FailSafe: add guardians

Author: apoorvlathey

deploy/scripts/TransferOwnership.ts

@@ -15,7 +15,6 @@ const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
     "DefaultProxyAdmin",
     "MarketplaceUniversalRouterZap",
     "MigratorZap",
-    "FailSafe",
     "NFTXFeeDistributorV3",
     "NFTXInventoryStakingV3Upgradeable",
     "NFTXRouter",

src/FailSafe.sol

@@ -15,18 +15,36 @@ interface IPausable {
  * @notice Pause all operations at once. This contract must be set as guardian.
  */
 contract FailSafe is Ownable {
+    // types
     struct Contract {
         address addr;
         uint256 lastLockId;
     }
 
+    // storage
     Contract[] public contracts;
+    mapping(address => bool) public isGuardian;
+
+    // events
+    event SetIsGuardian(address addr, bool isGuardian);
+
+    // errors
+    error NotGuardian();
 
     constructor(Contract[] memory _contracts) {
         setContracts(_contracts);
+        isGuardian[msg.sender] = true;
+    }
+
+    // modifiers
+    modifier onlyGuardian() {
+        if (!isGuardian[msg.sender]) revert NotGuardian();
+        _;
     }
 
-    function pauseAll() external onlyOwner {
+    // external functions
+    // onlyGuardian
+    function pauseAll() external onlyGuardian {
         uint256 len = contracts.length;
         for (uint256 i; i < len; ) {
             Contract storage c = contracts[i];
@@ -45,6 +63,7 @@ contract FailSafe is Ownable {
         }
     }
 
+    // onlyOwner
     function setContracts(Contract[] memory _contracts) public onlyOwner {
         delete contracts;
 
@@ -57,4 +76,9 @@ contract FailSafe is Ownable {
             }
         }
     }
+
+    function setIsGuardian(address addr, bool _isGuardian) external onlyOwner {
+        isGuardian[addr] = _isGuardian;
+        emit SetIsGuardian(addr, _isGuardian);
+    }
 }

test/FailSafe.t.sol

@@ -58,13 +58,19 @@ contract FailSafeTests is TestBase {
         }
     }
 
-    function test_FailSafe_pauseAll_RevertsForNonOwner() external {
-        hoax(makeAddr("nonOwner"));
-        vm.expectRevert("Ownable: caller is not the owner");
+    // FailSafe#pauseAll
+
+    function test_FailSafe_pauseAll_RevertsForNonGuardian() external {
+        hoax(makeAddr("nonGuardian"));
+        vm.expectRevert(FailSafe.NotGuardian.selector);
         failsafe.pauseAll();
     }
 
     function test_FailSafe_pauseAll_Success() external {
+        address newGuardian = makeAddr("newGuardian");
+        failsafe.setIsGuardian(newGuardian, true);
+        startHoax(newGuardian);
+
         failsafe.pauseAll();
 
         // check if all operations are paused
@@ -93,4 +99,59 @@ contract FailSafeTests is TestBase {
         assertTrue(nftxRouter.isPaused(NFTX_ROUTER_LOCK_ID_SELLNFTS));
         assertTrue(nftxRouter.isPaused(NFTX_ROUTER_LOCK_ID_BUYNFTS));
     }
+
+    // FailSafe#setContracts
+
+    function test_FailSafe_setContracts_RevertsForNonOwner() external {
+        hoax(makeAddr("nonOwner"));
+        vm.expectRevert(OWNABLE_NOT_OWNER_ERROR);
+        failsafe.setContracts(new FailSafe.Contract[](0));
+    }
+
+    function test_FailSafe_setContracts_Success() external {
+        FailSafe.Contract[] memory contracts = new FailSafe.Contract[](5);
+        contracts[0] = FailSafe.Contract({
+            addr: address(inventoryStaking),
+            lastLockId: 4
+        });
+        contracts[1] = FailSafe.Contract({
+            addr: address(vaultFactory),
+            lastLockId: 0
+        });
+        contracts[2] = FailSafe.Contract({
+            addr: address(feeDistributor),
+            lastLockId: 1
+        });
+        contracts[3] = FailSafe.Contract({
+            addr: address(nftxRouter),
+            lastLockId: 4
+        });
+        contracts[4] = FailSafe.Contract({
+            addr: makeAddr("newContract"),
+            lastLockId: 5
+        });
+
+        failsafe.setContracts(contracts);
+
+        // check if the contracts are set
+        for (uint256 i; i < contracts.length; i++) {
+            (address addr, uint256 lastLockId) = failsafe.contracts(i);
+            assertEq(addr, contracts[i].addr);
+            assertEq(lastLockId, contracts[i].lastLockId);
+        }
+    }
+
+    // FailSafe#setIsGuardian
+    function test_FailSafe_setIsGuardian_RevertsForNonOwner() external {
+        hoax(makeAddr("nonOwner"));
+        vm.expectRevert(OWNABLE_NOT_OWNER_ERROR);
+        failsafe.setIsGuardian(makeAddr("addr"), true);
+    }
+
+    function test_FailSafe_setIsGuardian_Success() external {
+        address newGuardian = makeAddr("newGuardian");
+        failsafe.setIsGuardian(newGuardian, true);
+
+        assertTrue(failsafe.isGuardian(newGuardian));
+    }
 }