Merge pull request #16 from EnsoBuild/stargate-fix

fix stargate receiver to control access to funds

Author: PeterMPhillips

script/SocketDeployer.s.sol

@@ -1,11 +1,11 @@
 // SPDX-License-Identifier: UNLICENSED
 pragma solidity ^0.8.13;
 
-import "forge-std/Script.sol";
 import "../src/EnsoShortcuts.sol";
+import "forge-std/Script.sol";
 
 contract Deployer is Script {
-    mapping(uint => address) socketReceivers;
+    mapping(uint256 => address) socketReceivers;
 
     constructor() {
         // Ethereum
@@ -21,10 +21,10 @@ contract Deployer is Script {
         socketReceivers[137] = 0x8DfeB2e0B392f0033C8685E35FB4763d88a70d12;
 
         // Arbitrum
-        socketReceivers[42161] = 0x88616cB9499F32Ff6A784B66B60aABF0bCf0df39;
+        socketReceivers[42_161] = 0x88616cB9499F32Ff6A784B66B60aABF0bCf0df39;
 
         // Avalanche
-        socketReceivers[43114] = 0x83b2cda6A33128324ee9cb2f0360bA8a42Cec2C6;
+        socketReceivers[43_114] = 0x83b2cda6A33128324ee9cb2f0360bA8a42Cec2C6;
     }
 
     function run() public returns (EnsoShortcuts socketEnsoShortcuts) {
@@ -33,8 +33,6 @@ contract Deployer is Script {
         address socketReceiver = socketReceivers[block.chainid];
 
         vm.broadcast(deployerPrivateKey);
-        socketEnsoShortcuts = new EnsoShortcuts{salt: "SocketEnsoShortcuts"}(
-            socketReceiver
-        );
+        socketEnsoShortcuts = new EnsoShortcuts{ salt: "SocketEnsoShortcuts" }(socketReceiver);
     }
-}
+}

script/StargateDeployer.s.sol

@@ -5,7 +5,7 @@ import "../src/bridge/StargateV2Receiver.sol";
 import "forge-std/Script.sol";
 
 contract StargateDeployer is Script {
-    function run() public returns (address stargateHelper, address endpoint) {
+    function run() public returns (address stargateHelper, address endpoint, address router) {
         uint256 deployerPrivateKey = vm.envUint("PRIVATE_KEY");
 
         vm.startBroadcast(deployerPrivateKey);
@@ -14,19 +14,25 @@ contract StargateDeployer is Script {
 
         if (chainId == 324) {
             endpoint = 0xd07C30aF3Ff30D96BDc9c6044958230Eb797DDBF; // zksync
+            router = 0x1BD8CefD703CF6b8fF886AD2E32653C32bc62b5C;
         } else if (chainId == 130 || chainId == 146 || chainId == 480 || chainId == 80_094) {
             endpoint = 0x6F475642a6e85809B1c36Fa62763669b1b48DD5B; // unichain, sonic, worldchain, berachain
+            router = 0xF75584eF6673aD213a685a1B58Cc0330B8eA22Cf;
         } else if (chainId == 57_073) {
             endpoint = 0xca29f3A6f966Cb2fc0dE625F8f325c0C46dbE958; // ink
+            router = 0xF75584eF6673aD213a685a1B58Cc0330B8eA22Cf;
         } else if (chainId == 1868) {
             endpoint = 0x4bCb6A963a9563C33569D7A512D35754221F3A19; // soneium
+            router = 0xF75584eF6673aD213a685a1B58Cc0330B8eA22Cf;
         } else if (chainId == 999) {
             endpoint = 0x3A73033C0b1407574C76BdBAc67f126f6b4a9AA9; // hyper
+            router = 0xF75584eF6673aD213a685a1B58Cc0330B8eA22Cf;
         } else {
             endpoint = 0x1a44076050125825900e736c501f859c50fE728c; // default
+            router = 0xF75584eF6673aD213a685a1B58Cc0330B8eA22Cf;
         }
 
-        stargateHelper = address(new StargateV2Receiver{ salt: "StargateV2Receiver" }(endpoint));
+        stargateHelper = address(new StargateV2Receiver{ salt: "StargateV2Receiver" }(endpoint, router, 100000));
 
         vm.stopBroadcast();
     }

script/UniswapV4Deployer.s.sol

@@ -1,8 +1,8 @@
 // SPDX-License-Identifier: UNLICENSED
 pragma solidity ^0.8.28;
 
