllerDefinitions {
|
|
33
|
-
|
|
34
|
-
// Operation Type Constants
|
|
35
|
-
bytes32 public constant CONTROLLER_OPERATION = keccak256("CONTROLLER_OPERATION");
|
|
36
|
-
|
|
37
|
-
// Function Selector Constants
|
|
38
|
-
// GuardController: executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)
|
|
39
|
-
bytes4 public constant EXECUTE_WITH_TIMELOCK_SELECTOR = bytes4(keccak256("executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)"));
|
|
40
|
-
|
|
41
|
-
// GuardController: executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))
|
|
42
|
-
bytes4 public constant EXECUTE_WITH_PAYMENT_SELECTOR = bytes4(keccak256("executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))"));
|
|
43
|
-
|
|
44
|
-
// GuardController: approveTimeLockExecution(uint256)
|
|
45
|
-
bytes4 public constant APPROVE_TIMELOCK_EXECUTION_SELECTOR = bytes4(keccak256("approveTimeLockExecution(uint256)"));
|
|
46
|
-
|
|
47
|
-
// GuardController: cancelTimeLockExecution(uint256)
|
|
48
|
-
bytes4 public constant CANCEL_TIMELOCK_EXECUTION_SELECTOR = bytes4(keccak256("cancelTimeLockExecution(uint256)"));
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
// GuardController: approveTimeLockExecutionWithMetaTx(EngineBlox.MetaTransaction)
|
|
52
|
-
bytes4 public constant APPROVE_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(
|
|
53
|
-
keccak256(
|
|
54
|
-
"approveTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
55
|
-
)
|
|
56
|
-
);
|
|
57
|
-
|
|
58
|
-
// GuardController: cancelTimeLockExecutionWithMetaTx(EngineBlox.MetaTransaction)
|
|
59
|
-
bytes4 public constant CANCEL_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(
|
|
60
|
-
keccak256(
|
|
61
|
-
"cancelTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
62
|
-
)
|
|
63
|
-
);
|
|
64
|
-
|
|
65
|
-
// GuardController: requestAndApproveExecution(EngineBlox.MetaTransaction)
|
|
66
|
-
bytes4 public constant REQUEST_AND_APPROVE_EXECUTION_SELECTOR = bytes4(
|
|
67
|
-
keccak256(
|
|
68
|
-
"requestAndApproveExecution(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
69
|
-
)
|
|
70
|
-
);
|
|
71
|
-
|
|
72
|
-
// GuardController: guardConfigBatchRequestAndApprove(...)
|
|
73
|
-
bytes4 public constant GUARD_CONFIG_BATCH_META_SELECTOR = bytes4(
|
|
74
|
-
keccak256(
|
|
75
|
-
"guardConfigBatchRequestAndApprove(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
76
|
-
)
|
|
77
|
-
);
|
|
78
|
-
|
|
79
|
-
// GuardController: executeGuardConfigBatch((uint8,bytes)[])
|
|
80
|
-
bytes4 public constant GUARD_CONFIG_BATCH_EXECUTE_SELECTOR =
|
|
81
|
-
bytes4(keccak256("executeGuardConfigBatch((uint8,bytes)[])"));
|
|
82
|
-
|
|
83
|
-
/**
|
|
84
|
-
* @dev Returns predefined function schemas for GuardController execution functions
|
|
85
|
-
* @return Array of function schema definitions
|
|
86
|
-
*
|
|
87
|
-
* Function schemas define:
|
|
88
|
-
* - GuardController public execution functions
|
|
89
|
-
* - What operation types they belong to (CONTROLLER_OPERATION)
|
|
90
|
-
* - What actions are supported (time-delay request/approve/cancel, meta-tx approve/cancel/request-and-approve)
|
|
91
|
-
* - Whether they are protected
|
|
92
|
-
*
|
|
93
|
-
* Permission System:
|
|
94
|
-
* - These schemas enable EngineBlox._checkExecutionPermissions to validate
|
|
95
|
-
* if callers have permission to call these GuardController functions
|
|
96
|
-
* - Role permissions are defined in getRolePermissions() matching EngineBloxDefinitions pattern
|
|
97
|
-
*/
|
|
98
|
-
function getFunctionSchemas() public pure returns (EngineBlox.FunctionSchema[] memory) {
|
|
99
|
-
EngineBlox.FunctionSchema[] memory schemas = new EngineBlox.FunctionSchema[](8);
|
|
100
|
-
|
|
101
|
-
// ============ TIME-DELAY WORKFLOW ACTIONS ============
|
|
102
|
-
// Request action for executeWithTimeLock
|
|
103
|
-
EngineBlox.TxAction[] memory timeDelayRequestActions = new EngineBlox.TxAction[](1);
|
|
104
|
-
timeDelayRequestActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_REQUEST;
|
|
105
|
-
|
|
106
|
-
// Approve action for approveTimeLockExecution
|
|
107
|
-
EngineBlox.TxAction[] memory timeDelayApproveActions = new EngineBlox.TxAction[](1);
|
|
108
|
-
timeDelayApproveActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_APPROVE;
|
|
109
|
-
|
|
110
|
-
// Cancel action for cancelTimeLockExecution
|
|
111
|
-
EngineBlox.TxAction[] memory timeDelayCancelActions = new EngineBlox.TxAction[](1);
|
|
112
|
-
timeDelayCancelActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_CANCEL;
|
|
113
|
-
|
|
114
|
-
// ============ META-TRANSACTION WORKFLOW ACTIONS ============
|
|
115
|
-
// Approve action for approveTimeLockExecutionWithMetaTx
|
|
116
|
-
EngineBlox.TxAction[] memory metaTxApproveActions = new EngineBlox.TxAction[](2);
|
|
117
|
-
metaTxApproveActions[0] = EngineBlox.TxAction.SIGN_META_APPROVE;
|
|
118
|
-
metaTxApproveActions[1] = EngineBlox.TxAction.EXECUTE_META_APPROVE;
|
|
119
|
-
|
|
120
|
-
// Cancel action for cancelTimeLockExecutionWithMetaTx
|
|
121
|
-
EngineBlox.TxAction[] memory metaTxCancelActions = new EngineBlox.TxAction[](2);
|
|
122
|
-
metaTxCancelActions[0] = EngineBlox.TxAction.SIGN_META_CANCEL;
|
|
123
|
-
metaTxCancelActions[1] = EngineBlox.TxAction.EXECUTE_META_CANCEL;
|
|
124
|
-
|
|
125
|
-
// Request and approve action for requestAndApproveExecution
