@inco/lightning 0.8.0-devnet-28 → 0.8.0-devnet-30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/manifest.yaml +17 -0
- package/package.json +1 -1
- package/src/DeployUtils.sol +22 -28
- package/src/Lib.alphanet.sol +28 -2
- package/src/Lib.demonet.sol +28 -2
- package/src/Lib.devnet.sol +28 -2
- package/src/Lib.sol +28 -2
- package/src/Lib.template.sol +46 -2
- package/src/Lib.testnet.sol +28 -2
- package/src/Types.sol +3 -0
- package/src/libs/incoLightning_alphanet_v0_297966649.sol +28 -2
- package/src/libs/incoLightning_alphanet_v1_725458969.sol +28 -2
- package/src/libs/incoLightning_alphanet_v2_976644394.sol +28 -2
- package/src/libs/incoLightning_demonet_v0_863421733.sol +28 -2
- package/src/libs/incoLightning_demonet_v2_467437523.sol +28 -2
- package/src/libs/incoLightning_devnet_v0_340846814.sol +28 -2
- package/src/libs/incoLightning_devnet_v1_904635675.sol +28 -2
- package/src/libs/incoLightning_devnet_v2_295237520.sol +28 -2
- package/src/libs/incoLightning_devnet_v3_976859633.sol +28 -2
- package/src/libs/incoLightning_devnet_v4_409204766.sol +28 -2
- package/src/libs/incoLightning_devnet_v5_203964628.sol +28 -2
- package/src/libs/incoLightning_devnet_v6_281949651.sol +28 -2
- package/src/libs/incoLightning_devnet_v7_24560427.sol +28 -2
- package/src/libs/incoLightning_devnet_v8_985328058.sol +28 -2
- package/src/libs/incoLightning_devnet_v9_269218568.sol +28 -2
- package/src/libs/incoLightning_testnet_v0_183408998.sol +28 -2
- package/src/libs/incoLightning_testnet_v2_889158349.sol +28 -2
- package/src/lightning-parts/AccessControl/interfaces/IBaseAccessControlList.sol +1 -0
- package/src/lightning-parts/EList.sol +1 -1
- package/src/lightning-parts/EncryptedInput.sol +18 -3
- package/src/lightning-parts/EncryptedOperations.sol +0 -14
- package/src/lightning-parts/interfaces/IEncryptedOperations.sol +0 -1
- package/src/lightning-parts/test/HandleMetadata.t.sol +0 -7
- package/src/test/EListTester.sol +4 -0
- package/src/test/FakeIncoInfra/MockOpHandler.sol +7 -9
- package/src/test/FakeIncoInfra/getOpForSelector.sol +0 -2
- package/src/test/IncoTest.sol +17 -5
- package/src/test/OpsTest.sol +3 -2
- package/src/test/TestLib.t.sol +142 -1
- package/src/test/TestUpgrade.t.sol +24 -47
|
@@ -3,7 +3,6 @@ pragma solidity ^0.8;
|
|
|
3
3
|
|
|
4
4
|
import {Strings} from "@openzeppelin/contracts/utils/Strings.sol";
|
|
5
5
|
import {Safe} from "safe-smart-account/Safe.sol";
|
|
6
|
-
import {SafeProxyFactory} from "safe-smart-account/proxies/SafeProxyFactory.sol";
|
|
7
6
|
import {Enum} from "safe-smart-account/libraries/Enum.sol";
|
|
8
7
|
import {IOwnerManager} from "safe-smart-account/interfaces/IOwnerManager.sol";
|
|
9
8
|
import {IncoTest} from "./IncoTest.sol";
|
|
@@ -49,36 +48,14 @@ contract TestUpgrade is IncoTest {
|
|
|
49
48
|
IncoLightning private v1Impl;
|
|
50
49
|
IncoLightningV2 private v2Impl;
|
|
51
50
|
|
|
52
