Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix dispute emit & revamp deposit xfer [SLT-295] [SLT-326] #3293

Merged
merged 2 commits into from
Oct 16, 2024

Conversation

parodime
Copy link
Collaborator

@parodime parodime commented Oct 15, 2024

gas optimized claim/refund transfers -- no longer using universalTransfer

dispute (& respective tests) switched to emitting relayer (as was always indicated by the output param label), not guard address.

storage-read optimizations to come in a follow-up PR

Summary by CodeRabbit

  • New Features

    • Enhanced dispute, refund, claim, and bridge functionalities for improved transaction management.
    • Implemented conditional logic for handling ETH and ERC20 token transfers.
  • Bug Fixes

    • Improved error handling and checks throughout the contract to ensure correct behavior under various conditions.
  • Documentation

    • Updated parameter names in function signatures for clarity and consistency.

@parodime parodime requested a review from ChiTimesChi as a code owner October 15, 2024 15:30
Copy link
Contributor

coderabbitai bot commented Oct 15, 2024

Walkthrough

The changes in this pull request focus on the FastBridgeV2 contract, enhancing the handling of bridge transactions, dispute resolution, refunds, and claims. Key modifications include updates to the dispute, refund, claim, bridge, and relay functions, with new logic for transferring tokens based on their type (ETH or ERC20) and improved error handling. Additionally, method signatures have been updated to reflect new parameters. The associated test contract has also been modified to rename a parameter for clarity.

Changes

File Change Summary
packages/contracts-rfq/contracts/FastBridgeV2.sol - Updated dispute function to capture disputedRelayer and modify emitted events.
- Altered refund logic to use conditional checks for ETH/ERC20 transfers, updating emitted events accordingly.
- Modified claim function for conditional token transfers and updated events.
- Refined bridge function to handle originFeeAmount correctly and adjusted event emissions.
- Clarified relay function logic for ETH/ERC20 transfers.
- Enhanced error handling throughout the contract.
- Method signatures updated for bridge, relay, claim, and prove functions.
packages/contracts-rfq/test/FastBridgeV2.Src.t.sol - Renamed guard parameter to relayer in expectBridgeProofDisputed function and updated all instances accordingly.
- Removed comments about previous parameter mislabeling for clarity.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant FastBridgeV2
    participant TokenContract

    User->>FastBridgeV2: initiateBridge(params)
    FastBridgeV2->>TokenContract: transferTokens()
    TokenContract-->>FastBridgeV2: confirmTransfer()
    FastBridgeV2->>User: emitBridgeEvent()
    
    User->>FastBridgeV2: disputeTransaction()
    FastBridgeV2->>FastBridgeV2: captureDisputedRelayer()
    FastBridgeV2->>User: emitDisputeEvent()

    User->>FastBridgeV2: requestRefund()
    FastBridgeV2->>TokenContract: conditionalTransfer()
    TokenContract-->>FastBridgeV2: confirmRefund()
    FastBridgeV2->>User: emitRefundEvent()

    User->>FastBridgeV2: claimCollateral()
    FastBridgeV2->>TokenContract: conditionalTransfer()
    TokenContract-->>FastBridgeV2: confirmClaim()
    FastBridgeV2->>User: emitClaimEvent()
Loading

Possibly related PRs

Suggested labels

size/m, M-deps, M-synapse-interface

Suggested reviewers

  • trajan0x
  • ChiTimesChi

Poem

In the realm of bridges wide,
Tokens dance, with joy and pride.
Disputes resolved, and refunds flow,
With every claim, our spirits grow.
A relayer's role, now clear and bright,
In FastBridgeV2, all feels just right! 🐇✨


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link

cloudflare-workers-and-pages bot commented Oct 15, 2024

Deploying sanguine-fe with  Cloudflare Pages  Cloudflare Pages

Latest commit: 099a4f5
Status: ✅  Deploy successful!
Preview URL: https://853d5e13.sanguine-fe.pages.dev
Branch Preview URL: https://ft-fixdisputeemit-revampdepo.sanguine-fe.pages.dev

View logs

Copy link

codecov bot commented Oct 15, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.52941%. Comparing base (99cf53e) to head (099a4f5).
Report is 11 commits behind head on master.

