@keep-network/tbtc-v2 0.1.1-dev.76 → 0.1.1-dev.79

package/contracts/bank/Bank.sol

@@ -17,6 +17,7 @@ pragma solidity ^0.8.9;
 
 import "@openzeppelin/contracts/access/Ownable.sol";
 
+import "./IReceiveBalanceApproval.sol";
 import "../vault/IVault.sol";
 
 /// @title Bitcoin Bank
@@ -114,19 +115,27 @@ contract Bank is Ownable {
         _approveBalance(msg.sender, spender, amount);
     }
 
-    /// @notice Sets `amount` as the allowance of a smart contract `vault` over
-    ///         the caller's balance and calls the vault via
+    /// @notice Sets the `amount` as an allowance of a smart contract `spender`
+    ///         over the caller's balance and calls the `spender` via
     ///         `receiveBalanceApproval`.
-    /// @dev If the `amount` is set to `type(uint256).max` then the logic in
-    ///     `receiveBalanceApproval` or later call to `transferBalanceFrom` by
-    ///      the vault will not reduce an allowance. Beware that changing an
-    ///      allowance with this function brings the risk that vault may use
+    /// @dev If the `amount` is set to `type(uint256).max`, the potential
+    ///     `transferBalanceFrom` executed in `receiveBalanceApproval` of
+    ///      `spender` will not reduce an allowance. Beware that changing an
+    ///      allowance with this function brings the risk that `spender` may use
     ///      both the old and the new allowance by unfortunate transaction
     ///      ordering. Please use `increaseBalanceAllowance` and
     ///      `decreaseBalanceAllowance` to eliminate the risk.
-    function approveBalanceAndCall(address vault, uint256 amount) external {
-        _approveBalance(msg.sender, vault, amount);
-        IVault(vault).receiveBalanceApproval(msg.sender, amount);
+    function approveBalanceAndCall(
+        address spender,
+        uint256 amount,
+        bytes memory extraData
+    ) external {
+        _approveBalance(msg.sender, spender, amount);
+        IReceiveBalanceApproval(spender).receiveBalanceApproval(
+            msg.sender,
+            amount,
+            extraData
+        );
     }
 
     /// @notice Atomically increases the balance allowance granted to `spender`

package/contracts/bank/IReceiveBalanceApproval.sol

@@ -0,0 +1,45 @@
+// SPDX-License-Identifier: MIT
+
+// ██████████████     ▐████▌     ██████████████
+// ██████████████     ▐████▌     ██████████████
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+// ██████████████     ▐████▌     ██████████████
+// ██████████████     ▐████▌     ██████████████
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+
+pragma solidity ^0.8.9;
+
+/// @title IReceiveBalanceApproval
+/// @notice `IReceiveBalanceApproval` is an interface for a smart contract
+///         consuming Bank balances approved to them in the same transaction by
+///         other contracts or externally owned accounts (EOA).
+interface IReceiveBalanceApproval {
+    /// @notice Called by the Bank in `approveBalanceAndCall` function after
+    ///         the balance `owner` approved `amount` of their balance in the
+    ///         Bank for the contract. This way, the depositor can approve
+    ///         balance and call the contract to use the approved balance in
+    ///         a single transaction.
+    /// @param owner Address of the Bank balance owner who approved their
+    ///        balance to be used by the contract.
+    /// @param amount The amount of the Bank balance approved by the owner
+    ///        to be used by the contract.
+    /// @param extraData The `extraData` passed to `Bank.approveBalanceAndCall`.
+    // @dev The implementation must ensure this function can only be called
+    ///      by the Bank. The Bank does _not_ guarantee that the `amount`
+    ///      approved by the `owner` currently exists on their balance. That is,
+    ///      the `owner` could approve more balance than they currently have.
+    ///      This works the same as `Bank.approve` function. The contract must
+    ///      ensure the actual balance is checked before performing any action
+    ///      based on it.
+    function receiveBalanceApproval(
+        address owner,
+        uint256 amount,
+        bytes memory extraData
+    ) external;
+}

package/contracts/hardhat-dependency-compiler/@keep-network/ecdsa/contracts/WalletRegistry.sol

@@ -0,0 +1,3 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity >0.0.0;
+import '@keep-network/ecdsa/contracts/WalletRegistry.sol';

package/contracts/vault/DonationVault.sol

@@ -80,11 +80,11 @@ contract DonationVault is IVault {
     ///      - Can only be called by the Bank via `approveBalanceAndCall`,
     ///      - The `owner` balance in the Bank must be greater than or equal
     ///        to the `amount`.
-    function receiveBalanceApproval(address owner, uint256 amount)
-        external
-        override
-        onlyBank
-    {
+    function receiveBalanceApproval(
+        address owner,
+        uint256 amount,
+        bytes memory
+    ) external override onlyBank {
         require(
             bank.balanceOf(owner) >= amount,
             "Amount exceeds balance in the bank"

package/contracts/vault/IVault.sol

@@ -15,28 +15,12 @@
 
 pragma solidity ^0.8.9;
 
