fix(host-contracts): bump ACL reinitializer version (#2107)

* fix(host-contracts): bump ACL reinitializer version

* fix(host-contracts): remove legacy error ExpirationDateBeforeOneHour

* refactor(host-contracts): replace ExpirationDateBeforeOneHour with weaker ExpirationDateInThePast check

Author: zmalatrax

host-contracts/contracts/ACL.sol

@@ -70,8 +70,8 @@ contract ACL is
         uint256 expirationDate
     );
 
-    /// @notice Returned if the requested expiration date for user decryption delegation is before the next hour.
-    error ExpirationDateBeforeOneHour();
+    /// @notice Returned if the requested expiration date for user decryption delegation is in the past.
+    error ExpirationDateInThePast();
 
     /// @notice Returned if the handlesList array is empty.
     error HandlesListIsEmpty();
@@ -143,7 +143,7 @@ contract ACL is
     uint256 private constant MAJOR_VERSION = 0;
 
     /// @notice Minor version of the contract.
-    uint256 private constant MINOR_VERSION = 2;
+    uint256 private constant MINOR_VERSION = 3;
 
     /// @notice Patch version of the contract.
     uint256 private constant PATCH_VERSION = 0;
@@ -156,7 +156,7 @@ contract ACL is
 
     /// Constant used for making sure the version number used in the `reinitializer` modifier is
     /// identical between `initializeFromEmptyProxy` and the `reinitializeVX` method
-    uint64 private constant REINITIALIZER_VERSION = 3;
+    uint64 private constant REINITIALIZER_VERSION = 4;
 
     /// keccak256(abi.encode(uint256(keccak256("fhevm.storage.ACL")) - 1)) & ~bytes32(uint256(0xff))
     bytes32 private constant ACLStorageLocation = 0xa688f31953c2015baaf8c0a488ee1ee22eb0e05273cc1fd31ea4cbee42febc00;
@@ -176,11 +176,11 @@ contract ACL is
     }
 
     /**
-     * @notice Re-initializes the contract from V1.
+     * @notice Re-initializes the contract from V2.
      */
     /// @custom:oz-upgrades-unsafe-allow missing-initializer-call
     /// @custom:oz-upgrades-validate-as-initializer
-    function reinitializeV2() public virtual reinitializer(REINITIALIZER_VERSION) {}
+    function reinitializeV3() public virtual reinitializer(REINITIALIZER_VERSION) {}
 
     /**
      * @notice Allows the use of `handle` for the address `account`.
@@ -290,6 +290,9 @@ contract ACL is
         if (delegate == contractAddress) {
             revert DelegateCannotBeContractAddress(contractAddress);
         }
+        if (expirationDate <= block.timestamp) {
+            revert ExpirationDateInThePast();
+        }
 
         uint64 oldExpirationDate = userDecryptionDelegation.expirationDate;
         uint64 newExpirationDate = expirationDate;

host-contracts/docs/contract_selectors.txt

@@ -55,7 +55,7 @@ ACL
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
 | Function | proxiableUUID()                                                           | 0x52d1902d                                                         |
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
-| Function | reinitializeV2()                                                          | 0xc4115874                                                         |
+| Function | reinitializeV3()                                                          | 0xbac22bb8                                                         |
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
 | Function | renounceOwnership()                                                       | 0x715018a6                                                         |
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
@@ -113,7 +113,7 @@ ACL
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
 | Error    | ExpirationDateAlreadySetToSameValue(address,address,address,uint256)      | 0x39a48202                                                         |
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
-| Error    | ExpirationDateBeforeOneHour()                                             | 0xcabc2529                                                         |
+| Error    | ExpirationDateInThePast()                                                 | 0x15515f1a                                                         |
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|
 | Error    | FailedCall()                                                              | 0xd6bda275                                                         |
 |----------+---------------------------------------------------------------------------+--------------------------------------------------------------------|

host-contracts/lib/FHE.sol

@@ -9369,9 +9369,9 @@ library FHE {
     ///      - the ACL contract must not be paused.
     ///        Reverts via an {PausableUpgradeable-EnforcedPause} error otherwise.
     ///
-    ///      - `expirationDate` must be at least 1 hour in the future.
-    ///        i.e. `expirationDate >= block.timestamp + 1 hours`
-    ///        Reverts with an {IACL-ExpirationDateBeforeOneHour} error otherwise.
+    ///      - `expirationDate` must be strictly in the future.
+    ///        i.e. `expirationDate > block.timestamp`
+    ///        Reverts with an {IACL-ExpirationDateInThePast} error otherwise.
     ///
     ///      - `expirationDate` must differ from the current value.
     ///        Reverts with an {IACL-ExpirationDateAlreadySetToSameValue} error otherwise.

host-contracts/rust_bindings/src/acl.rs

@@ -85,7 +85,7 @@ contract ACLTest is HostContractsDeployerTestUtils {
      * It checks that the version is correct, the owner/pauser are set to the expected addresses, and the fhevmExecutor address is correct.
      */
     function test_PostProxyUpgradeCheck() public view {
-        assertEq(acl.getVersion(), string(abi.encodePacked("ACL v0.2.0")));
+        assertEq(acl.getVersion(), string(abi.encodePacked("ACL v0.3.0")));
         assertEq(acl.owner(), owner);
         assertEq(acl.isPauser(pauser), true);
         assertEq(acl.getFHEVMExecutorAddress(), fhevmExecutorAdd);
@@ -306,6 +306,25 @@ contract ACLTest is HostContractsDeployerTestUtils {
         acl.delegateForUserDecryption(delegate, contractAddress, expirationDate);
     }
 
