sablier-labs
diff --git a/‎src/SablierMerkleInstant.sol
Lines changed: 32 additions & 9 deletions b/‎src/SablierMerkleInstant.sol
Lines changed: 32 additions & 9 deletions
diff --git a/‎src/SablierMerkleLL.sol
Lines changed: 32 additions & 9 deletions b/‎src/SablierMerkleLL.sol
Lines changed: 32 additions & 9 deletions
diff --git a/‎src/SablierMerkleLT.sol
Lines changed: 32 additions & 8 deletions b/‎src/SablierMerkleLT.sol
Lines changed: 32 additions & 8 deletions
diff --git a/‎src/SablierMerkleVCA.sol
Lines changed: 32 additions & 8 deletions b/‎src/SablierMerkleVCA.sol
Lines changed: 32 additions & 8 deletions
diff --git a/‎src/abstracts/SablierMerkleBase.sol
Lines changed: 63 additions & 1 deletion b/‎src/abstracts/SablierMerkleBase.sol
Lines changed: 63 additions & 1 deletion
@@ -6,7 +6,6 @@ import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.s
 
 import { SablierMerkleBase } from "./abstracts/SablierMerkleBase.sol";
 import { ISablierMerkleInstant } from "./interfaces/ISablierMerkleInstant.sol";
-import { Errors } from "./libraries/Errors.sol";
 import { MerkleInstant } from "./types/DataTypes.sol";
 
 /*
@@ -71,10 +70,10 @@ contract SablierMerkleInstant is
         payable
         override
     {
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
         _preProcessClaim(index, recipient, amount, merkleProof);
 
-        // Interaction: Post-process the claim parameters.
+        // Interaction: Post-process the claim parameters on behalf of the recipient.
         _postProcessClaim({ index: index, recipient: recipient, to: recipient, amount: amount });
     }
 
@@ -89,18 +88,42 @@ contract SablierMerkleInstant is
         payable
         override
     {
-        // Check: `to` must not be the zero address.
-        if (to == address(0)) {
-            revert Errors.SablierMerkleInstant_ToZeroAddress();
-        }
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
 
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of `msg.sender`.
         _preProcessClaim({ index: index, recipient: msg.sender, amount: amount, merkleProof: merkleProof });
 
-        // Interaction: Post-process the claim parameters.
+        // Interaction: Post-process the claim parameters on behalf of `msg.sender`.
         _postProcessClaim({ index: index, recipient: msg.sender, to: to, amount: amount });
     }
 
+    /// @inheritdoc ISablierMerkleInstant
+    function claimViaSig(
+        uint256 index,
+        address recipient,
+        address to,
+        uint128 amount,
+        bytes32[] calldata merkleProof,
+        bytes calldata signature
+    )
+        external
+        payable
+        override
+    {
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
+
+        // Check: the signature is valid and the recovered signer matches the recipient.
+        _checkSignature(index, recipient, to, amount, signature);
+
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
+        _preProcessClaim(index, recipient, amount, merkleProof);
+
+        // Interaction: Post-process the claim parameters on behalf of the recipient.
+        _postProcessClaim(index, recipient, to, amount);
+    }
+
     /*//////////////////////////////////////////////////////////////////////////
                           PRIVATE STATE-CHANGING FUNCTIONS
     //////////////////////////////////////////////////////////////////////////*/
 
@@ -8,7 +8,6 @@ import { Lockup, LockupLinear } from "@sablier/lockup/src/types/DataTypes.sol";
 
 import { SablierMerkleLockup } from "./abstracts/SablierMerkleLockup.sol";
 import { ISablierMerkleLL } from "./interfaces/ISablierMerkleLL.sol";
-import { Errors } from "./libraries/Errors.sol";
 import { MerkleLL } from "./types/DataTypes.sol";
 
 /*
@@ -104,10 +103,10 @@ contract SablierMerkleLL is
         payable
         override
     {
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
         _preProcessClaim(index, recipient, amount, merkleProof);
 
-        // Effect and Interaction: Post-process the claim parameters.
+        // Effect and Interaction: Post-process the claim parameters on behalf of the recipient.
         _postProcessClaim({ index: index, recipient: recipient, to: recipient, amount: amount });
     }
 
@@ -122,18 +121,42 @@ contract SablierMerkleLL is
         payable
         override
     {
-        // Check: `to` must not be the zero address.
-        if (to == address(0)) {
-            revert Errors.SablierMerkleLL_ToZeroAddress();
-        }
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
 
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of `msg.sender`.
         _preProcessClaim({ index: index, recipient: msg.sender, amount: amount, merkleProof: merkleProof });
 
-        // Effect and Interaction: Post-process the claim parameters.
+        // Effect and Interaction: Post-process the claim parameters on behalf of `msg.sender`.
         _postProcessClaim({ index: index, recipient: msg.sender, to: to, amount: amount });
     }
 
