@inco/lightning 0.8.0-devnet → 0.8.0-devnet-2

package/src/test/TestFakeInfra.t.sol

@@ -14,6 +14,7 @@ contract TakesEInput is IncoTest {
 
     euint256 public a;
     ebool public b;
+    eaddress public c;
     uint256 public decryptedA;
 
     function setA(bytes memory uint256EInput) external {
@@ -25,6 +26,10 @@ contract TakesEInput is IncoTest {
         b = boolEInput.newEbool(msg.sender);
     }
 
+    function setC(bytes memory addressEInput) external {
+        c = addressEInput.newEaddress(msg.sender);
+    }
+
 }
 
 // its meta: this is testing correct behavior of our testing infrastructure
@@ -238,6 +243,264 @@ contract TestFakeInfra is IncoTest {
         assertEq(getUint256Value(a), 1);
     }
 
+    function testERandBoundedWithEuint256() public {
+        euint256 bound = e.asEuint256(100);
+        processAllOperations();
+        euint256 a = e.randBounded(bound);
+        processAllOperations();
+        assertEq(getUint256Value(a), 1);
+    }
+
+    // ============ FEE CACHING TESTS ============
+
+    // The fee slot used by the library
+    bytes32 constant FEE_SLOT = keccak256("inco.fee");
+
+    function testFeeCachingOnRand() public {
+        // Verify the slot is empty before any operation
+        bytes32 cachedFeeBefore = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeBefore), 0, "Fee should not be cached initially");
+
+        // Call rand which should cache the fee
+        euint256 a = e.rand();
+        processAllOperations();
+        assertEq(getUint256Value(a), 1);
+
+        // Verify the fee is now cached
+        bytes32 cachedFeeAfter = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeAfter), inco.getFee(), "Cached fee should match inco.getFee()");
+    }
+
+    function testFeeCachingPersistsAcrossOperations() public {
+        // Verify the slot is empty before any operation
+        bytes32 cachedFeeBefore = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeBefore), 0, "Fee should not be cached initially");
+
+        // First operation caches the fee
+        e.rand();
+        processAllOperations();
+
+        // Get the cached fee
+        bytes32 cachedFeeFirst = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeFirst), inco.getFee(), "Fee should be cached after first operation");
+
+        // Second operation should use cached fee
+        e.rand();
+        processAllOperations();
+
+        // Verify fee is still the same (wasn't re-fetched)
+        bytes32 cachedFeeSecond = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeFirst), uint256(cachedFeeSecond), "Cached fee should persist across operations");
+    }
+
+    function testFeeCachingOnRandBounded() public {
+        // Verify the slot is empty before any operation
+        bytes32 cachedFeeBefore = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeBefore), 0, "Fee should not be cached initially");
+
+        // Call randBounded which should cache the fee
+        euint256 a = e.randBounded(100);
+        processAllOperations();
+        assertEq(getUint256Value(a), 1);
+
+        // Verify the fee is now cached
+        bytes32 cachedFeeAfter = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(cachedFeeAfter), inco.getFee(), "Cached fee should match inco.getFee()");
+    }
+
+    function testFeeCachingOnNewEuint256() public {
+        // Create a contract that will use e.newEuint256
+        TakesEInput inputContract = new TakesEInput();
+        vm.deal(address(inputContract), 1 ether);
+
+        // Verify the slot is empty in the input contract before operation
+        bytes32 cachedFeeBefore = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(cachedFeeBefore), 0, "Fee should not be cached initially");
+
+        // Call setA which uses e.newEuint256 internally
+        address self = address(this);
+        bytes memory ciphertext = fakePrepareEuint256Ciphertext(42, self, address(inputContract));
+        inputContract.setA(ciphertext);
+        processAllOperations();
+
+        // Verify the fee is now cached in the input contract
+        bytes32 cachedFeeAfter = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(cachedFeeAfter), inco.getFee(), "Cached fee should match inco.getFee()");
+    }
+
+    function testFeeCachingOnNewEbool() public {
+        // Create a contract that will use e.newEbool
+        TakesEInput inputContract = new TakesEInput();
+        vm.deal(address(inputContract), 1 ether);
+
+        // Verify the slot is empty in the input contract before operation
+        bytes32 cachedFeeBefore = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(cachedFeeBefore), 0, "Fee should not be cached initially");
+
+        // Call setB which uses e.newEbool internally
+        address self = address(this);
+        bytes memory ciphertext = fakePrepareEboolCiphertext(true, self, address(inputContract));
+        inputContract.setB(ciphertext);
+        processAllOperations();
+
+        // Verify the fee is now cached in the input contract
+        bytes32 cachedFeeAfter = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(cachedFeeAfter), inco.getFee(), "Cached fee should match inco.getFee()");
+    }
+
+    function testFeeCachingOnEAddress() public {
+        // Create a contract that will use e.newEaddress
+        TakesEInput inputContract = new TakesEInput();
+        vm.deal(address(inputContract), 1 ether);
+
+        // Verify the slot is empty in the input contract before operation
+        bytes32 cachedFeeBefore = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(cachedFeeBefore), 0, "Fee should not be cached initially");
+
+        // Call setC which uses e.newEaddress internally
+        address self = address(this);
+        bytes memory ciphertext = fakePrepareEaddressCiphertext(alice, self, address(inputContract));
+        inputContract.setC(ciphertext);
+        processAllOperations();
+
