Cross-chain standardisation: ERC-7786 interfaces, helpers and Axelar adapter (#28)

* cross-chain prototype v1

* split common <> axelar

* add relay observability

* Update oz to master

* Iterate

* Remove salt

* Iterate

* Add GatewayAxelar specialization

* Iterate

* Fix GatewayAxelarSource

* Remove unnecessary contract

* Iteration

* Remove interfaces

* Checkpoint

* Add incoming dual mode

* Fix compilation

* Apply review suggestions

* Install axelar contracts

* Apply review sugggestion

* Apply suggestions

* wip fixes

* trying to get crosschain to compile

* fix compilation

* minor update

* make attributes a bytes[]

* Address comments and add some tests

* refactor and test caip utils

* up

* using unmerged version of Strings with parsing

* up

* workflow testing (active and passive)

* update

* up

* address PR comments

* renovate

* rename

* fix foundry

* codespell

* use checksumed addresses

* use @openzepplin/contracts@master

* add/move files that are no longer planned to be in the main repo

* get submodules when running tests

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Francisco Giordano <[email protected]>

* simplify

* update

* validateReceivedMessage -> setExecutedMessage

* Add docs

* Update AxelarGatewayDestination.sol

Co-authored-by: Francisco Giordano <[email protected]>

* Update

* Update

* Pick CI changes

* Run `forge update`

* Sync prettier version with vanilla contracts

* Point .gitmodules to master

* fix imports

* Implement audit recommendations for crosschain gateway implementations (#22)

* Updated ERC specs

* executeMessage returns bytes4

* Add AxelarGatewayDuplex

* remove npm contracts dependency in favor of the master submodule

* slither remappings

* clarify CAIP-10 format

* document reverts

* unused imports

* unexpected attributes too short

* document remoteGateway format

* clarify AxelarGatewayDestination._execute

* rewrite require(..., error); as if (...) revert error;

* typography

* custom errors

* replace require with string with custom error

* Apply audit review suggestions

* Adjust checks.yml

* Point gitmodules to master on OZ contracts

* lint

* Fix CI

* Fix CI 2

* Fix slither

* up

* up

* Disable locked-ether slither rule for duplex

* Make prettier version consistent

* Remove passive mode

* Apply suggestions from code review

Co-authored-by: Ernesto García <[email protected]>

* Update contracts/crosschain/axelar/AxelarGatewayDuplex.sol

---------

Co-authored-by: Ernesto García <[email protected]>

* cleanup

---------

Co-authored-by: Hadrien Croubois <[email protected]>
Co-authored-by: Ernesto García <[email protected]>
Co-authored-by: Francisco Giordano <[email protected]>

Author: 4 people

.github/workflows/checks.yml

@@ -51,8 +51,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-        with:
-          submodules: recursive
       - name: Set up environment
         uses: ./.github/actions/setup
       - name: Run tests

.gitmodules

@@ -1,9 +1,11 @@
 [submodule "lib/@openzeppelin-contracts"]
 	path = lib/@openzeppelin-contracts
 	url = https://github.com/OpenZeppelin/openzeppelin-contracts.git
+	branch = master
 [submodule "lib/@openzeppelin-contracts-upgradeable"]
 	path = lib/@openzeppelin-contracts-upgradeable
 	url = https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable.git
+	branch = master
 [submodule "lib/forge-std"]
 	path = lib/forge-std
 	url = https://github.com/foundry-rs/forge-std.git