+    /// @inheritdoc ISablierMerkleLL
+    function claimViaSig(
+        uint256 index,
+        address recipient,
+        address to,
+        uint128 amount,
+        bytes32[] calldata merkleProof,
+        bytes calldata signature
+    )
+        external
+        payable
+        override
+    {
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
+
+        // Check: the signature is valid and the recovered signer matches the recipient.
+        _checkSignature(index, recipient, to, amount, signature);
+
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
+        _preProcessClaim(index, recipient, amount, merkleProof);
+
+        // Effect and Interaction: Post-process the claim parameters on behalf of the recipient.
+        _postProcessClaim(index, recipient, to, amount);
+    }
+
     /*//////////////////////////////////////////////////////////////////////////
                           PRIVATE STATE-CHANGING FUNCTIONS
     //////////////////////////////////////////////////////////////////////////*/
 
@@ -114,10 +114,10 @@ contract SablierMerkleLT is
         payable
         override
     {
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
         _preProcessClaim(index, recipient, amount, merkleProof);
 
-        // Check, Effect and Interaction: Post-process the claim parameters.
+        // Check, Effect and Interaction: Post-process the claim parameters on behalf of the recipient.
         _postProcessClaim({ index: index, recipient: recipient, to: recipient, amount: amount });
     }
 
@@ -132,18 +132,42 @@ contract SablierMerkleLT is
         payable
         override
     {
-        // Check: `to` must not be the zero address.
-        if (to == address(0)) {
-            revert Errors.SablierMerkleLT_ToZeroAddress();
-        }
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
 
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of `msg.sender`.
         _preProcessClaim({ index: index, recipient: msg.sender, amount: amount, merkleProof: merkleProof });
 
-        // Check, Effect and Interaction: Post-process the claim parameters.
+        // Check, Effect and Interaction: Post-process the claim parameters on behalf of `msg.sender`.
         _postProcessClaim({ index: index, recipient: msg.sender, to: to, amount: amount });
     }
 
+    /// @inheritdoc ISablierMerkleLT
+    function claimViaSig(
+        uint256 index,
+        address recipient,
+        address to,
+        uint128 amount,
+        bytes32[] calldata merkleProof,
+        bytes calldata signature
+    )
+        external
+        payable
+        override
+    {
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
+
+        // Check: the signature is valid and the recovered signer matches the recipient.
+        _checkSignature(index, recipient, to, amount, signature);
+
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
+        _preProcessClaim(index, recipient, amount, merkleProof);
+
+        // Check, Effect and Interaction: Post-process the claim parameters on behalf of the recipient.
+        _postProcessClaim(index, recipient, to, amount);
+    }
+
     /*//////////////////////////////////////////////////////////////////////////
                             PRIVATE READ-ONLY FUNCTIONS
     //////////////////////////////////////////////////////////////////////////*/
 
@@ -155,10 +155,10 @@ contract SablierMerkleVCA is
         payable
         override
     {
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
         _preProcessClaim({ index: index, recipient: recipient, amount: fullAmount, merkleProof: merkleProof });
 
-        // Check, Effect and Interaction: Post-process the claim parameters.
+        // Check, Effect and Interaction: Post-process the claim parameters on behalf of the recipient.
         _postProcessClaim({ index: index, recipient: recipient, to: recipient, fullAmount: fullAmount });
     }
 
@@ -173,18 +173,42 @@ contract SablierMerkleVCA is
         payable
         override
     {
-        // Check: `to` must not be the zero address.
-        if (to == address(0)) {
-            revert Errors.SablierMerkleVCA_ToZeroAddress();
-        }
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
 
-        // Check, Effect and Interaction: Pre-process the claim parameters.
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of `msg.sender`.
         _preProcessClaim({ index: index, recipient: msg.sender, amount: fullAmount, merkleProof: merkleProof });
 
-        // Check, Effect and Interaction: Post-process the claim parameters.
+        // Check, Effect and Interaction: Post-process the claim parameters on behalf of `msg.sender`.
         _postProcessClaim({ index: index, recipient: msg.sender, to: to, fullAmount: fullAmount });
     }
 
+    /// @inheritdoc ISablierMerkleVCA
+    function claimViaSig(
+        uint256 index,
+        address recipient,
+        address to,
+        uint128 fullAmount,
+        bytes32[] calldata merkleProof,
+        bytes calldata signature
+    )
+        external
+        payable
+        override
+    {
+        // Check: `to` is not the zero address.
+        _revertIfToZeroAddress(to);
+
+        // Check: the signature is valid and the recovered signer matches the recipient.
+        _checkSignature(index, recipient, to, fullAmount, signature);
+
+        // Check, Effect and Interaction: Pre-process the claim parameters on behalf of the recipient.
+        _preProcessClaim(index, recipient, fullAmount, merkleProof);
+
+        // Check, Effect and Interaction: Post-process the claim parameters on behalf of the recipient.
+        _postProcessClaim(index, recipient, to, fullAmount);
+    }
+
     /*//////////////////////////////////////////////////////////////////////////
                             PRIVATE READ-ONLY FUNCTIONS
     //////////////////////////////////////////////////////////////////////////*/
 
