Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(contracts): OZ-L03 Inconsistency of Allowing a Trusted Forwarder #846

Merged
merged 3 commits into from Sep 19, 2023
Merged

fix(contracts): OZ-L03 Inconsistency of Allowing a Trusted Forwarder #846

merged 3 commits into from Sep 19, 2023

Conversation

zimpha
Copy link
Member

@zimpha zimpha commented Aug 21, 2023

Purpose or design rationale of this PR

This PR partially fixed the issue reported by Openzepplin (L-03 Inconsistency of Allowing a Trusted Forwarder). The following are the details:

In GasSwap, some parts of the code rely on _msgSender and others on msg.sender. This inconsistency can lead to confusion as to when meta-transactions are allowed. For example, GasSwap inherits from OwnableBase which has an onlyOwner check that uses msg.sender. Therefore, all functions with onlyOwner modifier will fail when submitted through a trusted forwarder.

This inconsistency is confusing and error-prone. Consider using _msgSender() everywhere in GasSwap and OwnableBase, which will automatically default to msg.sender if it is not sent from the trustedForwarder address.

PR title

Your PR title must follow conventional commits (as we are doing squash merge for each PR), so it must start with one of the following types:

  • fix: A bug fix

Deployment tag versioning

Has tag in common/version.go been updated?

  • No, this PR doesn't involve a new deployment, git tag, docker image tag
  • Yes

Breaking change label

Does this PR have the breaking-change label?

  • No, this PR is not a breaking change
  • Yes

@zimpha zimpha added the bug Something isn't working label Aug 21, 2023
@zimpha zimpha self-assigned this Aug 21, 2023
@github-actions
Copy link

github-actions bot commented Aug 21, 2023
edited

LCOV of commit adae0f2 during Contracts #52

Summary coverage rate:
  lines......: 51.6% (1013 of 1965 lines)
  functions..: 65.2% (227 of 348 functions)
  branches...: no data found

Files changed coverage rate: n/a

@icemelon icemelon added bump-version Bump the version tag for deployment and removed bump-version Bump the version tag for deployment labels Sep 4, 2023
@icemelon icemelon merged commit 417a228 into develop Sep 19, 2023
4 checks passed
@icemelon icemelon deleted the fix/inconsistency_of_allowing_a_trusted_forwarder branch September 19, 2023 21:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@icemelon icemelon icemelon approved these changes

Assignees

@zimpha zimpha

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@zimpha @icemelon