|
-
Safe
|
|
51
|
+
function safe() internal view returns (Safe) {
|
|
52
|
+
return Safe(payable(owner));
|
|
53
|
+
}
|
|
53
54
|
|
|
54
55
|
function setUp() public override {
|
|
55
56
|
super.setUp();
|
|
56
57
|
incoProxyAddr = address(inco);
|
|
57
58
|
|
|
58
|
-
Safe master = new Safe();
|
|
59
|
-
SafeProxyFactory factory = new SafeProxyFactory();
|
|
60
|
-
|
|
61
|
-
address[] memory owners = new address[](3);
|
|
62
|
-
owners[0] = alice;
|
|
63
|
-
owners[1] = bob;
|
|
64
|
-
owners[2] = carol;
|
|
65
|
-
uint256 threshold = 2;
|
|
66
|
-
bytes memory setupData = abi.encodeWithSelector(
|
|
67
|
-
Safe.setup.selector,
|
|
68
|
-
owners,
|
|
69
|
-
threshold,
|
|
70
|
-
address(0),
|
|
71
|
-
bytes(""),
|
|
72
|
-
address(0),
|
|
73
|
-
address(0),
|
|
74
|
-
0,
|
|
75
|
-
payable(address(0))
|
|
76
|
-
);
|
|
77
|
-
safe = Safe(payable(factory.createProxyWithNonce(address(master), setupData, 0)));
|
|
78
|
-
|
|
79
|
-
vm.prank(owner);
|
|
80
|
-
inco.transferOwnership(address(safe));
|
|
81
|
-
|
|
82
59
|
// Deploy V2
|
|
83
60
|
bytes32 salt = getSalt("IncoLightningV2", 255, testDeployer, "testnet");
|
|
84
61
|
v2Impl = new IncoLightningV2(salt);
|
|
@@ -99,14 +76,14 @@ contract TestUpgrade is IncoTest {
|
|
|
99
76
|
// data to sign
|
|
100
77
|
bytes memory data = abi.encodeWithSelector(IUUPS.upgradeToAndCall.selector, address(v2Impl), "");
|
|
101
78
|
// prepare txhash
|
|
102
|
-
bytes32 txHash = _txHash(safe, incoProxyAddr, 0, data);
|
|
79
|
+
bytes32 txHash = _txHash(safe(), incoProxyAddr, 0, data);
|
|
103
80
|
// sign txHash
|
|
104
81
|
bytes memory sigA = _sign(alicePrivKey, txHash);
|
|
105
82
|
bytes memory sigB = _sign(bobPrivKey, txHash);
|
|
106
83
|
// sort signatures (asc)
|
|
107
84
|
bytes memory signatures = _packSortedTwo(sigA, alice, sigB, bob);
|
|
108
85
|
// execute tx with sorted signatures
|
|
109
|
-
_execSafe(safe, incoProxyAddr, 0, data, signatures);
|
|
86
|
+
_execSafe(safe(), incoProxyAddr, 0, data, signatures);
|
|
110
87
|
|
|
111
88
|
address implAfter = address(uint160(uint256(vm.load(incoProxyAddr, IMPLEMENTATION_SLOT))));
|
|
112
89
|
assertEq(implAfter, address(v2Impl));
|
|
@@ -117,75 +94,75 @@ contract TestUpgrade is IncoTest {
|
|
|
117
94
|
|
|
118
95
|
function test_SafeSingleSignature_Fails() public {
|
|
119
96
|
bytes memory data = abi.encodeWithSelector(IUUPS.upgradeToAndCall.selector, address(v2Impl), "");
|
|
120
|
-
bytes32 txHash = _txHash(safe, incoProxyAddr, 0, data);
|
|
97
|
+
bytes32 txHash = _txHash(safe(), incoProxyAddr, 0, data);
|
|
121
98
|
bytes memory sigA = _sign(alicePrivKey, txHash);
|
|
122
99
|
vm.expectRevert();
|
|
123
|
-
_execSafe(safe, incoProxyAddr, 0, data, sigA);
|
|
100
|
+
_execSafe(safe(), incoProxyAddr, 0, data, sigA);
|
|
124
101
|
}
|
|
125
102
|
|
|
126
103
|
function test_Safe_UnsortedSignatures_Fails() public {
|
|
127
104
|
