tornado-governance/contracts/v4-patch/GovernancePatchUpgrade.sol

74 lines
2.2 KiB
Solidity
Raw Normal View History

2023-05-21 20:21:59 +03:00
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.12;
2023-05-21 20:21:59 +03:00
pragma experimental ABIEncoderV2;
import "../v1/Governance.sol";
import "../v3-relayer-registry/GovernanceStakingUpgrade.sol";
contract GovernancePatchUpgrade is GovernanceStakingUpgrade {
mapping(uint256 => bytes32) public proposalCodehashes;
2023-05-21 20:21:59 +03:00
constructor(
address stakingRewardsAddress,
address gasCompLogic,
address userVaultAddress
) public GovernanceStakingUpgrade(stakingRewardsAddress, gasCompLogic, userVaultAddress) {}
/// @notice Return the version of the contract
function version() external pure virtual override returns (string memory) {
return "4.patch-exploit";
}
/**
* @notice Execute a proposal
* @dev This upgrade should protect against Metamorphic contracts by comparing the proposal's extcodehash with a stored one
* @param proposalId The proposal's ID
*/
function execute(uint256 proposalId) public payable virtual override(Governance) {
require(msg.sender != address(this), "Governance::propose: pseudo-external function");
2023-05-21 20:21:59 +03:00
Proposal storage proposal = proposals[proposalId];
address target = proposal.target;
bytes32 proposalCodehash;
assembly {
proposalCodehash := extcodehash(target)
}
require(
proposalCodehash == proposalCodehashes[proposalId],
"Governance::propose: metamorphic contracts not allowed"
);
super.execute(proposalId);
2023-05-21 20:21:59 +03:00
}
/**
* @notice Internal function called from propoese
* @dev This should store the extcodehash of the proposal contract
* @param proposer proposer address
* @param target smart contact address that will be executed as result of voting
* @param description description of the proposal
* @return proposalId new proposal id
*/
2023-05-21 20:21:59 +03:00
function _propose(
address proposer,
address target,
string memory description
) internal virtual override(Governance) returns (uint256 proposalId) {
// Implies all former predicates were valid
proposalId = super._propose(proposer, target, description);
bytes32 proposalCodehash;
assembly {
proposalCodehash := extcodehash(target)
}
proposalCodehashes[proposalId] = proposalCodehash;
2023-05-21 20:21:59 +03:00
}
}