+    /**
+     * @dev Tests that the sender cannot delegate for user decryption with expiration date in the past.
+     */
+    function test_CannotDelegateForUserDecryptionWithExpirationDateInThePast(
+        address sender,
+        address delegate,
+        address contractAddress
+    ) public {
+        vm.assume(sender != contractAddress);
+        vm.assume(sender != delegate);
+        vm.assume(delegate != contractAddress);
+
+        uint64 expirationDate = uint64(block.timestamp);
+
+        vm.prank(sender);
+        vm.expectRevert(ACL.ExpirationDateInThePast.selector);
+        acl.delegateForUserDecryption(delegate, contractAddress, expirationDate);
+    }
+
     /**
      * @dev Tests that the sender cannot delegate to itself as the contract address.
      */

host-contracts/test/acl/acl.t.sol

@@ -24,7 +24,7 @@ contract TestHostContractsDeployerTestUtils is HostContractsDeployerTestUtils {
         assertEq(address(aclProxy), aclAdd, "ACL proxy address mismatch");
         assertNotEq(aclImplementation, address(0), "Implementation not deployed");
         assertEq(aclProxy.owner(), OWNER, "Owner mismatch");
-        assertEq(aclProxy.getVersion(), "ACL v0.2.0", "Version mismatch");
+        assertEq(aclProxy.getVersion(), "ACL v0.3.0", "Version mismatch");
         assertEq(_readImplementationSlot(aclAdd), aclImplementation, "Implementation slot mismatch");
     }
 

host-contracts/test/fhevm-foundry/TestHostContractsDeployerTestUtils.t.sol

@@ -27,7 +27,7 @@ describe('Upgrades', function () {
     });
     await acl.waitForDeployment();
     const ownerBef = await acl.owner();
-    expect(await acl.getVersion()).to.equal('ACL v0.2.0');
+    expect(await acl.getVersion()).to.equal('ACL v0.3.0');
     const acl2 = await upgrades.upgradeProxy(acl, this.aclFactoryUpgraded);
     await acl2.waitForDeployment();
     const ownerAft = await acl2.owner();
@@ -96,7 +96,7 @@ describe('Upgrades', function () {
     const origACLAdd = dotenv.parse(fs.readFileSync('addresses/.env.host')).ACL_CONTRACT_ADDRESS;
     const deployer = new ethers.Wallet(process.env.DEPLOYER_PRIVATE_KEY!).connect(ethers.provider);
     const acl = (await this.aclFactory.attach(origACLAdd, deployer)) as ACL;
-    expect(await acl.getVersion()).to.equal('ACL v0.2.0');
+    expect(await acl.getVersion()).to.equal('ACL v0.3.0');
     const newaclFactoryUpgraded = await ethers.getContractFactory('ACLUpgradedExample', deployer);
     const acl2 = (await upgrades.upgradeProxy(acl, newaclFactoryUpgraded)) as unknown as ACLUpgradedExample;
     await acl2.waitForDeployment();

host-contracts/test/upgrades/upgrades.ts

@@ -169,9 +169,9 @@ library FHE {
     ///      - the ACL contract must not be paused.
     ///        Reverts via an {PausableUpgradeable-EnforcedPause} error otherwise.
     ///
-    ///      - `expirationDate` must be at least 1 hour in the future.
-    ///        i.e. `expirationDate >= block.timestamp + 1 hours`
-    ///        Reverts with an {IACL-ExpirationDateBeforeOneHour} error otherwise.
+    ///      - `expirationDate` must be strictly in the future.
+    ///        i.e. `expirationDate > block.timestamp`
+    ///        Reverts with an {IACL-ExpirationDateInThePast} error otherwise.
     ///
     ///      - `expirationDate` must differ from the current value.
     ///        Reverts with an {IACL-ExpirationDateAlreadySetToSameValue} error otherwise.

library-solidity/codegen/src/templates/FHE.sol-template

@@ -9369,9 +9369,9 @@ library FHE {
     ///      - the ACL contract must not be paused.
     ///        Reverts via an {PausableUpgradeable-EnforcedPause} error otherwise.
     ///
-    ///      - `expirationDate` must be at least 1 hour in the future.
-    ///        i.e. `expirationDate >= block.timestamp + 1 hours`
-    ///        Reverts with an {IACL-ExpirationDateBeforeOneHour} error otherwise.
+    ///      - `expirationDate` must be strictly in the future.
+    ///        i.e. `expirationDate > block.timestamp`
+    ///        Reverts with an {IACL-ExpirationDateInThePast} error otherwise.
     ///
     ///      - `expirationDate` must differ from the current value.
     ///        Reverts with an {IACL-ExpirationDateAlreadySetToSameValue} error otherwise.

library-solidity/lib/FHE.sol

@@ -252,6 +252,18 @@ contract FHEDelegationTest is HostContractsDeployerTestUtils {
         adapter.delegateUserDecryption(contractContext, contractContext, expirationDate);
     }
 
+    function testFuzz_DelegateUserDecryption_RevertsWhenExpiryInThePast(
+        uint256 expirationDate,
+        address delegate,
+        address contractContext
+    ) public {
+        _assumeDelegateAndContext(delegate, contractContext);
+        uint64 boundedExpiry = uint64(bound(expirationDate, 0, block.timestamp));
+
+        vm.expectRevert(ACL.ExpirationDateInThePast.selector);
+        adapter.delegateUserDecryption(delegate, contractContext, boundedExpiry);
+    }
+
     function testFuzz_DelegateUserDecryption_RevertsOnSameBlockReplay(
         uint256 expirationDate,
         address delegate,