feat: added safe bridge messag enveloppe, refactored safe bridge abstraction

jaybuidl · jaybuidl · commit 1afc05bd08ed · 2022-04-07T19:42:33.000+01:00
diff --git a/contracts/deploy/01-foreign-chain.ts b/contracts/deploy/01-foreign-chain.ts
@@ -50,11 +50,11 @@ const deployForeignGateway: DeployFunction = async (hre: HardhatRuntimeEnvironme
   let nonce;
   if (chainId === ForeignChains.HARDHAT) {
     nonce = await ethers.provider.getTransactionCount(deployer);
-    nonce += 5; // HomeGatewayToEthereum deploy tx will be the 6th after this, same network for both home/foreign.
+    nonce += 4; // HomeGatewayToEthereum deploy tx will be the 6th after this, same network for both home/foreign.
   } else {
     const homeChainProvider = new providers.JsonRpcProvider(homeNetworks[chainId].url);
     nonce = await homeChainProvider.getTransactionCount(deployer);
-    nonce += 2; // HomeGatewayToEthereum deploy tx will the third tx after this on its home network, so we add two to the current nonce.
+    nonce += 1; // HomeGatewayToEthereum deploy tx will the third tx after this on its home network, so we add two to the current nonce.
   }
   const { claimDeposit, challengeDuration, homeChainId } = paramsByChainId[chainId];
   const challengeDeposit = claimDeposit;
@@ -65,7 +65,14 @@ const deployForeignGateway: DeployFunction = async (hre: HardhatRuntimeEnvironme
 
   const fastBridgeReceiver = await deploy("FastBridgeReceiverOnEthereum", {
     from: deployer,
-    args: [deployer, claimDeposit, challengeDeposit, challengeDuration],
+    args: [
+      deployer,
+      ethers.constants.AddressZero, // should be safeBridgeSender
+      ethers.constants.AddressZero, // should be Arbitrum Inbox
+      claimDeposit,
+      challengeDeposit,
+      challengeDuration,
+    ],
     log: true,
   });
 
diff --git a/contracts/deploy/02-home-chain.ts b/contracts/deploy/02-home-chain.ts
@@ -14,11 +14,6 @@ const deployHomeGateway: DeployFunction = async (hre: HardhatRuntimeEnvironment)
   const deployer = (await getNamedAccounts()).deployer ?? (await hre.ethers.getSigners())[0].address;
   console.log("deployer: %s", deployer);
 
-  const safeBridge = await deploy("SafeBridgeSenderToEthereum", {
-    from: deployer,
-    log: true,
-  }); // nonce
-
   // The object below is not available when launching the hardhat node.
   // TODO: use deterministic deployments
   const fastBridgeReceiver =
@@ -27,9 +22,9 @@ const deployHomeGateway: DeployFunction = async (hre: HardhatRuntimeEnvironment)
       : await hre.companionNetworks.foreign.deployments.get("FastBridgeReceiverOnEthereum");
   const fastBridgeSender = await deploy("FastBridgeSenderToEthereum", {
     from: deployer,
-    args: [deployer, safeBridge.address, fastBridgeReceiver.address],
+    args: [deployer, fastBridgeReceiver.address],
     log: true,
-  }); // nonce+1
+  }); // nonce+0
 
   const klerosCore = await deployments.get("KlerosCore");
   const foreignGateway =
@@ -41,7 +36,7 @@ const deployHomeGateway: DeployFunction = async (hre: HardhatRuntimeEnvironment)
     from: deployer,
     args: [klerosCore.address, fastBridgeSender.address, foreignGateway.address, foreignChainId],
     log: true,
-  }); // nonce+2
+  }); // nonce+1
 
   const fastSender = await hre.ethers
     .getContractAt("FastBridgeSenderToEthereum", fastBridgeSender.address)
diff --git a/contracts/src/bridge/FastBridgeReceiverOnEthereum.sol b/contracts/src/bridge/FastBridgeReceiverOnEthereum.sol
@@ -10,15 +10,14 @@
 
 pragma solidity ^0.8.0;
 
+import "./SafeBridgeReceiverOnEthereum.sol";
 import "./interfaces/IFastBridgeReceiver.sol";
-import "./interfaces/arbitrum/IInbox.sol";
-import "./interfaces/arbitrum/IOutbox.sol";
 
 /**
  * Fast Bridge Receiver on Ethereum from Arbitrum
  * Counterpart of `FastBridgeSenderToEthereum`
  */
-contract FastBridgeReceiverOnEthereum is IFastBridgeReceiver {
+contract FastBridgeReceiverOnEthereum is SafeBridgeReceiverOnEthereum, IFastBridgeReceiver {
     // ************************************* //
     // *         Enums / Structs           * //
     // ************************************* //
@@ -34,7 +33,6 @@ contract FastBridgeReceiverOnEthereum is IFastBridgeReceiver {
     // *             Storage               * //
     // ************************************* //
 
