Change flashLoan and receiveFlashLoan to explicitly only allow calls …

…from the boring vault and the balancer vault respectively
Se7en-Seas · Apr 8, 2024 · 2921e0c · 2921e0c
1 parent 0dec573
commit 2921e0c
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 4 deletions.
diff --git a/src/base/Roles/ManagerWithMerkleVerification.sol b/src/base/Roles/ManagerWithMerkleVerification.sol
@@ -57,6 +57,8 @@ contract ManagerWithMerkleVerification is Auth {
     error ManagerWithMerkleVerification__BadFlashLoanIntentHash();
     error ManagerWithMerkleVerification__FailedToVerifyManageProof(address target, bytes targetData, uint256 value);
     error ManagerWithMerkleVerification__Paused();
+    error ManagerWithMerkleVerification__OnlyCallableByBoringVault();
+    error ManagerWithMerkleVerification__OnlyCallableByBalancerVault();
 
     //============================== EVENTS ===============================
 
@@ -156,7 +158,9 @@ contract ManagerWithMerkleVerification is Auth {
         address[] calldata tokens,
         uint256[] calldata amounts,
         bytes calldata userData
-    ) external requiresAuth {
+    ) external {
+        if (msg.sender != address(vault)) revert ManagerWithMerkleVerification__OnlyCallableByBoringVault();
+
         flashLoanIntentHash = keccak256(userData);
         performingFlashLoan = true;
         balancerVault.flashLoan(recipient, tokens, amounts, userData);
@@ -175,7 +179,8 @@ contract ManagerWithMerkleVerification is Auth {
         uint256[] calldata amounts,
         uint256[] calldata feeAmounts,
         bytes calldata userData
-    ) external requiresAuth {
+    ) external {
+        if (msg.sender != address(balancerVault)) revert ManagerWithMerkleVerification__OnlyCallableByBalancerVault();
         if (!performingFlashLoan) revert ManagerWithMerkleVerification__FlashLoanNotInProgress();
 
         // Validate userData using intentHash.

diff --git a/test/ManagerWithMerkleVerification.t.sol b/test/ManagerWithMerkleVerification.t.sol
@@ -1541,14 +1541,27 @@ contract ManagerWithMerkleVerificationTest is Test, MainnetAddresses {
         // Call now works.
         manager.manageVaultWithMerkleVerification(manageProofs, decodersAndSanitizers, targets, targetData, values);
 
-        // Check `receiveFlashLoan`
+        // Check `flashLoan`
         address[] memory tokens;
         uint256[] memory amounts;
+
+        vm.expectRevert(
+            abi.encodeWithSelector(
+                ManagerWithMerkleVerification.ManagerWithMerkleVerification__OnlyCallableByBoringVault.selector
+            )
+        );
+        manager.flashLoan(address(this), tokens, amounts, abi.encode(0));
+
+        // Check `receiveFlashLoan`
         uint256[] memory feeAmounts;
 
         address attacker = vm.addr(1);
         vm.startPrank(attacker);
-        vm.expectRevert(bytes("UNAUTHORIZED"));
+        vm.expectRevert(
+            abi.encodeWithSelector(
+                ManagerWithMerkleVerification.ManagerWithMerkleVerification__OnlyCallableByBalancerVault.selector
+            )
+        );
         manager.receiveFlashLoan(tokens, amounts, feeAmounts, abi.encode(0));
         vm.stopPrank();