Seaport v1.5

[0age]

This PR fixes a minor bug, introduced in Seaport v1.3, that causes the amount parameter on spent offer item amounts reported to zones and contract offerers to be overwritten by the recipient address on spent offer items with excess (or unspent) item amounts when using match or fulfillAvailable methods.

As part of these combined fulfillment methods, Seaport iterates over each supplied order and asserts that all consideration item amounts have been fully met while also checking for unspent offer item amounts. If an unspent offer item amount is located, it typecasts the offer item in-place to a received item and writes the designated recipient to memory, overwriting the endAmount parameter on the offer item, and uses that received item to perform a transfer, sending the excess offer item amounts to the designated recipient.

Once all transfers have been fully processed, Seaport then iterates over each supplied order another time and performs a call to validateOrder on the zone (for restricted orders) or ratifyOrder on the offerer (for contract orders), encoding the call based on the order data in memory. Specifically, the endAmount parameter is used to encode the amount for each item (the full amount is originally written to both startAmount and endAmount, but startAmount is used to debit offer items and credit consideration items during fulfillment). As offer items with excess item amounts have had this value overwritten with the recipient value, Seaport erroneously reports the amount on these offer items to the zone or contract offerer as being equal to the recipient address.

The fix proposed in this PR reads the endAmount value and places the result on the stack prior to overwriting it with the recipient value, then restores the original endAmount value immediately after performing the associated transfer.

Aside from this patch, the only change to the contracts in this PR is to bump the version to 1.5.

[codecov-commenter]

Codecov Report

Patch coverage: 100.00% and no project coverage change.

Comparison is base (b139397) 100.00% compared to head (5723c76) 100.00%.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files

@@            Coverage Diff            @@
##              main     #1015   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           46        46           
  Lines         2650      2652    +2     
  Branches       396       396           
=========================================
+ Hits          2650      2652    +2     

Flag	Coverage Δ
foundry	77.80% <75.00%> (-0.34%)	⬇️
production	100.00% <100.00%> (ø)
reference	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
contracts/Seaport.sol	100.00% <ø> (ø)
contracts/lib/Consideration.sol	100.00% <ø> (ø)
contracts/lib/OrderValidator.sol	100.00% <ø> (ø)
reference/ReferenceConsideration.sol	100.00% <ø> (ø)
reference/lib/ReferenceConsiderationBase.sol	100.00% <ø> (ø)
contracts/lib/ConsiderationBase.sol	100.00% <100.00%> (ø)
contracts/lib/ConsiderationDecoder.sol	100.00% <100.00%> (ø)
contracts/lib/OrderCombiner.sol	100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[0age]

Deployed: https://etherscan.io/address/0x00000000000000adc04c56bf30ac9d3c0aaf14dc#code

[d1ll0n]

🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