-    address public governor;
     uint256 public override claimDeposit;
     uint256 public override challengeDeposit;
     uint256 public override challengeDuration;
@@ -47,22 +45,14 @@ contract FastBridgeReceiverOnEthereum is IFastBridgeReceiver {
     event ClaimReceived(bytes32 indexed messageHash, uint256 claimedAt);
     event ClaimChallenged(bytes32 indexed _messageHash, uint256 challengedAt);
 
-    // ************************************* //
-    // *        Function Modifiers         * //
-    // ************************************* //
-
-    modifier onlyByGovernor() {
-        require(governor == msg.sender, "Access not allowed: Governor only.");
-        _;
-    }
-
     constructor(
         address _governor,
+        address _safeBridgeSender,
+        address _inbox,
         uint256 _claimDeposit,
         uint256 _challengeDeposit,
         uint256 _challengeDuration
-    ) {
-        governor = _governor;
+    ) SafeBridgeReceiverOnEthereum(_governor, _safeBridgeSender, _inbox) {
         claimDeposit = _claimDeposit;
         challengeDeposit = _challengeDeposit;
         challengeDuration = _challengeDuration;
@@ -108,6 +98,8 @@ contract FastBridgeReceiverOnEthereum is IFastBridgeReceiver {
     }
 
     function verifyAndRelaySafe(bytes32 _messageHash, bytes memory _encodedData) external override {
+        require(isSentBySafeBridge(), "Access not allowed: SafeBridgeSender only.");
+
         // TODO
         revert("Not Implemented");
     }
diff --git a/contracts/src/bridge/FastBridgeSenderToEthereum.sol b/contracts/src/bridge/FastBridgeSenderToEthereum.sol
@@ -10,21 +10,20 @@
 
 pragma solidity ^0.8.0;
 
-import "./interfaces/ISafeBridge.sol";
+import "./SafeBridgeSenderToEthereum.sol";
 import "./interfaces/IFastBridgeSender.sol";
 import "./interfaces/IFastBridgeReceiver.sol";
 
 /**
  * Fast Bridge Sender to Ethereum from Arbitrum
  * Counterpart of `FastBridgeReceiverOnEthereum`
  */
-contract FastBridgeSenderToEthereum is IFastBridgeSender {
+contract FastBridgeSenderToEthereum is SafeBridgeSenderToEthereum, IFastBridgeSender {
     // ************************************* //
     // *             Storage               * //
     // ************************************* //
 
     address public governor;
-    ISafeBridge public safebridge;
     IFastBridgeReceiver public fastBridgeReceiver;
     address public fastSender;
 
@@ -47,13 +46,8 @@ contract FastBridgeSenderToEthereum is IFastBridgeSender {
         _;
     }
 
-    constructor(
-        address _governor,
-        ISafeBridge _safebridge,
-        IFastBridgeReceiver _fastBridgeReceiver
-    ) {
+    constructor(address _governor, IFastBridgeReceiver _fastBridgeReceiver) SafeBridgeSenderToEthereum() {
         governor = _governor;
-        safebridge = _safebridge;
         fastBridgeReceiver = _fastBridgeReceiver;
     }
 
@@ -72,9 +66,9 @@ contract FastBridgeSenderToEthereum is IFastBridgeSender {
         require(msg.sender == fastSender, "Access not allowed: Fast Sender only.");
 
         // Encode the receiver address with the function signature + arguments i.e calldata
-        bytes memory encodedData = abi.encode(_receiver, _calldata);
+        bytes memory messageData = abi.encode(_receiver, _calldata);
 
-        emit OutgoingMessage(_receiver, keccak256(encodedData), encodedData);
+        emit OutgoingMessage(_receiver, keccak256(messageData), messageData);
     }
 
     /**
@@ -89,17 +83,15 @@ contract FastBridgeSenderToEthereum is IFastBridgeSender {
      * @param _receiver The L1 contract address who will receive the calldata
      * @param _calldata The receiving domain encoded message data.
      */
-    function sendSafe(address _receiver, bytes memory _calldata) external payable {
-        // The safe bridge sends the encoded data to the FastBridgeReceiverOnEthereum
-        // in order for the FastBridgeReceiverOnEthereum to resolve any potential
-        // challenges and then forwards the message to the actual
-        // intended recipient encoded in `data`
-        // TODO: For this encodedData needs to be wrapped into an
-        // IFastBridgeReceiver function.
-        // TODO: add access checks for this on the FastBridgeReceiverOnEthereum.
-        // TODO: how much ETH should be provided for bridging? add an ISafeBridge.bridgingCost()
-        bytes memory encodedData = abi.encode(_receiver, _calldata);
-        safebridge.sendSafe{value: msg.value}(address(fastBridgeReceiver), encodedData);
+    function sendSafeFallback(address _receiver, bytes memory _calldata) external payable override {
+        bytes memory messageData = abi.encode(_receiver, _calldata);
+
+        // Safe Bridge message envelope
+        bytes4 methodSelector = IFastBridgeReceiver.verifyAndRelaySafe.selector;
+        bytes memory safeMessageData = abi.encodeWithSelector(methodSelector, keccak256(messageData), messageData);
+
+        // TODO: how much ETH should be provided for bridging? add an ISafeBridgeSender.bridgingCost() if needed
+        _sendSafe(address(fastBridgeReceiver), safeMessageData);
     }
 
