Merge branch 'staging' into proxy-storage

Author: ameeshaagrawal

contracts/interfaces/IWatcherPrecompile.sol

@@ -67,8 +67,8 @@ interface IWatcherPrecompile {
     /// @param proof_ The watcher's proof
     function finalized(
         bytes32 payloadId_,
-        uint256 signatureNonce_,
         bytes calldata proof_,
+        uint256 signatureNonce_,
         bytes calldata signature_
     ) external;
 
@@ -80,8 +80,8 @@ interface IWatcherPrecompile {
     /// @notice Resolves multiple promises with their return data
     /// @param resolvedPromises_ Array of resolved promises and their return data
     function resolvePromises(
-        uint256 signatureNonce_,
         ResolvedPromises[] calldata resolvedPromises_,
+        uint256 signatureNonce_,
         bytes calldata signature_
     ) external;
 

contracts/protocol/AddressResolver.sol

@@ -58,7 +58,7 @@ abstract contract AddressResolverStorage is IAddressResolver {
 /// @dev Inherits the Ownable contract and implements the IAddressResolver interface.
 contract AddressResolver is AddressResolverStorage, Initializable, Ownable {
     /// @notice Error thrown if AppGateway contract was already set by a different address
-    error InvalidCaller(address contractAddress_);
+    error InvalidAppGateway(address contractAddress_);
 
     event PlugAdded(address appGateway, uint32 chainSlug, address plug);
     event ForwarderDeployed(address newForwarder, bytes32 salt);
@@ -188,7 +188,7 @@ contract AddressResolver is AddressResolverStorage, Initializable, Ownable {
             contractsToGateways[contractAddress_] != address(0) &&
             contractsToGateways[contractAddress_] != msg.sender
         ) {
-            revert InvalidCaller(contractAddress_);
+            revert InvalidAppGateway(contractAddress_);
         }
         contractsToGateways[contractAddress_] = msg.sender;
     }

contracts/protocol/payload-delivery/AuctionManager.sol

@@ -18,7 +18,7 @@ abstract contract AuctionManagerStorage is IAuctionManager {
     uint256[50] _gap_before;
 
     // slot 50
-    uint32 public evmxChainSlug;
+    uint32 public evmxSlug;
 
     // slot 51
     mapping(bytes32 => Bid) public winningBids;
@@ -52,19 +52,19 @@ contract AuctionManager is AuctionManagerStorage, Initializable, Ownable, Addres
     }
 
     /// @notice Initializer function to replace constructor
-    /// @param evmxChainSlug_ The chain slug for the VM
+    /// @param evmxSlug_ The chain slug for the VM
     /// @param auctionEndDelaySeconds_ The delay in seconds before an auction can end
     /// @param addressResolver_ The address of the address resolver
     /// @param owner_ The address of the contract owner
     function initialize(
-        uint32 evmxChainSlug_,
+        uint32 evmxSlug_,
         uint256 auctionEndDelaySeconds_,
         address addressResolver_,
         address owner_
     ) public reinitializer(1) {
         _setAddressResolver(addressResolver_);
         _initializeOwner(owner_);
-        evmxChainSlug = evmxChainSlug_;
+        evmxSlug = evmxSlug_;
         auctionEndDelaySeconds = auctionEndDelaySeconds_;
     }
 
@@ -93,7 +93,7 @@ contract AuctionManager is AuctionManagerStorage, Initializable, Ownable, Addres
         if (auctionClosed[asyncId_]) revert AuctionClosed();
 
         address transmitter = _recoverSigner(
-            keccak256(abi.encode(address(this), evmxChainSlug, asyncId_, fee, extraData)),
+            keccak256(abi.encode(address(this), evmxSlug, asyncId_, fee, extraData)),
             transmitterSignature
         );
 

contracts/protocol/payload-delivery/FeesManager.sol

@@ -3,6 +3,7 @@ pragma solidity ^0.8.0;
 
 import {Ownable} from "solady/auth/Ownable.sol";
 import "solady/utils/Initializable.sol";
+import "solady/utils/ECDSA.sol";
 
 import {IFeesPlug} from "../../interfaces/IFeesPlug.sol";
 import {IFeesManager} from "../../interfaces/IFeesManager.sol";
@@ -18,6 +19,7 @@ abstract contract FeesManagerStorage is IFeesManager {
 
     // slot 50
     uint256 public feesCounter;
+    uint32 public evmxSlug;
 
     /// @notice Struct containing fee amounts and status
     struct TokenBalance {
@@ -41,11 +43,16 @@ abstract contract FeesManagerStorage is IFeesManager {
     /// @dev transmitter => chainSlug => token => amount
     mapping(address => mapping(uint32 => mapping(address => uint256))) public transmitterFees;
 