bytes memory data = abi.encodeWithSelector(IUUPS.upgradeToAndCall.selector, address(v2Impl), "");
|
|
128
|
-
bytes32 txHash = _txHash(safe, incoProxyAddr, 0, data);
|
|
105
|
+
bytes32 txHash = _txHash(safe(), incoProxyAddr, 0, data);
|
|
129
106
|
bytes memory sigA = _sign(alicePrivKey, txHash);
|
|
130
107
|
bytes memory sigC = _sign(carolPrivKey, txHash);
|
|
131
108
|
bytes memory signatures = bytes.concat(sigC, sigA); // unsorted
|
|
132
109
|
vm.expectRevert();
|
|
133
|
-
_execSafe(safe, incoProxyAddr, 0, data, signatures);
|
|
110
|
+
_execSafe(safe(), incoProxyAddr, 0, data, signatures);
|
|
134
111
|
}
|
|
135
112
|
|
|
136
113
|
function test_Safe_WrongSigner_Fails() public {
|
|
137
114
|
bytes memory data = abi.encodeWithSelector(IUUPS.upgradeToAndCall.selector, address(v2Impl), "");
|
|
138
|
-
bytes32 txHash = _txHash(safe, incoProxyAddr, 0, data);
|
|
115
|
+
bytes32 txHash = _txHash(safe(), incoProxyAddr, 0, data);
|
|
139
116
|
bytes memory sigOwner = _sign(alicePrivKey, txHash);
|
|
140
117
|
bytes memory sigAttacker = _sign(davePrivKey, txHash);
|
|
141
118
|
bytes memory signatures = _packSortedTwo(sigOwner, alice, sigAttacker, dave); // dave not an owner
|
|
142
119
|
vm.expectRevert();
|
|
143
|
-
_execSafe(safe, incoProxyAddr, 0, data, signatures);
|
|
120
|
+
_execSafe(safe(), incoProxyAddr, 0, data, signatures);
|
|
144
121
|
}
|
|
145
122
|
|
|
146
123
|
function test_Safe_ReplayNonce_Fails() public {
|
|
147
124
|
bytes memory data = abi.encodeWithSelector(IUUPS.upgradeToAndCall.selector, address(v2Impl), "");
|
|
148
|
-
bytes32 txHash = _txHash(safe, incoProxyAddr, 0, data);
|
|
125
|
+
bytes32 txHash = _txHash(safe(), incoProxyAddr, 0, data);
|
|
149
126
|
bytes memory sigA = _sign(alicePrivKey, txHash);
|
|
150
127
|
bytes memory sigB = _sign(bobPrivKey, txHash);
|
|
151
128
|
bytes memory signatures = _packSortedTwo(sigA, alice, sigB, bob);
|
|
152
|
-
_execSafe(safe, incoProxyAddr, 0, data, signatures);
|
|
129
|
+
_execSafe(safe(), incoProxyAddr, 0, data, signatures);
|
|
153
130
|
|
|
154
131
|
string memory versionAfter = inco.getVersion();
|
|
155
132
|
assertEq(versionAfter, "255_255_255");
|
|
156
133
|
|
|
157
134
|
vm.expectRevert();
|
|
158
|
-
_execSafe(safe, incoProxyAddr, 0, data, signatures); // nonce advanced
|
|
135
|
+
_execSafe(safe(), incoProxyAddr, 0, data, signatures); // nonce advanced
|
|
159
136
|
}
|
|
160
137
|
|
|
161
138
|
function test_Safe_UpdateSigners_SwapOwner_ThenUpgrade() public {
|
|
162
139
|
// swap bob -> eve (prevOwner = alice since owners were [alice, bob, carol])
|
|
163
140
|
bytes memory change = abi.encodeWithSelector(IOwnerManager.swapOwner.selector, alice, bob, eve);
|
|
164
|
-
bytes32 changeHash = _txHash(safe, address(safe), 0, change);
|
|
141
|
+
bytes32 changeHash = _txHash(safe(), address(safe()), 0, change);
|
|
165
142
|
bytes memory changeSigA = _sign(alicePrivKey, changeHash);