|
|
126
|
-
EngineBlox.TxAction[] memory metaTxRequestApproveActions = new EngineBlox.TxAction[](2);
|
|
127
|
-
metaTxRequestApproveActions[0] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
|
|
128
|
-
metaTxRequestApproveActions[1] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
|
|
129
|
-
|
|
130
|
-
// ============ GUARDCONTROLLER FUNCTION SCHEMAS ============
|
|
131
|
-
|
|
132
|
-
// Execution selectors must have self-reference (at least one element pointing to themselves)
|
|
133
|
-
bytes4[] memory executeWithTimeLockHandlerForSelectors = new bytes4[](1);
|
|
134
|
-
executeWithTimeLockHandlerForSelectors[0] = EXECUTE_WITH_TIMELOCK_SELECTOR;
|
|
135
|
-
bytes4[] memory approveTimeLockExecutionHandlerForSelectors = new bytes4[](1);
|
|
136
|
-
approveTimeLockExecutionHandlerForSelectors[0] = APPROVE_TIMELOCK_EXECUTION_SELECTOR;
|
|
137
|
-
bytes4[] memory cancelTimeLockExecutionHandlerForSelectors = new bytes4[](1);
|
|
138
|
-
cancelTimeLockExecutionHandlerForSelectors[0] = CANCEL_TIMELOCK_EXECUTION_SELECTOR;
|
|
139
|
-
bytes4[] memory approveTimeLockExecutionMetaHandlerForSelectors = new bytes4[](1);
|
|
140
|
-
approveTimeLockExecutionMetaHandlerForSelectors[0] = APPROVE_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
141
|
-
bytes4[] memory cancelTimeLockExecutionMetaHandlerForSelectors = new bytes4[](1);
|
|
142
|
-
cancelTimeLockExecutionMetaHandlerForSelectors[0] = CANCEL_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
143
|
-
bytes4[] memory requestAndApproveExecutionHandlerForSelectors = new bytes4[](1);
|
|
144
|
-
requestAndApproveExecutionHandlerForSelectors[0] = REQUEST_AND_APPROVE_EXECUTION_SELECTOR;
|
|
145
|
-
bytes4[] memory guardConfigBatchExecuteHandlerForSelectors = new bytes4[](1);
|
|
146
|
-
guardConfigBatchExecuteHandlerForSelectors[0] = GUARD_CONFIG_BATCH_EXECUTE_SELECTOR;
|
|
147
|
-
|
|
148
|
-
// Handler selectors point to execution selectors
|
|
149
|
-
bytes4[] memory guardConfigHandlerForSelectors = new bytes4[](1);
|
|
150
|
-
guardConfigHandlerForSelectors[0] = GUARD_CONFIG_BATCH_EXECUTE_SELECTOR;
|
|
151
|
-
|
|
152
|
-
// Schema 0: GuardController.executeWithTimeLock
|
|
153
|
-
schemas[0] = EngineBlox.FunctionSchema({
|
|
154
|
-
functionSignature: "executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)",
|
|
155
|
-
functionSelector: EXECUTE_WITH_TIMELOCK_SELECTOR,
|
|
156
|
-
operationType: CONTROLLER_OPERATION,
|
|
157
|
-
operationName: "CONTROLLER_OPERATION",
|
|
158
|
-
supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayRequestActions),
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
EngineBlox.
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
324
|
-
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
328
|
-
|
|
329
|
-
|
|
330
|
-
|
|
331
|
-
|
|
332
|
-
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
functionPermissions[
|
|
355
|
-
functionSelector:
|
|
356
|
-
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerMetaTxRequestApproveActions),
|
|
357
|
-
handlerForSelectors: handlerForSelectors6
|
|
358
|
-
});
|
|
359
|
-
|
|
360
|
-
//
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
functionPermissions[
|
|
383
|
-
functionSelector:
|
|
384
|
-
grantedActionsBitmap: EngineBlox.createBitmapFromActions(
|
|
385
|
-
handlerForSelectors:
|
|
386
|
-
});
|
|
387
|
-
|
|
388
|
-
// Broadcaster:
|
|
389
|
-
roleHashes[
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
functionPermissions[
|
|
401
|
-
functionSelector:
|
|
402
|
-
grantedActionsBitmap: EngineBlox.createBitmapFromActions(
|
|
403
|
-
handlerForSelectors:
|
|
404
|
-
});
|
|
405
|
-
|
|
406
|
-
// Broadcaster: Guard Config Batch (
|
|
407
|
-
roleHashes[
|
|
408
|
-
functionPermissions[
|
|
409
|
-
functionSelector:
|
|
410
|
-
grantedActionsBitmap: EngineBlox.createBitmapFromActions(broadcasterMetaTxRequestApproveActions),
|
|
411
|
-
handlerForSelectors: handlerForSelectors6
|
|
412
|
-
});
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
* @
|
|
458
|
-
* @param
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
* @
|
|
467
|
-
* @param
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
480
|
-
|
|
481
|
-
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
* @
|
|
490
|
-
* @param
|
|
491
|
-
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
497
|
-
|
|
498
|
-
|
|
499
|
-
|
|
500
|
-
|
|
501
|
-
|
|
502
|
-
|
|
503
|
-
|
|
504
|
-
return
|
|
505
|
-
}
|
|
506
|
-
|
|
1
|
+
// SPDX-License-Identifier: MPL-2.0
|
|
2
|
+
pragma solidity 0.8.34;
|
|
3
|
+
|
|
4
|
+
import "@openzeppelin/contracts/utils/introspection/IERC165.sol";
|
|
5
|
+
import "../../../lib/EngineBlox.sol";
|
|
6
|
+
import "../../../lib/interfaces/IDefinition.sol";
|
|
7
|
+
import "../../interface/IGuardController.sol";
|
|
8
|
+
|
|
9
|
+
/**
|
|
10
|
+
* @title GuardControllerDefinitions
|
|
11
|
+
* @dev Library containing predefined definitions for GuardController initialization
|
|
12
|
+
* This library holds static data that can be used to initialize GuardController contracts
|
|
13
|
+
* without increasing the main contract size
|
|
14
|
+
*
|
|
15
|
+
* This library implements the IDefinition interface and provides both function schema definitions
|
|
16
|
+
* and role permissions for GuardController's public execution functions.
