Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: CCIP hook and ism #5392

Merged
merged 45 commits into from
Feb 11, 2025
Merged

feat: CCIP hook and ism #5392

merged 45 commits into from
Feb 11, 2025

Conversation

yorhodes
Copy link
Member

@yorhodes yorhodes commented Feb 7, 2025
edited
Loading

Description

Implements CCIP hook and ISM that offloads message verification to the CCIP message bridge

flowchart TB
    subgraph Origin
        Sender
        OM[Mailbox]
        Hook[CCIP Hook]
        OC[CCIP Router]
    end

    Sender -- "id = dispatch(dst, receiver, body)" --> OM
    OM -- "postDispatch(..., message)" --> Hook

    subgraph Destination
        Receiver
        ISM[CCIP ISM]
        DM[Mailbox]
        DC[CCIP Router]
    end

    Hook -- "ccipSend(id)" --> OC
    OC -- "id" --> DC
    DC -- "ccipReceive(id)" --> ISM

    OM -- "message" --> DM
    DM <-- "verify(..., message)" --> ISM
    DM -- "handle(origin, sender, body)" --> Receiver
Loading

Related issues

Fixes #2852

Backward compatibility

Yes

Testing

Unit Tests/Fork Tests

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Feb 7, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 3acd58d

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 9 packages
Name Type
@hyperlane-xyz/core Minor
@hyperlane-xyz/helloworld Patch
@hyperlane-xyz/sdk Patch
@hyperlane-xyz/infra Patch
@hyperlane-xyz/cli Patch
@hyperlane-xyz/widgets Patch
@hyperlane-xyz/ccip-server Patch
@hyperlane-xyz/github-proxy Patch
@hyperlane-xyz/utils Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@yorhodes yorhodes changed the title Feature/ccip hook and ism feat: CCIP hook and ism Feb 7, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 7, 2025
View reviewed changes
solidity/contracts/hooks/CCIPHook.sol
@@ -0,0 +1,84 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.8.0;

Check notice

Code scanning / Olympix Integrated Security

Using an unbounded pragma for Solidity version may be unsafe if future versions introduce breaking changes. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unbounded-pragma Low

Using an unbounded pragma for Solidity version may be unsafe if future versions introduce breaking changes. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unbounded-pragma
solidity/contracts/hooks/CCIPHook.sol
// ============ Constructor ============

constructor(
address _ccipRouter,

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
solidity/contracts/hooks/CCIPHook.sol

constructor(
address _ccipRouter,
uint64 _ccipDestination,

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
solidity/contracts/hooks/CCIPHook.sol
constructor(
address _ccipRouter,
uint64 _ccipDestination,
address _mailbox,

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
solidity/contracts/hooks/CCIPHook.sol
address _ccipRouter,
uint64 _ccipDestination,
address _mailbox,
uint32 _destination,

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
solidity/contracts/hooks/CCIPHook.sol
uint64 _ccipDestination,
address _mailbox,
uint32 _destination,
bytes32 _ism

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
solidity/contracts/isms/hook/CCIPIsm.sol
@@ -0,0 +1,70 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.8.0;

Check notice

Code scanning / Olympix Integrated Security

Using an unbounded pragma for Solidity version may be unsafe if future versions introduce breaking changes. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unbounded-pragma Low

Using an unbounded pragma for Solidity version may be unsafe if future versions introduce breaking changes. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unbounded-pragma
solidity/contracts/isms/hook/CCIPIsm.sol
* @title CCIPIsm
* @notice Uses CCIP hook to verify interchain messages.
*/
contract CCIPIsm is AbstractMessageIdAuthorizedIsm, CCIPReceiver {

Check failure

Code scanning / Olympix Integrated Security

Contracts that can receive ether but cannot send it may lock value permanently. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/locked-ether Critical

Contracts that can receive ether but cannot send it may lock value permanently. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/locked-ether
solidity/contracts/isms/hook/CCIPIsm.sol

// ============ Storage ============
constructor(
address _ccipRouter,

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
solidity/contracts/isms/hook/CCIPIsm.sol
// ============ Storage ============
constructor(
address _ccipRouter,
uint64 _ccipOrigin

Check notice

Code scanning / Olympix Integrated Security

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor Low

Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
@codecov Codecov
Copy link

codecov bot commented Feb 7, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 21 lines in your changes missing coverage. Please review.

