Agent app: EVM

.travis.yml

@@ -27,15 +27,19 @@ env:
  - TASK=test:token-manager:app
  - TASK=test:vault
  - TASK=test:voting
+ - TASK=test:actor
  - TASK=coverage:finance
  - TASK=coverage:survey
  - TASK=coverage:token-manager
  - TASK=coverage:vault
  - TASK=coverage:voting
+ - TASK=coverage:actor
  - TASK=test:shared
 matrix:
  allow_failures:
  - env: TASK=coverage:finance
+install:
+ - travis_wait 60 npm install
 before_script:
  - npm prune
 script:

future-apps/actor/.solcover.js

@@ -0,0 +1,9 @@
+module.exports = {
+ norpc: true,
+ copyPackages: ['@aragon/os', '@aragon/apps-vault'],
+ skipFiles: [
+ 'test/TestImports.sol',
+ 'test/mocks/ExecutionTarget.sol',
+ 'test/mocks/FinanceMock.sol',
+ ]
+}

future-apps/actor/.soliumignore

@@ -0,0 +1 @@
+contracts/test

future-apps/actor/.soliumrc.json

@@ -0,0 +1,23 @@
+{
+ "extends": "solium:all",
+ "rules": {
+ "imports-on-top": ["error"],
+ "variable-declarations": ["error"],
+ "array-declarations": ["error"],
+ "operator-whitespace": ["error"],
+ "lbrace": ["error"],
+ "mixedcase": 0,
+ "camelcase": ["error"],
+ "uppercase": 0,
+ "no-empty-blocks": ["error"],
+ "no-unused-vars": ["error"],
+ "quotes": ["error"],
+ "indentation": 0,
+ "whitespace": ["error"],
+ "deprecated-suicide": ["error"],
+ "arg-overflow": ["error", 8],
+ "pragma-on-top": ["error"],
+ "security/enforce-explicit-visibility": ["error"],
+ "error-reason": 0
+ }
+}

future-apps/actor/arapp.json

@@ -0,0 +1,33 @@
+{
+ "environments": {
+ "default": {
+ "registry": "0x5f6f7e8cc7346a11ca2def8f827b7a0b612c56a1",
+ "appName": "actor.aragonpm.eth",
+ "network": "rpc"
+ },
+ "rinkeby": {
+ "registry": "0x98Df287B6C145399Aaa709692c8D308357bC085D",
+ "appName": "actor.aragonpm.eth",
+ "network": "rinkeby"
+ },
+ "staging": {
+ "registry": "0xfe03625ea880a8cba336f9b5ad6e15b0a3b5a939",
+ "appName": "actor.aragonpm.eth",
+ "network": "rinkeby"
+ },
+ "mainnet": {
+ "registry": "0x314159265dd8dbb310642f98f50c066173c1259b",
+ "appName": "actor.aragonpm.eth",
+ "network": "mainnet"
+ },
+ "rinkeby-old": {
+ "registry": "0xfbae32d1cde62858bc45f51efc8cc4fa1415447e",
+ "appName": "actor.aragonpm.eth",
+ "network": "rinkeby"
+ }
+ },
+ "roles": [
+ TODO
+ ],
+ "path": "contracts/Actor.sol"
+}

