Chore: created a diff of the zkSync contract changes #593
+118
−32
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -9,21 +9,27 @@ import {ERC20VotesUpgradeable} from "@openzeppelin/contracts-upgradeable/token/E | |||||
| import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol"; | ||||||
| import {ERC165Upgradeable} from "@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol"; | ||||||
| import {IVotesUpgradeable} from "@openzeppelin/contracts-upgradeable/governance/utils/IVotesUpgradeable.sol"; | ||||||
| import {UUPSUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; | ||||||
|
|
||||||
| import {IDAO} from "../core/dao/IDAO.sol"; | ||||||
| import {DaoAuthorizableUpgradeable} from "../core/plugin/dao-authorizable/DaoAuthorizableUpgradeable.sol"; | ||||||
| import {IERC20MintableUpgradeable} from "../token/ERC20/IERC20MintableUpgradeable.sol"; | ||||||
|
|
||||||
| /// @title GovernanceERC20Upgradeable | ||||||
| /// @author Aragon Association | ||||||
| /// @notice An [OpenZeppelin `Votes`](https://docs.openzeppelin.com/contracts/4.x/api/governance#Votes) compatible [ERC-20](https://eips.ethereum.org/EIPS/eip-20) token that can be used for voting and is managed by a DAO. | ||||||
| contract GovernanceERC20Upgradeable is | ||||||
| IERC20MintableUpgradeable, | ||||||
| Initializable, | ||||||
| ERC165Upgradeable, | ||||||
| ERC20VotesUpgradeable, | ||||||
| UUPSUpgradeable, | ||||||
| DaoAuthorizableUpgradeable | ||||||
| { | ||||||
| /// @notice The ID of the permission required to call the `_authorizeUpgrade` function. | ||||||
| bytes32 public constant UPGRADE_GOVERNANCE_ERC20_PERMISSION_ID = | ||||||
| keccak256("UPGRADE_GOVERNANCE_ERC20_PERMISSION"); | ||||||
|
|
||||||
| /// @notice The permission identifier to mint new tokens | ||||||
| bytes32 public constant MINT_PERMISSION_ID = keccak256("MINT_PERMISSION"); | ||||||
|
|
||||||
|
|
@@ -117,4 +123,10 @@ contract GovernanceERC20 is | |||||
| _delegate(to, to); | ||||||
| } | ||||||
| } | ||||||
|
|
||||||
| /// @notice Internal method authorizing the upgrade of the contract via the [upgradeability mechanism for UUPS proxies](https://docs.openzeppelin.com/contracts/4.x/api/proxy#UUPSUpgradeable) (see [ERC-1822](https://eips.ethereum.org/EIPS/eip-1822)). | ||||||
| /// @dev The caller must have the `UPGRADE_DAO_PERMISSION_ID` permission. | ||||||
|
There was a problem hiding this comment.
Suggested change
There was a problem hiding this comment. @novaknole good suggestion |
||||||
| function _authorizeUpgrade( | ||||||
| address | ||||||
| ) internal virtual override auth(UPGRADE_GOVERNANCE_ERC20_PERMISSION_ID) {} | ||||||
| } | ||||||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,6 +3,7 @@ | |
| pragma solidity 0.8.17; | ||
|
|
||
| import {ERC165Checker} from "@openzeppelin/contracts/utils/introspection/ERC165Checker.sol"; | ||
| import {UUPSUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; | ||
|
|
||
| import {DAO, IDAO} from "../core/dao/DAO.sol"; | ||
| import {PermissionLib} from "../core/permission/PermissionLib.sol"; | ||
|
|
@@ -16,13 +17,18 @@ import {IPluginSetup} from "../framework/plugin/setup/IPluginSetup.sol"; | |
| import {PluginSetup} from "../framework/plugin/setup/PluginSetup.sol"; | ||
| import {PluginSetupRef, hashHelpers, hashPermissions, _getPreparedSetupId, _getAppliedSetupId, _getPluginInstallationId, PreparationType} from "../framework/plugin/setup/PluginSetupProcessorHelpers.sol"; | ||
|
|
||
| import {DaoAuthorizableUpgradeable} from "../core/plugin/dao-authorizable/DaoAuthorizableUpgradeable.sol"; | ||
|
|
||
| /// @title PluginSetupProcessor | ||
| /// @author Aragon Association - 2022-2023 | ||
| /// @notice This contract processes the preparation and application of plugin setups (installation, update, uninstallation) on behalf of a requesting DAO. | ||
