OpenZeppelin · frangio · Feb 19, 2021 · Feb 2, 2021 · Feb 4, 2021 · Feb 8, 2021
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,7 @@
  * `Context`: making `_msgData` return `bytes calldata` instead of `bytes memory` ([#2492](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2492))
  * `ERC20`: Removed the `_setDecimals` function and the storage slot associated to decimals. ([#2502](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2502))
  * `Strings`: addition of a `toHexString` function.  ([#2504](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2504))
+ * `GSNv2`: add a `BaseRelayRecipient` and a `MinimalForwarder` for experimenting with GSNv2 ([#2508](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/2508))
 
 ## 3.4.0 (2021-02-02)
 

diff --git a/contracts/cryptography/ECDSA.sol b/contracts/cryptography/ECDSA.sol
@@ -83,4 +83,13 @@ library ECDSA {
         // enforced by the type signature above
         return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
     }
+
+    /**
+     * @dev TODO.
+     *
+     * See {recover}.
+     */
+    function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
+        return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
+    }
 }
diff --git a/contracts/metatx/BaseRelayRecipient.sol b/contracts/metatx/BaseRelayRecipient.sol
@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+import "../utils/Context.sol";
+
+/*
+ * @dev Context variant with ERC2771 support.
+ */
+abstract contract BaseRelayRecipient is Context {
+    address immutable _trustedForwarder;
+
+    constructor(address trustedForwarder) {
+        _trustedForwarder = trustedForwarder;
+    }
+
+    function isTrustedForwarder(address forwarder) public view virtual returns(bool) {
+        return forwarder == _trustedForwarder;
+    }
+
+    function _msgSender() internal view virtual override returns (address sender) {
+        if (isTrustedForwarder(msg.sender)) {
+            // The assembly code is more direct than the Solidity version using `abi.decode`.
+            assembly { sender := shr(96, calldataload(sub(calldatasize(), 20))) }
+        } else {
+            return super._msgSender();
+        }
+    }
+
+    function _msgData() internal view virtual override returns (bytes calldata) {
+        if (isTrustedForwarder(msg.sender)) {
+            return msg.data[:msg.data.length-20];
+        } else {
+            return super._msgData();
+        }
+    }
+}
diff --git a/contracts/metatx/MinimalForwarder.sol b/contracts/metatx/MinimalForwarder.sol
@@ -0,0 +1,57 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+import "../cryptography/ECDSA.sol";
+import "../drafts/EIP712.sol";
+
+/*
+ * @dev Minimal forwarder for GSNv2
+ */
+contract MinimalForwarder is EIP712 {
+    using ECDSA for bytes32;
+
+    struct ForwardRequest {
+        address from;
+        address to;
+        uint256 value;
+        uint256 gas;
+        uint256 nonce;
+        bytes data;
+    }
+
+    bytes32 private constant TYPEHASH = keccak256("ForwardRequest(address from,address to,uint256 value,uint256 gas,uint256 nonce,bytes data)");
+
+    mapping(address => uint256) private _nonces;
+
+    constructor() EIP712("MinimalForwarder", "0.0.1") {}
+
+    function getNonce(address from) public view returns (uint256) {
+        return _nonces[from];
+    }
+
+    function verify(ForwardRequest calldata req, bytes calldata signature) public view returns (bool) {
+        address signer = _hashTypedDataV4(keccak256(abi.encode(
+            TYPEHASH,
+            req.from,
+            req.to,
+            req.value,
+            req.gas,
+            req.nonce,
+            keccak256(req.data)
+        ))).recover(signature);
+        return _nonces[req.from] == req.nonce && signer == req.from;
+    }
+
+    function execute(ForwardRequest calldata req, bytes calldata signature) public payable returns (bool, bytes memory) {
+        require(verify(req, signature), "MinimalForwarder: signature does not match request");
+        _nonces[req.from] = req.nonce + 1;
+
+        // solhint-disable-next-line avoid-low-level-calls
+        (bool success, bytes memory returndata) = req.to.call{gas: req.gas, value: req.value}(abi.encodePacked(req.data, req.from));
+        // Check gas: https://ronan.eth.link/blog/ethereum-gas-dangers/
+        assert(gasleft() > req.gas / 63);
+
+        return (success, returndata);
+    }
+}
diff --git a/contracts/mocks/BaseRelayRecipientMock.sol b/contracts/mocks/BaseRelayRecipientMock.sol
@@ -0,0 +1,19 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+import "./ContextMock.sol";
+import "../metatx/BaseRelayRecipient.sol";
+