+        // Verify the fee is now cached in the input contract
+        bytes32 cachedFeeAfter = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(cachedFeeAfter), inco.getFee(), "Cached fee should match inco.getFee()");
+    }
+
+    function testFeeRetryWithStaleCachedFee() public {
+        // First, cache a valid fee by calling rand
+        e.rand();
+        processAllOperations();
+
+        // Now manually set the cached fee to a wrong value
+        // This simulates a fee increase after caching
+        vm.store(address(this), FEE_SLOT, bytes32(uint256(1)));
+
+        // Verify the stale fee is set
+        bytes32 staleFee = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(staleFee), 1, "Stale fee should be 1 wei");
+
+        // Call rand again - the first call with stale fee should fail,
+        // but retry with fresh fee should succeed (no revert = success)
+        euint256 a = e.rand();
+        processAllOperations();
+
+        // Verify we got a valid handle (non-zero)
+        assertTrue(euint256.unwrap(a) != bytes32(0), "Should return a valid handle");
+
+        // Verify the fee cache was updated to the correct value
+        bytes32 updatedFee = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(updatedFee), inco.getFee(), "Fee should be updated after retry");
+    }
+
+    function testFeeRetryOnRandBounded() public {
+        // Cache a valid fee first
+        e.rand();
+        processAllOperations();
+
+        // Set stale fee
+        vm.store(address(this), FEE_SLOT, bytes32(uint256(1)));
+
+        // randBounded should also retry successfully (no revert = success)
+        euint256 a = e.randBounded(100);
+        processAllOperations();
+
+        // Verify we got a valid handle (non-zero)
+        assertTrue(euint256.unwrap(a) != bytes32(0), "Should return a valid handle");
+
+        // Verify fee was updated
+        bytes32 updatedFee = vm.load(address(this), FEE_SLOT);
+        assertEq(uint256(updatedFee), inco.getFee(), "Fee should be updated after retry");
+    }
+
+    function testFeeRetryOnNewEuint256() public {
+        TakesEInput inputContract = new TakesEInput();
+        vm.deal(address(inputContract), 1 ether);
+
+        // First call to cache the fee
+        address self = address(this);
+        bytes memory ciphertext1 = fakePrepareEuint256Ciphertext(42, self, address(inputContract));
+        inputContract.setA(ciphertext1);
+        processAllOperations();
+
+        // Verify first value was stored correctly
+        assertEq(getUint256Value(inputContract.a()), 42, "First value should be 42");
+
+        // Set stale fee in the input contract
+        vm.store(address(inputContract), FEE_SLOT, bytes32(uint256(1)));
+
+        // Second call should retry and succeed
+        bytes memory ciphertext2 = fakePrepareEuint256Ciphertext(99, self, address(inputContract));
+        inputContract.setA(ciphertext2);
+        processAllOperations();
+
+        // Verify the retried value was stored correctly
+        assertEq(getUint256Value(inputContract.a()), 99, "Retried value should be 99");
+
+        // Verify fee was updated
+        bytes32 updatedFee = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(updatedFee), inco.getFee(), "Fee should be updated after retry");
+    }
+
+    function testFeeRetryOnNewEbool() public {
+        TakesEInput inputContract = new TakesEInput();
+        vm.deal(address(inputContract), 1 ether);
+
+        // First call to cache the fee
+        address self = address(this);
+        bytes memory ciphertext1 = fakePrepareEboolCiphertext(true, self, address(inputContract));
+        inputContract.setB(ciphertext1);
+        processAllOperations();
+
+        // Verify first value was stored correctly
+        assertEq(getBoolValue(inputContract.b()), true, "First value should be true");
+
+        // Set stale fee
+        vm.store(address(inputContract), FEE_SLOT, bytes32(uint256(1)));
+
+        // Second call should retry and succeed
+        bytes memory ciphertext2 = fakePrepareEboolCiphertext(false, self, address(inputContract));
+        inputContract.setB(ciphertext2);
+        processAllOperations();
+
+        // Verify the retried value was stored correctly
+        assertEq(getBoolValue(inputContract.b()), false, "Retried value should be false");
+
+        // Verify fee was updated
+        bytes32 updatedFee = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(updatedFee), inco.getFee(), "Fee should be updated after retry");
+    }
+
+    function testFeeRetryOnNewEaddress() public {
+        TakesEInput inputContract = new TakesEInput();
+        vm.deal(address(inputContract), 1 ether);
+
+        // First call to cache the fee
+        address self = address(this);
+        bytes memory ciphertext1 = fakePrepareEaddressCiphertext(alice, self, address(inputContract));
+        inputContract.setC(ciphertext1);
+        processAllOperations();
+
+        // Verify first value was stored correctly
+        assertEq(getAddressValue(inputContract.c()), alice, "First value should be alice");
+
+        // Set stale fee
+        vm.store(address(inputContract), FEE_SLOT, bytes32(uint256(1)));
+
+        // Second call should retry and succeed
+        bytes memory ciphertext2 = fakePrepareEaddressCiphertext(bob, self, address(inputContract));
+        inputContract.setC(ciphertext2);
+        processAllOperations();
+
+        // Verify the retried value was stored correctly
+        assertEq(getAddressValue(inputContract.c()), bob, "Retried value should be bob");
+
+        // Verify fee was updated
+        bytes32 updatedFee = vm.load(address(inputContract), FEE_SLOT);
+        assertEq(uint256(updatedFee), inco.getFee(), "Fee should be updated after retry");
+    }
+
     function testEIfThenElse() public {
         ebool controlA = e.asEbool(true);
         ebool controlB = e.asEbool(false);

