diff --git a/lazer/contracts/evm/src/PythLazer.sol b/lazer/contracts/evm/src/PythLazer.sol index b2b72480bb..d86ecbd4fc 100644 --- a/lazer/contracts/evm/src/PythLazer.sol +++ b/lazer/contracts/evm/src/PythLazer.sol @@ -3,11 +3,16 @@ pragma solidity ^0.8.13; import "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; +import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol"; contract PythLazer is OwnableUpgradeable, UUPSUpgradeable { TrustedSignerInfo[100] internal trustedSigners; uint256 public verification_fee; + constructor() { + _disableInitializers(); + } + struct TrustedSignerInfo { address pubkey; uint256 expiresAt; @@ -20,10 +25,6 @@ contract PythLazer is OwnableUpgradeable, UUPSUpgradeable { verification_fee = 1 wei; } - function migrate() public onlyOwner { - verification_fee = 1 wei; - } - function _authorizeUpgrade(address) internal override onlyOwner {} function updateTrustedSigner( @@ -91,7 +92,7 @@ contract PythLazer is OwnableUpgradeable, UUPSUpgradeable { } payload = update[71:71 + payload_len]; bytes32 hash = keccak256(payload); - signer = ecrecover( + (signer, , ) = ECDSA.tryRecover( hash, uint8(update[68]) + 27, bytes32(update[4:36]), diff --git a/lazer/contracts/evm/src/PythLazerLib.sol b/lazer/contracts/evm/src/PythLazerLib.sol index 705ddca5ee..21da94cb31 100644 --- a/lazer/contracts/evm/src/PythLazerLib.sol +++ b/lazer/contracts/evm/src/PythLazerLib.sol @@ -1,7 +1,6 @@ // SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.13; -import {console} from "forge-std/console.sol"; import {PythLazer} from "./PythLazer.sol"; library PythLazerLib { diff --git a/lazer/contracts/evm/test/PythLazer.t.sol b/lazer/contracts/evm/test/PythLazer.t.sol index a658f72e0a..1f16faba64 100644 --- a/lazer/contracts/evm/test/PythLazer.t.sol +++ b/lazer/contracts/evm/test/PythLazer.t.sol @@ -3,18 +3,26 @@ pragma solidity ^0.8.13; import {Test, console} from "forge-std/Test.sol"; import {PythLazer} from "../src/PythLazer.sol"; +import "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol"; contract PythLazerTest is Test { PythLazer public pythLazer; + address owner; function setUp() public { - pythLazer = new PythLazer(); - pythLazer.initialize(address(1)); + owner = address(1); + PythLazer pythLazerImpl = new PythLazer(); + TransparentUpgradeableProxy proxy = new TransparentUpgradeableProxy( + address(pythLazerImpl), + owner, + abi.encodeWithSelector(PythLazer.initialize.selector, owner) + ); + pythLazer = PythLazer(address(proxy)); } function test_update_add_signer() public { assert(!pythLazer.isValidSigner(address(2))); - vm.prank(address(1)); + vm.prank(owner); pythLazer.updateTrustedSigner(address(2), block.timestamp + 1000); assert(pythLazer.isValidSigner(address(2))); skip(2000); @@ -23,11 +31,11 @@ contract PythLazerTest is Test { function test_update_remove_signer() public { assert(!pythLazer.isValidSigner(address(2))); - vm.prank(address(1)); + vm.prank(owner); pythLazer.updateTrustedSigner(address(2), block.timestamp + 1000); assert(pythLazer.isValidSigner(address(2))); - vm.prank(address(1)); + vm.prank(owner); pythLazer.updateTrustedSigner(address(2), 0); assert(!pythLazer.isValidSigner(address(2))); } @@ -35,7 +43,7 @@ contract PythLazerTest is Test { function test_verify() public { // Prepare dummy update and signer address trustedSigner = 0xb8d50f0bAE75BF6E03c104903d7C3aFc4a6596Da; - vm.prank(address(1)); + vm.prank(owner); pythLazer.updateTrustedSigner(trustedSigner, 3000000000000000); bytes memory update = hex"2a22999a9ee4e2a3df5affd0ad8c7c46c96d3b5ef197dd653bedd8f44a4b6b69b767fbc66341e80b80acb09ead98c60d169b9a99657ebada101f447378f227bffbc69d3d01003493c7d37500062cf28659c1e801010000000605000000000005f5e10002000000000000000001000000000000000003000104fff8";