-    // slots [54-103] reserved for gap
+    // slot 54
+    /// @notice Mapping to track nonce to whether it has been used
+    /// @dev signatureNonce => isValid
+    mapping(uint256 => bool) public isNonceUsed;
+
+    // slots [55-104] reserved for gap
     uint256[50] _gap_after;
 
-    // slots 104-153 reserved for addr resolver util
-    }
+    // slots 105-154 reserved for addr resolver util
+}
 
 /// @title FeesManager
 /// @notice Contract for managing fees
@@ -105,6 +112,10 @@ contract FeesManager is FeesManagerStorage, Initializable, Ownable, AddressResol
     error NoFeesForTransmitter();
     /// @notice Error thrown when no fees was blocked
     error NoFeesBlocked();
+    /// @notice Error thrown when watcher signature is invalid
+    error InvalidWatcherSignature();
+    /// @notice Error thrown when nonce is used
+    error NonceUsed();
 
     constructor() {
         _disableInitializers(); // disable for implementation
@@ -113,7 +124,13 @@ contract FeesManager is FeesManagerStorage, Initializable, Ownable, AddressResol
     /// @notice Initializer function to replace constructor
     /// @param addressResolver_ The address of the address resolver
     /// @param owner_ The address of the owner
-    function initialize(address addressResolver_, address owner_) public reinitializer(1) {
+    /// @param evmxSlug_ The evmx chain slug
+    function initialize(
+        address addressResolver_,
+        address owner_,
+        uint32 evmxSlug_
+    ) public reinitializer(1) {
+        evmxSlug = evmxSlug_;
         _setAddressResolver(addressResolver_);
         _initializeOwner(owner_);
     }
@@ -142,8 +159,16 @@ contract FeesManager is FeesManagerStorage, Initializable, Ownable, AddressResol
         uint32 chainSlug_,
         address originAppGateway_,
         address token_,
-        uint256 amount_
-    ) external onlyOwner {
+        uint256 amount_,
+        uint256 signatureNonce_,
+        bytes memory signature_
+    ) external {
+        _isWatcherSignatureValid(
+            abi.encode(chainSlug_, originAppGateway_, token_, amount_),
+            signatureNonce_,
+            signature_
+        );
+
         address appGateway = _getCoreAppGateway(originAppGateway_);
 
         TokenBalance storage tokenBalance = appGatewayFeeBalances[appGateway][chainSlug_][token_];
@@ -351,4 +376,19 @@ contract FeesManager is FeesManagerStorage, Initializable, Ownable, AddressResol
     function _getFeesPlugAddress(uint32 chainSlug_) internal view returns (address) {
         return watcherPrecompile__().feesPlug(chainSlug_);
     }
+
+    function _isWatcherSignatureValid(
+        bytes memory digest_,
+        uint256 signatureNonce_,
+        bytes memory signature_
+    ) internal {
+        if (isNonceUsed[signatureNonce_]) revert NonceUsed();
+        isNonceUsed[signatureNonce_] = true;
+
+        bytes32 digest = keccak256(abi.encode(address(this), evmxSlug, signatureNonce_, digest_));
+        digest = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", digest));
+        // recovered signer is checked for the valid roles later
+        address signer = ECDSA.recover(digest, signature_);
+        if (signer != owner()) revert InvalidWatcherSignature();
+    }
 }

contracts/protocol/watcherPrecompile/WatcherPrecompile.sol

@@ -78,7 +78,7 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         address addressResolver_,
         uint256 defaultLimit_,
         uint256 expiryTime_,
-        uint32 evmxChainSlug_
+        uint32 evmxSlug_
     ) public reinitializer(1) {
         _setAddressResolver(addressResolver_);
         _initializeOwner(owner_);
@@ -90,7 +90,7 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         // limit per second
         defaultRatePerSecond = defaultLimit / (24 * 60 * 60);
 
-        evmxChainSlug = evmxChainSlug_;
+        evmxSlug = evmxSlug_;
     }
 
     // ================== Timeout functions ==================
@@ -108,7 +108,7 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         // from auction manager
         _consumeLimit(appGateway_, SCHEDULE, 1);
         uint256 executeAt = block.timestamp + delayInSeconds_;
-        bytes32 timeoutId = _encodeId(evmxChainSlug, address(this));
+        bytes32 timeoutId = _encodeId(evmxSlug, address(this));
         timeoutRequests[timeoutId] = TimeoutRequest(
             timeoutId,
             msg.sender,
@@ -130,8 +130,8 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         bytes calldata signature_
     ) external {
         _isWatcherSignatureValid(
+            abi.encode(this.resolveTimeout.selector, timeoutId_),
             signatureNonce_,
-            keccak256(abi.encode(address(this), evmxChainSlug, signatureNonce_, timeoutId_)),
             signature_
         );
 