| /// @dev This contract is temporarily granted the `ROOT_PERMISSION_ID` permission on the applying DAO and therefore is highly security critical. | ||
| contract PluginSetupProcessorUpgradeable is UUPSUpgradeable, DaoAuthorizableUpgradeable { | ||
|
There was a problem hiding this comment. Is this acceptable? The PSP gets |
||
| using ERC165Checker for address; | ||
|
|
||
| /// @notice The ID of the permission required to call the `_authorizeUpgrade` function. | ||
| bytes32 public constant UPGRADE_PSP_PERMISSION_ID = keccak256("UPGRADE_PSP_PERMISSION"); | ||
|
|
||
| /// @notice The ID of the permission required to call the `applyInstallation` function. | ||
| bytes32 public constant APPLY_INSTALLATION_PERMISSION_ID = | ||
| keccak256("APPLY_INSTALLATION_PERMISSION"); | ||
|
|
@@ -272,9 +278,15 @@ contract PluginSetupProcessor { | |
| _; | ||
| } | ||
|
|
||
| /// @notice Disables the initializers on the implementation contract to prevent it from being left uninitialized. | ||
| constructor() { | ||
| _disableInitializers(); | ||
| } | ||
|
|
||
| /// @param _dao The managing dao. | ||
| /// @param _repoRegistry The plugin repo registry contract. | ||
| function initialize(IDAO _dao, PluginRepoRegistry _repoRegistry) external initializer { | ||
| __DaoAuthorizableUpgradeable_init(_dao); | ||
| repoRegistry = _repoRegistry; | ||
| } | ||
|
|
||
|
|
@@ -734,4 +746,8 @@ contract PluginSetupProcessor { | |
| initData: _initData | ||
| }); | ||
| } | ||
|
|
||
| /// @notice Internal method authorizing the upgrade of the contract via the [upgradeability mechanism for UUPS proxies](https://docs.openzeppelin.com/contracts/4.x/api/proxy#UUPSUpgradeable) (see [ERC-1822](https://eips.ethereum.org/EIPS/eip-1822)). | ||
| /// @dev The caller must have the `UPGRADE_DAO_PERMISSION_ID` permission. | ||
| function _authorizeUpgrade(address) internal virtual override auth(UPGRADE_PSP_PERMISSION_ID) {} | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -12,16 +12,20 @@ import {IDAO} from "../core/dao/IDAO.sol"; | |
| import {DAO} from "../core/dao/DAO.sol"; | ||
| import {PermissionLib} from "../core/permission/PermissionLib.sol"; | ||
| import {PluginSetup, IPluginSetup} from "../framework/plugin/setup/PluginSetup.sol"; | ||
| import {GovernanceERC20Upgradeable} from "./GovernanceERC20Upgradeable.sol"; | ||
| import {GovernanceWrappedERC20Upgradeable} from "./GovernanceWrappedERC20Upgradeable.sol"; | ||
|
|
||
| import {GovernanceERC20} from "../token/ERC20/governance/GovernanceERC20.sol"; | ||
| import {GovernanceWrappedERC20} from "../token/ERC20/governance/GovernanceWrappedERC20.sol"; | ||
|
|
||
| import {IGovernanceWrappedERC20} from "../token/ERC20/governance/IGovernanceWrappedERC20.sol"; | ||
| import {MajorityVotingBase} from "../plugins/governance/majority-voting/MajorityVotingBase.sol"; | ||
| import {TokenVoting} from "../plugins/governance/majority-voting/token/TokenVoting.sol"; | ||
|
|
||
| /// @title TokenVotingSetup | ||
| /// @author Aragon Association - 2022-2023 | ||
| /// @notice The setup contract of the `TokenVoting` plugin for the ZkSync network. | ||
| contract TokenVotingSetupZkSync is PluginSetup { | ||
| using Address for address; | ||
| using Clones for address; | ||
| using ERC165Checker for address; | ||
|
|
@@ -61,8 +65,8 @@ contract TokenVotingSetup is PluginSetup { | |
| /// @param _governanceERC20Base The base `GovernanceERC20` contract to create clones from. | ||
| /// @param _governanceWrappedERC20Base The base `GovernanceWrappedERC20` contract to create clones from. | ||
| constructor( | ||
| GovernanceERC20Upgradeable _governanceERC20Base, | ||
| GovernanceWrappedERC20Upgradeable _governanceWrappedERC20Base | ||
