Contractkit upgradeable smart contracts #269
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+81
to
+86
| function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) { | ||
| /// @solidity memory-safe-assembly | ||
| assembly { | ||
| r.slot := slot | ||
| } | ||
| } |
Check warning
Code scanning / Slither
Assembly usage
Comment on lines
+61
to
+66
| function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) { | ||
| /// @solidity memory-safe-assembly | ||
| assembly { | ||
| r.slot := slot | ||
| } | ||
| } |
Check warning
Code scanning / Slither
Assembly usage
Comment on lines
+51
to
+56
| function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) { | ||
| /// @solidity memory-safe-assembly | ||
| assembly { | ||
| r.slot := slot | ||
| } | ||
| } |
Check warning
Code scanning / Slither
Assembly usage
Comment on lines
+71
to
+76
| function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) { | ||
| /// @solidity memory-safe-assembly | ||
| assembly { | ||
| r.slot := slot | ||
| } | ||
| } |
Check warning
Code scanning / Slither
Assembly usage
Comment on lines
+22
to
+45
| function _delegate(address implementation) internal virtual { | ||
| assembly { | ||
| // Copy msg.data. We take full control of memory in this inline assembly | ||
| // block because it will not return to Solidity code. We overwrite the | ||
| // Solidity scratch pad at memory position 0. | ||
| calldatacopy(0, 0, calldatasize()) | ||
|
|
||
| // Call the implementation. | ||
| // out and outsize are 0 because we don't know the size yet. | ||
| let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0) | ||
|
|
||
| // Copy the returned data. | ||
| returndatacopy(0, 0, returndatasize()) | ||
|
|
||
| switch result | ||
| // delegatecall returns 0 on error. | ||
| case 0 { | ||
| revert(0, returndatasize()) | ||
| } | ||
| default { | ||
| return(0, returndatasize()) | ||
| } | ||
| } | ||
| } |
Check warning
Code scanning / Slither
Assembly usage
Comment on lines
+21
to
+95
| abstract contract Upgradeable is IERC1822Proxiable, ERC1967Upgrade { | ||
| /// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignment | ||
| address private immutable __self = address(this); | ||
|
|
||
| /** | ||
| * @dev Check that the execution is being performed through a delegatecall call and that the execution context is | ||
| * a proxy contract with an implementation (as defined in ERC1967) pointing to self. This should only be the case | ||
| * for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a | ||
| * function through ERC1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to | ||
| * fail. | ||
| */ | ||
| modifier onlyProxy() { | ||
| require(address(this) != __self, "Function must be called through delegatecall"); | ||
| require(_getImplementation() == __self, "Function must be called through active proxy"); | ||
| _; | ||
| } | ||
|
|
||
| /** | ||
| * @dev Check that the execution is not being performed through a delegate call. This allows a function to be | ||
| * callable on the implementing contract but not through proxies. | ||
| */ | ||
| modifier notDelegated() { | ||
| require(address(this) == __self, "UUPSUpgradeable: must not be called through delegatecall"); | ||
| _; | ||
| } | ||
|
|
||
| /** | ||
| * @dev Implementation of the ERC1822 {proxiableUUID} function. This returns the storage slot used by the | ||
| * implementation. It is used to validate that the this implementation remains valid after an upgrade. | ||
| * | ||
| * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks | ||
| * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this | ||
| * function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier. | ||
| */ | ||
| function proxiableUUID() external view virtual override notDelegated returns (bytes32) { | ||
| return _IMPLEMENTATION_SLOT; | ||
| } | ||
|
|
||
| /** | ||
| * @dev Upgrade the implementation of the proxy to `newImplementation`. | ||
| * | ||
| * Calls {_authorizeUpgrade}. | ||
| * | ||
| * Emits an {Upgraded} event. | ||
| */ | ||
| function upgradeTo(address newImplementation) external virtual onlyProxy { | ||
| _authorizeUpgrade(newImplementation); | ||
| _upgradeToAndCallUUPS(newImplementation, new bytes(0), false); | ||
| } | ||
|
|
||
| /** | ||
| * @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call | ||
| * encoded in `data`. | ||
| * | ||
| * Calls {_authorizeUpgrade}. | ||
| * | ||
| * Emits an {Upgraded} event. | ||
| */ | ||
| function upgradeToAndCall(address newImplementation, bytes memory data) external payable virtual onlyProxy { | ||
| _authorizeUpgrade(newImplementation); | ||
| _upgradeToAndCallUUPS(newImplementation, data, true); | ||
| } | ||
|
|
||
| /** | ||
| * @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by | ||
| * {upgradeTo} and {upgradeToAndCall}. | ||
| * | ||
| * Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}. | ||
| * | ||
| * ```solidity | ||
| * function _authorizeUpgrade(address) internal override onlyOwner {} | ||
| * ``` | ||
| */ | ||
| function _authorizeUpgrade(address newImplementation) internal virtual; | ||
| } |
Check warning
Code scanning / Slither
Unimplemented functions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.