future-apps/actor/contracts/.npmignore

@@ -0,0 +1 @@
+/test

future-apps/actor/contracts/Actor.sol

@@ -0,0 +1,184 @@
+/*
+ * SPDX-License-Identitifer: GPL-3.0-or-later
+ */
+
+pragma solidity 0.4.24;
+
+import "./SignatureValidator.sol";
+import "./standards/IERC165.sol";
+import "./standards/IERC1271.sol";
+
+import "@aragon/apps-vault/contracts/Vault.sol";
+
+import "@aragon/os/contracts/common/IForwarder.sol";
+
+
+contract Actor is Vault, IERC165, IERC1271, IForwarder {
+ bytes32 public constant EXECUTE_ROLE = keccak256("EXECUTE_ROLE");
+ bytes32 public constant RUN_SCRIPT_ROLE = keccak256("RUN_SCRIPT_ROLE");
+ bytes32 public constant PRESIGN_HASH_ROLE = keccak256("PRESIGN_HASH_ROLE");
+ bytes32 public constant DESIGNATE_SIGNER_ROLE = keccak256("DESIGNATE_SIGNER_ROLE");
+
+ bytes4 public constant ISVALIDSIG_INTERFACE_ID = 0xabababab; // TODO: Add actual interfaceId
+
+ string private constant ERROR_EXECUTE_ETH_NO_DATA = "VAULT_EXECUTE_ETH_NO_DATA";
+ string private constant ERROR_EXECUTE_TARGET_NOT_CONTRACT = "VAULT_EXECUTE_TARGET_NOT_CONTRACT";
+
+ uint256 internal constant STATICCALL_MAX_GAS = 50000;
+
+ mapping (bytes32 => bool) public isPresigned;
+ address public designatedSigner;
+
+ event Execute(address indexed sender, address indexed target, uint256 ethValue, bytes data);
+ event PresignHash(address indexed sender, bytes32 indexed hash);
+ event SetDesignatedSigner(address indexed sender, address indexed oldSigner, address indexed newSigner);
+
+ // TODO: requires the @decodeData helper to be implemented in radspec
+ /**
+ * @notice Execute `@decodeData(target, data)` on `target` `ethValue == 0 ? '' : '(Sending' + @formatToken(ethValue, ETH) + ')'`.
+ * @param _target Address where the action is being executed
+ * @param _ethValue Amount of ETH from the contract that is sent with the action
+ * @param _data Calldata for the action
+ * @return Exits call frame forwarding the return data of the executed call (either error or success data)
+ */
+ function execute(address _target, uint256 _ethValue, bytes _data)
+ external // This function MUST always be external as the function performs a low level return, exiting the Actor app execution context
+ authP(EXECUTE_ROLE, arr(_target, _ethValue, uint256(getSig(_data)))) // TODO: Test that sig bytes are the least significant bytes
+ {
+ require(_ethValue == 0 || _data.length > 0, ERROR_EXECUTE_ETH_NO_DATA); // if ETH value is sent, there must be data
+ require(isContract(_target), ERROR_EXECUTE_TARGET_NOT_CONTRACT);
+
+ bool result = _target.call.value(_ethValue)(_data);
+
+ if (result) {
+ emit Execute(msg.sender, _target, _ethValue, _data);
+ }
+
+ assembly {
+ let size := returndatasize
+ let ptr := mload(0x40)
+ returndatacopy(ptr, 0, size)
+
+ // revert instead of invalid() bc if the underlying call failed with invalid() it already wasted gas.
+ // if the call returned error data, forward it
+ switch result case 0 { revert(ptr, size) }
+ default { return(ptr, size) }
+ }
+ }
+
+ function setDesignatedSigner(address _designatedSigner)
+ external
+ authP(DESIGNATE_SIGNER_ROLE, arr(_designatedSigner))
+ {
+ address oldDesignatedSigner = designatedSigner;
+ designatedSigner = _designatedSigner;
+
+ emit SetDesignatedSigner(msg.sender, oldDesignatedSigner, _designatedSigner);
+ }
+
+ function presignHash(bytes32 _hash)
+ external
+ authP(PRESIGN_HASH_ROLE, arr(_hash))
+ {
+ isPresigned[_hash] = true;
+
+ emit PresignHash(msg.sender, _hash);
+ }
+
+ function isForwarder() external pure returns (bool) {
+ return true;
+ }
+
+ function supportsInterface(bytes4 interfaceId) external pure returns (bool) {
+ return interfaceId == ISVALIDSIG_INTERFACE_ID;
+ }
+
+ function forward(bytes _evmScript)
+ public
+ authP(RUN_SCRIPT_ROLE, arr(getScriptACLParam(_evmScript)))
+ {
+ bytes memory input = ""; // no input
+ address[] memory blacklist = new address[](0); // no addr blacklist, can interact with anything
+ runScript(_evmScript, input, blacklist);
+ // We don't need to emit an event here as EVMScriptRunner will emit ScriptResult if successful
+ }
+
+ function isValidSignature(bytes data, bytes signature) public view returns (bool) {
+ return isValidSignature(keccak256(data), signature);
+ }
+
+ function isValidSignature(bytes32 hash, bytes signature) public view returns (bool) {
+ // Short-circuit in case the hash was presigned. Optimization as performing calls
+ // and ecrecover is more expensive than an SLOAD.
+ if (isPresigned[hash]) {
+ return true;
+ }
+
+ // Checks if designatedSigner is a contract, and if it supports the isValidSignature interface
+ if (safeSupportsInterface(IERC165(designatedSigner), ISVALIDSIG_INTERFACE_ID)) {
+ // designatedSigner.isValidSignature(hash, signature) as a staticall
+ IERC1271 signerContract = IERC1271(designatedSigner);
+ bytes memory calldata = abi.encodeWithSelector(signerContract.isValidSignature.selector, hash, signature);
+ return safeBoolStaticCall(signerContract, calldata);
+ }
+
+ // `safeSupportsInterface` returns false if designatedSigner is a contract but it
+ // doesn't support the interface. Here we check the validity of the ECDSA sig
+ // which will always fail if designatedSigner is not an EOA
+
+ return SignatureValidator.isValidSignature(hash, designatedSigner, signature);
+ }
+
+ function canForward(address sender, bytes evmScript) public view returns (bool) {
+ uint256[] memory params = new uint256[](1);
+ params[0] = getScriptACLParam(evmScript);
+ return canPerform(sender, RUN_SCRIPT_ROLE, params);
+ }
+
+ function safeSupportsInterface(IERC165 target, bytes4 interfaceId) internal view returns (bool) {
+ if (!isContract(target)) {
+ return false;
+ }
+
+ bytes memory calldata = abi.encodeWithSelector(target.supportsInterface.selector, interfaceId);
+ return safeBoolStaticCall(target, calldata);
+ }
+
+ function safeBoolStaticCall(address target, bytes calldata) internal view returns (bool) {
+ uint256 gasLeft = gasleft();
+
+ uint256 callGas = gasLeft > STATICCALL_MAX_GAS ? STATICCALL_MAX_GAS : gasLeft;
+ bool ok;
+ assembly {
+ ok := staticcall(callGas, target, add(calldata, 0x20), mload(calldata), 0, 0)
+ }
+
+ if (!ok) {
+ return false;
+ }
+
+ uint256 size;
+ assembly { size := returndatasize }
+ if (size != 32) {
+ return false;
+ }
+
+ bool result;
+ assembly {
+ let ptr := mload(0x40) // get next free memory ptr
+ returndatacopy(ptr, 0, size) // copy return from above `staticcall`
+ result := mload(ptr) // read data at ptr and set it to result
+ mstore(ptr, 0) // set pointer memory to 0 so it still is the next free ptr
+ }
+
+ return result;
+ }
+
+ function getScriptACLParam(bytes evmScript) internal pure returns (uint256) {
+ return uint256(keccak256(abi.encodePacked(evmScript)));
+ }
+
+ function getSig(bytes data) internal pure returns (bytes4 sig) {
+ assembly { sig := add(data, 0x20) }
+ }
+}