package/src/test/TestFeeWithdrawal.t.sol

@@ -0,0 +1,60 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {inco} from "../Lib.sol";
+import {IncoTest} from "./IncoTest.sol";
+import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
+import {Fee} from "../lightning-parts/Fee.sol";
+
+contract RejectingContract {
+    // Contract that rejects all Ether transfers
+
+    }
+
+contract TestFeeWithdrawal is IncoTest {
+
+    function setUp() public override {
+        super.setUp();
+    }
+
+    function testWithdrawFees_Succeeds() public {
+        vm.deal(address(inco), 1 ether);
+        vm.prank(owner);
+        inco.withdrawFees();
+        assertEq(address(inco).balance, 0);
+        assertEq(address(owner).balance, 1 ether);
+    }
+
+    function testWithdrawFees_Reverts_NoFeesToWithdraw() public {
+        vm.expectRevert(Fee.NoFeesToWithdraw.selector);
+        vm.prank(owner);
+        inco.withdrawFees();
+    }
+
+    function testWithdrawFees_Reverts_NotOwner() public {
+        vm.expectRevert(abi.encodeWithSelector(OwnableUpgradeable.OwnableUnauthorizedAccount.selector, alice));
+        vm.prank(alice);
+        inco.withdrawFees();
+    }
+
+    function testWithdrawFees_Reverts_FeeWithdrawalFailed() public {
+        // Deploy a contract that rejects Ether
+        RejectingContract rejectingOwner = new RejectingContract();
+
+        // Change owner to the rejecting contract
+        vm.prank(owner);
+        inco.transferOwnership(address(rejectingOwner));
+
+        // Add fees to withdraw
+        vm.deal(address(inco), 1 ether);
+
+        // Expect the FeeWithdrawalFailed error
+        vm.expectRevert(Fee.FeeWithdrawalFailed.selector);
+
+        // Try to withdraw (will fail because rejectingOwner can't receive Ether)
+        vm.prank(address(rejectingOwner));
+        inco.withdrawFees();
+    }
+
+}
+

