-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDenyListV2.sol
144 lines (135 loc) · 6.01 KB
/
DenyListV2.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
// SPDX-License-Identifier: AGPL-3.0-or-later
// Copyright (C) 2024 Fireblocks <[email protected]>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
pragma solidity 0.8.20;
import {ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol";
import {ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
import {DenyList} from "../../library/AccessRegistry/DenyList.sol";
import {LibErrors} from "../../library/Errors/LibErrors.sol";
import {ERC2771ContextInitializableUpgradeable} from "../../library/MetaTx/ERC2771ContextInitializableUpgradeable.sol";
/**
* @title DenyList V2
* @notice The DenyList Service establishes an on-chain DenyList for the Fireblocks ecosystem of smart contracts. It
* maintains a registry of addresses allowed to participate in the system by implementing {AccessListUpgradeable} and
* {IAccessRegistry}. It is also capable of verifying more complex conditions using the data provided
* from the function call.
*
* DenyList V2 builds upon the original version by introducing a new feature. It maintains its core functionality by
* inheriting from the original DenyList contract and adds the gasless meta-transaction feature by inheriting from the
* {ERC2771ContextInitializableUpgradeable} contract. It maintains upgradability through the UUPS (Universal
* Upgradeable Proxy Standard) pattern. This upgrade mechanism preserves the existing state and storage, ensuring a
* safe transition for existing users while allowing new users to initialize the contract.
*
* @dev DenyList Service features.
*
* The DenyList Service contract Role Based Access Control employs the following roles:
*
* - UPGRADER_ROLE (via {AccessListUpgradeable})
* - PAUSER_ROLE (via {AccessListUpgradeable})
* - CONTRACT_ADMIN_ROLE (via {AccessListUpgradeable})
* - ACCESS_LIST_ADMIN_ROLE (via {AccessListUpgradeable})
*
* This version introduces the following changes:
*
* - Adds the {ERC2771ContextInitializableUpgradeable} contract to support gasless meta-transactions
* - Adds an initializer function to set the trusted forwarder address
* - Inherits from the original DenyList contract to maintain core functionality
* - Maintains upgradability through the UUPS pattern
*
* @custom:version 2.0.0
*/
contract DenyListV2 is DenyList, ERC2771ContextInitializableUpgradeable {
/// modifiers
/**
* @notice This modifier is used to restrict the execution of functions based on the version of the contract.
* @dev This modifier uses the {_getInitializedVersion} function to check the version of the contract. If the version
* does not matches the provided version, it reverts with the error message `OnlyVersion`.
* @param _version The version to compare with the initialized version.
*/
modifier onlyVersion(uint8 _version) virtual {
if (_getInitializedVersion() != _version) {
revert LibErrors.OnlyVersion(_version);
}
_;
}
/// functions
/**
* @notice This function configures the Allow List contract with the initial state and granting
* privileged roles.
*
* @dev This function uses the {AccessListUpgradeable.__AccessList_init} function to grant roles.
*
* Calling Conditions:
*
* - Can only be invoked once (controlled via the {reinitializer} modifier).
* - The contract must be initialized with the version 1 logic.
*
* @param trustedForwarder The address of the trusted forwarder.
*/
function initializeV2(address trustedForwarder) external virtual onlyVersion(1) reinitializer(2) {
__ERC2771ContextInitializableUpgradeable_init(trustedForwarder);
}
/**
* @notice The multicall function has been intentionally disabled to prevent use with gasless operations.
*
* @dev OpenZeppelin library needs to be upgraded to V4.9.5 or higher if you consider using multicall along with
* gasless feature.
* @custom:deprecated This function is deprecated and should not be used.
*/
function multicall(bytes[] calldata) external virtual override returns (bytes[] memory) {
revert LibErrors.FunctionDisabled();
}
/**
* @notice This is a function that applies any validations required to update the trusted forwarder.
*
* @dev Reverts when the caller does not have the "CONTRACT_ADMIN_ROLE".
*
* Calling Conditions:
*
* - Only the "CONTRACT_ADMIN_ROLE" can execute.
* - {DenyListV2} is not paused.
*/
function _authorizeTrustedForwarderUpdate() internal virtual override whenNotPaused onlyRole(CONTRACT_ADMIN_ROLE) {}
/**
* @notice This function is used to retrieve the sender of the transaction.
* @dev This function is an override of the logic provided by {ContextUpgradeable} function. Instead it uses the
* {ERC2771ContextUpgradeable}.{_msgSender} function to retrieve the sender.
* @return The address of the sender.
*/
function _msgSender()
internal
view
virtual
override(ContextUpgradeable, ERC2771ContextUpgradeable)
returns (address)
{
return ERC2771ContextUpgradeable._msgSender();
}
/**
* @notice This function is used to retrieve the data of the transaction.
* @dev This function is an override of the logic provided by {ContextUpgradeable} function. Instead it uses the
* {ERC2771ContextUpgradeable}.{_msgData} function to retrieve the data.
* @return The data of the transaction.
*/
function _msgData()
internal
view
virtual
override(ContextUpgradeable, ERC2771ContextUpgradeable)
returns (bytes calldata)
{
return ERC2771ContextUpgradeable._msgData();
}
}