-import "forge-std/Script.sol";
 import "../src/helpers/UniswapV4Helpers.sol";
+import "forge-std/Script.sol";
 
 contract UniswapV4Deployer is Script {
     function run() public returns (UniswapV4Helpers uniswapV4Helpers, address poolManager) {
@@ -28,17 +28,17 @@ contract UniswapV4Deployer is Script {
             poolManager = 0x360E68faCcca8cA495c1B759Fd9EEe466db9FB32;
         } else if (chainId == 8453) {
             poolManager = 0x498581fF718922c3f8e6A244956aF099B2652b2b;
-        } else if (chainId == 42161) {
+        } else if (chainId == 42_161) {
             poolManager = 0x360E68faCcca8cA495c1B759Fd9EEe466db9FB32;
-        } else if (chainId == 43114) {
+        } else if (chainId == 43_114) {
             poolManager = 0x06380C0e0912312B5150364B9DC4542BA0DbBc85;
-        } else if (chainId == 57073) {
+        } else if (chainId == 57_073) {
             poolManager = 0x360E68faCcca8cA495c1B759Fd9EEe466db9FB32;
         } else {
             revert("No pool manager");
         }
 
-        uniswapV4Helpers = new UniswapV4Helpers{salt: "UniswapV4Helpers"}(poolManager);
+        uniswapV4Helpers = new UniswapV4Helpers{ salt: "UniswapV4Helpers" }(poolManager);
 
         vm.stopBroadcast();
     }

src/bridge/StargateV2Receiver.sol

@@ -4,54 +4,117 @@ pragma solidity ^0.8.28;
 import { OFTComposeMsgCodec } from "@layerzerolabs/lz-evm-oapp-v2/contracts/oft/libs/OFTComposeMsgCodec.sol";
 import { ILayerZeroComposer } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroComposer.sol";
 
-import { VM } from "enso-weiroll/VM.sol";
+import { Ownable } from "openzeppelin-contracts/access/Ownable.sol";
 import { IERC20, SafeERC20 } from "openzeppelin-contracts/token/ERC20/utils/SafeERC20.sol";
 
-contract StargateV2Receiver is VM, ILayerZeroComposer {
+interface IRouter {
+    enum TokenType {
+        Native,
+        ERC20,
+        ERC721,
+        ERC1155
+    }
+
+    struct Token {
+        TokenType tokenType;
+        bytes data;
+    }
+
+    function routeSingle(
+        Token calldata tokenIn,
+        bytes calldata data
+    )
+        external
+        payable
+        returns (bytes memory response);
+}
+
+contract StargateV2Receiver is Ownable, ILayerZeroComposer {
     using OFTComposeMsgCodec for bytes;
     using SafeERC20 for IERC20;
 
     address private constant _NATIVE_ASSET = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
 
+    IRouter public immutable router;
     address public immutable endpoint;
 
-    event ShortcutExecutionSuccessful(bytes32 guid, bytes32 requestId);
-    event ShortcutExecutionFailed(bytes32 guid, bytes32 requestId);
+    uint256 public immutable reserveGas;
+
+    event ShortcutExecutionSuccessful(bytes32 guid);
+    event ShortcutExecutionFailed(bytes32 guid);
+    event InsufficientGas(bytes32 guid);
 
     error NotEndpoint(address sender);
     error NotSelf();
-    error TransferFailed(bytes32 guid, address receiver);
+    error TransferFailed(address receiver);
 
-    constructor(address _endpoint) {
+    constructor(address _endpoint, address _router, uint256 _reserveGas) Ownable(msg.sender) {
+        router = IRouter(_router);
         endpoint = _endpoint;
+        reserveGas = _reserveGas;
     }
 
+    // layer zero callback
     function lzCompose(address, bytes32 _guid, bytes calldata _message, address, bytes calldata) external payable {
         if (msg.sender != endpoint) revert NotEndpoint(msg.sender);
 
+        uint256 amount = _message.amountLD();
         bytes memory composeMsg = _message.composeMsg();
-        (address token, address receiver, bytes32 requestId, bytes32[] memory commands, bytes[] memory state) =
-            abi.decode(composeMsg, (address, address, bytes32, bytes32[], bytes[]));
-
-        // try to execute shortcut
-        try this.execute(commands, state) {
-            emit ShortcutExecutionSuccessful(_guid, requestId);
-        } catch {
-            // if shortcut fails send funds to receiver
-            emit ShortcutExecutionFailed(_guid, requestId);
-            uint256 amount = _message.amountLD();
-            if (token == _NATIVE_ASSET) {
-                (bool success,) = receiver.call{ value: amount }("");
-                if (!success) revert TransferFailed(_guid, receiver);
-            } else {
-                IERC20(token).safeTransfer(receiver, amount);
+        (address token, address receiver, bytes memory shortcutData) = abi.decode(composeMsg, (address, address, bytes));
+
+        uint256 availableGas = gasleft();
+        if (availableGas < reserveGas) {
+            emit InsufficientGas(_guid);
+            _transfer(token, receiver, amount);
+        } else {
+            // try to execute shortcut
+            try this.execute{ gas: availableGas - reserveGas }(token, amount, shortcutData) {
+                emit ShortcutExecutionSuccessful(_guid);
+            } catch {
+                // if shortcut fails send funds to receiver
+                emit ShortcutExecutionFailed(_guid);
+                _transfer(token, receiver, amount);
             }
         }
+        
     }
 
