Skip to content

feat: support erc1271 for verifying relay fee update sigs #221

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jan 19, 2023
Merged

feat: support erc1271 for verifying relay fee update sigs #221

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
855fcb7
feat: support erc1271 for verifying relay fee update sigs
dohaki Jan 18, 2023
15cdaf6
chore: add note-worthy comments
dohaki Jan 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 10 additions & 4 deletions contracts/SpokePool.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/utils/Address.sol";

import "@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";
import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import "@uma/core/contracts/common/implementation/Testable.sol";
import "@uma/core/contracts/common/implementation/MultiCaller.sol";
Expand Down Expand Up @@ -722,10 +723,15 @@ abstract contract SpokePool is SpokePoolInterface, Testable, Lockable, MultiCall
bytes32 ethSignedMessageHash,
bytes memory depositorSignature
) internal view virtual {
// Note: We purposefully do not support EIP-1271 signatures (meaning that multisigs and smart contract wallets
// like Argent are not supported) because of the possibility that a multisig that signed a message on the origin
// chain does not have a parallel on this destination chain.
require(depositor == ECDSA.recover(ethSignedMessageHash, depositorSignature), "invalid signature");
// Note:
// - We don't need to worry about reentrancy from a contract deployed at the depositor address since the method
// `SignatureChecker.isValidSignatureNow` is a view method. Re-entrancy can happen, but it cannot affect state.
// - EIP-1271 signatures are supported. This means that a signature valid now, may not be valid later and vice-versa.
// - For an EIP-1271 signature to work, the depositor contract address must map to a deployed contract on the destination
// chain that can validate the signature.
// - Regular signatures from an EOA are also supported.
bool isValid = SignatureChecker.isValidSignatureNow(depositor, ethSignedMessageHash, depositorSignature);
Copy link
Member

@nicholaspai nicholaspai Jan 18, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should also add a comment about how isValidSignatureNow can change its behavior from block N to block M: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/SignatureChecker.sol#L21

As long as the signature is valid at the time of calling fillRelayWithUpdatedFee then the signature is treated as valid.

Copy link
Contributor

@mrice32 mrice32 Jan 18, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO, we should note that:

  • EIP-1271 signatures are supported. This means that a signature valid now, may not be valid later.
  • For an EIP-1271 signature to work, the depositor contract address must map to a deployed contract on the destination chain that can validate the signature.
  • Regular signatures from an EOA are also supported.

Copy link
Member

@nicholaspai nicholaspai Jan 18, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are all great comments to add!

Copy link
Contributor Author

@dohaki dohaki Jan 19, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the input! I added them here

require(isValid, "invalid signature");
}

function _computeAmountPreFees(uint256 amount, uint64 feesPct) private pure returns (uint256) {
Expand Down
21 changes: 21 additions & 0 deletions contracts/test/MockERC1271.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
//SPDX-License-Identifier: Unlicense
pragma solidity ^0.8.0;

import "@openzeppelin/contracts/interfaces/IERC1271.sol";

import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import "@openzeppelin/contracts/access/Ownable.sol";

/**
* @title MockERC1271
* @notice Implements mocked ERC1271 contract for testing.
*/
contract MockERC1271 is IERC1271, Ownable {
constructor(address originalOwner) {
transferOwnership(originalOwner);
}

function isValidSignature(bytes32 hash, bytes memory signature) public view override returns (bytes4 magicValue) {
return ECDSA.recover(hash, signature) == owner() ? this.isValidSignature.selector : bytes4(0);
}
}
Loading