Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzz tampered tests for ERC2771Forwarder #5258

Merged
merged 6 commits into from
Oct 21, 2024
Merged

Fuzz tampered tests for ERC2771Forwarder #5258

merged 6 commits into from
Oct 21, 2024

Conversation

cairoeth
Copy link
Contributor

Fixes #4896 and helps #4894

PR Checklist

  • Tests
  • Documentation
  • Changeset entry (run npx changeset add)

@cairoeth cairoeth requested a review from a team October 15, 2024 01:36
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Oct 15, 2024
edited
Loading

⚠️ No Changeset found

Latest commit: 1e2b9ce

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

ernestognw
ernestognw reviewed Oct 15, 2024
View reviewed changes
Copy link
Member

@ernestognw ernestognw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Leaving small nits since I'm still not convinced 100% of the Foundry tests. They're still good to go in case you decide to merge before 5.2

test/metatx/ERC2771Forwarder.t.sol Outdated Show resolved Hide resolved
test/metatx/ERC2771Forwarder.t.sol Outdated Show resolved Hide resolved
@cairoeth cairoeth requested a review from Amxx October 15, 2024 23:57
Amxx
Amxx reviewed Oct 18, 2024
View reviewed changes
test/metatx/ERC2771Forwarder.t.sol Outdated
});
}

function _tamperedExecute(
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this does not execute, it prepares a request, tampers it, and prepare the expected revert ... but it does not execute.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah i kinda meant for this function to generate a tampered execute, feel free to rename

Amxx
Amxx reviewed Oct 18, 2024
View reviewed changes
Copy link
Collaborator

@Amxx Amxx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm getting

FAIL. Reason: unknown cheatcode with selector 0xd5bee9f5; you may have a mismatch between the `Vm` interface (likely in `forge-std`) and the `forge` version;

Is there a missing foundry update ?

Amxx
Amxx reviewed Oct 18, 2024
View reviewed changes
Copy link
Collaborator

@Amxx Amxx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are testExecuteBatchTamperedValuesZeroReceiver and testExecuteBatchTamperedValues different?

One does _tamperedValues then expect a call, the other replace batchRequestDatas entirely and relies on the expectRevert in tamperedExecute.

I'd like to understand and clean all that, but I'm not able to run it locally :/

@cairoeth
Copy link
Contributor Author

cairoeth commented Oct 18, 2024
edited
Loading

@Amxx those two functions are a bit different as they test for two different cases:

  • testExecuteBatchTamperedValuesZeroReceiver: if the receiver is the zero address, then the call will revert if any of the meta transactions are invalid/tampered
  • testExecuteBatchTamperedValues: if the receiver is not the zero address, then the call will not revert but the tampered meta transaction will simply just be skipped.

To get the latest version and be able to run the tests, do foundryup on terminal.

@Amxx
Copy link
Collaborator

Amxx commented Oct 18, 2024

@cairoeth I rewrote the test quite heavily. IMO that is more readable. Let me know what you think.

@cairoeth
Copy link
Contributor Author

looks great, thanks!

@Amxx Amxx merged commit c12cf86 into OpenZeppelin:master Oct 21, 2024
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ernestognw ernestognw ernestognw left review comments

@Amxx Amxx Amxx approved these changes

Assignees
No one assigned
Labels
ignore-changeset
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ERC2771Forwarder has a flaky tampered signature test
3 participants
@cairoeth @Amxx @ernestognw