-    function execute(bytes32[] calldata commands, bytes[] memory state) public {
+    // execute shortcut using router
+    function execute(address token, uint256 amount, bytes calldata data) public {
         if (msg.sender != address(this)) revert NotSelf();
-        _execute(commands, state);
+        IRouter.Token memory tokenIn;
+        uint256 value;
+        if (token == _NATIVE_ASSET) {
+            tokenIn = IRouter.Token(IRouter.TokenType.Native, abi.encode(amount));
+            value = amount;
+        } else {
+            tokenIn = IRouter.Token(IRouter.TokenType.ERC20, abi.encode(token, amount));
+            IERC20(token).forceApprove(address(router), amount);
+        }
+        router.routeSingle{ value: value }(tokenIn, data);
+    }
+
+    // sweep funds to the contract owner in order to refund user
+    function sweep(address[] memory tokens) external onlyOwner {
+        address receiver = owner();
+        address token;
+        for (uint256 i = 0; i < tokens.length; ++i) {
+            token = tokens[i];
+            _transfer(token, receiver, _balance(token));
+        }
+    }
+
+    function _transfer(address token, address receiver, uint256 amount) internal {
+        if (token == _NATIVE_ASSET) {
+            (bool success,) = receiver.call{ value: amount }("");
+            if (!success) revert TransferFailed(receiver);
+        } else {
+            IERC20(token).safeTransfer(receiver, amount);
+        }
+    }
+
+    function _balance(address token) internal view returns (uint256 balance) {
+        balance = token == _NATIVE_ASSET ? address(this).balance : IERC20(token).balanceOf(address(this));
     }
 
     receive() external payable { }

src/helpers/UniswapV4Helpers.sol

@@ -212,7 +212,17 @@ contract UniswapV4Helpers {
         returns (bytes memory)
     {
         return encodeMintFromDeltasWithHooks(
-            currency0, currency1, fee, tickSpacing, tickLower, tickUpper, amount0Max, amount1Max, recipient, refund, address(0)
+            currency0,
+            currency1,
+            fee,
+            tickSpacing,
+            tickLower,
+            tickUpper,
+            amount0Max,
+            amount1Max,
+            recipient,
+            refund,
+            address(0)
         );
     }
 }

src/helpers/Verifier.sol

@@ -7,48 +7,36 @@ contract Verifier {
         bytes32[] memory commands,
         bytes[] memory state,
         bytes memory signature
-    ) public pure returns (bool) {
+    )
+        public
+        pure
+        returns (bool)
+    {
         bytes32 messageHash = getMessageHash(commands, state);
         bytes32 ethSignedMessageHash = getEthSignedMessageHash(messageHash);
 
         return recoverSigner(ethSignedMessageHash, signature) == signer;
     }
 
-    function getMessageHash(
-        bytes32[] memory commands,
-        bytes[] memory state
-    ) public pure returns (bytes32) {
+    function getMessageHash(bytes32[] memory commands, bytes[] memory state) public pure returns (bytes32) {
         return keccak256(abi.encode(commands, state));
     }
 
-    function getEthSignedMessageHash(bytes32 messageHash)
-        public
-        pure
-        returns (bytes32)
-    {
+    function getEthSignedMessageHash(bytes32 messageHash) public pure returns (bytes32) {
         /*
         Signature is produced by signing a keccak256 hash with the following format:
         "\x19Ethereum Signed Message\n" + len(msg) + msg
         */
-        return keccak256(
-            abi.encodePacked("\x19Ethereum Signed Message:\n32", messageHash)
-        );
+        return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", messageHash));
     }
 
-    function recoverSigner(
-        bytes32 ethSignedMessageHash,
-        bytes memory signature
-    ) internal pure returns (address) {
+    function recoverSigner(bytes32 ethSignedMessageHash, bytes memory signature) internal pure returns (address) {
         (bytes32 r, bytes32 s, uint8 v) = splitSignature(signature);
 
         return ecrecover(ethSignedMessageHash, v, r, s);
     }
 
-    function splitSignature(bytes memory sig)
-        internal
-        pure
-        returns (bytes32 r, bytes32 s, uint8 v)
-    {
+    function splitSignature(bytes memory sig) internal pure returns (bytes32 r, bytes32 s, uint8 v) {
         require(sig.length == 65, "invalid signature length");
 
         assembly {
@@ -71,4 +59,4 @@ contract Verifier {
 
         // implicitly return (r, s, v)
     }
-}
+}