package/src/test/TestIncoUtils.t.sol

@@ -0,0 +1,242 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {Test} from "forge-std/Test.sol";
+import {IncoUtils} from "../periphery/IncoUtils.sol";
+
+/// @dev Helper contract that inherits IncoUtils and rejects ETH refunds
+contract RejectingContract is IncoUtils {
+
+    // No receive() function - will reject ETH transfers
+
+    function callWithRefund() external payable refundUnspent {
+        // Does nothing, should trigger refund which will fail because this contract can't receive ETH
+    }
+
+}
+
+/// @dev Helper contract that sends ETH to the target during execution
+contract EthSenderDuringExecution {
+
+    function sendTo(address target, uint256 amount) external {
+        payable(target).transfer(amount);
+    }
+
+    receive() external payable {}
+
+}
+
+/// @dev Attacker contract that tries to re-enter on receiving refund
+contract ReentrantAttacker {
+
+    TestIncoUtils target;
+    uint256 public attackCount;
+
+    constructor(TestIncoUtils _target) {
+        target = _target;
+    }
+
+    function attack() external payable {
+        target.mockFunctionNoSpend{value: msg.value}();
+    }
+
+    receive() external payable {
+        attackCount++;
+        if (attackCount < 3) {
+            // Try to re-enter
+            target.mockFunctionNoSpend{value: msg.value}();
+        }
+    }
+
+}
+
+contract TestIncoUtils is Test, IncoUtils {
+
+    EthSenderDuringExecution sender;
+
+    function setUp() public {
+        sender = new EthSenderDuringExecution();
+    }
+
+    // Mock functions to test the modifier
+    function mockFunctionNoSpend() external payable refundUnspent {
+        // Does nothing, no ETH spent
+    }
+
+    function mockFunctionPartialSpend(uint256 amount) external payable refundUnspent {
+        // Send ETH to simulate spending
+        payable(address(0)).transfer(amount);
+    }
+
+    function mockFunctionFullSpend() external payable refundUnspent {
+        // Send all msg.value to simulate full spending
+        payable(address(0)).transfer(msg.value);
+    }
+
+    /// @dev Mock function that receives ETH during execution (simulates external deposit)
+    function mockFunctionReceivesEthDuringExecution(address payable ethSender, uint256 incomingAmount)
+        external
+        payable
+        refundUnspent
+    {
+        // Trigger external contract to send us ETH during execution
+        EthSenderDuringExecution(ethSender).sendTo(address(this), incomingAmount);
+    }
+
+    receive() external payable {}
+
+    function testRefundUnspentWhenNoSpend() public {
+        uint256 msgValue = 1 ether;
+
+        // Set up balance for the call (vm.deal overwrites, not adds)
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        // Call function that doesn't spend any ETH
+        this.mockFunctionNoSpend{value: msgValue}();
+
+        // Check that full amount was refunded (balance unchanged)
+        assertEq(address(this).balance, balanceBefore);
+    }
+
+    function testRefundUnspentWhenPartialSpend() public {
+        uint256 msgValue = 1 ether;
+        uint256 spendAmount = 0.3 ether;
+
+        // Set up balance for the call
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        // Call function that spends partial amount
+        this.mockFunctionPartialSpend{value: msgValue}(spendAmount);
+
+        // Check that correct amount was refunded (only spendAmount was consumed)
+        assertEq(address(this).balance, balanceBefore - spendAmount);
+    }
+
+    function testRefundUnspentWhenFullSpend() public {
+        uint256 msgValue = 1 ether;
+
+        // Set up balance for the call
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        // Call function that spends full amount
+        this.mockFunctionFullSpend{value: msgValue}();
+
+        // Check that no refund occurred (all was spent)
+        assertEq(address(this).balance, balanceBefore - msgValue);
+    }
+
+    function testRefundUnspentWhenOverSpend() public {
+        uint256 msgValue = 0.5 ether;
+        uint256 spendAmount = 1 ether;
+
+        // Add extra balance to contract beyond what we'll send
+        vm.deal(address(this), spendAmount + msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        // Call function that spends more than msg.value (uses contract's existing balance)
+        this.mockFunctionPartialSpend{value: msgValue}(spendAmount);
+
+        // Check that no refund occurred (spent more than msg.value, so nothing to refund)
+        assertEq(address(this).balance, balanceBefore - spendAmount);
+    }
+
+    function testRefundFailedReverts() public {
