Add Governor signature nonces

[ernestognw]

Fixes LIB-895

This PR adds nonce and voter arguments to governor vote casting signatures with the following objectives:

• The nonce is added so that signatures can be invalidated.
• The voter address guarantees that a signature can't be forged for any random address.

PR Checklist

• Tests
• Documentation
• Changeset entry (run npx changeset add)

[changeset-bot]

🦋 Changeset detected

Latest commit: 2ae0a13

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
openzeppelin-solidity	Major

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[frangio]

To remove the initcode size warning that is causing the upgradeable tests to fail, we have to update the hardhat-ignore-warnings package to the latest version and add in the config:

    'contracts-exposed/**/*': {
      'code-size': 'off',
+     'initcode-size': 'off',
    },

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
hardhat-ignore-warnings	0.2.8...0.2.9	None	+0/-0	28.6 kB	frangio

[ernestognw]

@SocketSecurity ignore hardhat-ignore-warnings@0.2.9

[ernestognw]

CI is failing because the storage layout became incompatible by the addition of _nonces, but that's expected

[Amxx]

Very small comments about formating.

What I'm worried about is not the code, its the "breaking the voteBySig" without params.
The params part I don't really worry about, but the the without params might be breaking tally. Do we have info on that ?

[ernestognw]

Very small comments about formating.

What I'm worried about is not the code, its the "breaking the voteBySig" without params. The params part I don't really worry about, but the the without params might be breaking tally. Do we have info on that ?

We asked to Tally yesterday and they don't seem to have any major concerns 👍🏻

[frangio]

Minor comments and side notes.

[frangio]

This is changing the ERC-165 ids, i.e. removing the previously supported interfaces (correctly) and adding new ones. However, we've discussed before that ERC-165 is not a good fit for this contract so we should really think whether we want to continue using it and particularly adding new interfaces.

No need to change anything on this PR, but it is an unsolved question we need to address.

[Amxx]

This comment is relevant to #4360

[frangio]

Given that we are changing the signature of the castVoteBySig functions, what do you think about changing these arguments to bytes signature and using the opportunity to add EIP-1271 compatibility?

I don't think we should do this here so it's not a blocker for this PR.

[frangio]

This also aligns really well with the addition of the voter argument, which is needed for EIP-1271.

[ernestognw]

According to what we discussed, I'll add the signature changes and 1271 compatibility in a follow up PR

[Amxx]

LGTM,

+1 to frangio idea of changing the signature type and enabling ERC1271 in a followup PR.