From b70cdec5421a58381441798819e535932036863f Mon Sep 17 00:00:00 2001 From: "david.ding" Date: Sat, 1 Jun 2024 16:13:49 +0800 Subject: [PATCH] fix applyChange2FA operation did not check whether pending2FAAddr existed --- contracts/hooks/2fa/Crypto2FAHook.sol | 3 ++- test/hooks/2fa/Crypto2FAHook.t.sol | 6 ++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/contracts/hooks/2fa/Crypto2FAHook.sol b/contracts/hooks/2fa/Crypto2FAHook.sol index 49806ca1..b41220c6 100644 --- a/contracts/hooks/2fa/Crypto2FAHook.sol +++ b/contracts/hooks/2fa/Crypto2FAHook.sol @@ -63,7 +63,8 @@ contract Crypto2FAHook is IHook { function applyChange2FA() external { User2FA storage _user2fa = user2FA[msg.sender]; - require(block.timestamp >= _user2fa.effectiveTime, "Time lock not expired"); + require(_user2fa.pending2FAAddr != address(0), "No pending change"); + require(_user2fa.effectiveTime > 0 && block.timestamp >= _user2fa.effectiveTime, "Time lock not expired"); _user2fa.wallet2FAAddr = _user2fa.pending2FAAddr; _user2fa.pending2FAAddr = address(0); _user2fa.effectiveTime = 0; diff --git a/test/hooks/2fa/Crypto2FAHook.t.sol b/test/hooks/2fa/Crypto2FAHook.t.sol index a69f03f5..3963cf58 100644 --- a/test/hooks/2fa/Crypto2FAHook.t.sol +++ b/test/hooks/2fa/Crypto2FAHook.t.sol @@ -101,4 +101,10 @@ contract Crypto2FAHookTest is Test, UserOpHelper { ops[0] = userOperation; soulWalletInstence.entryPoint().handleOps(ops, payable(walletOwner)); } + + function test_applyChange2faWithoutInitiateChange2FA() public { + vm.startPrank(address(soulWallet)); + vm.expectRevert("No pending change"); + crypto2FAHook.applyChange2FA(); + } }