+        uint256 msgValue = 1 ether;
+
+        // Create a contract that cannot receive ETH refunds (no receive function)
+        RejectingContract rejecter = new RejectingContract();
+        vm.deal(address(rejecter), msgValue);
+
+        // Call from rejecter itself so msg.sender (rejecter) cannot receive the refund
+        vm.prank(address(rejecter));
+        vm.expectRevert(IncoUtils.RefundFailed.selector);
+        rejecter.callWithRefund{value: msgValue}();
+    }
+
+    function testRefundUnspentWithZeroMsgValue() public {
+        // Set up some initial balance
+        vm.deal(address(this), 1 ether);
+        uint256 balanceBefore = address(this).balance;
+
+        // Call with zero msg.value - should not revert and no refund needed
+        this.mockFunctionNoSpend{value: 0}();
+
+        // Balance should be unchanged
+        assertEq(address(this).balance, balanceBefore);
+    }
+
+    function testRefundUnspentWithWeiPrecision() public {
+        uint256 msgValue = 1000 wei;
+        uint256 spendAmount = 333 wei;
+
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        this.mockFunctionPartialSpend{value: msgValue}(spendAmount);
+
+        // Check exact wei-level precision
+        assertEq(address(this).balance, balanceBefore - spendAmount);
+    }
+
+    function testRefundUnspentWhenContractReceivesEthDuringExecution() public {
+        uint256 msgValue = 1 ether;
+        uint256 incomingEth = 0.5 ether;
+
+        // Fund the sender contract
+        vm.deal(address(sender), incomingEth);
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        // During execution, sender will send us 0.5 ETH
+        // This means balanceAfter > balanceBefore, so spent = 0
+        // Refund should be capped at msg.value (1 ETH)
+        this.mockFunctionReceivesEthDuringExecution{value: msgValue}(payable(address(sender)), incomingEth);
+
+        // We sent 1 ETH, received 0.5 ETH during execution, and got 1 ETH refunded
+        // Final: balanceBefore - msgValue + incomingEth + msgValue = balanceBefore + incomingEth
+        assertEq(address(this).balance, balanceBefore + incomingEth);
+    }
+
+    function testRefundUnspentWhenSpendingExactlyMsgValue() public {
+        // Edge case: spend exactly msg.value (boundary condition)
+        // This is similar to testRefundUnspentWhenFullSpend but uses mockFunctionPartialSpend
+        uint256 msgValue = 1 ether;
+
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        // Spend exactly msg.value using partial spend function
+        this.mockFunctionPartialSpend{value: msgValue}(msgValue);
+
+        // No refund should occur - spent exactly what was sent
+        assertEq(address(this).balance, balanceBefore - msgValue);
+    }
+
+    function testRefundUnspentReentrancyProtection() public {
+        ReentrantAttacker attacker = new ReentrantAttacker(this);
+        vm.deal(address(attacker), 2 ether);
+
+        // When the attacker tries to re-enter, ReentrantCall() is thrown inside the receive()
+        // This causes the receive() to revert, which fails the refund .call(), surfacing RefundFailed()
+        vm.prank(address(attacker));
+        vm.expectRevert(IncoUtils.RefundFailed.selector);
+        attacker.attack{value: 1 ether}();
+    }
+
+    function testFuzzRefundUnspent(uint256 msgValue, uint256 spendAmount) public {
+        // Bound to reasonable values
+        msgValue = bound(msgValue, 0, 10 ether);
+        spendAmount = bound(spendAmount, 0, msgValue);
+
+        vm.deal(address(this), msgValue);
+        uint256 balanceBefore = address(this).balance;
+
+        this.mockFunctionPartialSpend{value: msgValue}(spendAmount);
+
+        assertEq(address(this).balance, balanceBefore - spendAmount);
+    }
+
+}

package/src/IIncoLightning.sol

@@ -1,22 +0,0 @@
-// SPDX-License-Identifier: No License
-pragma solidity ^0.8;
-
-import {IEncryptedInput} from "./lightning-parts/interfaces/IEncryptedInput.sol";
-import {IEncryptedOperations} from "./lightning-parts/interfaces/IEncryptedOperations.sol";
-import {ITrivialEncryption} from "./lightning-parts/interfaces/ITrivialEncryption.sol";
-import {IBaseAccessControlList} from "./lightning-parts/AccessControl/interfaces/IBaseAccessControlList.sol";
-import {IHandleGeneration} from "./lightning-parts/primitives/interfaces/IHandleGeneration.sol";
-import {IVersion} from "./version/interfaces/IVersion.sol";
-
-interface IIncoLightning is
-    IEncryptedInput,
-    IEncryptedOperations,
-    ITrivialEncryption,
-    IBaseAccessControlList,
-    IHandleGeneration,
-    IVersion
-{
-
-    function initialize(address owner) external;
-
-}