|
|
166
143
|
bytes memory changeSigC = _sign(carolPrivKey, changeHash);
|
|
167
144
|
bytes memory changeSigs = _packSortedTwo(changeSigA, alice, changeSigC, carol);
|
|
168
|
-
_execSafe(safe, address(safe), 0, change, changeSigs);
|
|
145
|
+
_execSafe(safe(), address(safe()), 0, change, changeSigs);
|
|
169
146
|
|
|
170
147
|
// assertions on owners/threshold
|
|
171
|
-
assertTrue(safe.isOwner(eve), "new owner not added");
|
|
172
|
-
assertFalse(safe.isOwner(bob), "old owner not removed");
|
|
173
|
-
assertEq(safe.getThreshold(), 2, "threshold changed unexpectedly");
|
|
148
|
+
assertTrue(safe().isOwner(eve), "new owner not added");
|
|
149
|
+
assertFalse(safe().isOwner(bob), "old owner not removed");
|
|
150
|
+
assertEq(safe().getThreshold(), 2, "threshold changed unexpectedly");
|
|
174
151
|
|
|
175
152
|
// Attempt upgrade signed by removed owner should fail
|
|
176
153
|
bytes memory upg = abi.encodeWithSelector(IUUPS.upgradeToAndCall.selector, address(v2Impl), "");
|
|
177
|
-
bytes32 upgHash = _txHash(safe, incoProxyAddr, 0, upg);
|
|
154
|
+
bytes32 upgHash = _txHash(safe(), incoProxyAddr, 0, upg);
|
|
178
155
|
bytes memory badSigA = _sign(alicePrivKey, upgHash);
|
|
179
156
|
bytes memory badSigB = _sign(bobPrivKey, upgHash); // removed owner
|
|
180
157
|
bytes memory badSigs = _packSortedTwo(badSigA, alice, badSigB, bob);
|
|
181
158
|
vm.expectRevert();
|
|
182
|
-
_execSafe(safe, incoProxyAddr, 0, upg, badSigs);
|
|
159
|
+
_execSafe(safe(), incoProxyAddr, 0, upg, badSigs);
|
|
183
160
|
|
|
184
161
|
// Now sign with new owner (owner4) and succeed
|
|
185
162
|
bytes memory goodSigA = _sign(alicePrivKey, upgHash);
|
|
186
163
|
bytes memory goodSigE = _sign(evePrivKey, upgHash);
|
|
187
164
|
bytes memory goodSigs = _packSortedTwo(goodSigA, alice, goodSigE, eve);
|
|
188
|
-
_execSafe(safe, incoProxyAddr, 0, upg, goodSigs);
|
|
165
|
+
_execSafe(safe(), incoProxyAddr, 0, upg, goodSigs);
|
|
189
166
|
|
|
190
167
|
address implAfter = address(uint160(uint256(vm.load(incoProxyAddr, IMPLEMENTATION_SLOT))));
|
|
191
168
|
assertEq(implAfter, address(v2Impl));
|
|
@@ -195,7 +172,7 @@ contract TestUpgrade is IncoTest {
|
|
|
195
172
|
}
|
|
196
173
|
|
|
197
174
|
function test_Upgrade_NotBy_SafeWallet_Fails() public {
|
|
198
|
-
vm.prank(
|
|
175
|
+
vm.prank(alice);
|
|
199
176
|
vm.expectRevert();
|
|
200
177
|
inco.upgradeToAndCall(address(v2Impl), "");
|
|
201
178
|
}
|
|
@@ -222,7 +199,7 @@ contract TestUpgrade is IncoTest {
|
|
|
222
199
|
// Deploy a new IncoVerifier implementation
|
|
223
200
|
IncoVerifier newImpl = new IncoVerifier(address(inco));
|
|
224
201
|
|
|
225
|
-
// Upgrade by owner should succeed
|
|
202
|
+
// Upgrade by owner should succeed — owner is the Safe, so prank as Safe
|
|
226
203
|
vm.prank(owner);
|
|
227
204
|
verifier.upgradeToAndCall(address(newImpl), "");
|
|
228
205
|
}
|