forked from smartcontractkit/chainlink
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
KS-391: Capabilities registry reentrancy fix (smartcontractkit#13970)
* prevent malicious a node operator from taking over another node belonging to another node operator * prevent malicious node operator from becoming the admin for another node operator * prevent reentrancy when setting DON config * update wrappers and add changeset * fix solhint
- Loading branch information
Showing
7 changed files
with
137 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
--- | ||
"chainlink": patch | ||
--- | ||
|
||
#internal prevent reentrancy when configuring DON in Capabilities Registry |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
--- | ||
'@chainlink/contracts': patch | ||
--- | ||
|
||
#internal prevent reentrancy when configuring DON in capabilities registry |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
contracts/src/v0.8/keystone/test/mocks/MaliciousConfigurationContract.sol
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity 0.8.24; | ||
|
||
import {ICapabilityConfiguration} from "../../interfaces/ICapabilityConfiguration.sol"; | ||
import {CapabilitiesRegistry} from "../../CapabilitiesRegistry.sol"; | ||
import {ERC165} from "../../../vendor/openzeppelin-solidity/v4.8.3/contracts/utils/introspection/ERC165.sol"; | ||
import {Constants} from "../Constants.t.sol"; | ||
|
||
contract MaliciousConfigurationContract is ICapabilityConfiguration, ERC165, Constants { | ||
bytes32 internal s_capabilityWithConfigurationContractId; | ||
|
||
constructor(bytes32 capabilityWithConfigContractId) { | ||
s_capabilityWithConfigurationContractId = capabilityWithConfigContractId; | ||
} | ||
|
||
function getCapabilityConfiguration(uint32) external view returns (bytes memory configuration) { | ||
return bytes(""); | ||
} | ||
|
||
function beforeCapabilityConfigSet(bytes32[] calldata, bytes calldata, uint64, uint32) external { | ||
CapabilitiesRegistry.NodeParams[] memory nodes = new CapabilitiesRegistry.NodeParams[](2); | ||
bytes32[] memory hashedCapabilityIds = new bytes32[](1); | ||
|
||
hashedCapabilityIds[0] = s_capabilityWithConfigurationContractId; | ||
|
||
// Set node one's signer to another address | ||
nodes[0] = CapabilitiesRegistry.NodeParams({ | ||
nodeOperatorId: TEST_NODE_OPERATOR_ONE_ID, | ||
p2pId: P2P_ID, | ||
signer: NODE_OPERATOR_ONE_SIGNER_ADDRESS, | ||
hashedCapabilityIds: hashedCapabilityIds | ||
}); | ||
|
||
nodes[1] = CapabilitiesRegistry.NodeParams({ | ||
nodeOperatorId: TEST_NODE_OPERATOR_ONE_ID, | ||
p2pId: P2P_ID_THREE, | ||
signer: NODE_OPERATOR_THREE_SIGNER_ADDRESS, | ||
hashedCapabilityIds: hashedCapabilityIds | ||
}); | ||
|
||
CapabilitiesRegistry(msg.sender).updateNodes(nodes); | ||
} | ||
|
||
function supportsInterface(bytes4 interfaceId) public pure override returns (bool) { | ||
return interfaceId == this.getCapabilityConfiguration.selector ^ this.beforeCapabilityConfigSet.selector; | ||
} | ||
} |
2 changes: 1 addition & 1 deletion
2
core/gethwrappers/keystone/generated/capabilities_registry/capabilities_registry.go
Large diffs are not rendered by default.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
core/gethwrappers/keystone/generation/generated-wrapper-dependency-versions-do-not-edit.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
GETH_VERSION: 1.13.8 | ||
capabilities_registry: ../../../contracts/solc/v0.8.24/CapabilitiesRegistry/CapabilitiesRegistry.abi ../../../contracts/solc/v0.8.24/CapabilitiesRegistry/CapabilitiesRegistry.bin 6d2e3aa3a6f3aed2cf24b613743bb9ae4b9558f48a6864dc03b8b0ebb37235e3 | ||
capabilities_registry: ../../../contracts/solc/v0.8.24/CapabilitiesRegistry/CapabilitiesRegistry.abi ../../../contracts/solc/v0.8.24/CapabilitiesRegistry/CapabilitiesRegistry.bin bb794cc0042784b060d1d63090e2086670b88ba3685067cd436305f36054c82b | ||
feeds_consumer: ../../../contracts/solc/v0.8.24/KeystoneFeedsConsumer/KeystoneFeedsConsumer.abi ../../../contracts/solc/v0.8.24/KeystoneFeedsConsumer/KeystoneFeedsConsumer.bin 8c3a2b18a80be41e7c40d2bc3a4c8d1b5e18d55c1fd20ad5af68cebb66109fc5 | ||
forwarder: ../../../contracts/solc/v0.8.24/KeystoneForwarder/KeystoneForwarder.abi ../../../contracts/solc/v0.8.24/KeystoneForwarder/KeystoneForwarder.bin 45d9b866c64b41c1349a90b6764aee42a6d078b454d38f369b5fe02b23b9d16e | ||
ocr3_capability: ../../../contracts/solc/v0.8.24/OCR3Capability/OCR3Capability.abi ../../../contracts/solc/v0.8.24/OCR3Capability/OCR3Capability.bin 8bf0f53f222efce7143dea6134552eb26ea1eef845407b4475a0d79b7d7ba9f8 |