Skip to content

Commit

Permalink
fix: Rewards v2 audit fixes (#346)
Browse files Browse the repository at this point in the history
* fix: using SafeERC20

* docs: comment
  • Loading branch information
0xrajath authored Jan 3, 2025
1 parent 91400d9 commit 027226b
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 27 deletions.
24 changes: 10 additions & 14 deletions src/ServiceManagerBase.sol
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
pragma solidity ^0.8.12;

import {Initializable} from "@openzeppelin-upgrades/contracts/proxy/utils/Initializable.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ISignatureUtils} from "eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol";
import {IAVSDirectory} from "eigenlayer-contracts/src/contracts/interfaces/IAVSDirectory.sol";
import {IRewardsCoordinator} from "eigenlayer-contracts/src/contracts/interfaces/IRewardsCoordinator.sol";
Expand All @@ -18,6 +20,7 @@ import {BitmapUtils} from "./libraries/BitmapUtils.sol";
* @author Layr Labs, Inc.
*/
abstract contract ServiceManagerBase is ServiceManagerBaseStorage {
using SafeERC20 for IERC20;
using BitmapUtils for *;

/// @notice when applied to a function, only allows the RegistryCoordinator to call it
Expand Down Expand Up @@ -97,18 +100,14 @@ abstract contract ServiceManagerBase is ServiceManagerBaseStorage {
for (uint256 i = 0; i < rewardsSubmissions.length; ++i) {
// transfer token to ServiceManager and approve RewardsCoordinator to transfer again
// in createAVSRewardsSubmission() call
rewardsSubmissions[i].token.transferFrom(
rewardsSubmissions[i].token.safeTransferFrom(
msg.sender,
address(this),
rewardsSubmissions[i].amount
);
uint256 allowance = rewardsSubmissions[i].token.allowance(
address(this),
address(_rewardsCoordinator)
);
rewardsSubmissions[i].token.approve(
rewardsSubmissions[i].token.safeIncreaseAllowance(
address(_rewardsCoordinator),
rewardsSubmissions[i].amount + allowance
rewardsSubmissions[i].amount
);
}

Expand Down Expand Up @@ -152,18 +151,15 @@ abstract contract ServiceManagerBase is ServiceManagerBaseStorage {
}

// Transfer token to ServiceManager and approve RewardsCoordinator to transfer again
// in createAVSPerformanceRewardsSubmission() call
operatorDirectedRewardsSubmissions[i].token.transferFrom(
// in createOperatorDirectedAVSRewardsSubmission() call
operatorDirectedRewardsSubmissions[i].token.safeTransferFrom(
msg.sender,
address(this),
totalAmount
);
uint256 allowance = operatorDirectedRewardsSubmissions[i]
.token
.allowance(address(this), address(_rewardsCoordinator));
operatorDirectedRewardsSubmissions[i].token.approve(
operatorDirectedRewardsSubmissions[i].token.safeIncreaseAllowance(
address(_rewardsCoordinator),
totalAmount + allowance
totalAmount
);
}

Expand Down
23 changes: 10 additions & 13 deletions src/unaudited/ECDSAServiceManagerBase.sol
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
pragma solidity ^0.8.12;

import {OwnableUpgradeable} from "@openzeppelin-upgrades/contracts/access/OwnableUpgradeable.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ISignatureUtils} from "eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol";
import {IAVSDirectory} from "eigenlayer-contracts/src/contracts/interfaces/IAVSDirectory.sol";
import {IServiceManager} from "../interfaces/IServiceManager.sol";
Expand All @@ -17,6 +19,8 @@ abstract contract ECDSAServiceManagerBase is
IServiceManager,
OwnableUpgradeable
{
using SafeERC20 for IERC20;

/// @notice Address of the stake registry contract, which manages registration and stake recording.
address public immutable stakeRegistry;

Expand Down Expand Up @@ -198,18 +202,14 @@ abstract contract ECDSAServiceManagerBase is
IRewardsCoordinator.RewardsSubmission[] calldata rewardsSubmissions
) internal virtual {
for (uint256 i = 0; i < rewardsSubmissions.length; ++i) {
rewardsSubmissions[i].token.transferFrom(
rewardsSubmissions[i].token.safeTransferFrom(
msg.sender,
address(this),
rewardsSubmissions[i].amount
);
uint256 allowance = rewardsSubmissions[i].token.allowance(
address(this),
rewardsCoordinator
);
rewardsSubmissions[i].token.approve(
rewardsSubmissions[i].token.safeIncreaseAllowance(
rewardsCoordinator,
rewardsSubmissions[i].amount + allowance
rewardsSubmissions[i].amount
);
}

Expand Down Expand Up @@ -247,17 +247,14 @@ abstract contract ECDSAServiceManagerBase is

// Transfer token to ServiceManager and approve RewardsCoordinator to transfer again
// in createOperatorDirectedAVSRewardsSubmission() call
operatorDirectedRewardsSubmissions[i].token.transferFrom(
operatorDirectedRewardsSubmissions[i].token.safeTransferFrom(
msg.sender,
address(this),
totalAmount
);
uint256 allowance = operatorDirectedRewardsSubmissions[i]
.token
.allowance(address(this), rewardsCoordinator);
operatorDirectedRewardsSubmissions[i].token.approve(
operatorDirectedRewardsSubmissions[i].token.safeIncreaseAllowance(
rewardsCoordinator,
totalAmount + allowance
totalAmount
);
}

Expand Down

0 comments on commit 027226b

Please sign in to comment.