Merge pull request #233 from gildlab/2025-04-21-authorizor-event

2025 04 21 authorizor event

Author: thedavidmeister

.gas-snapshot

@@ -30,6 +30,8 @@ import {
     WrongManager
 } from "../error/ErrReceiptVault.sol";
 import {UnmanagedReceiptTransfer} from "../interface/IReceiptManagerV2.sol";
+import {ERC165Upgradeable as ERC165} from
+    "openzeppelin-contracts-upgradeable/contracts/utils/introspection/ERC165Upgradeable.sol";
 
 /// Represents the action being taken on shares, ostensibly for calculating a
 /// ratio.
@@ -111,7 +113,8 @@ abstract contract ReceiptVault is
     ReentrancyGuard,
     ERC20,
     IReceiptVaultV3,
-    ICloneableV2
+    ICloneableV2,
+    ERC165
 {
     using LibFixedPointDecimalArithmeticOpenZeppelin for uint256;
     using SafeERC20 for IERC20;
@@ -166,6 +169,12 @@ abstract contract ReceiptVault is
         }
     }
 
+    /// @inheritdoc ERC165
+    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
+        return interfaceId == type(IReceiptManagerV2).interfaceId || interfaceId == type(ICloneableV2).interfaceId
+            || interfaceId == type(IReceiptVaultV3).interfaceId || super.supportsInterface(interfaceId);
+    }
+
     /// @inheritdoc IReceiptVaultV1
     function asset() public view virtual returns (address) {
         return address(sAsset);

src/abstract/ReceiptVault.sol

@@ -279,7 +279,8 @@ contract OffchainAssetReceiptVault is ReceiptVault, IAuthorizeV1, Ownable {
         address sender, address confiscatee, uint256 id, uint256 targetAmount, uint256 confiscated, bytes justification
     );
 
-    IAuthorizeV1 sAuthorizer;
+    /// The authorizer contract that is used to authorize actions in the vault.
+    IAuthorizeV1 internal sAuthorizer;
 
     /// The largest issued id. The next id issued will be larger than this.
     uint256 internal sHighwaterId;
@@ -310,7 +311,7 @@ contract OffchainAssetReceiptVault is ReceiptVault, IAuthorizeV1, Ownable {
             revert ZeroInitialAdmin();
         }
 
-        sAuthorizer = IAuthorizeV1(address(this));
+        _setAuthorizer(IAuthorizeV1(address(this)));
 
         _transferOwnership(config.initialAdmin);
 
@@ -330,6 +331,11 @@ contract OffchainAssetReceiptVault is ReceiptVault, IAuthorizeV1, Ownable {
         return sHighwaterId;
     }
 
+    /// @inheritdoc IERC165
+    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
+        return interfaceId == type(IAuthorizeV1).interfaceId || super.supportsInterface(interfaceId);
+    }
+
     /// Returns the current authorizer contract.
     function authorizer() external view returns (IAuthorizeV1) {
         return sAuthorizer;
@@ -344,14 +350,23 @@ contract OffchainAssetReceiptVault is ReceiptVault, IAuthorizeV1, Ownable {
         revert Unauthorized(user, permission, data);
     }
 
-    /// Sets the authorizer contract. This is a critical operation and should be
-    /// done with extreme care by the owner.
+    /// Internal function to set the authorizer contract. This has no access
+    /// control so it MUST only be externally accessible by functions with an
+    /// access check.
     /// @param newAuthorizer The new authorizer contract.
-    function setAuthorizer(IAuthorizeV1 newAuthorizer) external onlyOwner {
+    function _setAuthorizer(IAuthorizeV1 newAuthorizer) internal {
         if (!IERC165(address(newAuthorizer)).supportsInterface(type(IAuthorizeV1).interfaceId)) {
             revert IncompatibleAuthorizer();
         }
         sAuthorizer = newAuthorizer;
+        emit AuthorizerSet(msg.sender, newAuthorizer);
+    }
+
+    /// Sets the authorizer contract. This is a critical operation and should be
+    /// done with extreme care by the owner.
+    /// @param newAuthorizer The new authorizer contract.
+    function setAuthorizer(IAuthorizeV1 newAuthorizer) external onlyOwner {
+        _setAuthorizer(newAuthorizer);
     }
 
     /// Apply standard transfer restrictions to receipt transfers.

src/concrete/vault/OffchainAssetReceiptVault.sol

@@ -33,6 +33,13 @@ error Unauthorized(address user, bytes32 permission, bytes data);
 /// sensitive operation and should be done with care, such as through a multisig
 /// and/or dedicated governance contract.
 interface IAuthorizeV1 {
+    /// MUST be emitted when a new authorizer contract is set.
+    /// This includes the initial setting of the authorizer contract if it is
+    /// set in the constructor/initializer.
+    /// @param sender The msg sender setting the authorizer.
+    /// @param authorizer The new authorizer contract.
+    event AuthorizerSet(address sender, IAuthorizeV1 authorizer);
+
     /// Authorize a user for a caller-specified permission.
     ///
     /// The authorization contract is expected to be implemented to be compatible

src/interface/IAuthorizeV1.sol

@@ -0,0 +1,49 @@
+// SPDX-License-Identifier: LicenseRef-DCL-1.0
+// SPDX-FileCopyrightText: Copyright (c) 2020 Rain Open Source Software Ltd
+pragma solidity =0.8.25;
+
+import {
+    ReceiptVault,
+    ReceiptVaultConstructionConfigV2,
+    IReceiptV3,
+    ICloneableFactoryV2,
+    IReceiptManagerV2,
+    IReceiptVaultV3,
+    ICloneableV2
+} from "src/abstract/ReceiptVault.sol";
+import {Test} from "forge-std/Test.sol";
+
+import {IERC165} from "openzeppelin-contracts/contracts/utils/introspection/IERC165.sol";
+
+contract ConcreteReceiptVault is ReceiptVault {
+    constructor()
+        ReceiptVault(
+            ReceiptVaultConstructionConfigV2({
+                factory: ICloneableFactoryV2(address(0)),
+                receiptImplementation: IReceiptV3(address(0))
+            })
+        )
+    {}
+
+    function initialize(bytes calldata) external pure returns (bytes32) {
+        // Fails initialize but we never call it.
+        return bytes32(0);
+    }
+}
+
+contract ReceiptVaultIERC165Test is Test {
+    function testReceiptVaultIERC165(bytes4 badInterfaceId) external {
+        vm.assume(badInterfaceId != type(IERC165).interfaceId);
+        vm.assume(badInterfaceId != type(IReceiptManagerV2).interfaceId);
+        vm.assume(badInterfaceId != type(IReceiptVaultV3).interfaceId);
+        vm.assume(badInterfaceId != type(ICloneableV2).interfaceId);
+
+        ConcreteReceiptVault receiptVault = new ConcreteReceiptVault();
+        assertTrue(receiptVault.supportsInterface(type(IERC165).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(IReceiptManagerV2).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(IReceiptVaultV3).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(ICloneableV2).interfaceId));
+
+        assertFalse(receiptVault.supportsInterface(badInterfaceId));
+    }
+}

test/src/abstract/ReceiptVault.ierc165.t.sol

@@ -5,7 +5,13 @@ pragma solidity =0.8.25;
 import {OffchainAssetReceiptVaultTest, Vm} from "test/abstract/OffchainAssetReceiptVaultTest.sol";
 import {LibOffchainAssetVaultCreator} from "test/lib/LibOffchainAssetVaultCreator.sol";
 import {LibUniqueAddressesGenerator} from "../../../lib/LibUniqueAddressesGenerator.sol";
-import {OffchainAssetReceiptVault, IAuthorizeV1} from "src/concrete/vault/OffchainAssetReceiptVault.sol";
+import {
+    OffchainAssetReceiptVault,
+    IAuthorizeV1,
+    Unauthorized,
+    CERTIFY,
+    CertifyStateChange
+} from "src/concrete/vault/OffchainAssetReceiptVault.sol";
 import {LibExtrospectERC1167Proxy} from "rain.extrospection/lib/LibExtrospectERC1167Proxy.sol";
 import {IERC165Upgradeable as IERC165} from
     "openzeppelin-contracts-upgradeable/contracts/utils/introspection/IERC165Upgradeable.sol";
@@ -37,6 +43,18 @@ contract OffchainAssetReceiptVaultAuthorizeTest is OffchainAssetReceiptVaultTest
         (bool isProxy, address implementation) = LibExtrospectERC1167Proxy.isERC1167Proxy(authorizer.code);
         assertTrue(isProxy);
         assertEq(implementation, address(iAuthorizerImplementation));
+        CertifyStateChange memory certifyStateChange = CertifyStateChange({
+            oldCertifiedUntil: 0,
+            newCertifiedUntil: 1234,
+            userCertifyUntil: 1234,
+            forceUntil: true,
+            data: ""
+        });
+        // Smoke test the authorizer NOT authorizing.
+        vm.expectRevert(
+            abi.encodeWithSelector(Unauthorized.selector, address(this), CERTIFY, abi.encode(certifyStateChange))
+        );
+        vault.certify(certifyStateChange.newCertifiedUntil, certifyStateChange.forceUntil, "");
     }
 
     /// Test that the owner can change the authorizer.
@@ -58,6 +76,8 @@ contract OffchainAssetReceiptVaultAuthorizeTest is OffchainAssetReceiptVaultTest
         AlwaysAuthorize alwaysAuthorize = new AlwaysAuthorize();
 
         vm.prank(alice);
+        vm.expectEmit(false, false, false, true);
+        emit IAuthorizeV1.AuthorizerSet(address(alice), alwaysAuthorize);
         vault.setAuthorizer(alwaysAuthorize);
 
         authorizer = address(vault.authorizer());

test/src/concrete/vault/OffchainAssetReceiptVault.authorize.t.sol

@@ -68,7 +68,11 @@ contract OffChainAssetReceiptVaultTest is OffchainAssetReceiptVaultTest {
         address msgSender;
 
         OffchainAssetReceiptVaultConfigV2 memory config;
-        bool eventFound = false; // Flag to indicate whether the event log was found
+        bool eventFound = false;
+
+        address authorizeSetMsgSender;
+        address authorizeSetTo;
+        bool authorizeSetEventFound = false;
         for (uint256 i = 0; i < logs.length; i++) {
             if (
                 logs[i].topics[0]
@@ -79,7 +83,10 @@ contract OffChainAssetReceiptVaultTest is OffchainAssetReceiptVaultTest {
                 // Decode the event data
                 (msgSender, config) = abi.decode(logs[i].data, (address, OffchainAssetReceiptVaultConfigV2));
                 eventFound = true; // Set the flag to true since event log was found
-                break;
+            } else if (logs[i].topics[0] == keccak256("AuthorizerSet(address,address)")) {
+                // Decode the event data
+                (authorizeSetMsgSender, authorizeSetTo) = abi.decode(logs[i].data, (address, address));
+                authorizeSetEventFound = true; // Set the flag to true since event log was found
             }
         }
 
@@ -101,6 +108,12 @@ contract OffChainAssetReceiptVaultTest is OffchainAssetReceiptVaultTest {
         assertTrue(address(config.receiptVaultConfig.receipt) != address(0));
         assertEq(address(config.receiptVaultConfig.receipt), address(vault.receipt()));
 
+        /// Check the authorizer set event
+        assertTrue(authorizeSetEventFound, "AuthorizerSet event log not found");
+        assertEq(authorizeSetMsgSender, address(iFactory));
+        assertEq(authorizeSetTo, address(vault));
+        assertTrue(address(vault) != address(0));
+
         // Check the receipt manager is the vault.
         assertEq(address(vault), vault.receipt().manager());
     }

test/src/concrete/vault/OffchainAssetReceiptVault.construct.t.sol

@@ -0,0 +1,41 @@
+// SPDX-License-Identifier: LicenseRef-DCL-1.0
+// SPDX-FileCopyrightText: Copyright (c) 2020 Rain Open Source Software Ltd
+pragma solidity =0.8.25;
+
+import {
+    ReceiptVault,
+    ReceiptVaultConstructionConfigV2,
+    IReceiptV3,
+    ICloneableFactoryV2,
+    IReceiptManagerV2,
+    IReceiptVaultV3,
+    ICloneableV2
+} from "src/abstract/ReceiptVault.sol";
+import {Test} from "forge-std/Test.sol";
+import {OffchainAssetReceiptVault, IAuthorizeV1} from "src/concrete/vault/OffchainAssetReceiptVault.sol";
+
+import {IERC165} from "openzeppelin-contracts/contracts/utils/introspection/IERC165.sol";
+
+contract OffchainAssetReceiptVaultIERC165Test is Test {
+    function testOffchainAssetReceiptVaultIERC165(bytes4 badInterfaceId) external {
+        OffchainAssetReceiptVault receiptVault = new OffchainAssetReceiptVault(
+            ReceiptVaultConstructionConfigV2({
+                factory: ICloneableFactoryV2(address(0)),
+                receiptImplementation: IReceiptV3(address(0))
+            })
+        );
+        vm.assume(badInterfaceId != type(IERC165).interfaceId);
+        vm.assume(badInterfaceId != type(IReceiptManagerV2).interfaceId);
+        vm.assume(badInterfaceId != type(IReceiptVaultV3).interfaceId);
+        vm.assume(badInterfaceId != type(ICloneableV2).interfaceId);
+        vm.assume(badInterfaceId != type(IAuthorizeV1).interfaceId);
+
+        assertTrue(receiptVault.supportsInterface(type(IERC165).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(IReceiptManagerV2).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(IReceiptVaultV3).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(ICloneableV2).interfaceId));
+        assertTrue(receiptVault.supportsInterface(type(IAuthorizeV1).interfaceId));
+
+        assertFalse(receiptVault.supportsInterface(badInterfaceId));
+    }
+}