future-apps/actor/contracts/SignatureValidator.sol

@@ -0,0 +1,43 @@
+pragma solidity ^0.4.18;
+
+// From github.com/DexyProject/protocol
+// This should probably be moved into aOS: https://github.com/aragon/aragonOS/pull/442
+
+
+library SignatureValidator {
+ // Maybe use 0x's IDs
+ enum SignatureMode {
+ EIP712,
+ GETH,
+ TREZOR
+ }
+
+ /// @dev Validates that a hash was signed by a specified signer.
+ /// @param hash Hash which was signed.
+ /// @param signer Address of the signer.
+ /// @param signature ECDSA signature along with the mode (0 = EIP712, 1 = Geth, 2 = Trezor) {mode}{v}{r}{s}.
+ /// @return Returns whether signature is from a specified user.
+ function isValidSignature(bytes32 hash, address signer, bytes signature) internal pure returns (bool) {
+ if (signature.length != 66) {
+ return false;
+ }
+
+ SignatureMode mode = SignatureMode(uint8(signature[0]));
+
+ uint8 v = uint8(signature[1]);
+ bytes32 r;
+ bytes32 s;
+ assembly {
+ r := mload(add(signature, 34))
+ s := mload(add(signature, 66))
+ }
+
+ if (mode == SignatureMode.GETH) {
+ hash = keccak256("\x19Ethereum Signed Message:\n32", hash);
+ } else if (mode == SignatureMode.TREZOR) {
+ hash = keccak256("\x19Ethereum Signed Message:\n\x20", hash);
+ }
+
+ return ecrecover(hash, v, r, s) == signer;
+ }
+}

future-apps/actor/contracts/standards/IERC1271.sol

@@ -0,0 +1,7 @@
+pragma solidity 0.4.24;
+
+
+interface IERC1271 {
+ // TODO: Standard is not finalized, discussion: https://github.com/ethereum/EIPs/issues/1271
+ function isValidSignature(bytes32 hash, bytes signature) public view returns (bool);
+}

future-apps/actor/contracts/standards/IERC165.sol

@@ -0,0 +1,6 @@
+pragma solidity 0.4.24;
+
+
+interface IERC165 {
+ function supportsInterface(bytes4 interfaceId) external pure returns (bool);
+}

future-apps/actor/contracts/test/TestImports.sol

@@ -0,0 +1,28 @@
+pragma solidity 0.4.24;
+
+import "@aragon/os/contracts/acl/ACL.sol";
+import "@aragon/os/contracts/apps/AppProxyBase.sol";
+import "@aragon/os/contracts/factory/DAOFactory.sol";
+import "@aragon/os/contracts/kernel/Kernel.sol";
+import "@aragon/os/contracts/kernel/KernelProxy.sol";
+
+import "@aragon/apps-shared-migrations/contracts/Migrations.sol";
+
+// You might think this file is a bit odd, but let me explain.
+// We only use some contracts in our tests, which means Truffle
+// will not compile it for us, because it is from an external
+// dependency.
+//
+// We are now left with three options:
+// - Copy/paste these contracts
+// - Run the tests with `truffle compile --all` on
+// - Or trick Truffle by claiming we use it in a Solidity test
+//
+// You know which one I went for.
+
+
+contract TestImports {
+ constructor() public {
+ // to avoid lint error
+ }
+}