From 4e93cf7ec1494c6e9e9f4b2d551ebac9fb5c2393 Mon Sep 17 00:00:00 2001 From: Alex Towle Date: Fri, 23 Feb 2024 22:02:17 -0600 Subject: [PATCH] Hashed the salts in the deployers to prevent front-running --- .../deployers/HyperdriveDeployerCoordinator.sol | 10 ++++++++-- .../erc4626/ERC4626HyperdriveCoreDeployer.sol | 6 +++++- .../deployers/erc4626/ERC4626Target0Deployer.sol | 9 ++++++++- .../deployers/erc4626/ERC4626Target1Deployer.sol | 9 ++++++++- .../deployers/erc4626/ERC4626Target2Deployer.sol | 9 ++++++++- .../deployers/erc4626/ERC4626Target3Deployer.sol | 9 ++++++++- .../deployers/erc4626/ERC4626Target4Deployer.sol | 9 ++++++++- .../steth/StETHHyperdriveCoreDeployer.sol | 14 +++++--------- .../src/deployers/steth/StETHTarget0Deployer.sol | 9 ++++++++- .../src/deployers/steth/StETHTarget1Deployer.sol | 9 ++++++++- .../src/deployers/steth/StETHTarget2Deployer.sol | 9 ++++++++- .../src/deployers/steth/StETHTarget3Deployer.sol | 9 ++++++++- .../src/deployers/steth/StETHTarget4Deployer.sol | 9 ++++++++- 13 files changed, 98 insertions(+), 22 deletions(-) diff --git a/contracts/src/deployers/HyperdriveDeployerCoordinator.sol b/contracts/src/deployers/HyperdriveDeployerCoordinator.sol index e0c055deb..9855238fe 100644 --- a/contracts/src/deployers/HyperdriveDeployerCoordinator.sol +++ b/contracts/src/deployers/HyperdriveDeployerCoordinator.sol @@ -144,6 +144,8 @@ abstract contract HyperdriveDeployerCoordinator is config.initialVaultSharePrice = deployment.initialSharePrice; // Deploy the Hyperdrive instance and add it to the deployment struct. + bytes32 deploymentId = _deploymentId; // Avoid stack too deep error + bytes32 salt = _salt; // Avoid stack too deep error address hyperdrive = IHyperdriveCoreDeployer(coreDeployer).deploy( config, _extraData, @@ -152,7 +154,9 @@ abstract contract HyperdriveDeployerCoordinator is deployment.target2, deployment.target3, deployment.target4, - _salt + // NOTE: We hash the sender and deployment ID with the salt to + // prevent the front-running of deployments. + keccak256(abi.encode(msg.sender, deploymentId, salt)) ); _deployments[msg.sender][_deploymentId].hyperdrive = hyperdrive; @@ -208,7 +212,9 @@ abstract contract HyperdriveDeployerCoordinator is target = IHyperdriveTargetDeployer(target0Deployer).deploy( config_, _extraData, - _salt + // NOTE: We hash the sender and deployment ID with the salt to + // prevent the front-running of deployments. + keccak256(abi.encode(msg.sender, _deploymentId, _salt)) ); // Store the deployment. diff --git a/contracts/src/deployers/erc4626/ERC4626HyperdriveCoreDeployer.sol b/contracts/src/deployers/erc4626/ERC4626HyperdriveCoreDeployer.sol index 182f30e10..6be40d501 100644 --- a/contracts/src/deployers/erc4626/ERC4626HyperdriveCoreDeployer.sol +++ b/contracts/src/deployers/erc4626/ERC4626HyperdriveCoreDeployer.sol @@ -36,7 +36,11 @@ contract ERC4626HyperdriveCoreDeployer is IHyperdriveCoreDeployer { address vault = abi.decode(_extraData, (address)); return ( address( - new ERC4626Hyperdrive{ salt: _salt }( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new ERC4626Hyperdrive{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }( _config, _target0, _target1, diff --git a/contracts/src/deployers/erc4626/ERC4626Target0Deployer.sol b/contracts/src/deployers/erc4626/ERC4626Target0Deployer.sol index 4f89a9805..a97b7cf1e 100644 --- a/contracts/src/deployers/erc4626/ERC4626Target0Deployer.sol +++ b/contracts/src/deployers/erc4626/ERC4626Target0Deployer.sol @@ -24,6 +24,13 @@ contract ERC4626Target0Deployer is IHyperdriveTargetDeployer { bytes32 _salt ) external returns (address) { IERC4626 vault = IERC4626(abi.decode(_extraData, (address))); - return address(new ERC4626Target0{ salt: _salt }(_config, vault)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new ERC4626Target0{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, vault) + ); } } diff --git a/contracts/src/deployers/erc4626/ERC4626Target1Deployer.sol b/contracts/src/deployers/erc4626/ERC4626Target1Deployer.sol index 6fe5dc436..54f8ac007 100644 --- a/contracts/src/deployers/erc4626/ERC4626Target1Deployer.sol +++ b/contracts/src/deployers/erc4626/ERC4626Target1Deployer.sol @@ -24,6 +24,13 @@ contract ERC4626Target1Deployer is IHyperdriveTargetDeployer { bytes32 _salt ) external returns (address) { IERC4626 vault = IERC4626(abi.decode(_extraData, (address))); - return address(new ERC4626Target1{ salt: _salt }(_config, vault)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new ERC4626Target1{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, vault) + ); } } diff --git a/contracts/src/deployers/erc4626/ERC4626Target2Deployer.sol b/contracts/src/deployers/erc4626/ERC4626Target2Deployer.sol index 77bbcbb42..d78f69cb9 100644 --- a/contracts/src/deployers/erc4626/ERC4626Target2Deployer.sol +++ b/contracts/src/deployers/erc4626/ERC4626Target2Deployer.sol @@ -24,6 +24,13 @@ contract ERC4626Target2Deployer is IHyperdriveTargetDeployer { bytes32 _salt ) external returns (address) { IERC4626 vault = IERC4626(abi.decode(_extraData, (address))); - return address(new ERC4626Target2{ salt: _salt }(_config, vault)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new ERC4626Target2{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, vault) + ); } } diff --git a/contracts/src/deployers/erc4626/ERC4626Target3Deployer.sol b/contracts/src/deployers/erc4626/ERC4626Target3Deployer.sol index 40980fa87..62b9f2c03 100644 --- a/contracts/src/deployers/erc4626/ERC4626Target3Deployer.sol +++ b/contracts/src/deployers/erc4626/ERC4626Target3Deployer.sol @@ -24,6 +24,13 @@ contract ERC4626Target3Deployer is IHyperdriveTargetDeployer { bytes32 _salt ) external returns (address) { IERC4626 vault = IERC4626(abi.decode(_extraData, (address))); - return address(new ERC4626Target3{ salt: _salt }(_config, vault)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new ERC4626Target3{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, vault) + ); } } diff --git a/contracts/src/deployers/erc4626/ERC4626Target4Deployer.sol b/contracts/src/deployers/erc4626/ERC4626Target4Deployer.sol index 87c515c32..0eb9b1aa8 100644 --- a/contracts/src/deployers/erc4626/ERC4626Target4Deployer.sol +++ b/contracts/src/deployers/erc4626/ERC4626Target4Deployer.sol @@ -24,6 +24,13 @@ contract ERC4626Target4Deployer is IHyperdriveTargetDeployer { bytes32 _salt ) external returns (address) { IERC4626 vault = IERC4626(abi.decode(_extraData, (address))); - return address(new ERC4626Target4{ salt: _salt }(_config, vault)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new ERC4626Target4{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, vault) + ); } } diff --git a/contracts/src/deployers/steth/StETHHyperdriveCoreDeployer.sol b/contracts/src/deployers/steth/StETHHyperdriveCoreDeployer.sol index 08ad51255..e3dca27a3 100644 --- a/contracts/src/deployers/steth/StETHHyperdriveCoreDeployer.sol +++ b/contracts/src/deployers/steth/StETHHyperdriveCoreDeployer.sol @@ -43,15 +43,11 @@ contract StETHHyperdriveCoreDeployer is IHyperdriveCoreDeployer { ) external returns (address) { return ( address( - new StETHHyperdrive{ salt: _salt }( - _config, - target0, - target1, - target2, - target3, - target4, - lido - ) + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new StETHHyperdrive{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, target0, target1, target2, target3, target4, lido) ) ); } diff --git a/contracts/src/deployers/steth/StETHTarget0Deployer.sol b/contracts/src/deployers/steth/StETHTarget0Deployer.sol index e6e7b7f8e..4ab2d8ab6 100644 --- a/contracts/src/deployers/steth/StETHTarget0Deployer.sol +++ b/contracts/src/deployers/steth/StETHTarget0Deployer.sol @@ -31,6 +31,13 @@ contract StETHTarget0Deployer is IHyperdriveTargetDeployer { bytes memory, // unused extra data bytes32 _salt ) external override returns (address) { - return address(new StETHTarget0{ salt: _salt }(_config, lido)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new StETHTarget0{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, lido) + ); } } diff --git a/contracts/src/deployers/steth/StETHTarget1Deployer.sol b/contracts/src/deployers/steth/StETHTarget1Deployer.sol index 5406f2da3..b5d252dd7 100644 --- a/contracts/src/deployers/steth/StETHTarget1Deployer.sol +++ b/contracts/src/deployers/steth/StETHTarget1Deployer.sol @@ -31,6 +31,13 @@ contract StETHTarget1Deployer is IHyperdriveTargetDeployer { bytes memory, // unused extra data bytes32 _salt ) external returns (address) { - return address(new StETHTarget1{ salt: _salt }(_config, lido)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new StETHTarget1{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, lido) + ); } } diff --git a/contracts/src/deployers/steth/StETHTarget2Deployer.sol b/contracts/src/deployers/steth/StETHTarget2Deployer.sol index 4a2a1a6ec..04d136295 100644 --- a/contracts/src/deployers/steth/StETHTarget2Deployer.sol +++ b/contracts/src/deployers/steth/StETHTarget2Deployer.sol @@ -31,6 +31,13 @@ contract StETHTarget2Deployer is IHyperdriveTargetDeployer { bytes memory, // unused extra data bytes32 _salt ) external returns (address) { - return address(new StETHTarget2{ salt: _salt }(_config, lido)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new StETHTarget2{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, lido) + ); } } diff --git a/contracts/src/deployers/steth/StETHTarget3Deployer.sol b/contracts/src/deployers/steth/StETHTarget3Deployer.sol index 88d37cb6f..a4f286a12 100644 --- a/contracts/src/deployers/steth/StETHTarget3Deployer.sol +++ b/contracts/src/deployers/steth/StETHTarget3Deployer.sol @@ -31,6 +31,13 @@ contract StETHTarget3Deployer is IHyperdriveTargetDeployer { bytes memory, // unused extra data bytes32 _salt ) external returns (address) { - return address(new StETHTarget3{ salt: _salt }(_config, lido)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new StETHTarget3{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, lido) + ); } } diff --git a/contracts/src/deployers/steth/StETHTarget4Deployer.sol b/contracts/src/deployers/steth/StETHTarget4Deployer.sol index dec6c4325..e63a17d45 100644 --- a/contracts/src/deployers/steth/StETHTarget4Deployer.sol +++ b/contracts/src/deployers/steth/StETHTarget4Deployer.sol @@ -31,6 +31,13 @@ contract StETHTarget4Deployer is IHyperdriveTargetDeployer { bytes memory, // unused extra data bytes32 _salt ) external returns (address) { - return address(new StETHTarget4{ salt: _salt }(_config, lido)); + return + address( + // NOTE: We hash the sender with the salt to prevent the + // front-running of deployments. + new StETHTarget4{ + salt: keccak256(abi.encode(msg.sender, _salt)) + }(_config, lido) + ); } }