Additional details and impacted files
@@                 Coverage Diff                  @@
##              master       #3293          +/-   ##
====================================================
+ Coverage   35.14833%   91.52941%   +56.38108%     
====================================================
  Files             77          59          -18     
  Lines           2663        1275        -1388     
  Branches          82         160          +78     
====================================================
+ Hits             936        1167         +231     
+ Misses          1722         104        -1618     
+ Partials           5           4           -1     
Flag Coverage Δ
opbot ?
packages 90.44834% <ø> (ø)
solidity 95.98394% <100.00000%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link

github-actions bot commented Oct 15, 2024

Changes to gas cost

Generated at commit: 3bb8ae0a9a29b8a0ae5a8399ba42a31cacd8a7b2, compared to commit: fd75dbbbb6fec8ad2c35d5a16efb3a6a4812231a

🧾 Summary (50% most significant diffs)

Contract Method Avg (+/-) %
FastBridgeV2 claim(bytes)
claim(bytes,address)
dispute
refund
-76 ✅
-76 ✅
+150 ❌
-71 ✅
-0.15%
-0.14%
+0.48%
-0.14%

Full diff report 👇
Contract Deployment Cost (+/-) Method Min (+/-) % Avg (+/-) % Median (+/-) % Max (+/-) % # Calls (+/-)
FastBridgeV2 3,022,643 (+30,283) bridge
claim(bytes)
claim(bytes,address)
dispute
refund
relay(bytes)
relay(bytes,address)
70,606 (-80)
43,780 (-34)
46,633 (-34)
31,412 (+150)
47,657 (-28)
64,419 (0)
64,836 (0)
-0.11%
-0.08%
-0.07%
+0.48%
-0.06%
0.00%
0.00%
82,028 (-47)
50,759 (-76)
52,362 (-76)
31,412 (+150)
51,682 (-71)
70,978 (+5)
71,395 (+5)
-0.06%
-0.15%
-0.14%
+0.48%
-0.14%
+0.01%
+0.01%
82,666 (-75)
51,295 (-77)
52,898 (-77)
31,412 (+150)
51,843 (-70)
70,968 (+6)
71,385 (+6)
-0.09%
-0.15%
-0.15%
+0.48%
-0.13%
+0.01%
+0.01%
94,751 (-69)
58,775 (-119)
59,128 (-119)
31,412 (+150)
56,029 (-113)
80,323 (+11)
80,740 (+11)
-0.07%
-0.20%
-0.20%
+0.48%
-0.20%
+0.01%
+0.01%
260 (0)
6 (0)
6 (0)
6 (0)
12 (0)
6 (0)
6 (0)

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between b09b41c and ef5aa38.

📒 Files selected for processing (2)
  • packages/contracts-rfq/contracts/FastBridgeV2.sol (4 hunks)
  • packages/contracts-rfq/test/FastBridgeV2.Src.t.sol (6 hunks)
🧰 Additional context used
📓 Learnings (2)
📓 Common learnings
Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-10-14T14:45:57.214Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.
packages/contracts-rfq/contracts/FastBridgeV2.sol (1)
Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-10-14T14:45:57.214Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.
🔇 Additional comments (10)
packages/contracts-rfq/test/FastBridgeV2.Src.t.sol (6)

77-79: Approved: Improved consistency in dispute handling

The change from guard to relayer in the expectBridgeProofDisputed function signature and event emission aligns with the PR objectives. This modification enhances clarity and consistency in the contract's terminology, accurately reflecting the role of the relayer in the dispute process.


662-662: Approved: Consistent update in test case

The modification in the test_dispute_token function, changing from guard to relayer: relayerA in the expectBridgeProofDisputed call, is consistent with the earlier function signature update. This change ensures that the test case accurately reflects the new dispute handling process.


