From 67e94ddcec89e00d6dc69b7c3e5ebb616e04d6e3 Mon Sep 17 00:00:00 2001 From: mike Date: Tue, 26 Nov 2024 10:01:17 +0100 Subject: [PATCH 1/9] Add Ownable package for contants manager --- contracts/sfc/ConstantsManager.sol | 8 +++----- package-lock.json | 4 ++-- package.json | 1 + 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/contracts/sfc/ConstantsManager.sol b/contracts/sfc/ConstantsManager.sol index 1c41030..0e23abc 100644 --- a/contracts/sfc/ConstantsManager.sol +++ b/contracts/sfc/ConstantsManager.sol @@ -1,13 +1,13 @@ // SPDX-License-Identifier: UNLICENSED pragma solidity 0.8.27; -import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; +import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol"; import {Decimal} from "../common/Decimal.sol"; /** * @custom:security-contact security@fantom.foundation */ -contract ConstantsManager is OwnableUpgradeable { +contract ConstantsManager is Ownable { // Minimum amount of stake for a validator, i.e., 500000 FTM uint256 public minSelfStake; // Maximum ratio of delegations a validator can have, say, 15 times of self-stake @@ -47,9 +47,7 @@ contract ConstantsManager is OwnableUpgradeable { */ error ValueTooLarge(); - constructor(address owner) initializer { - __Ownable_init(owner); - } + constructor(address owner) Ownable(owner) {} function updateMinSelfStake(uint256 v) external virtual onlyOwner { if (v < 100000 * 1e18) { diff --git a/package-lock.json b/package-lock.json index 28bd9ae..3811c6a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,6 +9,7 @@ "version": "3.0.5-rc.1", "license": "MIT", "dependencies": { + "@openzeppelin/contracts": "^5.1.0", "@openzeppelin/contracts-upgradeable": "^5.1.0", "dotenv": "^16.0.3" }, @@ -1618,8 +1619,7 @@ "version": "5.1.0", "resolved": "https://registry.npmjs.org/@openzeppelin/contracts/-/contracts-5.1.0.tgz", "integrity": "sha512-p1ULhl7BXzjjbha5aqst+QMLY+4/LCWADXOCsmLHRM77AqiPjnd9vvUN9sosUfhL9JGKpZ0TjEGxgvnizmWGSA==", - "license": "MIT", - "peer": true + "license": "MIT" }, "node_modules/@openzeppelin/contracts-upgradeable": { "version": "5.1.0", diff --git a/package.json b/package.json index 975e686..16df1ff 100644 --- a/package.json +++ b/package.json @@ -45,6 +45,7 @@ "typescript-eslint": "^8.8.0" }, "dependencies": { + "@openzeppelin/contracts": "^5.1.0", "@openzeppelin/contracts-upgradeable": "^5.1.0", "dotenv": "^16.0.3" } From 374264568596eecc4d9de3ac40d0597041134a0b Mon Sep 17 00:00:00 2001 From: mike Date: Tue, 26 Nov 2024 12:27:29 +0100 Subject: [PATCH 2/9] Add collection of failed treasury fees --- contracts/sfc/SFC.sol | 31 +++++++++- contracts/test/FailingReceiver.sol | 9 +++ test/SFC.ts | 92 ++++++++++++++++++++++++------ test/helpers/BlockchainNode.ts | 12 ++-- 4 files changed, 120 insertions(+), 24 deletions(-) create mode 100644 contracts/test/FailingReceiver.sol diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 5b97ec3..703aa3d 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -3,6 +3,7 @@ pragma solidity 0.8.27; import {UUPSUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; +import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/utils/ReentrancyGuardUpgradeable.sol"; import {Decimal} from "../common/Decimal.sol"; import {NodeDriverAuth} from "./NodeDriverAuth.sol"; import {ConstantsManager} from "./ConstantsManager.sol"; @@ -13,7 +14,7 @@ import {Version} from "../version/Version.sol"; * @notice The SFC maintains a list of validators and delegators and distributes rewards to them. * @custom:security-contact security@fantom.foundation */ -contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { +contract SFC is OwnableUpgradeable, UUPSUpgradeable, ReentrancyGuardUpgradeable, Version { uint256 internal constant OK_STATUS = 0; uint256 internal constant WITHDRAWN_BIT = 1; uint256 internal constant OFFLINE_BIT = 1 << 3; @@ -50,6 +51,9 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { // total stake of active (OK_STATUS) validators (total weight) uint256 public totalActiveStake; + // unresolved fees that failed to be send to the treasury + uint256 public unresolvedTreasuryFees; + // delegator => validator ID => stashed rewards (to be claimed/restaked) mapping(address delegator => mapping(uint256 validatorID => uint256 stashedRewards)) internal _rewardsStash; @@ -190,6 +194,10 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { error ValidatorNotSlashed(); error RefundRatioTooHigh(); + // treasury + error TreasuryNotSet(); + error NoUnresolvedTreasuryFees(); + event DeactivatedValidator(uint256 indexed validatorID, uint256 deactivatedEpoch, uint256 deactivatedTime); event ChangedValidatorStatus(uint256 indexed validatorID, uint256 status); event CreatedValidator( @@ -207,6 +215,7 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { event UpdatedSlashingRefundRatio(uint256 indexed validatorID, uint256 refundRatio); event RefundedSlashedLegacyDelegation(address indexed delegator, uint256 indexed validatorID, uint256 amount); event AnnouncedRedirection(address indexed from, address indexed to); + event TreasuryFeesResolved(uint256 amount); modifier onlyDriver() { if (!isNode(msg.sender)) { @@ -226,6 +235,7 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { ) external initializer { __Ownable_init(owner); __UUPSUpgradeable_init(); + __ReentrancyGuard_init(); currentSealedEpoch = sealedEpoch; node = NodeDriverAuth(nodeDriver); c = ConstantsManager(_c); @@ -419,6 +429,22 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { } } + /// Resolve failed treasury transfers and send the unresolved fees to the treasury address. + function resolveTreasuryFees() external nonReentrant { + if (treasuryAddress == address(0)) { + revert TreasuryNotSet(); + } + if (unresolvedTreasuryFees == 0) { + revert NoUnresolvedTreasuryFees(); + } + (bool success, ) = treasuryAddress.call{value: unresolvedTreasuryFees, gas: 1000000}(""); + if (!success) { + revert TransferFailed(); + } + emit TreasuryFeesResolved(unresolvedTreasuryFees); + unresolvedTreasuryFees = 0; + } + /// burnFTM allows SFC to burn an arbitrary amount of FTM tokens. function burnFTM(uint256 amount) external onlyOwner { _burnFTM(amount); @@ -909,6 +935,9 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { if (!success) { // ignore treasury transfer failure // the treasury failure must not endanger the epoch sealing + + // store the unresolved treasury fees to be resolved later + unresolvedTreasuryFees += feeShare; } } } diff --git a/contracts/test/FailingReceiver.sol b/contracts/test/FailingReceiver.sol new file mode 100644 index 0000000..632069a --- /dev/null +++ b/contracts/test/FailingReceiver.sol @@ -0,0 +1,9 @@ +// SPDX-License-Identifier: UNLICENSED +pragma solidity 0.8.27; + +contract FailingReceiver { + // Fallback function to reject any received Ether + receive() external payable { + revert("Forced transfer failure"); + } +} diff --git a/test/SFC.ts b/test/SFC.ts index c3351c3..7c72c77 100644 --- a/test/SFC.ts +++ b/test/SFC.ts @@ -644,10 +644,10 @@ describe('SFC', () => { }); it('Should succeed and seal epochs', async function () { - const validatorsMetrics: Map = new Map(); + const validatorsMetrics: Map = new Map(); const validatorIDs = await