|
|
17
|
+
*
|
|
18
|
+
* Key Features:
|
|
19
|
+
* - Registers all 6 GuardController public execution functions
|
|
20
|
+
* - Defines role permissions for OWNER_ROLE and BROADCASTER_ROLE
|
|
21
|
+
* - Supports time-delay and meta-transaction workflows
|
|
22
|
+
* - Matches EngineBloxDefinitions pattern for consistency
|
|
23
|
+
*
|
|
24
|
+
* Role Permissions:
|
|
25
|
+
* - OWNER_ROLE: Can sign/request time-delay and meta-transaction operations (8 permissions)
|
|
26
|
+
* - BROADCASTER_ROLE: Can execute meta-transaction operations (5 permissions)
|
|
27
|
+
*
|
|
28
|
+
* @notice This definition provides complete initialization data including both function schemas
|
|
29
|
+
* and role permissions, matching the EngineBloxDefinitions pattern.
|
|
30
|
+
* @custom:security-contact security@particlecrypto.com
|
|
31
|
+
*/
|
|
32
|
+
library GuardControllerDefinitions {
|
|
33
|
+
|
|
34
|
+
// Operation Type Constants
|
|
35
|
+
bytes32 public constant CONTROLLER_OPERATION = keccak256("CONTROLLER_OPERATION");
|
|
36
|
+
|
|
37
|
+
// Function Selector Constants
|
|
38
|
+
// GuardController: executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)
|
|
39
|
+
bytes4 public constant EXECUTE_WITH_TIMELOCK_SELECTOR = bytes4(keccak256("executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)"));
|
|
40
|
+
|
|
41
|
+
// GuardController: executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))
|
|
42
|
+
bytes4 public constant EXECUTE_WITH_PAYMENT_SELECTOR = bytes4(keccak256("executeWithPayment(address,uint256,bytes4,bytes,uint256,bytes32,(address,uint256,address,uint256))"));
|
|
43
|
+
|
|
44
|
+
// GuardController: approveTimeLockExecution(uint256)
|
|
45
|
+
bytes4 public constant APPROVE_TIMELOCK_EXECUTION_SELECTOR = bytes4(keccak256("approveTimeLockExecution(uint256)"));
|
|
46
|
+
|
|
47
|
+
// GuardController: cancelTimeLockExecution(uint256)
|
|
48
|
+
bytes4 public constant CANCEL_TIMELOCK_EXECUTION_SELECTOR = bytes4(keccak256("cancelTimeLockExecution(uint256)"));
|
|
49
|
+
|
|
50
|
+
|
|
51
|
+
// GuardController: approveTimeLockExecutionWithMetaTx(EngineBlox.MetaTransaction)
|
|
52
|
+
bytes4 public constant APPROVE_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(
|
|
53
|
+
keccak256(
|
|
54
|
+
"approveTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
55
|
+
)
|
|
56
|
+
);
|
|
57
|
+
|
|
58
|
+
// GuardController: cancelTimeLockExecutionWithMetaTx(EngineBlox.MetaTransaction)
|
|
59
|
+
bytes4 public constant CANCEL_TIMELOCK_EXECUTION_META_SELECTOR = bytes4(
|
|
60
|
+
keccak256(
|
|
61
|
+
"cancelTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
62
|
+
)
|
|
63
|
+
);
|
|
64
|
+
|
|
65
|
+
// GuardController: requestAndApproveExecution(EngineBlox.MetaTransaction)
|
|
66
|
+
bytes4 public constant REQUEST_AND_APPROVE_EXECUTION_SELECTOR = bytes4(
|
|
67
|
+
keccak256(
|
|
68
|
+
"requestAndApproveExecution(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
69
|
+
)
|
|
70
|
+
);
|
|
71
|
+
|
|
72
|
+
// GuardController: guardConfigBatchRequestAndApprove(...)
|
|
73
|
+
bytes4 public constant GUARD_CONFIG_BATCH_META_SELECTOR = bytes4(
|
|
74
|
+
keccak256(
|
|
75
|
+
"guardConfigBatchRequestAndApprove(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))"
|
|
76
|
+
)
|
|
77
|
+
);
|
|
78
|
+
|
|
79
|
+
// GuardController: executeGuardConfigBatch((uint8,bytes)[])
|
|
80
|
+
bytes4 public constant GUARD_CONFIG_BATCH_EXECUTE_SELECTOR =
|
|
81
|
+
bytes4(keccak256("executeGuardConfigBatch((uint8,bytes)[])"));
|
|
82
|
+
|
|
83
|
+
/**
|
|
84
|
+
* @dev Returns predefined function schemas for GuardController execution functions
|
|
85
|
+
* @return Array of function schema definitions
|
|
86
|
+
*
|
|
87
|
+
* Function schemas define:
|
|
88
|
+
* - GuardController public execution functions
|
|
89
|
+
* - What operation types they belong to (CONTROLLER_OPERATION)
|
|
90
|
+
* - What actions are supported (time-delay request/approve/cancel, meta-tx approve/cancel/request-and-approve)
|
|
91
|
+
* - Whether they are protected
|
|
92
|
+
*
|
|
93
|
+
* Permission System:
|
|
94
|
+
* - These schemas enable EngineBlox._checkExecutionPermissions to validate
|
|
95
|
+
* if callers have permission to call these GuardController functions
|
|
96
|
+
* - Role permissions are defined in getRolePermissions() matching EngineBloxDefinitions pattern
|
|
97
|
+
*/
|
|
98
|
+
function getFunctionSchemas() public pure returns (EngineBlox.FunctionSchema[] memory) {
|
|
99
|
+
EngineBlox.FunctionSchema[] memory schemas = new EngineBlox.FunctionSchema[](8);
|
|
100
|
+
|
|
101
|
+
// ============ TIME-DELAY WORKFLOW ACTIONS ============
|
|
102
|
+
// Request action for executeWithTimeLock
|
|
103
|
+
EngineBlox.TxAction[] memory timeDelayRequestActions = new EngineBlox.TxAction[](1);
|
|
104
|
+
timeDelayRequestActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_REQUEST;
|
|
105
|
+
|
|
106
|
+