contracts/crosschain/axelar/AxelarGatewayBase.sol

@@ -0,0 +1,65 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
+import {IAxelarGateway} from "@axelar-network/axelar-gmp-sdk-solidity/contracts/interfaces/IAxelarGateway.sol";
+
+/**
+ * @dev Base implementation of a cross-chain gateway adapter for the Axelar Network.
+ *
+ * This contract allows developers to register equivalence between chains (i.e. CAIP-2 chain identifiers
+ * to Axelar chain identifiers) and remote gateways (i.e. gateways on other chains) to
+ * facilitate cross-chain communication.
+ */
+abstract contract AxelarGatewayBase is Ownable {
+    /// @dev A remote gateway has been registered for a chain.
+    event RegisteredRemoteGateway(string caip2, string gatewayAddress);
+
+    /// @dev A chain equivalence has been registered.
+    event RegisteredChainEquivalence(string caip2, string destinationChain);
+
+    /// @dev Error emitted when an unsupported chain is queried.
+    error UnsupportedChain(string caip2);
+
+    error ChainEquivalenceAlreadyRegistered(string caip2);
+    error RemoteGatewayAlreadyRegistered(string caip2);
+
+    /// @dev Axelar's official gateway for the current chain.
+    IAxelarGateway public immutable localGateway;
+
+    mapping(string caip2 => string remoteGateway) private _remoteGateways;
+    mapping(string caip2OrAxelar => string axelarOrCaip2) private _chainEquivalence;
+
+    /// @dev Sets the local gateway address (i.e. Axelar's official gateway for the current chain).
+    constructor(IAxelarGateway _gateway) {
+        localGateway = _gateway;
+    }
+
+    /// @dev Returns the equivalent chain given an id that can be either CAIP-2 or an Axelar network identifier.
+    function getEquivalentChain(string memory input) public view virtual returns (string memory output) {
+        output = _chainEquivalence[input];
+        require(bytes(output).length > 0, UnsupportedChain(input));
+    }
+
+    /// @dev Returns the address string of the remote gateway for a given CAIP-2 chain identifier.
+    function getRemoteGateway(string memory caip2) public view virtual returns (string memory remoteGateway) {
+        remoteGateway = _remoteGateways[caip2];
+        require(bytes(remoteGateway).length > 0, UnsupportedChain(caip2));
+    }
+
+    /// @dev Registers a chain equivalence between a CAIP-2 chain identifier and an Axelar network identifier.
+    function registerChainEquivalence(string calldata caip2, string calldata axelarSupported) public virtual onlyOwner {
+        require(bytes(_chainEquivalence[caip2]).length == 0, ChainEquivalenceAlreadyRegistered(caip2));
+        _chainEquivalence[caip2] = axelarSupported;
+        _chainEquivalence[axelarSupported] = caip2;
+        emit RegisteredChainEquivalence(caip2, axelarSupported);
+    }
+
+    /// @dev Registers the address string of the remote gateway for a given CAIP-2 chain identifier.
+    function registerRemoteGateway(string calldata caip2, string calldata remoteGateway) public virtual onlyOwner {
+        require(bytes(_remoteGateways[caip2]).length == 0, RemoteGatewayAlreadyRegistered(caip2));
+        _remoteGateways[caip2] = remoteGateway;
+        emit RegisteredRemoteGateway(caip2, remoteGateway);
+    }
+}

contracts/crosschain/axelar/AxelarGatewayDestination.sol

@@ -0,0 +1,64 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {AxelarExecutable} from "@axelar-network/axelar-gmp-sdk-solidity/contracts/executable/AxelarExecutable.sol";
+import {Strings} from "@openzeppelin/contracts/utils/Strings.sol";
+import {IERC7786Receiver} from "../interfaces/draft-IERC7786.sol";
+import {AxelarGatewayBase} from "./AxelarGatewayBase.sol";
+
+/**
+ * @dev Implementation of an ERC-7786 gateway destination adapter for the Axelar Network in dual mode.
+ *
+ * The contract implements AxelarExecutable's {_execute} function to execute the message, converting Axelar's native
+ * workflow into the standard ERC-7786.
+ */
+abstract contract AxelarGatewayDestination is AxelarGatewayBase, AxelarExecutable {
+    using Strings for address;
+    using Strings for string;
+
+    error InvalidOriginGateway(string sourceChain, string axelarSourceAddress);
+    error ReceiverExecutionFailed();
+
+    /**
+     * @dev Active mode execution of a cross-chain message.
+     *
+     * In this function:
+     *
+     * - `axelarSourceChain` is in the Axelar format. It should not be expected to be a proper CAIP-2 format
+     * - `axelarSourceAddress` is the sender of the Axelar message. That should be the remote gateway on the chain
+     *   which the message originates from. It is NOT the sender of the ERC-7786 crosschain message.
+     *
+     * Proper CAIP-10 encoding of the message sender (including the CAIP-2 name of the origin chain can be found in
+     * the message)
+     */
+    function _execute(
+        string calldata axelarSourceChain, // chain of the remote gateway - axelar format
+        string calldata axelarSourceAddress, // address of the remote gateway
+        bytes calldata adapterPayload
+    ) internal override {
+        // Parse the package
+        (string memory sender, string memory receiver, bytes memory payload, bytes[] memory attributes) = abi.decode(
+            adapterPayload,
+            (string, string, bytes, bytes[])
+        );
+        // Axelar to CAIP-2 translation
+        string memory sourceChain = getEquivalentChain(axelarSourceChain);
+
+        // check message validity
+        // - `axelarSourceAddress` is the remote gateway on the origin chain.
+        require(
+            getRemoteGateway(sourceChain).equal(axelarSourceAddress),
+            InvalidOriginGateway(sourceChain, axelarSourceAddress)
+        );
+
+        // Active mode
+        bytes4 result = IERC7786Receiver(receiver.parseAddress()).executeMessage(
+            sourceChain,
+            sender,
+            payload,
+            attributes
+        );
+        require(result == IERC7786Receiver.executeMessage.selector, ReceiverExecutionFailed());
+    }
+}