this.sfc.lastValidatorID(); - for (let i = 0; i < validatorIDs; i++) { + for (let i = 1n; i <= validatorIDs; i++) { validatorsMetrics.set(i, { offlineTime: 0, offlineBlocks: 0, @@ -661,8 +661,8 @@ describe('SFC', () => { const offlineBlocks = []; const uptimes = []; const originatedTxsFees = []; - for (let i = 0; i < validatorIDs; i++) { - allValidators.push(i + 1); + for (let i = 1n; i <= validatorIDs; i++) { + allValidators.push(i); offlineTimes.push(validatorsMetrics.get(i)!.offlineTime); offlineBlocks.push(validatorsMetrics.get(i)!.offlineBlocks); uptimes.push(validatorsMetrics.get(i)!.uptime); @@ -674,11 +674,69 @@ describe('SFC', () => { await this.sfc.sealEpochValidators(allValidators); }); + describe('Treasury', () => { + it('Should revert when treasury is not set', async function () { + await expect(this.sfc.resolveTreasuryFees()).to.be.revertedWithCustomError(this.sfc, 'TreasuryNotSet'); + }); + + it('Should revert when no unresolved treasury fees are available', async function () { + const treasury = ethers.Wallet.createRandom(); + await this.sfc.connect(this.owner).updateTreasuryAddress(treasury); + await expect(this.sfc.resolveTreasuryFees()).to.be.revertedWithCustomError( + this.sfc, + 'NoUnresolvedTreasuryFees', + ); + }); + + it('Should succeed and resolve treasury fees', async function () { + // set treasury as failing receiver to trigger treasury fee accumulation + const failingReceiver = await ethers.deployContract('FailingReceiver'); + await this.sfc.connect(this.owner).updateTreasuryAddress(failingReceiver); + + // set validators metrics and their fees + const validatorsMetrics: Map = new Map(); + const validatorIDs = await this.sfc.lastValidatorID(); + for (let i = 1n; i <= validatorIDs; i++) { + validatorsMetrics.set(i, { + offlineTime: 0, + offlineBlocks: 0, + uptime: 24 * 60 * 60, + originatedTxsFee: ethers.parseEther('100'), + }); + } + + // seal epoch to trigger fees calculation and distribution + await this.blockchainNode.sealEpoch(24 * 60 * 60, validatorsMetrics); + + const fees = + (validatorIDs * ethers.parseEther('100') * (await this.constants.treasuryFeeShare())) / BigInt(1e18); + expect(await this.sfc.unresolvedTreasuryFees()).to.equal(fees); + + // update treasury to a valid receiver + const treasury = ethers.Wallet.createRandom(); + await this.sfc.connect(this.owner).updateTreasuryAddress(treasury); + + // set sfc some balance to cover treasury fees + // the funds cannot be sent directly as it rejects any incoming transfers + await ethers.provider.send('hardhat_setBalance', [ + await this.sfc.getAddress(), + ethers.toBeHex(ethers.parseEther('1000')), + ]); + + // resolve treasury fees + const tx = await this.sfc.resolveTreasuryFees(); + await expect(tx).to.emit(this.sfc, 'TreasuryFeesResolved').withArgs(fees); + await expect(tx).to.changeEtherBalance(treasury, fees); + await expect(tx).to.changeEtherBalance(this.sfc, -fees); + expect(await this.sfc.unresolvedTreasuryFees()).to.equal(0); + }); + }); + it('Should succeed and seal epoch on Validators', async function () { - const validatorsMetrics: Map = new Map(); + const validatorsMetrics: Map = new Map(); const validatorIDs = await this.sfc.lastValidatorID(); - for (let i = 0; i < validatorIDs; i++) { + for (let i = 1n; i <= validatorIDs; i++) { validatorsMetrics.set(i, { offlineTime: 0, offlineBlocks: 0, @@ -692,8 +750,8 @@ describe('SFC', () => { const offlineBlocks = []; const uptimes = []; const originatedTxsFees = []; - for (let i = 0; i < validatorIDs; i++) { - allValidators.push(i + 1); + for (let i = 1n; i <= validatorIDs; i++) { + allValidators.push(i); offlineTimes.push(validatorsMetrics.get(i)!.offlineTime); offlineBlocks.push(validatorsMetrics.get(i)!.offlineBlocks); uptimes.push(validatorsMetrics.get(i)!.uptime); @@ -746,10 +804,10 @@ describe('SFC', () => { }); it('Should revert when calling sealEpoch if not NodeDriver', async function () { - const validatorsMetrics: Map = new Map(); + const validatorsMetrics: Map = new Map(); const validatorIDs = await this.sfc.lastValidatorID(); - for (let i = 0; i < validatorIDs; i++) { + for (let i = 1n; i <= validatorIDs; i++) { validatorsMetrics.set(i, { offlineTime: 0, offlineBlocks: 0, @@ -763,8 +821,8 @@ describe('SFC', () => { const offlineBlocks = []; const uptimes = []; const originatedTxsFees = []; - for (let i = 0; i < validatorIDs; i++) { - allValidators.push(i + 1); + for (let i = 1n; i <= validatorIDs; i++) { + allValidators.push(i); offlineTimes.push(validatorsMetrics.get(i)!.offlineTime); offlineBlocks.push(validatorsMetrics.get(i)!.offlineBlocks); uptimes.push(validatorsMetrics.get(i)!.uptime); @@ -982,7 +1040,7 @@ describe('SFC', () => { // validator online 100% of time in the first epoch => average 100% await this.blockchainNode.sealEpoch( 100, - new Map([[this.validatorId as number, new ValidatorMetrics(0, 0, 100, 0n)]]), + new Map([[this.validatorId, new ValidatorMetrics(0, 0, 100, 0n)]]), ); expect(await this.sfc.getEpochAverageUptime(await this.sfc.currentSealedEpoch(), this.validatorId)).to.equal( 1000000000000000000n, @@ -991,7 +1049,7 @@ describe('SFC', () => { // validator online 20% of time in the second epoch => average 60% await this.blockchainNode.sealEpoch( 100, - new Map([[this.validatorId as number, new ValidatorMetrics(0, 0, 20, 0n)]]), + new Map([[this.validatorId, new ValidatorMetrics(0, 0, 20, 0n)]]), ); expect(await this.sfc.getEpochAverageUptime(await this.sfc.currentSealedEpoch(), this.validatorId)).to.equal( 600000000000000000n, @@ -1000,7 +1058,7 @@ describe('SFC', () => { // validator online 30% of time in the third epoch => average 50% await this.blockchainNode.sealEpoch( 100, - new Map([[this.validatorId as number, new ValidatorMetrics(0, 0, 30, 0n)]]), + new Map([[this.validatorId, new ValidatorMetrics(0, 0, 30, 0n)]]), ); expect(await this.sfc.getEpochAverageUptime(await this.sfc.currentSealedEpoch(), this.validatorId)).to.equal( 500000000000000000n, @@ -1010,7 +1068,7 @@ describe('SFC', () => { for (let i = 0; i < 10; i++) { await this.blockchainNode.sealEpoch( 100, - new Map([[this.validatorId as number, new ValidatorMetrics(0, 0, 50, 0n)]]), + new Map([[this.validatorId, new ValidatorMetrics(0, 0, 50, 0n)]]), ); expect(await this.sfc.getEpochAverageUptime(await this.sfc.currentSealedEpoch(), this.validatorId)).to.equal( 500000000000000000n, @@ -1020,7 +1078,7 @@ describe('SFC', () => { // (50 * 10 + 28) / 11 = 48 await this.blockchainNode.sealEpoch( 100, - new Map([[this.validatorId as number, new ValidatorMetrics(0, 0, 28, 0n)]]), + new Map([[this.validatorId, new ValidatorMetrics(0, 0, 28, 0n)]]), ); expect(await this.sfc.getEpochAverageUptime(await this.sfc.currentSealedEpoch(), this.validatorId)).to.equal( 480000000000000000n, diff --git a/test/helpers/BlockchainNode.ts b/test/helpers/BlockchainNode.ts index 2e9e669..91682fd 100644 --- a/test/helpers/BlockchainNode.ts +++ b/test/helpers/BlockchainNode.ts @@ -1,4 +1,4 @@ -import { SFCUnitTestI } from '../../typechain-types'; +import { UnitTestSFC } from '../../typechain-types'; import { TransactionResponse } from 'ethers'; import { ethers } from 'hardhat'; @@ -17,11 +17,11 @@ class ValidatorMetrics { } class