// Approve action for approveTimeLockExecution
|
|
107
|
+
EngineBlox.TxAction[] memory timeDelayApproveActions = new EngineBlox.TxAction[](1);
|
|
108
|
+
timeDelayApproveActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_APPROVE;
|
|
109
|
+
|
|
110
|
+
// Cancel action for cancelTimeLockExecution
|
|
111
|
+
EngineBlox.TxAction[] memory timeDelayCancelActions = new EngineBlox.TxAction[](1);
|
|
112
|
+
timeDelayCancelActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_CANCEL;
|
|
113
|
+
|
|
114
|
+
// ============ META-TRANSACTION WORKFLOW ACTIONS ============
|
|
115
|
+
// Approve action for approveTimeLockExecutionWithMetaTx
|
|
116
|
+
EngineBlox.TxAction[] memory metaTxApproveActions = new EngineBlox.TxAction[](2);
|
|
117
|
+
metaTxApproveActions[0] = EngineBlox.TxAction.SIGN_META_APPROVE;
|
|
118
|
+
metaTxApproveActions[1] = EngineBlox.TxAction.EXECUTE_META_APPROVE;
|
|
119
|
+
|
|
120
|
+
// Cancel action for cancelTimeLockExecutionWithMetaTx
|
|
121
|
+
EngineBlox.TxAction[] memory metaTxCancelActions = new EngineBlox.TxAction[](2);
|
|
122
|
+
metaTxCancelActions[0] = EngineBlox.TxAction.SIGN_META_CANCEL;
|
|
123
|
+
metaTxCancelActions[1] = EngineBlox.TxAction.EXECUTE_META_CANCEL;
|
|
124
|
+
|
|
125
|
+
// Request and approve action for requestAndApproveExecution
|
|
126
|
+
EngineBlox.TxAction[] memory metaTxRequestApproveActions = new EngineBlox.TxAction[](2);
|
|
127
|
+
metaTxRequestApproveActions[0] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
|
|
128
|
+
metaTxRequestApproveActions[1] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
|
|
129
|
+
|
|
130
|
+
// ============ GUARDCONTROLLER FUNCTION SCHEMAS ============
|
|
131
|
+
|
|
132
|
+
// Execution selectors must have self-reference (at least one element pointing to themselves)
|
|
133
|
+
bytes4[] memory executeWithTimeLockHandlerForSelectors = new bytes4[](1);
|
|
134
|
+
executeWithTimeLockHandlerForSelectors[0] = EXECUTE_WITH_TIMELOCK_SELECTOR;
|
|
135
|
+
bytes4[] memory approveTimeLockExecutionHandlerForSelectors = new bytes4[](1);
|
|
136
|
+
approveTimeLockExecutionHandlerForSelectors[0] = APPROVE_TIMELOCK_EXECUTION_SELECTOR;
|
|
137
|
+
bytes4[] memory cancelTimeLockExecutionHandlerForSelectors = new bytes4[](1);
|
|
138
|
+
cancelTimeLockExecutionHandlerForSelectors[0] = CANCEL_TIMELOCK_EXECUTION_SELECTOR;
|
|
139
|
+
bytes4[] memory approveTimeLockExecutionMetaHandlerForSelectors = new bytes4[](1);
|
|
140
|
+
approveTimeLockExecutionMetaHandlerForSelectors[0] = APPROVE_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
141
|
+
bytes4[] memory cancelTimeLockExecutionMetaHandlerForSelectors = new bytes4[](1);
|
|
142
|
+
cancelTimeLockExecutionMetaHandlerForSelectors[0] = CANCEL_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
143
|
+
bytes4[] memory requestAndApproveExecutionHandlerForSelectors = new bytes4[](1);
|
|
144
|
+
requestAndApproveExecutionHandlerForSelectors[0] = REQUEST_AND_APPROVE_EXECUTION_SELECTOR;
|
|
145
|
+
bytes4[] memory guardConfigBatchExecuteHandlerForSelectors = new bytes4[](1);
|
|
146
|
+
guardConfigBatchExecuteHandlerForSelectors[0] = GUARD_CONFIG_BATCH_EXECUTE_SELECTOR;
|
|
147
|
+
|
|
148
|
+
// Handler selectors point to execution selectors
|
|
149
|
+
bytes4[] memory guardConfigHandlerForSelectors = new bytes4[](1);
|
|
150
|
+
guardConfigHandlerForSelectors[0] = GUARD_CONFIG_BATCH_EXECUTE_SELECTOR;
|
|
151
|
+
|
|
152
|
+
// Schema 0: GuardController.executeWithTimeLock
|
|
153
|
+
schemas[0] = EngineBlox.FunctionSchema({
|
|
154
|
+
functionSignature: "executeWithTimeLock(address,uint256,bytes4,bytes,uint256,bytes32)",
|
|
155
|
+
functionSelector: EXECUTE_WITH_TIMELOCK_SELECTOR,
|
|
156
|
+
operationType: CONTROLLER_OPERATION,
|
|
157
|
+
operationName: "CONTROLLER_OPERATION",
|
|
158
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayRequestActions),
|
|
159
|
+
enforceHandlerRelations: false,
|
|
160
|
+
isProtected: true,
|
|
161
|
+
handlerForSelectors: executeWithTimeLockHandlerForSelectors
|
|
162
|
+
});
|
|
163
|
+
|
|
164
|
+
// Schema 1: GuardController.approveTimeLockExecution
|
|
165
|
+
schemas[1] = EngineBlox.FunctionSchema({
|
|
166
|
+
functionSignature: "approveTimeLockExecution(uint256)",
|
|
167
|
+
functionSelector: APPROVE_TIMELOCK_EXECUTION_SELECTOR,
|
|
168
|
+
operationType: CONTROLLER_OPERATION,
|
|
169
|
+
operationName: "CONTROLLER_OPERATION",
|
|
170
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayApproveActions),
|
|
171
|
+
enforceHandlerRelations: false,
|
|
172
|
+
isProtected: true,
|
|
173
|
+
handlerForSelectors: approveTimeLockExecutionHandlerForSelectors
|
|
174
|
+
});
|
|
175
|
+
|
|
176
|
+
// Schema 2: GuardController.cancelTimeLockExecution
|
|
177
|
+
schemas[2] = EngineBlox.FunctionSchema({
|
|
178
|
+
functionSignature: "cancelTimeLockExecution(uint256)",
|
|
179
|
+
functionSelector: CANCEL_TIMELOCK_EXECUTION_SELECTOR,
|
|
180
|
+