contracts/crosschain/axelar/AxelarGatewayDuplex.sol

@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
+import {AxelarGatewayBase, IAxelarGateway} from "./AxelarGatewayBase.sol";
+import {AxelarGatewayDestination, AxelarExecutable} from "./AxelarGatewayDestination.sol";
+import {AxelarGatewaySource} from "./AxelarGatewaySource.sol";
+
+/**
+ * @dev A contract that combines the functionality of both the source and destination gateway
+ * adapters for the Axelar Network. Allowing to either send or receive messages across chains.
+ */
+// slither-disable-next-line locked-ether
+contract AxelarGatewayDuplex is AxelarGatewaySource, AxelarGatewayDestination {
+    /// @dev Initializes the contract with the Axelar gateway and the initial owner.
+    constructor(
+        IAxelarGateway gateway,
+        address initialOwner
+    ) Ownable(initialOwner) AxelarGatewayBase(gateway) AxelarExecutable(address(gateway)) {}
+}

contracts/crosschain/axelar/AxelarGatewaySource.sol

@@ -0,0 +1,60 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {CAIP2} from "@openzeppelin/contracts/utils/CAIP2.sol";
+import {CAIP10} from "@openzeppelin/contracts/utils/CAIP10.sol";
+import {Strings} from "@openzeppelin/contracts/utils/Strings.sol";
+import {AxelarGatewayBase} from "./AxelarGatewayBase.sol";
+import {IERC7786GatewaySource} from "../interfaces/draft-IERC7786.sol";
+
+/**
+ * @dev Implementation of an ERC-7786 gateway source adapter for the Axelar Network.
+ *
+ * The contract provides a way to send messages to a remote chain via the Axelar Network
+ * using the {sendMessage} function.
+ */
+abstract contract AxelarGatewaySource is IERC7786GatewaySource, AxelarGatewayBase {
+    using Strings for address;
+
+    error UnsupportedNativeTransfer();
+
+    /// @inheritdoc IERC7786GatewaySource
+    function supportsAttribute(bytes4 /*selector*/) public pure returns (bool) {
+        return false;
+    }
+
+    /// @inheritdoc IERC7786GatewaySource
+    function sendMessage(
+        string calldata destinationChain, // CAIP-2 chain identifier
+        string calldata receiver, // CAIP-10 account address (does not include the chain identifier)
+        bytes calldata payload,
+        bytes[] calldata attributes
+    ) external payable returns (bytes32 outboxId) {
+        require(msg.value == 0, UnsupportedNativeTransfer());
+        // Use of `if () revert` syntax to avoid accessing attributes[0] if it's empty
+        if (attributes.length > 0)
+            revert UnsupportedAttribute(attributes[0].length < 0x04 ? bytes4(0) : bytes4(attributes[0][0:4]));
+
+        // Create the package
+        string memory sender = msg.sender.toChecksumHexString();
+        bytes memory adapterPayload = abi.encode(sender, receiver, payload, attributes);
+
+        // Emit event
+        outboxId = bytes32(0); // Explicitly set to 0
+        emit MessagePosted(
+            outboxId,
+            CAIP10.format(CAIP2.local(), sender),
+            CAIP10.format(destinationChain, receiver),
+            payload,
+            attributes
+        );
+
+        // Send the message
+        string memory axelarDestination = getEquivalentChain(destinationChain);
+        string memory remoteGateway = getRemoteGateway(destinationChain);
+        localGateway.callContract(axelarDestination, remoteGateway, adapterPayload);
+
+        return outboxId;
+    }
+}