BlockchainNode { - public readonly sfc: SFCUnitTestI; - public validatorWeights: Map; - public nextValidatorWeights: Map; + public readonly sfc: UnitTestSFC; + public validatorWeights: Map; + public nextValidatorWeights: Map; - constructor(sfc: SFCUnitTestI) { + constructor(sfc: UnitTestSFC) { this.sfc = sfc; this.validatorWeights = new Map(); this.nextValidatorWeights = new Map(); @@ -44,7 +44,7 @@ class BlockchainNode { } } - async sealEpoch(duration: number, validatorMetrics?: Map) { + async sealEpoch(duration: number, validatorMetrics?: Map) { const validatorIds = Array.from(this.validatorWeights.keys()); const nextValidatorIds = Array.from(this.nextValidatorWeights.keys()); From eeddd39557e38f259fe0719e881a3720ee58f5b9 Mon Sep 17 00:00:00 2001 From: mike Date: Tue, 26 Nov 2024 12:45:13 +0100 Subject: [PATCH 3/9] Add storage gaps into upgradeable contracts --- contracts/sfc/NodeDriver.sol | 2 ++ contracts/sfc/NodeDriverAuth.sol | 2 ++ contracts/sfc/SFC.sol | 2 ++ 3 files changed, 6 insertions(+) diff --git a/contracts/sfc/NodeDriver.sol b/contracts/sfc/NodeDriver.sol index bc1287d..8ff9e07 100644 --- a/contracts/sfc/NodeDriver.sol +++ b/contracts/sfc/NodeDriver.sol @@ -144,4 +144,6 @@ contract NodeDriver is OwnableUpgradeable, UUPSUpgradeable, INodeDriver { function sealEpochValidators(uint256[] calldata nextValidatorIDs) external onlyNode { backend.sealEpochValidators(nextValidatorIDs); } + + uint256[50] private __gap; } diff --git a/contracts/sfc/NodeDriverAuth.sol b/contracts/sfc/NodeDriverAuth.sol index 961dda6..eba4f24 100644 --- a/contracts/sfc/NodeDriverAuth.sol +++ b/contracts/sfc/NodeDriverAuth.sol @@ -186,4 +186,6 @@ contract NodeDriverAuth is OwnableUpgradeable, UUPSUpgradeable { } return codeHash; } + + uint256[50] private __gap; } diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 703aa3d..b5bc864 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -1146,4 +1146,6 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, ReentrancyGuardUpgradeable, function _now() internal view virtual returns (uint256) { return block.timestamp; } + + uint256[50] private __gap; } From b3c273c5654c30d65b787ae8ebe285566f06fb95 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 27 Nov 2024 09:59:35 +0100 Subject: [PATCH 4/9] Apply Checks-Effects-Interactions pattern --- contracts/sfc/SFC.sol | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 703aa3d..b5d6a07 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -3,7 +3,6 @@ pragma solidity 0.8.27; import {UUPSUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; -import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/utils/ReentrancyGuardUpgradeable.sol"; import {Decimal} from "../common/Decimal.sol"; import {NodeDriverAuth} from "./NodeDriverAuth.sol"; import {ConstantsManager} from "./ConstantsManager.sol"; @@ -14,7 +13,7 @@ import {Version} from "../version/Version.sol"; * @notice The SFC maintains a list of validators and delegators and distributes rewards to them. * @custom:security-contact security@fantom.foundation */ -contract SFC is OwnableUpgradeable, UUPSUpgradeable, ReentrancyGuardUpgradeable, Version { +contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { uint256 internal constant OK_STATUS = 0; uint256 internal constant WITHDRAWN_BIT = 1; uint256 internal constant OFFLINE_BIT = 1 << 3; @@ -235,7 +234,6 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, ReentrancyGuardUpgradeable, ) external initializer { __Ownable_init(owner); __UUPSUpgradeable_init(); - __ReentrancyGuard_init(); currentSealedEpoch = sealedEpoch; node = NodeDriverAuth(nodeDriver); c = ConstantsManager(_c); @@ -430,19 +428,24 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, ReentrancyGuardUpgradeable, } /// Resolve failed treasury transfers and send the unresolved fees to the treasury address. - function resolveTreasuryFees() external nonReentrant { + function resolveTreasuryFees() external { if (treasuryAddress == address(0)) { revert TreasuryNotSet(); } if (unresolvedTreasuryFees == 0) { revert NoUnresolvedTreasuryFees(); } - (bool success, ) = treasuryAddress.call{value: unresolvedTreasuryFees, gas: 1000000}(""); + + // zero the fees before sending to prevent re-entrancy + uint256 fees = unresolvedTreasuryFees; + unresolvedTreasuryFees = 0; + + (bool success, ) = treasuryAddress.call{value: fees, gas: 1000000}(""); if (!success) { revert TransferFailed(); } - emit TreasuryFeesResolved(unresolvedTreasuryFees); - unresolvedTreasuryFees = 0; + + emit TreasuryFeesResolved(fees); } /// burnFTM allows SFC to burn an arbitrary amount of FTM tokens. From d1726a44837521f5fbe0cf8d54f897cdd985f82e Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 27 Nov 2024 10:09:04 +0100 Subject: [PATCH 5/9] Add penalty into `Withdrawn` event --- contracts/sfc/SFC.sol | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 5fa1377..3adbc73 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -207,7 +207,13 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { ); event Delegated(address indexed delegator, uint256 indexed toValidatorID, uint256 amount); event Undelegated(address indexed delegator, uint256 indexed toValidatorID, uint256 indexed wrID, uint256 amount); - event Withdrawn(address indexed delegator, uint256 indexed toValidatorID, uint256 indexed wrID, uint256 amount); + event Withdrawn( + address indexed delegator, + uint256 indexed toValidatorID, + uint256 indexed wrID, + uint256 amount, + uint256 penalty + ); event ClaimedRewards(address indexed delegator, uint256 indexed toValidatorID, uint256 rewards); event RestakedRewards(address indexed delegator, uint256 indexed toValidatorID, uint256 rewards); event BurntFTM(uint256 amount); @@ -735,7 +741,7 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { } _burnFTM(penalty); - emit Withdrawn(delegator, toValidatorID, wrID, amount); + emit Withdrawn(delegator, toValidatorID, wrID, amount - penalty, penalty); } /// Get highest epoch for which can be claimed rewards for the given validator. From 34f41086793609aae1838cb014a69743b798f746 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 27 Nov 2024 10:54:11 +0100 Subject: [PATCH 6/9] Add option to issue tokens --- contracts/sfc/ConstantsManager.sol | 8 ++++++++ contracts/sfc/NodeDriverAuth.sol | 5 +++++ contracts/sfc/SFC.sol | 9 +++++++++ test/SFC.ts | 24 ++++++++++++++++++++++++ 4 files changed, 46 insertions(+) diff --git a/contracts/sfc/ConstantsManager.sol b/contracts/sfc/ConstantsManager.sol index 0e23abc..8c35e2a 100644 --- a/contracts/sfc/ConstantsManager.sol +++ b/contracts/sfc/ConstantsManager.sol @@ -37,6 +37,10 @@ contract ConstantsManager is Ownable { // Zero to disable validators deactivation by this metric. uint64 public minAverageUptime; + // The address of the recipient that receives issued tokens + // as a counterparty to the burnt FTM tokens + address public issuedTokensRecipient; + /** * @dev Given value is too small */ @@ -177,4 +181,8 @@ contract ConstantsManager is Ownable { } minAverageUptime = v; } + + function updateIssuedTokensRecipient(address v) external virtual onlyOwner { + issuedTokensRecipient = v; + } } diff --git a/contracts/sfc/NodeDriverAuth.sol b/contracts/sfc/NodeDriverAuth.sol