update caveat validation to ensure that a valid selector is returned …

…from the caveats and that length of 0 is invalid
AstariaXYZ · Dec 11, 2023 · 1df1805 · 1df1805
1 parent b835af2
commit 1df1805
Show file tree

Hide file tree

Showing 9 changed files with 717 additions and 28 deletions.
diff --git a/lib/forge-std b/lib/forge-std
diff --git a/package.json b/package.json
@@ -19,5 +19,8 @@
     "husky": "^8.0.0",
     "ts-node": "^10.9.1",
     "typescript": "^5.1.3"
+  },
+  "dependencies": {
+    "mmdc": "^0.0.1"
   }
 }
diff --git a/src/Starport.sol b/src/Starport.sol
@@ -56,6 +56,8 @@ contract Starport is PausableNonReentrant {
     error AdditionalTransferError();
     error CannotTransferLoans();
     error CaveatDeadlineExpired();
+    error InvalidCaveat();
+    error InvalidCaveatLength();
     error InvalidCaveatSigner();
     error InvalidCustodian();
     error InvalidLoan();
@@ -550,10 +552,18 @@ contract Starport is PausableNonReentrant {
             revert InvalidCaveatSigner();
         }
 
+        if (signedCaveats.caveats.length == 0) {
+            revert InvalidCaveatLength();
+        }
+
         for (uint256 i = 0; i < signedCaveats.caveats.length;) {
-            CaveatEnforcer(signedCaveats.caveats[i].enforcer).validate(
-                additionalTransfers, loan, signedCaveats.caveats[i].data
-            );
+            if (
+                CaveatEnforcer(signedCaveats.caveats[i].enforcer).validate(
+                    additionalTransfers, loan, signedCaveats.caveats[i].data
+                ) != CaveatEnforcer.validate.selector
+            ) {
+                revert InvalidCaveat();
+            }
             unchecked {
                 ++i;
             }

diff --git a/src/enforcers/BorrowerEnforcer.sol b/src/enforcers/BorrowerEnforcer.sol
@@ -66,8 +66,9 @@ contract BorrowerEnforcer is CaveatEnforcer {
         AdditionalTransfer[] calldata additionalTransfers,
         Starport.Loan calldata loan,
         bytes calldata caveatData
-    ) public view virtual override {
+    ) public view virtual override returns (bytes4 selector) {
         _validate(additionalTransfers, loan, abi.decode(caveatData, (Details)));
+        selector = CaveatEnforcer.validate.selector;
     }
 
     function _validate(

diff --git a/src/enforcers/BorrowerEnforcerBNPL.sol b/src/enforcers/BorrowerEnforcerBNPL.sol
@@ -69,7 +69,7 @@ contract BorrowerEnforcerBNPL is CaveatEnforcer {
         AdditionalTransfer[] calldata additionalTransfers,
         Starport.Loan calldata loan,
         bytes calldata caveatData
-    ) public view virtual override {
+    ) public view virtual override returns (bytes4 selector) {
         bytes32 loanHash = keccak256(abi.encode(loan));
 
         Details memory details = abi.decode(caveatData, (Details));
@@ -106,5 +106,7 @@ contract BorrowerEnforcerBNPL is CaveatEnforcer {
                 revert InvalidAdditionalTransfer();
             }
         }
+
+        selector = CaveatEnforcer.validate.selector;
     }
 }
diff --git a/src/enforcers/CaveatEnforcer.sol b/src/enforcers/CaveatEnforcer.sol
@@ -61,5 +61,6 @@ abstract contract CaveatEnforcer {
     function validate(AdditionalTransfer[] calldata solution, Starport.Loan calldata loan, bytes calldata caveatData)
         public
         view
-        virtual;
+        virtual
+        returns (bytes4);
 }
diff --git a/src/enforcers/LenderEnforcer.sol b/src/enforcers/LenderEnforcer.sol
@@ -56,8 +56,9 @@ contract LenderEnforcer is CaveatEnforcer {
         AdditionalTransfer[] calldata additionalTransfers,
         Starport.Loan calldata loan,
         bytes calldata caveatData
-    ) public view virtual override {
+    ) public view virtual override returns (bytes4 selector) {
         _validate(additionalTransfers, loan, abi.decode(caveatData, (Details)));
+        selector = CaveatEnforcer.validate.selector;
     }
 
     function _validate(

diff --git a/test/integration-testing/TestCaveats.sol b/test/integration-testing/TestCaveats.sol
@@ -121,6 +121,59 @@ contract IntegrationTestCaveats is StarportTest, DeepEq, MockCall {
         SP.originate(new AdditionalTransfer[](0), borrowerCaveat, _emptyCaveat(), loan);
     }
 
