Address audit comments

- Emit event when Tornado ownership changes - Disallow setting feeToSetter to 0 address - Disallow setting feeTo to 0 address - Use more SafeMath - Set MIN_PROTOCOL_FEE_DIVISOR to constant - Add additional unit tests
2025-05-12 11:12:33 -04:00 · 2021-04-17 21:09:03 -07:00 · 2021-04-17 21:09:03 -07:00 · 0450c4aa1b
commit 0450c4aa1b
parent b19b1fe600
4 changed files with 40 additions and 15 deletions
--- a/contracts/ERC20Tornado.sol
+++ b/contracts/ERC20Tornado.sol
@ -42,10 +42,10 @@ contract ERC20Tornado is Tornado {
    bool feeOn = feeTo != address(0) && protocolFeeDivisor != 0;
    if (feeOn) {
      uint256 protocolFee = SafeMath.div(denomination, protocolFeeDivisor);
-      _safeErc20Transfer(_recipient, denomination - _relayer_fee - protocolFee);
+      _safeErc20Transfer(_recipient, SafeMath.sub(denomination, SafeMath.add(_relayer_fee, protocolFee)));
      _safeErc20Transfer(feeTo, protocolFee);
    } else {
-      _safeErc20Transfer(_recipient, denomination - _relayer_fee);
+      _safeErc20Transfer(_recipient, SafeMath.sub(denomination, _relayer_fee));
    }

    if (_relayer_fee > 0) {
--- a/contracts/FeeManager.sol
+++ b/contracts/FeeManager.sol
@ -2,7 +2,7 @@ pragma solidity 0.5.17;

 contract FeeManager {
  // Maximum fee of 0.5%
-  uint256 public MIN_PROTOCOL_FEE_DIVISOR = 200;
+  uint256 constant public MIN_PROTOCOL_FEE_DIVISOR = 200;

  address public feeTo;
  address public feeToSetter;
@ -10,27 +10,28 @@ contract FeeManager {

  constructor(address _feeToSetter) public {
    feeToSetter = _feeToSetter;
-    protocolFeeDivisor = 0;
  }

  function setFeeTo(address _feeTo) external {
-      require(msg.sender == feeToSetter, 'Poof: FORBIDDEN');
+      require(msg.sender == feeToSetter, 'FeeManager: FORBIDDEN');
+      require(_feeTo != address(0), 'FeeManager: new feeTo is the zero address');
      feeTo = _feeTo;
  }

  function setFeeToSetter(address _feeToSetter) external {
-      require(msg.sender == feeToSetter, 'Poof: FORBIDDEN');
+      require(msg.sender == feeToSetter, 'FeeManager: FORBIDDEN');
+      require(_feeToSetter != address(0), 'FeeManager: new feeToSetter is the zero address');
      feeToSetter = _feeToSetter;
  }

  function setProtocolFeeDivisor(uint256 _protocolFeeDivisor) external {
-      require(msg.sender == feeToSetter, 'Poof: FORBIDDEN');
-      require(_protocolFeeDivisor >= MIN_PROTOCOL_FEE_DIVISOR, 'Poof: Protocol fee too high');
+      require(msg.sender == feeToSetter, 'FeeManager: FORBIDDEN');
+      require(_protocolFeeDivisor >= MIN_PROTOCOL_FEE_DIVISOR, 'FeeManager: Protocol fee too high');
      protocolFeeDivisor = _protocolFeeDivisor;
  }

  function clearFee() external {
-      require(msg.sender == feeToSetter, 'Poof: FORBIDDEN');
+      require(msg.sender == feeToSetter, 'FeeManager: FORBIDDEN');
      protocolFeeDivisor = 0;
  }
 }
--- a/contracts/Tornado.sol
+++ b/contracts/Tornado.sol
@ -30,6 +30,7 @@ contract Tornado is MerkleTreeWithHistory, ReentrancyGuard {

  event Deposit(bytes32 indexed commitment, uint32 leafIndex, uint256 timestamp);
  event Withdrawal(address to, bytes32 nullifierHash, address indexed relayer, uint256 fee);
+  event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);

  /**
    @dev The constructor
@ -116,6 +117,7 @@ contract Tornado is MerkleTreeWithHistory, ReentrancyGuard {

  /** @dev operator can change his address */
  function changeOperator(address _newOperator) external onlyOperator {
+    emit OwnershipTransferred(operator, _newOperator);
    operator = _newOperator;
  }
 }