     // ************************ //
diff --git a/contracts/src/bridge/SafeBridgeReceiverOnEthereum.sol b/contracts/src/bridge/SafeBridgeReceiverOnEthereum.sol
@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: MIT
+
+/**
+ *  @authors: [@jaybuidl, @shalzz]
+ *  @reviewers: []
+ *  @auditors: []
+ *  @bounties: []
+ *  @deployments: []
+ */
+
+pragma solidity ^0.8.0;
+
+import "./interfaces/ISafeBridgeReceiver.sol";
+import "./interfaces/arbitrum/IInbox.sol";
+import "./interfaces/arbitrum/IOutbox.sol";
+
+/**
+ * Safe Bridge Receiver on Ethereum from Arbitrum
+ * Counterpart of `SafeBridgeSenderToEthereum`
+ */
+contract SafeBridgeReceiverOnEthereum is ISafeBridgeReceiver {
+    // ************************************* //
+    // *             Storage               * //
+    // ************************************* //
+
+    address public governor;
+    address public safeBridgeSender;
+    IInbox public inbox;
+
+    // ************************************* //
+    // *        Function Modifiers         * //
+    // ************************************* //
+
+    modifier onlyByGovernor() {
+        require(governor == msg.sender, "Access not allowed: Governor only.");
+        _;
+    }
+
+    constructor(
+        address _governor,
+        address _safeBridgeSender,
+        address _inbox
+    ) {
+        governor = _governor;
+        inbox = IInbox(_inbox);
+        safeBridgeSender = _safeBridgeSender;
+    }
+
+    // ************************************* //
+    // *              Views                * //
+    // ************************************* //
+
+    function isSentBySafeBridge() internal view override returns (bool) {
+        IOutbox outbox = IOutbox(inbox.bridge().activeOutbox());
+        return outbox.l2ToL1Sender() == safeBridgeSender;
+    }
+
+    // ************************ //
+    // *      Governance      * //
+    // ************************ //
+
+    function setSafeBridgeSender(address _safeBridgeSender) external onlyByGovernor {
+        safeBridgeSender = _safeBridgeSender;
+    }
+
+    function setInbox(address _inbox) external onlyByGovernor {
+        inbox = IInbox(_inbox);
+    }
+}
diff --git a/contracts/src/bridge/SafeBridgeSenderToArbitrumFromEthereum.sol b/contracts/src/bridge/SafeBridgeSenderToArbitrumFromEthereum.sol
@@ -13,14 +13,13 @@ pragma solidity ^0.8.0;
 import "./interfaces/arbitrum/IInbox.sol";
 import "./interfaces/arbitrum/IOutbox.sol";
 import "./interfaces/arbitrum/IArbRetryableTx.sol";
-
-import "./interfaces/ISafeBridge.sol";
+import "./interfaces/ISafeBridgeSender.sol";
 
 /**
  * Safe Bridge Sender to Arbitrum from Ethereum
  * Counterpart of `SafeBridgeReceiverOnArbitrumFromEthereum` if any
  */
-contract SafeBridgeSenderToArbitrumFromEthereum is ISafeBridge {
+contract SafeBridgeSenderToArbitrumFromEthereum is ISafeBridgeSender {
     IArbRetryableTx public constant ARBITRUM_RETRYABLE_TX = IArbRetryableTx(address(110));
     address public immutable safeBridgeSender;
     IInbox public immutable inbox;
@@ -62,7 +61,7 @@ contract SafeBridgeSenderToArbitrumFromEthereum is ISafeBridge {
      * @param _calldata The encoded message data.
      * @return Unique id to track the message request/transaction.
      */
-    function sendSafe(address _receiver, bytes memory _calldata) external payable override returns (uint256) {
+    function _sendSafe(address _receiver, bytes memory _calldata) internal override returns (uint256) {
         require(msg.sender == safeBridgeSender, "Access not allowed: Safe Bridge Sender only.");
 
         uint256 baseSubmissionCost = bridgingCost(_calldata.length);
diff --git a/contracts/src/bridge/SafeBridgeSenderToEthereum.sol b/contracts/src/bridge/SafeBridgeSenderToEthereum.sol
@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: MIT
 