+// By inheriting from BaseRelayRecipient, Context's internal functions are overridden automatically
+contract BaseRelayRecipientMock is ContextMock, BaseRelayRecipient {
+    constructor(address trustedForwarder) BaseRelayRecipient(trustedForwarder) {}
+
+    function _msgSender() internal override(Context, BaseRelayRecipient) view virtual returns (address) {
+        return BaseRelayRecipient._msgSender();
+    }
+
+    function _msgData() internal override(Context, BaseRelayRecipient) view virtual returns (bytes calldata) {
+        return BaseRelayRecipient._msgData();
+    }
+}
diff --git a/test/metatx/BaseRelayRecipient.test.js b/test/metatx/BaseRelayRecipient.test.js
@@ -0,0 +1,113 @@
+const ethSigUtil = require('eth-sig-util');
+const Wallet = require('ethereumjs-wallet').default;
+const { EIP712Domain } = require('../helpers/eip712');
+
+const { expectEvent } = require('@openzeppelin/test-helpers');
+const { expect } = require('chai');
+
+const BaseRelayRecipientMock = artifacts.require('BaseRelayRecipientMock');
+const MinimalForwarder = artifacts.require('MinimalForwarder');
+const ContextMockCaller = artifacts.require('ContextMockCaller');
+
+const { shouldBehaveLikeRegularContext } = require('../GSN/Context.behavior');
+
+const name = 'MinimalForwarder';
+const version = '0.0.1';
+
+contract('BaseRelayRecipient', function (accounts) {
+  beforeEach(async function () {
+    this.forwarder = await MinimalForwarder.new();
+    this.recipient = await BaseRelayRecipientMock.new(this.forwarder.address);
+
+    this.domain = {
+      name,
+      version,
+      chainId: await web3.eth.getChainId(),
+      verifyingContract: this.forwarder.address,
+    };
+    this.types = {
+      EIP712Domain,
+      ForwardRequest: [
+        { name: 'from', type: 'address' },
+        { name: 'to', type: 'address' },
+        { name: 'value', type: 'uint256' },
+        { name: 'gas', type: 'uint256' },
+        { name: 'nonce', type: 'uint256' },
+        { name: 'data', type: 'bytes' },
+      ],
+    };
+  });
+
+  it('recognize trusted forwarder', async function () {
+    expect(await this.recipient.isTrustedForwarder(this.forwarder.address));
+  });
+
+  context('when called directly', function () {
+    beforeEach(async function () {
+      this.context = this.recipient; // The Context behavior expects the contract in this.context
+      this.caller = await ContextMockCaller.new();
+    });
+
+    shouldBehaveLikeRegularContext(...accounts);
+  });
+
+  context('when receiving a relayed call', function () {
+    beforeEach(async function () {
+      this.wallet = Wallet.generate();
+      this.sender = web3.utils.toChecksumAddress(this.wallet.getAddressString());
+      this.data = {
+        types: this.types,
+        domain: this.domain,
+        primaryType: 'ForwardRequest',
+      };
+    });
+
+    describe('msgSender', function () {
+      it('returns the relayed transaction original sender', async function () {
+        const data = this.recipient.contract.methods.msgSender().encodeABI();
+
+        const req = {
+          from: this.sender,
+          to: this.recipient.address,
+          value: '0',
+          gas: '100000',
+          nonce: (await this.forwarder.getNonce(this.sender)).toString(),
+          data,
+        };
+
+        const sign = ethSigUtil.signTypedMessage(this.wallet.getPrivateKey(), { data: { ...this.data, message: req } });
+
+        // rejected by lint :/
+        // expect(await this.forwarder.verify(req, sign)).to.be.true;
+
+        const { tx } = await this.forwarder.execute(req, sign);
+        await expectEvent.inTransaction(tx, BaseRelayRecipientMock, 'Sender', { sender: this.sender });
+      });
+    });
+
+    describe('msgData', function () {
+      it('returns the relayed transaction original data', async function () {
+        const integerValue = '42';
+        const stringValue = 'OpenZeppelin';
+        const data = this.recipient.contract.methods.msgData(integerValue, stringValue).encodeABI();
+
+        const req = {
+          from: this.sender,
+          to: this.recipient.address,
+          value: '0',
+          gas: '100000',
+          nonce: (await this.forwarder.getNonce(this.sender)).toString(),
+          data,
+        };
+
+        const sign = ethSigUtil.signTypedMessage(this.wallet.getPrivateKey(), { data: { ...this.data, message: req } });
+
+        // rejected by lint :/
+        // expect(await this.forwarder.verify(req, sign)).to.be.true;
+
+        const { tx } = await this.forwarder.execute(req, sign);
+        await expectEvent.inTransaction(tx, BaseRelayRecipientMock, 'Data', { data, integerValue, stringValue });
+      });
+    });
+  });
+});