Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bitcoin redeemer address validation #399

Merged
merged 10 commits into from
May 9, 2024
Merged

Bitcoin redeemer address validation #399

merged 10 commits into from
May 9, 2024

Conversation

nkuba
Copy link
Member

@nkuba nkuba commented May 7, 2024

The redeemer address passed to the tBTC Bridge in the redemption data was not validated. In this PR we enforce a check that the redeemer address is set to the token owner, so the funds
are not locked accidentally in case of tBTC redemption timeout.

nkuba added 5 commits May 7, 2024 12:37
@nkuba
Validate redeemer address included in the redemption data
f571025 
Redemption data passed to the bridge are not validated, we enforce a
check that the redeemer address is set to the token owner, so the funds
are not locked accidentially in case of tBTC redemption timeout.
@nkuba
Add unit tests to cover redeemer check
0531587
@nkuba
Add integration test for BitcoinRedeemer
8d05e80 
To test integration with the mainnet tBTC Bridge contracts for
redemptions we add the integration test.
@nkuba
Update forking block number for integration tests
219a982 
We update forking block number to match the block at which redemption
test data can be used.
@nkuba
Improve BitcoinRedeemer unit tests
36f3eae 
Introduce second depositor to test redemptions in the context of two
depositors to better check the expected results for reverts and amounts.
Introduce a test where a depositor wants to fully redeem their position.
@nkuba nkuba requested a review from dimpar May 7, 2024 11:52
@nkuba nkuba self-assigned this May 7, 2024
@netlify Netlify
Copy link

netlify bot commented May 7, 2024
edited
Loading

Deploy Preview for acre-dapp-testnet ready!

Name Link
🔨 Latest commit 42ff97b
🔍 Latest deploy log https://app.netlify.com/sites/acre-dapp-testnet/deploys/663cc444a89dd9000804249d
😎 Deploy Preview https://deploy-preview-399--acre-dapp-testnet.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

dimpar
dimpar reviewed May 9, 2024
View reviewed changes
solidity/contracts/BitcoinRedeemer.sol
tbtcRedemptionData,
(address, bytes20, bytes32, uint32, uint64, bytes)
);
if (redeemer != owner) revert RedeemerNotOwner(redeemer, owner);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Most likely I don't have a full picture, but is it possible an owner give an approval for redeemer to redeem it's shares?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The owner can set the redeemer to any address. If anything goes wrong with the tBTC redemption in tBTC Bridge, the redeemer address will receive the tBTC balance. In our case, we want to ensure the owner sets the redeemer address to themself, so they can recover the funds in case of a failure.

dimpar
dimpar reviewed May 9, 2024
View reviewed changes
solidity/contracts/BitcoinRedeemer.sol Outdated
@@ -58,6 +58,9 @@ contract BitcoinRedeemer is Ownable2StepUpgradeable, IReceiveApproval {
/// Attempted to call redeemSharesAndUnmint with unexpected tBTC token owner.
error UnexpectedTbtcTokenOwner();

/// Reverts if the redeemer address is zero.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be enough that a redeemer is not an owner, not necessarily a zero address.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

4c09a61

dimpar
dimpar reviewed May 9, 2024
View reviewed changes
solidity/contracts/BitcoinRedeemer.sol
tbtcRedemptionData,
(address, bytes20, bytes32, uint32, uint64, bytes)
);
if (redeemer != owner) revert RedeemerNotOwner(redeemer, owner);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we maybe move the validation above stbtc.redeem(...) to save on gas in case of a revert?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1cbece5

@dimpar dimpar merged commit 03dd59f into main May 9, 2024
25 checks passed
@dimpar dimpar deleted the bitcoin-redeemer-redeemer-address-validation branch May 9, 2024 12:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dimpar dimpar dimpar approved these changes

Assignees

@nkuba nkuba

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nkuba @dimpar