Merge pull request #178 from euler-xyz/exclude-predeploys-address-space

kasperpawlowski · web-flow · commit 7dcf1a10a365 · 2024-11-08T22:19:05.000+07:00
Exclude 0x42... predeploys address space from being a message signer
diff --git a/src/EthereumVaultConnector.sol b/src/EthereumVaultConnector.sol
@@ -27,6 +27,7 @@ contract EthereumVaultConnector is Events, Errors, TransientStorage, IEVC {
     string public constant name = "Ethereum Vault Connector";
 
     uint160 internal constant ACCOUNT_ID_OFFSET = 8;
+    address internal constant COMMON_PREDEPLOYS = 0x4200000000000000000000000000000000000000;
     bytes32 internal constant HASHED_NAME = keccak256(bytes(name));
 
     bytes32 internal constant TYPE_HASH =
@@ -1045,7 +1046,7 @@ contract EthereumVaultConnector is Events, Errors, TransientStorage, IEVC {
     function isSignerValid(address signer) internal pure virtual returns (bool) {
         // not valid if the signer address falls into any of the precompiles/predeploys
         // addresses space (depends on the chain ID).
-        return !haveCommonOwnerInternal(signer, address(0));
+        return !haveCommonOwnerInternal(signer, address(0)) && !haveCommonOwnerInternal(signer, COMMON_PREDEPLOYS);
     }
 
     /// @notice Computes the permit hash for a given set of parameters.
diff --git a/test/unit/EthereumVaultConnector/Permit.t.sol b/test/unit/EthereumVaultConnector/Permit.t.sol
@@ -179,6 +179,7 @@ contract EthereumVaultConnectorWithFallback is EthereumVaultConnectorHarness {
 }
 
 contract PermitTest is Test {
+    address internal constant COMMON_PREDEPLOYS = 0x4200000000000000000000000000000000000000;
     EthereumVaultConnectorWithFallback internal evc;
     SignerECDSA internal signerECDSA;
     SignerERC1271 internal signerERC1271;
@@ -215,7 +216,10 @@ contract PermitTest is Test {
         address msgSender = sender == address(0) ? address(uint160(uint256(keccak256(abi.encode(alice))))) : sender;
         data = abi.encode(keccak256(data));
 
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         vm.assume(msgSender != address(evc));
         vm.assume(nonce > 0 && nonce < type(uint256).max);
 
@@ -264,7 +268,7 @@ contract PermitTest is Test {
         data = abi.encode(keccak256(data));
 
         vm.assume(msgSender != address(evc));
-        vm.assume(!evc.haveCommonOwner(alice, address(0)));
+        vm.assume(!evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS));
         vm.assume(nonce > 0 && nonce < type(uint256).max);
 
         vm.warp(deadline);
@@ -310,7 +314,10 @@ contract PermitTest is Test {
                 && privateKey < 115792089237316195423570985008687907852837564279074904382605163141518161494337
         );
         address alice = vm.addr(privateKey);
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
         data2 = abi.encode(keccak256(data2));
         vm.assume(nonce > 0 && nonce < type(uint256).max - 1);
@@ -351,7 +358,10 @@ contract PermitTest is Test {
                 && privateKey < 115792089237316195423570985008687907852837564279074904382605163141518161494337
         );
         address alice = vm.addr(privateKey);
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
         data = abi.encode(keccak256(data));
         vm.assume(sender != address(0) && sender != address(this));
@@ -369,6 +379,7 @@ contract PermitTest is Test {
     }
 
     function test_RevertIfSignerInvalid_Permit(
+        bool option,
         address alice,
         uint256 nonceNamespace,
         uint256 nonce,
@@ -377,7 +388,9 @@ contract PermitTest is Test {
         bytes memory data,
         bytes calldata signature
     ) public {
-        alice = address(uint160(bound(uint160(alice), 0, 0xFF)));
+        alice = option
+            ? address(uint160(bound(uint160(alice), 0, 0xFF)))
+            : address(uint160(bound(uint160(alice), uint160(COMMON_PREDEPLOYS), uint160(COMMON_PREDEPLOYS) + 0xFF)));
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
         data = abi.encode(keccak256(data));
         vm.assume(nonce > 0 && nonce < type(uint256).max);
@@ -404,7 +417,10 @@ contract PermitTest is Test {
     ) public {
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
         data = abi.encode(keccak256(data));
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         vm.assume(nonce < type(uint256).max);
         vm.warp(deadline);
 
@@ -436,7 +452,10 @@ contract PermitTest is Test {
     ) public {
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
         data = abi.encode(keccak256(data));
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         vm.assume(nonce > 0 && nonce < type(uint256).max);
         vm.assume(deadline < type(uint256).max);
         vm.warp(deadline + 1);
@@ -466,7 +485,10 @@ contract PermitTest is Test {
         address alice = vm.addr(privateKey);
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
         data = abi.encode(keccak256(data));
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         vm.assume(nonce > 0 && nonce < type(uint256).max);
         vm.assume(value > 0);
         vm.warp(deadline);
@@ -499,7 +521,10 @@ contract PermitTest is Test {
         bytes calldata signature
     ) public {
         bytes19 addressPrefix = evc.getAddressPrefix(alice);
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         vm.assume(nonce > 0 && nonce < type(uint256).max);
         vm.warp(deadline);
 
@@ -531,7 +556,10 @@ contract PermitTest is Test {
         data = abi.encode(keccak256(data));
         signerECDSA.setPrivateKey(privateKey);
 
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && alice != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+                && alice != address(evc)
+        );
         vm.assume(nonce > 0 && nonce < type(uint256).max);
         vm.warp(deadline);
         vm.deal(address(evc), value);
@@ -569,7 +597,10 @@ contract PermitTest is Test {
         bytes calldata signature,
         uint16 value
     ) public {
-        vm.assume(!evc.haveCommonOwner(signer, address(0)) && signer != address(evc));
+        vm.assume(
+            !evc.haveCommonOwner(signer, address(0)) && !evc.haveCommonOwner(signer, COMMON_PREDEPLOYS)
+                && signer != address(evc)
+        );
         vm.assume(nonce > 0 && nonce < type(uint256).max);
 
         bytes19 addressPrefix = evc.getAddressPrefix(signer);
@@ -597,7 +628,7 @@ contract PermitTest is Test {
         address alice = vm.addr(privateKey);
         signerECDSA.setPrivateKey(privateKey);
 
-        vm.assume(!evc.haveCommonOwner(alice, address(0)));
+        vm.assume(!evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS));
         vm.warp(deadline);
 
         // ECDSA signature invalid due to signer.
@@ -695,7 +726,7 @@ contract PermitTest is Test {
         address alice = address(new SignerERC1271(evc));
         SignerERC1271(alice).setSignatureHash(signature);
 
-        vm.assume(!evc.haveCommonOwner(alice, address(0)));
+        vm.assume(!evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS));
         vm.warp(deadline);
 
         // ECDSA signature is always invalid here hence we fall back to ERC-1271 signature
@@ -785,7 +816,10 @@ contract PermitTest is Test {
         address bob = address(new SignerERC1271(evc));
         address target = address(new Vault(evc));
 
-        vm.assume(!evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, bob));
+        vm.assume(
+            !evc.haveCommonOwner(alice, address(0)) && !evc.haveCommonOwner(alice, bob)
+                && !evc.haveCommonOwner(alice, COMMON_PREDEPLOYS)
+        );
         vm.deal(address(this), type(uint128).max);
         signerECDSA.setPrivateKey(privateKey);
 