operationType: CONTROLLER_OPERATION,
|
|
181
|
+
operationName: "CONTROLLER_OPERATION",
|
|
182
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(timeDelayCancelActions),
|
|
183
|
+
enforceHandlerRelations: false,
|
|
184
|
+
isProtected: true,
|
|
185
|
+
handlerForSelectors: cancelTimeLockExecutionHandlerForSelectors
|
|
186
|
+
});
|
|
187
|
+
|
|
188
|
+
// Schema 3: GuardController.approveTimeLockExecutionWithMetaTx
|
|
189
|
+
schemas[3] = EngineBlox.FunctionSchema({
|
|
190
|
+
functionSignature: "approveTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
|
|
191
|
+
functionSelector: APPROVE_TIMELOCK_EXECUTION_META_SELECTOR,
|
|
192
|
+
operationType: CONTROLLER_OPERATION,
|
|
193
|
+
operationName: "CONTROLLER_OPERATION",
|
|
194
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxApproveActions),
|
|
195
|
+
enforceHandlerRelations: false,
|
|
196
|
+
isProtected: true,
|
|
197
|
+
handlerForSelectors: approveTimeLockExecutionMetaHandlerForSelectors
|
|
198
|
+
});
|
|
199
|
+
|
|
200
|
+
// Schema 4: GuardController.cancelTimeLockExecutionWithMetaTx
|
|
201
|
+
schemas[4] = EngineBlox.FunctionSchema({
|
|
202
|
+
functionSignature: "cancelTimeLockExecutionWithMetaTx(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
|
|
203
|
+
functionSelector: CANCEL_TIMELOCK_EXECUTION_META_SELECTOR,
|
|
204
|
+
operationType: CONTROLLER_OPERATION,
|
|
205
|
+
operationName: "CONTROLLER_OPERATION",
|
|
206
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxCancelActions),
|
|
207
|
+
enforceHandlerRelations: false,
|
|
208
|
+
isProtected: true,
|
|
209
|
+
handlerForSelectors: cancelTimeLockExecutionMetaHandlerForSelectors
|
|
210
|
+
});
|
|
211
|
+
|
|
212
|
+
// Schema 5: GuardController.requestAndApproveExecution
|
|
213
|
+
schemas[5] = EngineBlox.FunctionSchema({
|
|
214
|
+
functionSignature: "requestAndApproveExecution(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
|
|
215
|
+
functionSelector: REQUEST_AND_APPROVE_EXECUTION_SELECTOR,
|
|
216
|
+
operationType: CONTROLLER_OPERATION,
|
|
217
|
+
operationName: "CONTROLLER_OPERATION",
|
|
218
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxRequestApproveActions),
|
|
219
|
+
enforceHandlerRelations: false,
|
|
220
|
+
isProtected: true,
|
|
221
|
+
handlerForSelectors: requestAndApproveExecutionHandlerForSelectors
|
|
222
|
+
});
|
|
223
|
+
|
|
224
|
+
// Schema 6: GuardController.guardConfigBatchRequestAndApprove
|
|
225
|
+
schemas[6] = EngineBlox.FunctionSchema({
|
|
226
|
+
functionSignature: "guardConfigBatchRequestAndApprove(((uint256,uint256,uint8,(address,address,uint256,uint256,bytes32,bytes4,bytes),bytes32,bytes,(address,uint256,address,uint256)),(uint256,uint256,address,bytes4,uint8,uint256,uint256,address),bytes32,bytes,bytes))",
|
|
227
|
+
functionSelector: GUARD_CONFIG_BATCH_META_SELECTOR,
|
|
228
|
+
operationType: CONTROLLER_OPERATION,
|
|
229
|
+
operationName: "CONTROLLER_OPERATION",
|
|
230
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(metaTxRequestApproveActions),
|
|
231
|
+
enforceHandlerRelations: true,
|
|
232
|
+
isProtected: true,
|
|
233
|
+
handlerForSelectors: guardConfigHandlerForSelectors
|
|
234
|
+
});
|
|
235
|
+
|
|
236
|
+
// Schema 7: GuardController.executeGuardConfigBatch
|
|
237
|
+
EngineBlox.TxAction[] memory guardConfigExecutionActions = new EngineBlox.TxAction[](2);
|
|
238
|
+
guardConfigExecutionActions[0] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
|
|
239
|
+
guardConfigExecutionActions[1] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
|
|
240
|
+
|
|
241
|
+
schemas[7] = EngineBlox.FunctionSchema({
|
|
242
|
+
functionSignature: "executeGuardConfigBatch((uint8,bytes)[])",
|
|
243
|
+
functionSelector: GUARD_CONFIG_BATCH_EXECUTE_SELECTOR,
|
|
244
|
+
operationType: CONTROLLER_OPERATION,
|
|
245
|
+
operationName: "CONTROLLER_OPERATION",
|
|
246
|
+
supportedActionsBitmap: EngineBlox.createBitmapFromActions(guardConfigExecutionActions),
|
|
247
|
+
enforceHandlerRelations: false,
|
|
248
|
+
isProtected: true,
|
|
249
|
+
handlerForSelectors: guardConfigBatchExecuteHandlerForSelectors
|
|
250
|
+
});
|
|
251
|
+
|
|
252
|
+
return schemas;
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
/**
|
|
256
|
+
* @dev Returns predefined role hashes and their corresponding function permissions
|
|
257
|
+
* @return RolePermission struct containing roleHashes and functionPermissions arrays
|
|
258
|
+
*
|
|
259
|
+
* Role Permissions:
|
|
260
|
+
* - OWNER_ROLE: Can sign/request time-delay and meta-transaction operations (8 permissions)
|
|
261
|
+
* - BROADCASTER_ROLE: Can execute meta-transaction operations (5 permissions)
|
|
262
|
+
*
|
|
263
|
+
* Total: 13 role permission entries matching EngineBloxDefinitions pattern
|
|
264
|
+
*/
|
|
265
|
+
function getRolePermissions() public pure returns (IDefinition.RolePermission memory) {
|
|
266
|
+
bytes32[] memory roleHashes;
|
|
267
|
+