contracts/crosschain/axelar/mocks/AxelarGatewayMock.sol

@@ -0,0 +1,74 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {IAxelarGateway} from "@axelar-network/axelar-gmp-sdk-solidity/contracts/interfaces/IAxelarGateway.sol";
+import {IAxelarExecutable} from "@axelar-network/axelar-gmp-sdk-solidity/contracts/interfaces/IAxelarExecutable.sol";
+import {BitMaps} from "@openzeppelin/contracts/utils/structs/BitMaps.sol";
+import {Strings} from "@openzeppelin/contracts/utils/Strings.sol";
+
+contract AxelarGatewayMock {
+    using Strings for address;
+    using Strings for string;
+    using BitMaps for BitMaps.BitMap;
+
+    BitMaps.BitMap private pendingCommandIds;
+
+    event CommandIdPending(
+        bytes32 indexed commandId,
+        string destinationChain,
+        string destinationContractAddress,
+        bytes payload
+    );
+
+    function callContract(
+        string calldata destinationChain,
+        string calldata destinationContractAddress,
+        bytes calldata payload
+    ) external {
+        // TODO: check that destination chain is local
+
+        emit IAxelarGateway.ContractCall(
+            msg.sender,
+            destinationChain,
+            destinationContractAddress,
+            keccak256(payload),
+            payload
+        );
+
+        bytes32 commandId = keccak256(
+            abi.encode(
+                destinationChain,
+                msg.sender.toChecksumHexString(),
+                destinationContractAddress,
+                keccak256(payload)
+            )
+        );
+
+        require(!pendingCommandIds.get(uint256(commandId)));
+        pendingCommandIds.set(uint256(commandId));
+
+        emit CommandIdPending(commandId, destinationChain, destinationContractAddress, payload);
+
+        // NOTE: source chain and destination chain are the same in this mock
+        address target = destinationContractAddress.parseAddress();
+        IAxelarExecutable(target).execute(commandId, destinationChain, msg.sender.toChecksumHexString(), payload);
+    }
+
+    function validateContractCall(
+        bytes32 commandId,
+        string calldata sourceChain,
+        string calldata sourceAddress,
+        bytes32 payloadHash
+    ) external returns (bool) {
+        if (pendingCommandIds.get(uint256(commandId))) {
+            pendingCommandIds.unset(uint256(commandId));
+
+            emit IAxelarGateway.ContractCallExecuted(commandId);
+
+            return
+                commandId ==
+                keccak256(abi.encode(sourceChain, sourceAddress, msg.sender.toChecksumHexString(), payloadHash));
+        } else return false;
+    }
+}

contracts/crosschain/interfaces/draft-IERC7786.sol

@@ -0,0 +1,68 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+/**
+ * @dev Interface for ERC-7786 source gateways.
+ *
+ * See ERC-7786 for more details
+ */
+interface IERC7786GatewaySource {
+    /**
+     * @dev Event emitted when a message is created. If `outboxId` is zero, no further processing is necessary. If
+     * `outboxId` is not zero, then further (gateway specific, and non-standardized) action is required.
+     */
+    event MessagePosted(
+        bytes32 indexed outboxId,
+        string sender, // CAIP-10 account identifier (chain identifier + ":" + account address)
+        string receiver, // CAIP-10 account identifier (chain identifier + ":" + account address)
+        bytes payload,
+        bytes[] attributes
+    );
+
+    /// @dev This error is thrown when a message creation fails because of an unsupported attribute being specified.
+    error UnsupportedAttribute(bytes4 selector);
+
+    /// @dev Getter to check whether an attribute is supported or not.
+    function supportsAttribute(bytes4 selector) external view returns (bool);
+
+    /**
+     * @dev Endpoint for creating a new message. If the message requires further (gateway specific) processing before
+     * it can be sent to the destination chain, then a non-zero `outboxId` must be returned. Otherwise, the
+     * message MUST be sent and this function must return 0.
+     * @param destinationChain {CAIP2} chain identifier
+     * @param receiver {CAIP10} account address (does not include the chain identifier)
+     *
+     * * MUST emit a {MessagePosted} event.
+     *
+     * If any of the `attributes` is not supported, this function SHOULD revert with an {UnsupportedAttribute} error.
+     * Other errors SHOULD revert with errors not specified in ERC-7786.
+     */
+    function sendMessage(
+        string calldata destinationChain,
+        string calldata receiver,
+        bytes calldata payload,
+        bytes[] calldata attributes
+    ) external payable returns (bytes32 outboxId);
+}
+
+/**
+ * @dev Interface for the ERC-7786 client contract (receiver).
+ *
+ * See ERC-7786 for more details
+ */
+interface IERC7786Receiver {
+    /**
+     * @dev Endpoint for receiving cross-chain message.
+     * @param sourceChain {CAIP2} chain identifier
+     * @param sender {CAIP10} account address (does not include the chain identifier)
+     *
+     * This function may be called directly by the gateway.
+     */
+    function executeMessage(
+        string calldata sourceChain, // CAIP-2 chain identifier
+        string calldata sender, // CAIP-10 account address (does not include the chain identifier)
+        bytes calldata payload,
+        bytes[] calldata attributes
+    ) external payable returns (bytes4);
+}