674-674: Approved: Consistent update in deadline-related test case

The change in the test_dispute_token_justBeforeDeadline function, updating the expectBridgeProofDisputed call to use relayer: relayerA, maintains consistency with the previous modifications. This ensures that the test case for disputing just before the deadline accurately reflects the updated dispute handling process.


686-686: Approved: Consistent update in ETH dispute test case

The modification in the test_dispute_eth function, changing the expectBridgeProofDisputed call to use relayer: relayerA, maintains consistency with the previous updates. This change ensures that the test case for disputing ETH transactions accurately reflects the new dispute handling process.


699-699: Approved: Consistent update in ETH dispute deadline test case

The change in the test_dispute_eth_justBeforeDeadline function, updating the expectBridgeProofDisputed call to use relayer: relayerA, maintains consistency with the previous modifications. This ensures that the test case for disputing ETH transactions just before the deadline accurately reflects the updated dispute handling process.


Line range hint 1-899: Summary: Consistent and focused updates to dispute handling

The changes in this file are well-focused and consistently update the dispute handling process to use 'relayer' instead of 'guard'. These modifications:

  1. Improve clarity and consistency in the contract's terminology.
  2. Accurately reflect the role of the relayer in the dispute process.
  3. Align with the PR objectives mentioned in the summary.
  4. Maintain existing functionality in other parts of the file.

These updates enhance the overall quality and readability of the test suite, ensuring it correctly represents the intended behavior of the FastBridgeV2 contract.

packages/contracts-rfq/contracts/FastBridgeV2.sol (4)

85-86: Correct use of disputedRelayer in dispute function.

Capturing the proofRelayer as disputedRelayer before resetting the proof fields ensures that the emitted event BridgeProofDisputed accurately reflects the relayer involved in the dispute. This enhances transparency and aligns with the intended event parameters.


93-93: Event emission properly reflects the disputed relayer.

The emit BridgeProofDisputed(transactionId, disputedRelayer); statement now uses disputedRelayer, ensuring the event accurately indicates the relayer whose proof is disputed.


174-177: Accurate calculation and deduction of protocol fees in bridge function.

The protocol fee is correctly calculated using the provided protocolFeeRate and deducted from originAmount. This ensures that the fee is appropriately handled and the relayers receive the correct amount.


316-322: Correct parameters used in BridgeDepositClaimed event emission.

The BridgeDepositClaimed event is emitted with the correct parameters, including transactionId, proofRelayer, to, originToken, and originAmount. This ensures that the event accurately reflects the details of the claimed deposit.

Comment on lines 118 to 123
if (transaction.originToken == UniversalTokenLib.ETH_ADDRESS) {
Address.sendValue(payable(transaction.originSender), amount);
} else {
IERC20(transaction.originToken).safeTransfer(transaction.originSender, amount);
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Potential reentrancy risk in refund function when transferring funds.

The refund function performs external calls to transfer ETH or ERC20 tokens back to the transaction.originSender without reentrancy protection. This could be exploited if the recipient is a contract with malicious fallback functions.

Consider adding the nonReentrant modifier from OpenZeppelin's ReentrancyGuard to the refund function to prevent reentrancy attacks.

Comment on lines 308 to 313
// transfer origin collateral to specified address (protocol fee was pre-deducted at deposit)
if (transaction.originToken == UniversalTokenLib.ETH_ADDRESS) {
Address.sendValue(payable(to), transaction.originAmount);
} else {
IERC20(transaction.originToken).safeTransfer(to, transaction.originAmount);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add reentrancy guard to claim function to enhance security.

The claim function updates the state and then performs external calls to transfer ETH or ERC20 tokens to the to address. Although state changes occur before the external calls, adding a nonReentrant modifier will provide additional protection against potential reentrancy attacks.

Copy link
Collaborator

@ChiTimesChi ChiTimesChi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Outlining a few nits, but other than that LGTM

Comment on lines 114 to 115
address to = transaction.originSender;
address token = transaction.originToken;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reading from memory just once should be more efficient, so let's get these two lines back?