EngineBlox.FunctionPermission[] memory functionPermissions;
|
|
268
|
+
roleHashes = new bytes32[](13);
|
|
269
|
+
functionPermissions = new EngineBlox.FunctionPermission[](13);
|
|
270
|
+
|
|
271
|
+
// Owner role permissions (8 entries)
|
|
272
|
+
EngineBlox.TxAction[] memory ownerTimeLockRequestActions = new EngineBlox.TxAction[](1);
|
|
273
|
+
ownerTimeLockRequestActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_REQUEST;
|
|
274
|
+
|
|
275
|
+
EngineBlox.TxAction[] memory ownerTimeLockApproveActions = new EngineBlox.TxAction[](1);
|
|
276
|
+
ownerTimeLockApproveActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_APPROVE;
|
|
277
|
+
|
|
278
|
+
EngineBlox.TxAction[] memory ownerTimeLockCancelActions = new EngineBlox.TxAction[](1);
|
|
279
|
+
ownerTimeLockCancelActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_CANCEL;
|
|
280
|
+
|
|
281
|
+
EngineBlox.TxAction[] memory ownerMetaTxRequestApproveActions = new EngineBlox.TxAction[](1);
|
|
282
|
+
ownerMetaTxRequestApproveActions[0] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
|
|
283
|
+
|
|
284
|
+
EngineBlox.TxAction[] memory ownerMetaTxApproveActions = new EngineBlox.TxAction[](1);
|
|
285
|
+
ownerMetaTxApproveActions[0] = EngineBlox.TxAction.SIGN_META_APPROVE;
|
|
286
|
+
|
|
287
|
+
EngineBlox.TxAction[] memory ownerMetaTxCancelActions = new EngineBlox.TxAction[](1);
|
|
288
|
+
ownerMetaTxCancelActions[0] = EngineBlox.TxAction.SIGN_META_CANCEL;
|
|
289
|
+
|
|
290
|
+
// Owner: Execute With TimeLock
|
|
291
|
+
roleHashes[0] = EngineBlox.OWNER_ROLE;
|
|
292
|
+
bytes4[] memory handlerForSelectors0 = new bytes4[](1);
|
|
293
|
+
handlerForSelectors0[0] = EXECUTE_WITH_TIMELOCK_SELECTOR;
|
|
294
|
+
functionPermissions[0] = EngineBlox.FunctionPermission({
|
|
295
|
+
functionSelector: EXECUTE_WITH_TIMELOCK_SELECTOR,
|
|
296
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerTimeLockRequestActions),
|
|
297
|
+
handlerForSelectors: handlerForSelectors0 // Self-reference indicates execution selector
|
|
298
|
+
});
|
|
299
|
+
|
|
300
|
+
// Owner: Approve TimeLock Execution
|
|
301
|
+
roleHashes[1] = EngineBlox.OWNER_ROLE;
|
|
302
|
+
bytes4[] memory handlerForSelectors1 = new bytes4[](1);
|
|
303
|
+
handlerForSelectors1[0] = APPROVE_TIMELOCK_EXECUTION_SELECTOR;
|
|
304
|
+
functionPermissions[1] = EngineBlox.FunctionPermission({
|
|
305
|
+
functionSelector: APPROVE_TIMELOCK_EXECUTION_SELECTOR,
|
|
306
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerTimeLockApproveActions),
|
|
307
|
+
handlerForSelectors: handlerForSelectors1 // Self-reference indicates execution selector
|
|
308
|
+
});
|
|
309
|
+
|
|
310
|
+
// Owner: Cancel TimeLock Execution
|
|
311
|
+
roleHashes[2] = EngineBlox.OWNER_ROLE;
|
|
312
|
+
bytes4[] memory handlerForSelectors2 = new bytes4[](1);
|
|
313
|
+
handlerForSelectors2[0] = CANCEL_TIMELOCK_EXECUTION_SELECTOR;
|
|
314
|
+
functionPermissions[2] = EngineBlox.FunctionPermission({
|
|
315
|
+
functionSelector: CANCEL_TIMELOCK_EXECUTION_SELECTOR,
|
|
316
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerTimeLockCancelActions),
|
|
317
|
+
handlerForSelectors: handlerForSelectors2 // Self-reference indicates execution selector
|
|
318
|
+
});
|
|
319
|
+
|
|
320
|
+
// Owner: Request And Approve Execution (Meta-Tx)
|
|
321
|
+
roleHashes[3] = EngineBlox.OWNER_ROLE;
|
|
322
|
+
bytes4[] memory handlerForSelectors3 = new bytes4[](1);
|
|
323
|
+
handlerForSelectors3[0] = REQUEST_AND_APPROVE_EXECUTION_SELECTOR;
|
|
324
|
+
functionPermissions[3] = EngineBlox.FunctionPermission({
|
|
325
|
+
functionSelector: REQUEST_AND_APPROVE_EXECUTION_SELECTOR,
|
|
326
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerMetaTxRequestApproveActions),
|
|
327
|
+
handlerForSelectors: handlerForSelectors3 // Self-reference indicates execution selector
|
|
328
|
+
});
|
|
329
|
+
|
|
330
|
+
// Owner: Approve TimeLock Execution With MetaTx
|
|
331
|
+
roleHashes[4] = EngineBlox.OWNER_ROLE;
|
|
332
|
+
bytes4[] memory handlerForSelectors4 = new bytes4[](1);
|
|
333
|
+
handlerForSelectors4[0] = APPROVE_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
334
|
+
functionPermissions[4] = EngineBlox.FunctionPermission({
|
|
335
|
+
functionSelector: APPROVE_TIMELOCK_EXECUTION_META_SELECTOR,
|
|
336
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerMetaTxApproveActions),
|
|
337
|
+
handlerForSelectors: handlerForSelectors4 // Self-reference indicates execution selector
|
|
338
|
+
});
|
|
339
|
+
|
|
340
|
+
// Owner: Cancel TimeLock Execution With MetaTx
|
|
341
|
+
roleHashes[5] = EngineBlox.OWNER_ROLE;
|
|
342
|
+
bytes4[] memory handlerForSelectors5 = new bytes4[](1);
|
|
343
|
+
handlerForSelectors5[0] = CANCEL_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
344
|
+
functionPermissions[5] = EngineBlox.FunctionPermission({
|
|
345
|
+
functionSelector: CANCEL_TIMELOCK_EXECUTION_META_SELECTOR,
|
|
346