@@ -253,7 +253,7 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         // from payload delivery
         _consumeLimit(appGateway_, QUERY, 1);
         // Generate unique payload ID from query counter
-        payloadId = _encodeId(evmxChainSlug, address(this));
+        payloadId = _encodeId(evmxSlug, address(this));
 
         // Create async request with minimal information for queries
         // Note: addresses set to 0 as they're not needed for queries
@@ -282,15 +282,13 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
     /// @dev keccak256(abi.encode(switchboard, digest))
     function finalized(
         bytes32 payloadId_,
-        uint256 signatureNonce_,
         bytes calldata proof_,
+        uint256 signatureNonce_,
         bytes calldata signature_
     ) external {
         _isWatcherSignatureValid(
+            abi.encode(this.finalized.selector, payloadId_, proof_),
             signatureNonce_,
-            keccak256(
-                abi.encode(address(this), evmxChainSlug, signatureNonce_, payloadId_, proof_)
-            ),
             signature_
         );
 
@@ -302,13 +300,13 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
     /// @param resolvedPromises_ Array of resolved promises and their return data
     /// @dev Only callable by the contract owner
     function resolvePromises(
-        uint256 signatureNonce_,
         ResolvedPromises[] calldata resolvedPromises_,
+        uint256 signatureNonce_,
         bytes calldata signature_
     ) external {
         _isWatcherSignatureValid(
+            abi.encode(this.resolvePromises.selector, resolvedPromises_),
             signatureNonce_,
-            keccak256(abi.encode(address(this), evmxChainSlug, signatureNonce_, resolvedPromises_)),
             signature_
         );
 
@@ -345,16 +343,8 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         bytes calldata signature_
     ) external {
         _isWatcherSignatureValid(
+            abi.encode(this.markRevert.selector, isRevertingOnchain_, payloadId_),
             signatureNonce_,
-            keccak256(
-                abi.encode(
-                    address(this),
-                    evmxChainSlug,
-                    signatureNonce_,
-                    payloadId_,
-                    isRevertingOnchain_
-                )
-            ),
             signature_
         );
 
@@ -406,8 +396,8 @@ contract WatcherPrecompile is WatcherPrecompileConfig {
         bytes calldata signature_
     ) external {
         _isWatcherSignatureValid(
+            abi.encode(this.callAppGateways.selector, params_),
             signatureNonce_,
-            keccak256(abi.encode(address(this), evmxChainSlug, signatureNonce_, params_)),
             signature_
         );
 

contracts/protocol/watcherPrecompile/WatcherPrecompileConfig.sol

@@ -46,8 +46,8 @@ abstract contract WatcherPrecompileConfig is WatcherPrecompileLimits {
         bytes calldata signature_
     ) external {
         _isWatcherSignatureValid(
+            abi.encode(this.setAppGateways.selector, configs_),
             signatureNonce_,
-            keccak256(abi.encode(address(this), evmxChainSlug, signatureNonce_, configs_)),
             signature_
         );
 
@@ -109,14 +109,16 @@ abstract contract WatcherPrecompileConfig is WatcherPrecompileLimits {
     }
 
     function _isWatcherSignatureValid(
+        bytes memory digest_,
         uint256 signatureNonce_,
-        bytes32 digest_,
         bytes memory signature_
     ) internal {
         if (isNonceUsed[signatureNonce_]) revert NonceUsed();
         isNonceUsed[signatureNonce_] = true;
 
-        bytes32 digest = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", digest_));
+        bytes32 digest = keccak256(abi.encode(address(this), evmxSlug, signatureNonce_, digest_));
+        digest = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", digest));
+
         // recovered signer is checked for the valid roles later
         address signer = ECDSA.recover(digest, signature_);
         if (signer != owner()) revert InvalidWatcherSignature();

hardhat-scripts/deploy/1.deploy.ts

@@ -107,7 +107,7 @@ const deployEVMxContracts = async () => {
       deployUtils = await deployContractWithProxy(
         EVMxCoreContracts.FeesManager,
         `contracts/protocol/payload-delivery/app-gateway/FeesManager.sol`,
-        [addressResolver.address, EVMxOwner],
+        [addressResolver.address, EVMxOwner, EVMX_CHAIN_ID],
         proxyFactory,
         deployUtils
       );

package.json

@@ -9,7 +9,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.0.11",
+  "version": "1.0.12",
   "description": "socket protocol",
   "scripts": {
     "build": "hardhat export-abi && tsc --project lib.tsconfig.json",