From d42b0c7c0c7ba7bd623702fce25a7c6f987bbe9b Mon Sep 17 00:00:00 2001 From: pascal Date: Mon, 31 Jul 2023 13:35:38 +0200 Subject: [PATCH] auth: Fix deployment initially authed issue --- script/IAuthChaincheck.sol | 22 +++++++++++----------- script/ITollChaincheck.sol | 22 +++++++++++----------- src/auth/Auth.sol | 22 +++++++++++----------- test/auth/Auth.t.sol | 8 +++++--- test/auth/IAuthTest.sol | 4 ++-- test/toll/Toll.t.sol | 6 ++++-- 6 files changed, 44 insertions(+), 40 deletions(-) diff --git a/script/IAuthChaincheck.sol b/script/IAuthChaincheck.sol index fc2450b..5a87428 100644 --- a/script/IAuthChaincheck.sol +++ b/script/IAuthChaincheck.sol @@ -13,17 +13,17 @@ import {IAuth} from "src/auth/IAuth.sol"; * @notice IAuth's `chaincheck` Integration Test * * @dev Config Definition: - * ```json - * { - * "IAuth": { - * "legacy": bool, - * "authed": [ - * "0x000000000000000000000000000000000000cafe", - * ... - * ] - * } - * } - * ``` + * ```json + * { + * "IAuth": { + * "legacy": bool, + * "authed": [ + * "", + * ... + * ] + * } + * } + * ``` */ contract IAuthChaincheck is Chaincheck { using stdJson for string; diff --git a/script/ITollChaincheck.sol b/script/ITollChaincheck.sol index 50b91f1..9a059ab 100644 --- a/script/ITollChaincheck.sol +++ b/script/ITollChaincheck.sol @@ -14,17 +14,17 @@ import {IToll} from "src/toll/IToll.sol"; * @notice IToll's `chaincheck` Integration Test * * @dev Config Definition: - * ```json - * { - * "IToll": { - * "legacy": bool, - * "tolled": [ - * "0x000000000000000000000000000000000000cafe", - * ... - * ] - * } - * } - * ``` + * ```json + * { + * "IToll": { + * "legacy": bool, + * "tolled": [ + * "", + * ... + * ] + * } + * } + * ``` */ contract ITollChaincheck is Chaincheck { using stdJson for string; diff --git a/src/auth/Auth.sol b/src/auth/Auth.sol index 3d4f6ea..f1ff086 100644 --- a/src/auth/Auth.sol +++ b/src/auth/Auth.sol @@ -10,9 +10,9 @@ import {IAuth} from "./IAuth.sol"; * where a set of addresses are granted access to protected functions. * These addresses are said to be _auth'ed_. * - * Initially, the deployer address is the only address auth'ed. Through - * the `rely(address)` and `deny(address)` functions, auth'ed callers are - * able to grant/renounce auth to/from addresses. + * Initially, the address given as constructor argument is the only address + * auth'ed. Through the `rely(address)` and `deny(address)` functions, + * auth'ed callers are able to grant/renounce auth to/from addresses. * * This module is used through inheritance. It will make available the * modifier `auth`, which can be applied to functions to restrict their @@ -22,8 +22,8 @@ abstract contract Auth is IAuth { /// @dev Mapping storing whether address is auth'ed. /// @custom:invariant Image of mapping is {0, 1}. /// ∀x ∊ Address: _wards[x] ∊ {0, 1} - /// @custom:invariant Only deployer address authenticated after deployment. - /// deployment → (∀x ∊ Address: _wards[x] == 1 → x == msg.sender) + /// @custom:invariant Only address given as constructor argument is authenticated after deployment. + /// deploy(initialAuthed) → (∀x ∊ Address: _wards[x] == 1 → x == initialAuthed) /// @custom:invariant Only functions `rely` and `deny` may mutate the mapping's state. /// ∀x ∊ Address: preTx(_wards[x]) != postTx(_wards[x]) /// → (msg.sig == "rely" ∨ msg.sig == "deny") @@ -60,13 +60,13 @@ abstract contract Auth is IAuth { _; } - constructor() { - _wards[msg.sender] = 1; - _wardsTouched.push(msg.sender); + constructor(address initialAuthed) { + _wards[initialAuthed] = 1; + _wardsTouched.push(initialAuthed); - // Note to use address(0) as caller to keep invariant that no address - // can grant itself auth. - emit AuthGranted(address(0), msg.sender); + // Note to use address(0) as caller to indicate address was auth'ed + // during deployment. + emit AuthGranted(address(0), initialAuthed); } /// @inheritdoc IAuth diff --git a/test/auth/Auth.t.sol b/test/auth/Auth.t.sol index 1611ef4..0d0aec4 100644 --- a/test/auth/Auth.t.sol +++ b/test/auth/Auth.t.sol @@ -6,16 +6,18 @@ import {IAuthInvariantTest} from "./IAuthInvariantTest.sol"; import {Auth} from "src/auth/Auth.sol"; -contract AuthInstance is Auth {} +contract AuthInstance is Auth { + constructor(address initialAuthed) Auth(initialAuthed) {} +} contract AuthTest is IAuthTest { function setUp() public { - setUp(new AuthInstance()); + setUp(new AuthInstance(address(this))); } } contract AuthInvariantTest is IAuthInvariantTest { function setUp() public { - setUp(new AuthInstance()); + setUp(new AuthInstance(address(this))); } } diff --git a/test/auth/IAuthTest.sol b/test/auth/IAuthTest.sol index 248b130..1f0c82e 100644 --- a/test/auth/IAuthTest.sol +++ b/test/auth/IAuthTest.sol @@ -19,10 +19,10 @@ abstract contract IAuthTest is Test { } function test_deployment() public { - // Deployer is auth'ed. + // Address given as constructor argument is auth'ed. assertTrue(auth.authed(address(this))); - // Deployer is included in authed list. + // Address given as constructor is included in authed list. address[] memory authed = auth.authed(); assertEq(authed.length, 1); assertEq(authed[0], address(this)); diff --git a/test/toll/Toll.t.sol b/test/toll/Toll.t.sol index f3dc7e6..2b1c5b9 100644 --- a/test/toll/Toll.t.sol +++ b/test/toll/Toll.t.sol @@ -8,17 +8,19 @@ import {Toll} from "src/toll/Toll.sol"; import {Auth} from "src/auth/Auth.sol"; contract TollInstance is Toll, Auth { + constructor(address initialAuthed) Auth(initialAuthed) {} + function toll_auth() internal override(Toll) auth {} } contract TollTest is ITollTest { function setUp() public { - setUp(new TollInstance()); + setUp(new TollInstance(address(this))); } } contract TollInvariantTest is ITollInvariantTest { function setUp() public { - setUp(new TollInstance()); + setUp(new TollInstance(address(this))); } }