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerMetaTxCancelActions),
|
|
347
|
+
handlerForSelectors: handlerForSelectors5 // Self-reference indicates execution selector
|
|
348
|
+
});
|
|
349
|
+
|
|
350
|
+
// Owner: Guard Config Batch (Meta-Tx handler)
|
|
351
|
+
roleHashes[6] = EngineBlox.OWNER_ROLE;
|
|
352
|
+
bytes4[] memory handlerForSelectors6 = new bytes4[](1);
|
|
353
|
+
handlerForSelectors6[0] = GUARD_CONFIG_BATCH_EXECUTE_SELECTOR;
|
|
354
|
+
functionPermissions[6] = EngineBlox.FunctionPermission({
|
|
355
|
+
functionSelector: GUARD_CONFIG_BATCH_META_SELECTOR,
|
|
356
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerMetaTxRequestApproveActions),
|
|
357
|
+
handlerForSelectors: handlerForSelectors6
|
|
358
|
+
});
|
|
359
|
+
|
|
360
|
+
// Owner: Guard Config Batch (Execution selector)
|
|
361
|
+
roleHashes[7] = EngineBlox.OWNER_ROLE;
|
|
362
|
+
functionPermissions[7] = EngineBlox.FunctionPermission({
|
|
363
|
+
functionSelector: GUARD_CONFIG_BATCH_EXECUTE_SELECTOR,
|
|
364
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(ownerMetaTxRequestApproveActions),
|
|
365
|
+
handlerForSelectors: handlerForSelectors6 // Self-reference indicates execution selector
|
|
366
|
+
});
|
|
367
|
+
|
|
368
|
+
// Broadcaster role permissions (5 entries)
|
|
369
|
+
EngineBlox.TxAction[] memory broadcasterMetaTxRequestApproveActions = new EngineBlox.TxAction[](1);
|
|
370
|
+
broadcasterMetaTxRequestApproveActions[0] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
|
|
371
|
+
|
|
372
|
+
EngineBlox.TxAction[] memory broadcasterMetaTxApproveActions = new EngineBlox.TxAction[](1);
|
|
373
|
+
broadcasterMetaTxApproveActions[0] = EngineBlox.TxAction.EXECUTE_META_APPROVE;
|
|
374
|
+
|
|
375
|
+
EngineBlox.TxAction[] memory broadcasterMetaTxCancelActions = new EngineBlox.TxAction[](1);
|
|
376
|
+
broadcasterMetaTxCancelActions[0] = EngineBlox.TxAction.EXECUTE_META_CANCEL;
|
|
377
|
+
|
|
378
|
+
// Broadcaster: Request And Approve Execution (Meta-Tx)
|
|
379
|
+
roleHashes[8] = EngineBlox.BROADCASTER_ROLE;
|
|
380
|
+
bytes4[] memory handlerForSelectors8 = new bytes4[](1);
|
|
381
|
+
handlerForSelectors8[0] = REQUEST_AND_APPROVE_EXECUTION_SELECTOR;
|
|
382
|
+
functionPermissions[8] = EngineBlox.FunctionPermission({
|
|
383
|
+
functionSelector: REQUEST_AND_APPROVE_EXECUTION_SELECTOR,
|
|
384
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(broadcasterMetaTxRequestApproveActions),
|
|
385
|
+
handlerForSelectors: handlerForSelectors8 // Self-reference indicates execution selector
|
|
386
|
+
});
|
|
387
|
+
|
|
388
|
+
// Broadcaster: Approve TimeLock Execution With MetaTx
|
|
389
|
+
roleHashes[9] = EngineBlox.BROADCASTER_ROLE;
|
|
390
|
+
functionPermissions[9] = EngineBlox.FunctionPermission({
|
|
391
|
+
functionSelector: APPROVE_TIMELOCK_EXECUTION_META_SELECTOR,
|
|
392
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(broadcasterMetaTxApproveActions),
|
|
393
|
+
handlerForSelectors: handlerForSelectors4 // Self-reference indicates execution selector
|
|
394
|
+
});
|
|
395
|
+
|
|
396
|
+
// Broadcaster: Cancel TimeLock Execution With MetaTx
|
|
397
|
+
roleHashes[10] = EngineBlox.BROADCASTER_ROLE;
|
|
398
|
+
bytes4[] memory handlerForSelectors10 = new bytes4[](1);
|
|
399
|
+
handlerForSelectors10[0] = CANCEL_TIMELOCK_EXECUTION_META_SELECTOR;
|
|
400
|
+
functionPermissions[10] = EngineBlox.FunctionPermission({
|
|
401
|
+
functionSelector: CANCEL_TIMELOCK_EXECUTION_META_SELECTOR,
|
|
402
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(broadcasterMetaTxCancelActions),
|
|
403
|
+
handlerForSelectors: handlerForSelectors10 // Self-reference indicates execution selector
|
|
404
|
+
});
|
|
405
|
+
|
|
406
|
+
// Broadcaster: Guard Config Batch (Meta-Tx handler)
|
|
407
|
+
roleHashes[11] = EngineBlox.BROADCASTER_ROLE;
|
|
408
|
+
functionPermissions[11] = EngineBlox.FunctionPermission({
|
|
409
|
+
functionSelector: GUARD_CONFIG_BATCH_META_SELECTOR,
|
|
410
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(broadcasterMetaTxRequestApproveActions),
|
|
411
|
+
handlerForSelectors: handlerForSelectors6
|
|
412
|
+
});
|
|
413
|
+
|
|
414
|
+
// Broadcaster: Guard Config Batch (Execution selector)
|
|
415
|
+
roleHashes[12] = EngineBlox.BROADCASTER_ROLE;
|
|
416
|
+
functionPermissions[12] = EngineBlox.FunctionPermission({
|
|
417
|
+
functionSelector: GUARD_CONFIG_BATCH_EXECUTE_SELECTOR,
|
|
418
|
+
grantedActionsBitmap: EngineBlox.createBitmapFromActions(broadcasterMetaTxRequestApproveActions),
|
|
419
|
+
handlerForSelectors: handlerForSelectors6 // Self-reference indicates execution selector
|
|
420
|
+
});
|
|
421
|
+
|
|
422
|
+
return IDefinition.RolePermission({
|
|
423
|
+
roleHashes: roleHashes,
|
|
424
|
+
functionPermissions: functionPermissions
|
|
425
|
+
});
|
|
426
|
+
}
|
|
427
|
+
|
|
428
|
+
/**
|
|
429
|
+
* @dev Returns all available GuardConfig action types and their decode formats for discovery.
