feat: use openzeppelin's eip712 and change authorization name #453
Conversation
src/MorphoStorage.sol
Outdated
| constructor(address addressesProvider, uint8 eModeCategoryId) | ||
| EIP712( | ||
| Constants.EIP712_NAME, | ||
| string(abi.encodePacked(Constants.EIP712_VERSION, ".", Strings.toString(eModeCategoryId))) |
There was a problem hiding this comment.
| string(abi.encodePacked(Constants.EIP712_VERSION, ".", Strings.toString(eModeCategoryId))) | |
| string.concat(Constants.EIP712_VERSION, ".", Strings.toString(eModeCategoryId)) |
There was a problem hiding this comment.
Does this string represent the version argument of the instance ? Why do we need to add the E-mode id?
There was a problem hiding this comment.
- Yes
- I don't think there's a need, but it's weird to share the same id between 2 instances of Morpho
There was a problem hiding this comment.
I don't think it's strictly required because the address of the proxy is used as part of the domain separator. But I believe it is good practice to maintain distinct identities to each contract. We could instead put this in an arbitrary salt, but I don't think this is necessary. It should suffice to have different versions for each e-mode category.
| if (signature.v != 27 && signature.v != 28) revert Errors.InvalidValueV(); | ||
| bytes32 structHash = | ||
| keccak256(abi.encode(Constants.APPROVE_MANAGER_TYPEHASH, delegator, manager, isAllowed, nonce, deadline)); | ||
| bytes32 digest = _hashTypedDataV4(structHash); |
There was a problem hiding this comment.
why did you remove the checks on v and s ?
There was a problem hiding this comment.
These checks are performed in OZ's ECDSA tryRecover
src/MorphoStorage.sol
Outdated
| constructor(address addressesProvider, uint8 eModeCategoryId) | ||
| EIP712( | ||
| Constants.EIP712_NAME, | ||
| string(abi.encodePacked(Constants.EIP712_VERSION, ".", Strings.toString(eModeCategoryId))) |
There was a problem hiding this comment.
Does this string represent the version argument of the instance ? Why do we need to add the E-mode id?
|
|
||
| uint256 internal constant MAX_VALID_ECDSA_S = 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0; // The highest valid value for s in an ECDSA signature pair (0 < s < secp256k1n ÷ 2 + 1) | ||
| bytes32 internal constant APPROVE_MANAGER_TYPEHASH = | ||
| keccak256("ApproveManager(address delegator,address manager,bool isAllowed,uint256 nonce,uint256 deadline)"); // The EIP-712 typehash for approveManagerBySig Authorization. |
There was a problem hiding this comment.
I do not understand why change approve manager typehash from EIP712 Authorization typehash
There was a problem hiding this comment.
I think it is for clarity, because this type hash is only used upon manager approval
There was a problem hiding this comment.
Correct. AFAIK it is standard practice for each function which has a signature method to be the same as the method to be called. My goal here is consistency, not much opinion on the naming.
| @@ -46,7 +47,7 @@ abstract contract MorphoStorage is Initializable, Ownable2StepUpgradeable, EIP71 | |||
| /// @param addressesProvider The address of the pool addresses provider. | |||
| /// @param eModeCategoryId The e-mode category of the deployed Morpho. 0 for the general mode. | |||
| constructor(address addressesProvider, uint8 eModeCategoryId) | |||
| EIP712(Constants.EIP712_NAME, Constants.EIP712_VERSION) | |||
| EIP712(Constants.EIP712_NAME, string.concat(Constants.EIP712_VERSION, ".", Strings.toString(eModeCategoryId))) | |||
There was a problem hiding this comment.
what's the bytecode of adding this?
There was a problem hiding this comment.
clearly too much. investigating.
|
Too much bytecode, so I'm ruling out OZ's implementation for now. Closing. |
|
Reopening because I don't understand the conclusion: I just compiled the contracts and it seems we're loosing ~1kb because of OZ's implementation. Do you have the same number? If yes, why do you consider this "too much bytecode"? Pushing this because we've just made the error of trying to rewrite OZ's standard and it led us to introduce a bug. Perhaps we should really consider base our work on standards, even if it costs bytecode. |
Pull Request
Issue(s) fixed
This pull request:
To preemptively answer some questions that may arise:
The reason that EIP712Upgradeable is not used is because this version stores some useless storage variables, namely the hashes of the name and version.
EIP712 should function identically despite it being the non-upgradeable variant. There are no storage variables in this contract, and the domain separator is built entirely through immutable logic. It uses address(this), thus satisfying the property that the domain separator is built using the proxy contract's address as context.
I've also removed much of the signature logic in favor of using the ECDSA library's system of checks.
The reason that I renamed the authorization typehash is because I believe the standard is for each function that utilizes EIP712 to have its own unique typehash. Thus the previous naming makes little sense if we ever introduce a new function that utilizes EIP712.