index eba4f24..bdbbb5b 100644 --- a/contracts/sfc/NodeDriverAuth.sol +++ b/contracts/sfc/NodeDriverAuth.sol @@ -89,6 +89,11 @@ contract NodeDriverAuth is OwnableUpgradeable, UUPSUpgradeable { driver.setBalance(acc, address(acc).balance + diff); } + /// Issue tokens as a counterparty to burnt FTM tokens. + function issueTokens(address acc, uint256 diff) external onlySFC { + driver.setBalance(acc, address(acc).balance + diff); + } + /// Upgrade code of given contract by coping it from other deployed contract. /// Avoids setting code to an external address. function upgradeCode(address acc, address from) external onlyOwner { diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 3adbc73..42e946e 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -459,6 +459,15 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { _burnFTM(amount); } + /// Issue tokens to the issued tokens recipient as a counterparty to the burnt FTM tokens. + function issueTokens(uint256 amount) external onlyOwner { + if (c.issuedTokensRecipient() == address(0)) { + revert ZeroAddress(); + } + node.issueTokens(c.issuedTokensRecipient(), amount); + totalSupply += amount; + } + /// Update treasury address. function updateTreasuryAddress(address v) external onlyOwner { treasuryAddress = v; diff --git a/test/SFC.ts b/test/SFC.ts index 7c72c77..b3ea8d6 100644 --- a/test/SFC.ts +++ b/test/SFC.ts @@ -131,6 +131,30 @@ describe('SFC', () => { }); }); + describe('Issue tokens', () => { + it('Should revert when not owner', async function () { + await expect(this.sfc.connect(this.user).issueTokens(ethers.parseEther('100'))).to.be.revertedWithCustomError( + this.sfc, + 'OwnableUnauthorizedAccount', + ); + }); + + it('Should revert when recipient is not set', async function () { + await expect(this.sfc.connect(this.owner).issueTokens(ethers.parseEther('100'))).to.be.revertedWithCustomError( + this.sfc, + 'ZeroAddress', + ); + }); + + it('Should succeed and issue tokens', async function () { + await this.constants.updateIssuedTokensRecipient(this.user); + const supply = await this.sfc.totalSupply(); + const amount = ethers.parseEther('100'); + await this.sfc.connect(this.owner).issueTokens(amount); + expect(await this.sfc.totalSupply()).to.equal(supply + amount); + }); + }); + describe('Create validator', () => { const validatorsFixture = async () => { const validatorPubKey = From 56d591e75dbfbd2059edc36fcad4051c66119072 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 27 Nov 2024 13:00:31 +0100 Subject: [PATCH 7/9] Update Withdrawn event in interface --- contracts/interfaces/ISFC.sol | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/contracts/interfaces/ISFC.sol b/contracts/interfaces/ISFC.sol index c940a52..5e48c31 100644 --- a/contracts/interfaces/ISFC.sol +++ b/contracts/interfaces/ISFC.sol @@ -15,7 +15,13 @@ interface ISFC { ); event Delegated(address indexed delegator, uint256 indexed toValidatorID, uint256 amount); event Undelegated(address indexed delegator, uint256 indexed toValidatorID, uint256 indexed wrID, uint256 amount); - event Withdrawn(address indexed delegator, uint256 indexed toValidatorID, uint256 indexed wrID, uint256 amount); + event Withdrawn( + address indexed delegator, + uint256 indexed toValidatorID, + uint256 indexed wrID, + uint256 amount, + uint256 penalty + ); event ClaimedRewards(address indexed delegator, uint256 indexed toValidatorID, uint256 rewards); event RestakedRewards(address indexed delegator, uint256 indexed toValidatorID, uint256 rewards); event BurntFTM(uint256 amount); From e36a4cde3140e3d0ce9a5fb88003fd23354d397e Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 27 Nov 2024 18:51:37 +0100 Subject: [PATCH 8/9] Remove redundant `issueTokens` method on `NodeDriverAuth` --- contracts/sfc/NodeDriverAuth.sol | 8 -------- contracts/sfc/SFC.sol | 2 +- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/contracts/sfc/NodeDriverAuth.sol b/contracts/sfc/NodeDriverAuth.sol index bdbbb5b..94383cd 100644 --- a/contracts/sfc/NodeDriverAuth.sol +++ b/contracts/sfc/NodeDriverAuth.sol @@ -83,14 +83,6 @@ contract NodeDriverAuth is OwnableUpgradeable, UUPSUpgradeable { /// Mint native token. To be used by SFC for minting validators rewards. function incBalance(address acc, uint256 diff) external onlySFC { - if (acc != address(sfc)) { - revert RecipientNotSFC(); - } - driver.setBalance(acc, address(acc).balance + diff); - } - - /// Issue tokens as a counterparty to burnt FTM tokens. - function issueTokens(address acc, uint256 diff) external onlySFC { driver.setBalance(acc, address(acc).balance + diff); } diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 42e946e..ef9b782 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -464,7 +464,7 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { if (c.issuedTokensRecipient() == address(0)) { revert ZeroAddress(); } - node.issueTokens(c.issuedTokensRecipient(), amount); + node.incBalance(c.issuedTokensRecipient(), amount); totalSupply += amount; } From 7c57e0ef4094a4ad4fdd3dedb4ff01f8db5ad03e Mon Sep 17 00:00:00 2001 From: mike Date: Thu, 28 Nov 2024 08:20:35 +0100 Subject: [PATCH 9/9] Disable initializers to be called directly --- contracts/sfc/NodeDriver.sol | 5 +++++ contracts/sfc/NodeDriverAuth.sol | 5 +++++ contracts/sfc/SFC.sol | 5 +++++ 3 files changed, 15 insertions(+) diff --git a/contracts/sfc/NodeDriver.sol b/contracts/sfc/NodeDriver.sol index 8ff9e07..d0a5002 100644 --- a/contracts/sfc/NodeDriver.sol +++ b/contracts/sfc/NodeDriver.sol @@ -35,6 +35,11 @@ contract NodeDriver is OwnableUpgradeable, UUPSUpgradeable, INodeDriver { event UpdateNetworkVersion(uint256 version); event AdvanceEpochs(uint256 num); + /// @custom:oz-upgrades-unsafe-allow constructor + constructor() { + _disableInitializers(); + } + /// Initialization is called only once, after the contract deployment. /// Because the contract code is written directly into genesis, constructor cannot be used. function initialize(address _backend, address _evmWriterAddress, address _owner) external initializer { diff --git a/contracts/sfc/NodeDriverAuth.sol b/contracts/sfc/NodeDriverAuth.sol index 94383cd..713dabd 100644 --- a/contracts/sfc/NodeDriverAuth.sol +++ b/contracts/sfc/NodeDriverAuth.sol @@ -21,6 +21,11 @@ contract NodeDriverAuth is OwnableUpgradeable, UUPSUpgradeable { error DriverCodeHashMismatch(); error RecipientNotSFC(); + /// @custom:oz-upgrades-unsafe-allow constructor + constructor() { + _disableInitializers(); + } + // Initialize NodeDriverAuth, NodeDriver and SFC in one call to allow fewer genesis transactions function initialize(address payable _sfc, address _driver, address _owner) external initializer { __Ownable_init(_owner); diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index ef9b782..159f91f 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -229,6 +229,11 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { _; } + /// @custom:oz-upgrades-unsafe-allow constructor + constructor() { + _disableInitializers(); + } + /// Initialization is called only once, after the contract deployment. /// Because the contract code is written directly into genesis, constructor cannot be used. function initialize(