Project coverage is 77.11%. Comparing base (1a0eba6) to head (3acd58d).
Report is 1 commits behind head on ccip-warp-route.

Additional details and impacted files 
@@                 Coverage Diff                 @@
##           ccip-warp-route    #5392      +/-   ##
===================================================
- Coverage            77.87%   77.11%   -0.76%     
===================================================
  Files                  107      109       +2     
  Lines                 2142     2163      +21     
  Branches               191      193       +2     
===================================================
  Hits                  1668     1668              
- Misses                 453      474      +21     
  Partials                21       21
Components Coverage Δ
core 87.80% <ø> (ø)
hooks 77.93% <0.00%> (-2.48%) ⬇️
isms 81.60% <0.00%> (-2.18%) ⬇️
token 91.66% <ø> (ø)
middlewares 79.80% <ø> (ø)

yorhodes
yorhodes commented Feb 7, 2025
View reviewed changes
solidity/hardhat.config.cts
@@ -10,7 +10,7 @@ import 'solidity-coverage';
*/
module.exports = {
solidity: {
version: '0.8.19',
version: '0.8.22',
Copy link
Member Author

@yorhodes yorhodes Feb 7, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CCIP contracts impose ^0.8.20

@yorhodes yorhodes changed the base branch from main to usdt February 7, 2025 16:43
@yorhodes yorhodes changed the base branch from usdt to ccip-warp-route February 7, 2025 16:47
@yorhodes yorhodes force-pushed the feature/ccip-hook-and-ism branch from 1260fb3 to e69a84c Compare February 7, 2025 17:28
@jmrossy jmrossy removed their request for review February 10, 2025 21:33
nambrot
nambrot reviewed Feb 11, 2025
View reviewed changes
solidity/test/isms/CCIPIsm.t.sol Outdated Show resolved Hide resolved
solidity/test/isms/CCIPIsm.t.sol Outdated Show resolved Hide resolved
Base automatically changed from auth-hook-quote to ccip-warp-route February 11, 2025 22:16
@yorhodes yorhodes merged commit 9a010df into ccip-warp-route Feb 11, 2025
4 checks passed
@yorhodes yorhodes deleted the feature/ccip-hook-and-ism branch February 11, 2025 22:56
ltyu
ltyu reviewed Feb 14, 2025
View reviewed changes
solidity/contracts/hooks/CCIPHook.sol
receiver: abi.encode(ism),
data: abi.encode(message.id()),
tokenAmounts: new Client.EVMTokenAmount[](0),
extraArgs: "",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How come we hardcode extraArgs? In their best practices, it says this should be mutable to 1) set the gas limits outside of the 200k default, and 2) set out of order execution if it’s required for certain chains

When allowOutOfOrderExecution is Required:
You must set allowOutOfOrderExecution to true. This setting acknowledges that messages may be executed out of order. If set to false, the message will revert and will not be processed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ltyu ltyu ltyu left review comments

@nambrot nambrot nambrot approved these changes

@tkporter tkporter Awaiting requested review from tkporter tkporter is a code owner

@aroralanuk aroralanuk Awaiting requested review from aroralanuk aroralanuk is a code owner

@Mo-Hussain Mo-Hussain Awaiting requested review from Mo-Hussain

@daniel-savu daniel-savu Awaiting requested review from daniel-savu

@Xaroz Xaroz Awaiting requested review from Xaroz

@cmcewen cmcewen Awaiting requested review from cmcewen

@paulbalaji paulbalaji Awaiting requested review from paulbalaji

Assignees
No one assigned
Labels
None yet
Projects
Hyperlane Tasks
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Chainlink CCIP Hook and ISM
5 participants
@yorhodes @nambrot @ltyu @paulbalaji @Raid5594