@@ -5,6 +5,8 @@ import { AggregatorV3Interface } from "@chainlink/contracts/src/v0.8/shared/inte
 import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
 import { MerkleProof } from "@openzeppelin/contracts/utils/cryptography/MerkleProof.sol";
+import { MessageHashUtils } from "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
+import { SignatureChecker } from "@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";
 import { BitMaps } from "@openzeppelin/contracts/utils/structs/BitMaps.sol";
 import { Adminable } from "@sablier/evm-utils/src/Adminable.sol";
 import { ISablierFactoryMerkleBase } from "./../interfaces/ISablierFactoryMerkleBase.sol";
@@ -54,6 +56,18 @@ abstract contract SablierMerkleBase is
     /// @inheritdoc ISablierMerkleBase
     uint256 public override minFeeUSD;
 
+    /// @dev The struct type hash used for computing the domain separator for EIP-712 and EIP-1271 signatures.
+    bytes32 private constant _CLAIM_TYPEHASH =
+        keccak256("Claim(uint256 index,address recipient,address to,uint128 amount)");
+
+    /// @dev The domain separator, as required by EIP-712 and EIP-1271, used for signing claim to prevent replay attacks
+    /// across different campaigns.
+    bytes32 private immutable _DOMAIN_SEPARATOR;
+
+    /// @dev The domain type hash used for computing the domain separator for EIP-712 and EIP-1271 signatures.
+    bytes32 private constant _DOMAIN_TYPE_HASH =
+        keccak256("EIP712Domain(string name,uint256 chainId,address verifyingContract)");
+
     /// @dev Packed booleans that record the history of claims.
     BitMaps.BitMap internal _claimedBitMap;
 
@@ -74,12 +88,18 @@ abstract contract SablierMerkleBase is
     )
         Adminable(initialAdmin)
     {
+        // Compute the domain separator to be used for claiming using an EIP-712 or EIP-1271 signature.
+        _DOMAIN_SEPARATOR = keccak256(
+            abi.encode(_DOMAIN_TYPE_HASH, keccak256("Sablier Merkle Airdrops Protocol"), block.chainid, address(this))
+        );
+
         CAMPAIGN_START_TIME = campaignStartTime;
         EXPIRATION = expiration;
         FACTORY = ISablierFactoryMerkleBase(msg.sender);
         MERKLE_ROOT = merkleRoot;
         ORACLE = FACTORY.oracle();
         TOKEN = token;
+
         campaignName = campaignName_;
         ipfsCID = ipfsCID_;
         minFeeUSD = FACTORY.minFeeUSDFor(campaignCreator);
@@ -154,11 +174,53 @@ abstract contract SablierMerkleBase is
         });
     }
 
+    /*//////////////////////////////////////////////////////////////////////////
+                            INTERNAL READ-ONLY FUNCTIONS
+    //////////////////////////////////////////////////////////////////////////*/
+
+    /// @dev Verifies the signature against the provided parameters. It supports both EIP-712 and EIP-1271 signatures.
+    function _checkSignature(
+        uint256 index,
+        address recipient,
+        address to,
+        uint128 amount,
+        bytes calldata signature
+    )
+        internal
+        view
+    {
+        // Encode the claim parameters using claim type hash and hash it.
+        bytes32 claimHash = keccak256(abi.encode(_CLAIM_TYPEHASH, index, recipient, to, amount));
+
+        // Returns the keccak256 digest of the claim parameters using claim hash and the domain separator.
+        bytes32 digest = MessageHashUtils.toTypedDataHash(_DOMAIN_SEPARATOR, claimHash);
+
+        // If recipient is an EOA, `isValidSignatureNow` recovers the signer using ECDSA from the signature and the
+        // digest. It returns true if the recovered signer matches the recipient. If the recipient is a contract,
+        // `isValidSignatureNow` checks if the recipient implements the `IERC1271` interface and returns the magic value
+        // as per EIP-1271 for the given digest and signature.
+        bool isSignatureValid =
+            SignatureChecker.isValidSignatureNow({ signer: recipient, hash: digest, signature: signature });
+
+        // Check: `isSignatureValid` is true.
+        if (!isSignatureValid) {
+            revert Errors.SablierMerkleBase_InvalidSignature();
+        }
+    }
+
+    /// @dev Reverts if the `to` address is the zero address.
+    function _revertIfToZeroAddress(address to) internal pure {
+        // Check: `to` is not the zero address.
+        if (to == address(0)) {
+            revert Errors.SablierMerkleBase_ToZeroAddress();
+        }
+    }
+
     /*//////////////////////////////////////////////////////////////////////////
                             PRIVATE READ-ONLY FUNCTIONS
     //////////////////////////////////////////////////////////////////////////*/
 
-    /// @dev See the documentation for the user-facing functions that call this internal function.
+    /// @dev See the documentation for the user-facing functions that call this private function.
     function _calculateMinFeeWei() private view returns (uint256) {
         // If the oracle is not set, return 0.
         if (ORACLE == address(0)) {