|
|
430
|
+
* @return actionNames Human-readable action names (same order as GuardConfigActionType enum)
|
|
431
|
+
* @return formats ABI decode format for each action's data, e.g. "(bytes4 functionSelector, address target)"
|
|
432
|
+
* @notice Use with GuardConfigActionType enum: actionNames[i] and formats[i] describe enum value i
|
|
433
|
+
*/
|
|
434
|
+
function getGuardConfigActionSpecs() public pure returns (string[] memory actionNames, string[] memory formats) {
|
|
435
|
+
actionNames = new string[](4);
|
|
436
|
+
formats = new string[](4);
|
|
437
|
+
|
|
438
|
+
actionNames[0] = "ADD_TARGET_TO_WHITELIST";
|
|
439
|
+
formats[0] = "(bytes4 functionSelector, address target)";
|
|
440
|
+
|
|
441
|
+
actionNames[1] = "REMOVE_TARGET_FROM_WHITELIST";
|
|
442
|
+
formats[1] = "(bytes4 functionSelector, address target)";
|
|
443
|
+
|
|
444
|
+
actionNames[2] = "REGISTER_FUNCTION";
|
|
445
|
+
formats[2] = "(string functionSignature, string operationName, TxAction[] supportedActions)";
|
|
446
|
+
|
|
447
|
+
actionNames[3] = "UNREGISTER_FUNCTION";
|
|
448
|
+
formats[3] = "(bytes4 functionSelector, bool safeRemoval)";
|
|
449
|
+
}
|
|
450
|
+
|
|
451
|
+
// ============ GUARD CONFIG ACTION DATA ENCODERS ============
|
|
452
|
+
// Use these helpers to build action.data for each GuardConfigActionType without reading the contract.
|
|
453
|
+
// Each encoder returns bytes suitable for GuardConfigAction(actionType, data).
|
|
454
|
+
|
|
455
|
+
/**
|
|
456
|
+
* @dev Encodes data for ADD_TARGET_TO_WHITELIST. Use with GuardConfigActionType.ADD_TARGET_TO_WHITELIST.
|
|
457
|
+
* @param functionSelector Function whose whitelist is updated
|
|
458
|
+
* @param target Address to add to the whitelist
|
|
459
|
+
*/
|
|
460
|
+
function encodeAddTargetToWhitelist(bytes4 functionSelector, address target) public pure returns (bytes memory) {
|
|
461
|
+
return abi.encode(functionSelector, target);
|
|
462
|
+
}
|
|
463
|
+
|
|
464
|
+
/**
|
|
465
|
+
* @dev Encodes data for REMOVE_TARGET_FROM_WHITELIST. Use with GuardConfigActionType.REMOVE_TARGET_FROM_WHITELIST.
|
|
466
|
+
* @param functionSelector Function whose whitelist is updated
|
|
467
|
+
* @param target Address to remove from the whitelist
|
|
468
|
+
*/
|
|
469
|
+
function encodeRemoveTargetFromWhitelist(bytes4 functionSelector, address target) public pure returns (bytes memory) {
|
|
470
|
+
return abi.encode(functionSelector, target);
|
|
471
|
+
}
|
|
472
|
+
|
|
473
|
+
/**
|
|
474
|
+
* @dev Encodes data for REGISTER_FUNCTION. Use with GuardConfigActionType.REGISTER_FUNCTION.
|
|
475
|
+
* @param functionSignature Full function signature string (e.g. "executeWithTimeLock(address,bytes4,bytes,uint256,bytes32)")
|
|
476
|
+
* @param operationName Human-readable operation name
|
|
477
|
+
* @param supportedActions TxActions supported by this function (e.g. EXECUTE_TIME_DELAY_REQUEST)
|
|
478
|
+
*/
|
|
479
|
+
function encodeRegisterFunction(
|
|
480
|
+
string memory functionSignature,
|
|
481
|
+
string memory operationName,
|
|
482
|
+
EngineBlox.TxAction[] memory supportedActions
|
|
483
|
+
) public pure returns (bytes memory) {
|
|
484
|
+
return abi.encode(functionSignature, operationName, supportedActions);
|
|
485
|
+
}
|
|
486
|
+
|
|
487
|
+
/**
|
|
488
|
+
* @dev Encodes data for UNREGISTER_FUNCTION. Use with GuardConfigActionType.UNREGISTER_FUNCTION.
|
|
489
|
+
* @param functionSelector Selector of the function to unregister
|
|
490
|
+
* @param safeRemoval If true, reverts when the function has whitelisted targets
|
|
491
|
+
*/
|
|
492
|
+
function encodeUnregisterFunction(bytes4 functionSelector, bool safeRemoval) public pure returns (bytes memory) {
|
|
493
|
+
return abi.encode(functionSelector, safeRemoval);
|
|
494
|
+
}
|
|
495
|
+
|
|
496
|
+
/**
|
|
497
|
+
* @dev Creates execution params for a Guard configuration batch (pure helper for EngineBlox).
|
|
498
|
+
* @param actions Encoded guard configuration actions (same layout as IGuardController.GuardConfigAction[])
|
|
499
|
+
* @return The execution params for EngineBlox
|
|
500
|
+
*/
|
|
501
|
+
function guardConfigBatchExecutionParams(
|
|
502
|
+
IGuardController.GuardConfigAction[] memory actions
|
|
503
|
+
) public pure returns (bytes memory) {
|
|
504
|
+
return abi.encode(actions);
|
|
505
|
+
}
|
|
506
|
+
|
|
507
|
+
/**
|
|
508
|
+
* @dev ERC165: report support for IDefinition and IERC165 when this library is used at an address.
|
|
509
|
+
* IDefinition extends IERC165; both interface IDs must be reported for ERC165 compliance.
|
|
510
|
+
*/
|
|
511
|
+
function supportsInterface(bytes4 interfaceId) external pure returns (bool) {
|
|
512
|
+
return interfaceId == type(IERC165).interfaceId || interfaceId == type(IDefinition).interfaceId;
|
|
513
|
+
}
|
|
514
|
+
}
|