Comment on lines 302 to 303
address token = transaction.originToken;
uint256 amount = transaction.originAmount;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here re: caching the values from memory onto the stack.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i thought that was already happening efficiently by the transaction struct being in mem (ie: anything accessed within it would be as efficient as repeating them into dedicated vars -- and more concise code)

will defer to your expertise & switch these back to dedicated vars


emit BridgeDepositClaimed(transactionId, bridgeTxDetails[transactionId].proofRelayer, to, token, amount);
// solhint-disable-next-line max-line-length
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This solhint directive is not really needed :)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah it was until i linted & it stacked the params for me. tx

@ChiTimesChi ChiTimesChi changed the title fix dispute emit & revamp deposit xfer [SLT-295] fix dispute emit & revamp deposit xfer [SLT-295] [SLT-326] Oct 15, 2024
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)
packages/contracts-rfq/contracts/FastBridgeV2.sol (2)

116-126: Improved refund handling for ETH and ERC20 tokens

The refund function has been updated to handle both ETH and ERC20 tokens correctly:

  1. ETH refunds now use Address.sendValue, which is a secure method for sending ETH.
  2. ERC20 refunds use the safeTransfer function from the SafeERC20 library.
  3. The BridgeDepositRefunded event now includes all necessary information about the refund.

These changes improve the security and flexibility of the refund process.

Consider adding a check to ensure that the contract has sufficient balance before attempting the transfer, especially for ETH refunds. This can prevent potential issues if the contract's balance is unexpectedly low.


313-326: Improved claim handling for ETH and ERC20 tokens

The claim function has been updated to handle both ETH and ERC20 tokens correctly:

  1. ETH claims now use Address.sendValue, which is a secure method for sending ETH.
  2. ERC20 claims use the safeTransfer function from the SafeERC20 library.
  3. The BridgeDepositClaimed event now includes all necessary information about the claim.

These changes improve the security and flexibility of the claim process.

Consider adding a check to ensure that the contract has sufficient balance before attempting the transfer, especially for ETH claims. This can prevent potential issues if the contract's balance is unexpectedly low.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between ef5aa38 and 099a4f5.

📒 Files selected for processing (1)
  • packages/contracts-rfq/contracts/FastBridgeV2.sol (4 hunks)
🧰 Additional context used
📓 Learnings (2)
📓 Common learnings
Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-10-14T14:45:57.214Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.
packages/contracts-rfq/contracts/FastBridgeV2.sol (1)
Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-10-14T14:45:57.214Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.
🔇 Additional comments (3)
packages/contracts-rfq/contracts/FastBridgeV2.sol (3)

85-86: Improved clarity and correctness in dispute handling

The changes in the dispute function enhance the clarity and correctness of the dispute process:

  1. Capturing the disputedRelayer before resetting the transaction status ensures the correct address is emitted in the event.
  2. The BridgeProofDisputed event now correctly emits the disputedRelayer instead of the sender's address.

These modifications improve the transparency and accuracy of the dispute mechanism.

Also applies to: 93-93


176-179: Improved protocol fee handling in bridge function

The changes in the bridge function enhance the protocol fee calculation and application:

  1. The protocol fee is now correctly calculated based on the original amount.
  2. The fee is deducted from the origin amount, ensuring that the amount used in the request is relevant for relayers.

This modification improves the accuracy of the bridging process and ensures proper fee handling.


314-318: Improved token transfer handling in relay function

The visible changes in the relay function show improved handling of token transfers:

  1. ETH transfers now use Address.sendValue, which is a secure method for sending ETH.
  2. ERC20 transfers use the safeTransfer function from the SafeERC20 library.

These changes enhance the security and correctness of the token transfer process during relay.

As the entire relay function has undergone significant changes, it's important to verify that all modifications are correct and maintain the intended functionality. Please run the following script to retrieve and analyze the full relay function:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants