test: update tests to use eip712

Author: Luisfc68

src/legacy/LiquidityBridgeContract.sol

@@ -4,7 +4,7 @@ pragma experimental ABIEncoderV2;
 
 import "../interfaces/IBridge.sol";
 import "./Quotes.sol";
-import "../libraries/SignatureValidator.sol";
+import "./SignatureValidator.sol";
 import "@rsksmart/btc-transaction-solidity-helper/contracts/BtcUtils.sol";
 import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
 import "@openzeppelin/contracts-upgradeable/utils/ReentrancyGuardUpgradeable.sol";

src/legacy/LiquidityBridgeContractV2.sol

@@ -4,7 +4,7 @@ pragma experimental ABIEncoderV2;
 
 import "../interfaces/IBridge.sol";
 import "./QuotesV2.sol";
-import "../libraries/SignatureValidator.sol";
+import "./SignatureValidator.sol";
 import "@rsksmart/btc-transaction-solidity-helper/contracts/BtcUtils.sol";
 import "@rsksmart/btc-transaction-solidity-helper/contracts/OpCodes.sol";
 import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";

src/legacy/SignatureValidator.sol

@@ -0,0 +1,44 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.25;
+
+import { ECDSA } from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+
+library SignatureValidator {
+
+    using ECDSA for bytes32;
+
+    error IncorrectSignature(address expectedAddress, bytes32 usedHash, bytes signature);
+    error ZeroAddress();
+    /**
+        @dev Verfies signature against address
+        @param addr The signing address
+        @param quoteHash The hash of the signed data
+        @param signature The signature containing v, r and s
+        @return True if the signature is valid, false otherwise.
+     */
+    function verify(address addr, bytes32 quoteHash, bytes memory signature) public pure returns (bool) {
+
+        if (addr == address(0)) {
+            revert ZeroAddress();
+        }
+
+        if (signature.length != 65) {
+            revert IncorrectSignature(addr, quoteHash, signature);
+        }
+
+
+        bytes32 r;
+        bytes32 s;
+        uint8 v;
+
+        assembly {
+            r := mload(add(signature, 0x20))
+            s := mload(add(signature, 0x40))
+            v := byte(0, mload(add(signature, 0x60)))
+        }
+        // TODO use EIP712 compatible format instead
+        bytes memory prefix = "\x19Ethereum Signed Message:\n32";
+        bytes32 prefixedHash = keccak256(abi.encodePacked(prefix, quoteHash));
+        return prefixedHash.recover(v, r, s) == addr;
+    }
+}

src/libraries/Quotes.sol

@@ -51,17 +51,16 @@ library Quotes {
     /// @dev Due to the number of fields present in the struct, we'll just use the hash of the quote and the
     /// address of the liquidity provider offering it to calculate the EIP712 hash. In this way we avoid issues
     /// with stack depth limits and future modifications to the type hash based on changes in the struct.
-    /// @dev keccak256("PegInQuote(address liquidityProvider, bytes32 quoteHash)")
-    bytes32 public constant PEG_IN_QUOTE_TYPE_HASH = 0x04b6a5fb6a85d659a648dd600fb93f123bec1a7d0ae71b7c33b1d850b3a6da05;
+    /// @dev keccak256("PegInQuote(address liquidityProvider,bytes32 quoteHash)")
+    bytes32 public constant PEG_IN_QUOTE_TYPE_HASH = 0x82b0b35cb5a2b2130657be6794570d328b06b7687bdff463bce4a0cc24a880a2;
 
     /// @notice The type hash of the PegOutQuote struct for EIP712
     /// @dev Due to the number of fields present in the struct, we'll just use the hash of the quote and the
     /// address of the liquidity provider offering it to calculate the EIP712 hash. In this way we avoid issues
     /// with stack depth limits and future modifications to the type hash based on changes in the struct.
-    /// @dev keccak256("PegOutQuote(address liquidityProvider, bytes32 quoteHash)")
-    // TODO validar en jira
+    /// @dev keccak256("PegOutQuote(address liquidityProvider,bytes32 quoteHash)")
     bytes32 public constant PEG_OUT_QUOTE_TYPE_HASH =
-        0x91061380a398473c20ee77839e0df2d1d1cf5dcc79ae90e660f8c6973d17765f;
+        0x940deda477f28e6fd80f8307aea1edb500dbd4ee20815878162fec9001fab898;
 
     error AmountTooLow(uint256 value, uint256 target);
 

src/libraries/SignatureValidator.sol

@@ -12,20 +12,21 @@ library SignatureValidator {
     /**
         @dev Verfies signature against address
         @param addr The signing address
-        @param eip712Hash The EIP712 hash of the signed data, this contract expects
-        it to be already prefixed with the EIP712 domain separator
+        @param messageHash The hash of the signed message, the SignatureValidator won't perform any
+        modification on the message. If this is used for EIP712, this contract expects it to be the
+        final hash (domain hash + hashStruct)
         @param signature The signature containing v, r and s
         @return True if the signature is valid, false otherwise.
      */
-    function verify(address addr, bytes32 eip712Hash, bytes memory signature) public pure returns (bool) {
+    function verify(address addr, bytes32 messageHash, bytes memory signature) public pure returns (bool) {
 
         if (addr == address(0)) {
             revert ZeroAddress();
         }
 
         if (signature.length != 65) {
-            revert IncorrectSignature(addr, eip712Hash, signature);
+            revert IncorrectSignature(addr, messageHash, signature);
         }
-        return  eip712Hash.recover(signature) == addr;
+        return  messageHash.recover(signature) == addr;
     }
 }

test/fuzz/libraries/SignatureValidator.fuzz.t.sol

@@ -33,7 +33,11 @@ contract SignatureValidatorFuzzTest is Test {
         );
         bytes memory signature = abi.encodePacked(r, s, v);
 
-        bool result = signatureValidator.verify(signer, messageHash, signature);
+        bool result = signatureValidator.verify(
+            signer,
+            ethSignedMessageHash,
+            signature
+        );
         assertTrue(result, "Valid signature should verify");
     }
 
@@ -284,10 +288,18 @@ contract SignatureValidatorFuzzTest is Test {
 
             // Signature 1 should verify for addr1, not addr2
             assertTrue(
-                signatureValidator.verify(addr1, messageHash, signature)
+                signatureValidator.verify(
+                    addr1,
+                    ethSignedMessageHash,
+                    signature
+                )
             );
             assertFalse(
-                signatureValidator.verify(addr2, messageHash, signature)
+                signatureValidator.verify(
+                    addr2,
+                    ethSignedMessageHash,
+                    signature
+                )
             );
         }
 
@@ -301,10 +313,18 @@ contract SignatureValidatorFuzzTest is Test {
 
             // Signature 2 should verify for addr2, not addr1
             assertTrue(
-                signatureValidator.verify(addr2, messageHash, signature)
+                signatureValidator.verify(
+                    addr2,
+                    ethSignedMessageHash,
+                    signature
+                )
             );
             assertFalse(
-                signatureValidator.verify(addr1, messageHash, signature)
+                signatureValidator.verify(
+                    addr1,
+                    ethSignedMessageHash,
+                    signature
+                )
             );
         }
     }

test/fuzz/pegin/PegInFuzzTestBase.sol

@@ -136,13 +136,37 @@ abstract contract PegInFuzzTestBase is PegInTestBase {
 
     // ============ Signature Helpers ============
 
-    /// @notice Signs a quote hash with the appropriate LP private key
+    /// @notice Signs a quote with the appropriate LP private key
     /// @param signer The signer address (must be one of the registered LPs)
-    /// @param quoteHash The hash of the quote to sign
+    /// @param quote The quote to sign
     /// @return signature The EIP-191 signature
     function signFuzzQuote(
         address signer,
-        bytes32 quoteHash
+        Quotes.PegInQuote memory quote
+    ) internal view returns (bytes memory) {
+        uint256 privateKey;
+        if (signer == fullLp) {
+            privateKey = fullLpKey;
+        } else if (signer == pegInLp) {
+            privateKey = pegInLpKey;
+        } else if (signer == pegOutLp) {
+            privateKey = pegOutLpKey;
+        } else {
+            revert("Unknown signer");
+        }
+
+        bytes32 eip712Hash = pegInContract.hashPegInQuoteEIP712(quote);
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(privateKey, eip712Hash);
+        return abi.encodePacked(r, s, v);
+    }
+
+    /// @notice Signs a message hash with the appropriate LP private key
+    /// @param signer The signer address (must be one of the registered LPs)
+    /// @param messageHash The message hash to sign
+    /// @return signature The signature of the message hash
+    function signMessageHash(
+        address signer,
+        bytes32 messageHash
     ) internal view returns (bytes memory) {
         uint256 privateKey;
         if (signer == fullLp) {
@@ -155,13 +179,7 @@ abstract contract PegInFuzzTestBase is PegInTestBase {
             revert("Unknown signer");
         }
 
-        bytes32 ethSignedMessageHash = keccak256(
-            abi.encodePacked("\x19Ethereum Signed Message:\n32", quoteHash)
-        );
-        (uint8 v, bytes32 r, bytes32 s) = vm.sign(
-            privateKey,
-            ethSignedMessageHash
-        );
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(privateKey, messageHash);
         return abi.encodePacked(r, s, v);
     }
 

test/fuzz/pegin/PegInRegisterTiming.fuzz.t.sol

@@ -39,21 +39,21 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fuzzUser,
             fullLp
         );
-        bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
+        bytes32 eip712Hash = pegInContract.hashPegInQuoteEIP712(quote);
 
         // First do callForUser to set state to CALL_DONE
         vm.prank(fullLp);
         pegInContract.callForUser{value: callValue}(quote);
 
         // Sign a different hash (wrong signature)
-        vm.assume(randomHash != quoteHash);
-        bytes memory wrongSignature = signFuzzQuote(pegInLp, randomHash);
+        vm.assume(randomHash != eip712Hash);
+        bytes memory wrongSignature = signMessageHash(pegInLp, randomHash);
 
         vm.expectRevert(
             abi.encodeWithSelector(
                 SignatureValidator.IncorrectSignature.selector,
                 fullLp,
-                quoteHash,
+                eip712Hash,
                 wrongSignature
             )
         );
@@ -78,20 +78,20 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fuzzUser,
             fullLp
         );
-        bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
+        bytes32 eip712Hash = pegInContract.hashPegInQuoteEIP712(quote);
 
         // First do callForUser
         vm.prank(fullLp);
         pegInContract.callForUser{value: callValue}(quote);
 
         // Sign with wrong LP (pegInLp instead of fullLp)
-        bytes memory wrongSignature = signFuzzQuote(pegInLp, quoteHash);
+        bytes memory wrongSignature = signFuzzQuote(pegInLp, quote);
 
         vm.expectRevert(
             abi.encodeWithSelector(
                 SignatureValidator.IncorrectSignature.selector,
                 fullLp,
-                quoteHash,
+                eip712Hash,
                 wrongSignature
             )
         );
@@ -120,8 +120,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fuzzUser,
             fullLp
         );
-        bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         // First do callForUser
         vm.prank(fullLp);
@@ -158,7 +157,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         uint256 peginAmount = getTotalQuoteValue(quote);
 
@@ -222,8 +221,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fuzzUser,
             fullLp
         );
-        bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         // Setup bridge to return confirmations error
         int256 BRIDGE_UNPROCESSABLE_ERROR = -303;
@@ -261,8 +259,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fuzzUser,
             fullLp
         );
-        bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         // Setup bridge to return unexpected error
         bridgeMock.setPeginError(errorCode);
@@ -301,7 +298,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         // Setup BTC block headers
         bytes memory firstHeader = createBtcBlockHeader(
@@ -355,7 +352,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         // Setup BTC block headers
         bytes memory firstHeader = createBtcBlockHeader(
@@ -411,7 +408,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         uint256 peginAmount = getTotalQuoteValue(quote);
 
@@ -467,7 +464,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         uint256 peginAmount = getTotalQuoteValue(quote);
 
@@ -530,7 +527,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         uint256 peginAmount = getTotalQuoteValue(quote);
         uint256 totalPaid = peginAmount + extraPaid;
@@ -595,7 +592,7 @@ contract PegInRegisterTimingFuzzTest is PegInFuzzTestBase {
             fullLp
         );
         bytes32 quoteHash = pegInContract.hashPegInQuote(quote);
-        bytes memory signature = signFuzzQuote(fullLp, quoteHash);
+        bytes memory signature = signFuzzQuote(fullLp, quote);
 
         uint256 peginAmount = getTotalQuoteValue(quote);
         vm.assume(underpayment < peginAmount);

test/fuzz/pegout/BtcTransactionParsing.fuzz.t.sol

@@ -268,7 +268,7 @@ contract BtcTransactionParsingFuzzTest is PegOutFuzzTestBase {
         );
 
         bytes32 quoteHash = pegOutContract.hashPegOutQuote(quote);
-        bytes memory signature = signFuzzQuote(pegOutLp, quoteHash);
+        bytes memory signature = signFuzzQuote(pegOutLp, quote);
 
         // Deposit
         vm.prank(fuzzUser);
@@ -314,7 +314,7 @@ contract BtcTransactionParsingFuzzTest is PegOutFuzzTestBase {
         );
 
         bytes32 quoteHash = pegOutContract.hashPegOutQuote(quote);
-        bytes memory signature = signFuzzQuote(pegOutLp, quoteHash);
+        bytes memory signature = signFuzzQuote(pegOutLp, quote);
 
         // Deposit
         vm.prank(fuzzUser);