feat: Add SafeERC20

[sohkai]

Required for aragon/aragon-apps#562.

Adds a SafeERC20 library that should be used to enhance ERC20 types. The safeTransfer(), safeTransferFrom(), and safeApprove() methods ensure standards-compliance (e.g. always returning a value) with different token interfaces in the wild.

Note that the change for VaultRecoverable.sol means every AragonApp is affected.

Bytecode comparison:

                               CODE DEPOSIT COST    DEPLOYED BYTES     INITIALIZATION BYTES
ACL.json                       49200 more gas       +246               0
APMRegistry.json               50600 more gas       +253               0
AppStub.json                   49000 more gas       +245               0
AppStub2.json                  49200 more gas       +246               0
AppStubConditionalRecovery.js… 49200 more gas       +246               0
AppStubDepositable.json        49200 more gas       +246               0
AragonApp.json                 49200 more gas       +246               0
ENSSubdomainRegistrar.json     47600 more gas       +238               0
EVMScriptRegistry.json         47600 more gas       +238               0
EVMScriptRegistryFactory.json  Same                 0                  +238
Kernel.json                    48600 more gas       +243               0
KernelConstantsMock.json       48600 more gas       +243               0
KernelDepositableMock.json     48600 more gas       +243               0
KernelPinnedStorageMock.json   48600 more gas       +243               0
KernelSetAppMock.json          48600 more gas       +243               0
MockScriptExecutorApp.json     47800 more gas       +239               0
Repo.json                      49000 more gas       +245               0
TestACLInterpreter.json        49200 more gas       +246               0
TokenMock.json                 202400 more gas      +1012              +13
UnsafeAppStub.json             49000 more gas       +245               0
UnsafeAppStubDepositable.json  49200 more gas       +246               0
UnsafeAragonApp.json           49200 more gas       +246               0
UnsafeAragonAppMock.json       49200 more gas       +246               0
UnsafeRepo.json                49000 more gas       +245               0
UpgradedKernel.json            48600 more gas       +243               0
VaultMock.json                 49200 more gas       +246               0

Warning: could not compare some contracts that might have been renamed or removed
  Missing from /Users/brett/Development/aragon/aragonOS/bytecode: GeneralERC20.json, SafeERC20.json, SafeERC20Mock.json, TokenReturnFalseMock.json, TokenReturnMissingMock.json

[sohkai]

Not sure if we should add this change at this moment—making sure the token transfer was successful is the right thing to do, but it's really only a problem for non-transferable tokens.

[bingen]

I think it's fine this way.

[coveralls]

Coverage increased (+0.006%) to 98.767% when pulling b26941b on safe-erc20 into c4e0fb1 on dev.

[bingen]

Nice job!

[bingen]

I would call it BrokenERC20 ;-)

[izqui]

I propose NotERC20 or ANERC20 ('accidentally not ERC20')

[izqui]

Really nice assembly 👏

[izqui]

Will review in detail closer to releasing this

[izqui]

👏👏👏👏👏

[izqui]

I like how by doing this optimization we save a few mload and mstore. Given that we read this memory just immediately after we should be okey using this memory address, but I always feel a little uneasy that something else may be counting on this memory space not changing.

[sohkai]

Something else may be counting on this memory space not changing

I really hope not... 0x00 - 0x3f is scratch space for doing keccaks, so you should never rely on storing something there unless you know you're going to retrieve it immediately.

[sohkai]

Actually it looks like the scratch space could be used by solidity even in-between inline assembly statements, so it's not safe to ever use (except for throwaway values). Will use the free memory pointer.

[izqui]

Maybe inherit from the GeneralERC20 interface?

[sohkai]

Don't think this is necessary, especially as the other token mocks wouldn't inherit from it.

[izqui]

I'm actually wondering whether all these 'safe' functions should provide a unified way to handle errors.

Right now depending on implementation details at the token level safeTransfer can either revert or return false to communicate that the transfer has failed. I think it would be a much better API if the call was really safe and it always returned false on transfer errors (by doing a raw rather than using the standard Solidity function calling syntax that just reverts on reverts).

[sohkai]

It turns out this is a micro optimization over switch. In particular, the docs say call will only ever return 1 on success, but everyone seems to use case 0 for revert (and everything else as success) and so this mimics that behaviour.

[sohkai]

@bingen @izqui Would be great if you could review SafeERC20 again, given the assembly changes for #469 (comment).

Turns out using call in assembly results in much, much smaller (~100 bytes) bytecode than address.call.

[bingen]

Looking good! Really nice job!!!

[bingen]

Where are these being used?

[sohkai]

Ah good catch, I must've copied those over from the safe_erc20 tests and not used them (since everything should revert in VaultDepositable)!

[izqui]

I would not use an implicit name return value for this, and I would explicitly have bool ret = false in the function body and then have an explicit return ret as it makes the function easier to understand