 /**
- *  @authors: [@shalzz]
+ *  @authors: [@shalzz, @jaybuidl]
  *  @reviewers: []
  *  @auditors: []
  *  @bounties: []
@@ -13,18 +13,18 @@ pragma solidity ^0.8.0;
 import "./interfaces/arbitrum/IArbSys.sol";
 import "./interfaces/arbitrum/AddressAliasHelper.sol";
 
-import "./interfaces/ISafeBridge.sol";
+import "./interfaces/ISafeBridgeSender.sol";
 
 /**
  * Safe Bridge Sender to Ethereum from Arbitrum
- * Counterpart of `SafeBridgeReceiverOnEthereum` if any
+ * Counterpart of `SafeBridgeReceiverOnEthereum`
  */
-contract SafeBridgeSenderToEthereum is ISafeBridge {
+contract SafeBridgeSenderToEthereum is ISafeBridgeSender {
     IArbSys public constant ARB_SYS = IArbSys(address(100));
 
     event L2ToL1TxCreated(uint256 indexed withdrawalId);
 
-    function sendSafe(address _receiver, bytes memory _calldata) external payable override returns (uint256) {
+    function _sendSafe(address _receiver, bytes memory _calldata) internal override returns (uint256) {
         uint256 withdrawalId = ARB_SYS.sendTxToL1(_receiver, _calldata);
 
         emit L2ToL1TxCreated(withdrawalId);
diff --git a/contracts/src/bridge/SafeBridgeSenderToGnosis.sol b/contracts/src/bridge/SafeBridgeSenderToGnosis.sol
@@ -11,20 +11,20 @@
 pragma solidity ^0.8.0;
 
 import "./interfaces/gnosis-chain/IAMB.sol";
-import "./interfaces/ISafeBridge.sol";
+import "./interfaces/ISafeBridgeSender.sol";
 
 /**
  * Safe Bridge Sender to Gnosis from Ethereum
  * Counterpart of `SafeBridgeReceiverOnGnosis` if any
  */
-contract SafeBridgeSenderToGnosis is ISafeBridge {
+contract SafeBridgeSenderToGnosis is ISafeBridgeSender {
     IAMB public immutable amb;
 
     constructor(IAMB _amb) {
         amb = _amb;
     }
 
-    function sendSafe(address _receiver, bytes memory _calldata) external payable override returns (uint256) {
+    function _sendSafe(address _receiver, bytes memory _calldata) internal override returns (uint256) {
         bytes32 id = amb.requireToPassMessage(_receiver, _calldata, amb.maxGasPerTx());
         return uint256(id);
     }
diff --git a/contracts/src/bridge/interfaces/IFastBridgeSender.sol b/contracts/src/bridge/interfaces/IFastBridgeSender.sol
@@ -7,11 +7,17 @@ interface IFastBridgeSender {
      * Sends an arbitrary message from one domain to another
      * via the fast bridge mechanism
      *
-     * TODO: probably needs some access control either on the sender side
-     * or the receiver side
-     *
      * @param _receiver The L1 contract address who will receive the calldata
      * @param _calldata The receiving domain encoded message data.
      */
     function sendFast(address _receiver, bytes memory _calldata) external;
+
+    /**
+     * Sends an arbitrary message from one domain to another
+     * via the fast bridge mechanism
+     *
+     * @param _receiver The L1 contract address who will receive the calldata
+     * @param _calldata The receiving domain encoded message data.
+     */
+    function sendSafeFallback(address _receiver, bytes memory _calldata) external payable;
 }
diff --git a/contracts/src/bridge/interfaces/ISafeBridgeReceiver.sol b/contracts/src/bridge/interfaces/ISafeBridgeReceiver.sol
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+abstract contract ISafeBridgeReceiver {
+    function isSentBySafeBridge() internal view virtual returns (bool);
+}
diff --git a/contracts/src/bridge/interfaces/ISafeBridgeSender.sol b/contracts/src/bridge/interfaces/ISafeBridgeSender.sol
@@ -2,13 +2,13 @@
 
 pragma solidity ^0.8.0;
 
-interface ISafeBridge {
+abstract contract ISafeBridgeSender {
     /**
      * Sends an arbitrary message from one domain to another.
      *
      * @param _receiver The L1 contract address who will receive the calldata
      * @param _calldata The L2 encoded message data.
      * @return Unique id to track the message request/transaction.
      */
-    function sendSafe(address _receiver, bytes memory _calldata) external payable returns (uint256);
+    function _sendSafe(address _receiver, bytes memory _calldata) internal virtual returns (uint256);
 }
diff --git a/contracts/test/pre-alpha1/index.ts b/contracts/test/pre-alpha1/index.ts