| ) { | ||
| tokenVotingBase = new TokenVoting(); | ||
| governanceERC20Base = address(_governanceERC20Base); | ||
|
|
@@ -88,6 +92,13 @@ contract TokenVotingSetup is PluginSetup { | |
|
|
||
| address token = tokenSettings.addr; | ||
|
|
||
| // determine if the plugin needs to be granted the upgrade permission | ||
| // this will be if: | ||
| // - the token is not passed (new token is deployed) | ||
| // - the token is passed, but it does not support our token interfaces | ||
| // so we need to deploy it behind a proxy and grant upgrade to the DAO | ||
| bool setUpgradePermission = false; | ||
|
|
||
| // Prepare helpers. | ||
| address[] memory helpers = new address[](1); | ||
|
|
||
|
|
@@ -112,25 +123,33 @@ contract TokenVotingSetup is PluginSetup { | |
| // IVotes nor IGovernanceWrappedERC20, it needs wrapping. | ||
| (supportedIds[0] && !supportedIds[1] && !supportedIds[2]) | ||
| ) { | ||
| // User already has a token. We need to wrap it in | ||
| // GovernanceWrappedERC20 in order to make the token | ||
| // include governance functionality. | ||
| token = createERC1967Proxy( | ||
| governanceWrappedERC20Base, | ||
| abi.encodeWithSelector( | ||
| GovernanceWrappedERC20Upgradeable.initialize.selector, | ||
| IDAO(_dao), | ||
| IERC20Upgradeable(tokenSettings.addr), | ||
| tokenSettings.name, | ||
| tokenSettings.symbol | ||
| ) | ||
| ); | ||
| setUpgradePermission = true; | ||
| } | ||
| } else { | ||
| token = createERC1967Proxy( | ||
| governanceERC20Base, | ||
| abi.encodeWithSelector( | ||
| GovernanceERC20Upgradeable.initialize.selector, | ||
| IDAO(_dao), | ||
| tokenSettings.name, | ||
| tokenSettings.symbol, | ||
| mintSettings | ||
| ) | ||
| ); | ||
| setUpgradePermission = true; | ||
| } | ||
|
|
||
| helpers[0] = token; | ||
|
|
@@ -141,11 +160,20 @@ contract TokenVotingSetup is PluginSetup { | |
| abi.encodeWithSelector(TokenVoting.initialize.selector, _dao, votingSettings, token) | ||
| ); | ||
|
|
||
| PermissionLib.MultiTargetPermission[] memory permissions; | ||
|
|
||
| // avoid stack too deep. | ||
| { | ||
| // check for an existing token: we will grant mint on the token to the dao if so | ||
| uint256 permissionCount = tokenSettings.addr != address(0) ? 3 : 4; | ||
|
|
||
| // If the plugin needs to be granted the upgrade permission, increment the permission count. | ||
| if (setUpgradePermission) { | ||
| permissionCount = permissionCount + 1; | ||
| } | ||
|
|
||
| permissions = new PermissionLib.MultiTargetPermission[](permissionCount); | ||
| } | ||
|
|
||
| // Set plugin permissions to be granted. | ||
| // Grant the list of permissions of the plugin to the DAO. | ||
|
|
@@ -186,6 +214,18 @@ contract TokenVotingSetup is PluginSetup { | |
| ); | ||
| } | ||
|
|
||
| if (setUpgradePermission) { | ||
| bytes32 tokenUpgradePermission = GovernanceERC20Upgradeable(token) | ||
| .UPGRADE_GOVERNANCE_ERC20_PERMISSION_ID(); | ||
| permissions[permissions.length - 1] = PermissionLib.MultiTargetPermission( | ||
|
There was a problem hiding this comment. Please think carefully about this: I believe the Can this break? Can this be exploited? |
||
| PermissionLib.Operation.Grant, | ||
| token, | ||
| _dao, | ||
| PermissionLib.NO_CONDITION, | ||
| tokenUpgradePermission | ||
| ); | ||
| } | ||
|
|
||
| preparedSetupData.helpers = helpers; | ||
| preparedSetupData.permissions = permissions; | ||
| } | ||
|
|
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Upgradeable tokens are a red flag. External parties could use official Aragon OSx tokens on zkSync to rugpull consumers.
To add to this, they are often not permitted on exchanges - are we 100% sure that this is acceptable in the case of zkSync Era?
Please rethink this and confirm this decision with leadership @Rekard0.