+    function testInvalidCaveats() public {
+        Starport.Loan memory loan = generateDefaultLoanTerms();
+
+        CaveatEnforcer.SignedCaveats memory borrowerCaveat = getBorrowerSignedCaveat({
+            details: BorrowerEnforcer.Details({loan: loan}),
+            signer: borrower,
+            salt: bytes32(0),
+            enforcer: address(borrowerEnforcer)
+        });
+        _setApprovalsForSpentItems(borrower.addr, loan.collateral);
+
+        _setApprovalsForSpentItems(lender.addr, loan.debt);
+
+        vm.roll(5);
+        //function validate(AdditionalTransfer[] calldata solution, Starport.Loan calldata loan, bytes calldata caveatData)
+        //function mockCallRevert(address callee, bytes calldata data, bytes calldata revertData) external;
+        //
+        vm.mockCall(
+            address(borrowerEnforcer),
+            abi.encodeWithSelector(
+                CaveatEnforcer.validate.selector, new AdditionalTransfer[](0), loan, borrowerCaveat.caveats[0].data
+            ),
+            abi.encode(bytes4(0))
+        );
+
+        vm.expectRevert(Starport.InvalidCaveat.selector);
+        vm.prank(lender.addr);
+        SP.originate(new AdditionalTransfer[](0), borrowerCaveat, _emptyCaveat(), loan);
+    }
+
+    function testInvalidCaveatLength() public {
+        Starport.Loan memory loan = generateDefaultLoanTerms();
+
+        CaveatEnforcer.SignedCaveats memory signedCaveats;
+        signedCaveats.caveats = new CaveatEnforcer.Caveat[](0);
+        signedCaveats.salt = bytes32(0);
+        signedCaveats.singleUse = true;
+        signedCaveats.deadline = block.timestamp + 1 days;
+        bytes32 hash = SP.hashCaveatWithSaltAndNonce(
+            borrower.addr, signedCaveats.singleUse, signedCaveats.salt, signedCaveats.deadline, signedCaveats.caveats
+        );
+
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(borrower.key, hash);
+        signedCaveats.signature = abi.encodePacked(r, s, v);
+        _setApprovalsForSpentItems(borrower.addr, loan.collateral);
+
+        _setApprovalsForSpentItems(lender.addr, loan.debt);
+
+        vm.expectRevert(Starport.InvalidCaveatLength.selector);
+        vm.prank(lender.addr);
+        SP.originate(new AdditionalTransfer[](0), signedCaveats, _emptyCaveat(), loan);
+    }
+
     function testOriginateWBorrowerApproval() public {
         Starport.Loan memory loan = generateDefaultLoanTerms();
+6 −48		.github/workflows/ci.yml
+1 −1		package.json
+3 −4		src/Script.sol
+2 −7		src/StdChains.sol
+15 −156		src/StdCheats.sol
+1 −16		src/StdInvariant.sol
+14 −18		src/StdJson.sol
+3 −54		src/StdStorage.sol
+2 −2		src/StdStyle.sol
+1 −1		src/StdUtils.sol
+3 −4		src/Test.sol
+239 −480		src/Vm.sol
+77 −93		test/StdAssertions.t.sol
+31 −91		test/StdChains.t.sol
+64 −167		test/StdCheats.t.sol
+10 −10		test/StdError.t.sol
+12 −27		test/StdMath.t.sol
+34 −66		test/StdStorage.t.sol
+4 −4		test/StdStyle.t.sol
+36 −66		test/StdUtils.t.sol
+0 −15		test/Vm.t.sol