+import "../bank/IReceiveBalanceApproval.sol";
+
 /// @title Bank Vault interface
 /// @notice `IVault` is an interface for a smart contract consuming Bank
 ///         balances of other contracts or externally owned accounts (EOA).
-interface IVault {
-    /// @notice Called by the Bank in `approveBalanceAndCall` function after
-    ///         the balance `owner` approved `amount` of their balance in the
-    ///         Bank for the vault. This way, the depositor can approve balance
-    ///         and call the vault to use the approved balance in a single
-    ///         transaction.
-    /// @param owner Address of the Bank balance owner who approved their
-    ///        balance to be used by the vault.
-    /// @param amount The amount of the Bank balance approved by the owner
-    ///        to be used by the vault.
-    // @dev The implementation must ensure this function can only be called
-    ///      by the Bank. The Bank does _not_ guarantee that the `amount`
-    ///      approved by the `owner` currently exists on their balance. That is,
-    ///      the `owner` could approve more balance than they currently have.
-    ///      This works the same as `Bank.approve` function. The vault must
-    ///      ensure the actual balance is checked before performing any action
-    ///      based on it.
-    function receiveBalanceApproval(address owner, uint256 amount) external;
-
+interface IVault is IReceiveBalanceApproval {
     /// @notice Called by the Bank in `increaseBalanceAndCall` function after
     ///         increasing the balance in the Bank for the vault. It happens in
     ///         the same transaction in which deposits were swept by the Bridge.

package/contracts/vault/TBTCVault.sol

@@ -107,11 +107,11 @@ contract TBTCVault is IVault, Governable {
     /// @dev Can only be called by the Bank via `approveBalanceAndCall`.
     /// @param owner The owner who approved their Bank balance.
     /// @param amount Amount of TBTC to mint.
-    function receiveBalanceApproval(address owner, uint256 amount)
-        external
-        override
-        onlyBank
-    {
+    function receiveBalanceApproval(
+        address owner,
+        uint256 amount,
+        bytes memory
+    ) external override onlyBank {
         require(
             bank.balanceOf(owner) >= amount,
             "Amount exceeds balance in the bank"

package/deploy/05_deploy_bridge.ts

@@ -24,7 +24,11 @@ const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
     log: true,
   })
   const Redemption = await deploy("Redemption", { from: deployer, log: true })
-  const Wallets = await deploy("Wallets", { from: deployer, log: true })
+  const Wallets = await deploy("Wallets", {
+    contract: "contracts/bridge/Wallets.sol:Wallets",
+    from: deployer,
+    log: true,
+  })
   const Fraud = await deploy("Fraud", { from: deployer, log: true })
   const MovingFunds = await deploy("MovingFunds", {
     from: deployer,

package/deploy/09_transfer_proxy_admin_ownership.ts

@@ -2,19 +2,26 @@ import type { HardhatRuntimeEnvironment } from "hardhat/types"
 import type { DeployFunction } from "hardhat-deploy/types"
 
 const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
-  const { ethers, helpers, getNamedAccounts, upgrades, deployments } = hre
-  const { esdm } = await getNamedAccounts()
-  const { deployer } = await helpers.signers.getNamedSigners()
+  const { helpers, upgrades, deployments } = hre
+  const { esdm, deployer } = await helpers.signers.getNamedSigners()
+  const { log } = deployments
 
   // TODO: Once a DAO is established we want to switch to ProxyAdminWithDeputy and
   // use the DAO as the proxy admin owner and ESDM as the deputy. Until then we
-  // use governance as the owner of ProxyAdmin contract.
-  const newProxyAdminOwner = esdm
-
-  deployments.log(`transferring ProxyAdmin ownership to ${newProxyAdminOwner}`)
+  // use ESDM as the owner of ProxyAdmin contract.
+  const newProxyAdminOwner = esdm.address
 
   const proxyAdmin = await upgrades.admin.getInstance()
-  await proxyAdmin.connect(deployer).transferOwnership(newProxyAdminOwner)
+
+  const currentOwner = await proxyAdmin.owner()
+
+  // The `@openzeppelin/hardhat-upgrades` plugin deploys a single ProxyAdmin
+  // per network. We don't want to transfer the ownership if the owner is already
+  // set to the desired address.
+  if (!helpers.address.equal(currentOwner, newProxyAdminOwner)) {
+    log(`transferring ownership of ProxyAdmin to ${newProxyAdminOwner}`)
+    await proxyAdmin.connect(deployer).transferOwnership(newProxyAdminOwner)
+  }
 }
 
 export default func