sol_Bo8des9o
/
openzeppelin-contracts


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214
							const { shouldFail } = require('openzeppelin-test-helpers');
const { getSignFor } = require('../helpers/sign');
const { shouldBehaveLikePublicRole } = require('../access/roles/PublicRole.behavior');

const SignatureBouncerMock = artifacts.require('SignatureBouncerMock');

const UINT_VALUE = 23;
const BYTES_VALUE = web3.utils.toHex('test');
const INVALID_SIGNATURE = '0xabcd';

contract('SignatureBouncer', function ([_, signer, otherSigner, anyone, authorizedUser, ...otherAccounts]) {
  beforeEach(async function () {
    this.sigBouncer = await SignatureBouncerMock.new({ from: signer });
    this.signFor = getSignFor(this.sigBouncer, signer);
  });

  describe('signer role', function () {
    beforeEach(async function () {
      this.contract = this.sigBouncer;
      await this.contract.addSigner(otherSigner, { from: signer });
    });

    shouldBehaveLikePublicRole(signer, otherSigner, otherAccounts, 'signer');
  });

  describe('modifiers', function () {
    context('plain signature', function () {
      it('allows valid signature for sender', async function () {
        await this.sigBouncer.onlyWithValidSignature(await this.signFor(authorizedUser), { from: authorizedUser });
      });

      it('does not allow invalid signature for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignature(INVALID_SIGNATURE, { from: authorizedUser })
        );
      });

      it('does not allow valid signature for other sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignature(await this.signFor(authorizedUser), { from: anyone })
        );
      });

      it('does not allow valid signature for method for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignature(await this.signFor(authorizedUser, 'onlyWithValidSignature'),
            { from: authorizedUser })
        );
      });
    });

    context('method signature', function () {
      it('allows valid signature with correct method for sender', async function () {
        await this.sigBouncer.onlyWithValidSignatureAndMethod(
          await this.signFor(authorizedUser, 'onlyWithValidSignatureAndMethod'), { from: authorizedUser }
        );
      });

      it('does not allow invalid signature with correct method for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndMethod(INVALID_SIGNATURE, { from: authorizedUser })
        );
      });

      it('does not allow valid signature with correct method for other sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndMethod(
            await this.signFor(authorizedUser, 'onlyWithValidSignatureAndMethod'), { from: anyone }
          )
        );
      });

      it('does not allow valid method signature with incorrect method for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndMethod(await this.signFor(authorizedUser, 'theWrongMethod'),
            { from: authorizedUser })
        );
      });

      it('does not allow valid non-method signature method for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndMethod(await this.signFor(authorizedUser), { from: authorizedUser })
        );
      });
    });

    context('method and data signature', function () {
      it('allows valid signature with correct method and data for sender', async function () {
        await this.sigBouncer.onlyWithValidSignatureAndData(UINT_VALUE,
          await this.signFor(authorizedUser, 'onlyWithValidSignatureAndData', [UINT_VALUE]), { from: authorizedUser }
        );
      });

      it('does not allow invalid signature with correct method and data for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndData(UINT_VALUE, INVALID_SIGNATURE, { from: authorizedUser })
        );
      });

      it('does not allow valid signature with correct method and incorrect data for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndData(UINT_VALUE + 10,
            await this.signFor(authorizedUser, 'onlyWithValidSignatureAndData', [UINT_VALUE]),
            { from: authorizedUser }
          )
        );
      });

      it('does not allow valid signature with correct method and data for other sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndData(UINT_VALUE,
            await this.signFor(authorizedUser, 'onlyWithValidSignatureAndData', [UINT_VALUE]),
            { from: anyone }
          )
        );
      });

      it('does not allow valid non-method signature for sender', async function () {
        await shouldFail.reverting(
          this.sigBouncer.onlyWithValidSignatureAndData(UINT_VALUE,
            await this.signFor(authorizedUser), { from: authorizedUser }
          )
        );
      });

      it('does not allow msg.data shorter than SIGNATURE_SIZE', async function () {
        await shouldFail.reverting(
          this.sigBouncer.tooShortMsgData({ from: authorizedUser })
        );
      });
    });
  });

  context('signature validation', function () {
    context('plain signature', function () {
      it('validates valid signature for valid user', async function () {
        (await this.sigBouncer.checkValidSignature(authorizedUser, await this.signFor(authorizedUser)))
          .should.equal(true);
      });

      it('does not validate invalid signature for valid user', async function () {
        (await this.sigBouncer.checkValidSignature(authorizedUser, INVALID_SIGNATURE)).should.equal(false);
      });

      it('does not validate valid signature for anyone', async function () {
        (await this.sigBouncer.checkValidSignature(anyone, await this.signFor(authorizedUser))).should.equal(false);
      });

      it('does not validate valid signature for method for valid user', async function () {
        (await this.sigBouncer.checkValidSignature(
          authorizedUser, await this.signFor(authorizedUser, 'checkValidSignature'))
        ).should.equal(false);
      });
    });

    context('method signature', function () {
      it('validates valid signature with correct method for valid user', async function () {
        (await this.sigBouncer.checkValidSignatureAndMethod(authorizedUser,
          await this.signFor(authorizedUser, 'checkValidSignatureAndMethod'))
        ).should.equal(true);
      });

      it('does not validate invalid signature with correct method for valid user', async function () {
        (await this.sigBouncer.checkValidSignatureAndMethod(authorizedUser, INVALID_SIGNATURE)).should.equal(false);
      });

      it('does not validate valid signature with correct method for anyone', async function () {
        (await this.sigBouncer.checkValidSignatureAndMethod(anyone,
          await this.signFor(authorizedUser, 'checkValidSignatureAndMethod'))
        ).should.equal(false);
      });

      it('does not validate valid non-method signature with correct method for valid user', async function () {
        (await this.sigBouncer.checkValidSignatureAndMethod(authorizedUser, await this.signFor(authorizedUser))
        ).should.equal(false);
      });
    });

    context('method and data signature', function () {
      it('validates valid signature with correct method and data for valid user', async function () {
        (await this.sigBouncer.checkValidSignatureAndData(authorizedUser, BYTES_VALUE, UINT_VALUE,
          await this.signFor(authorizedUser, 'checkValidSignatureAndData', [authorizedUser, BYTES_VALUE, UINT_VALUE]))
        ).should.equal(true);
      });

      it('does not validate invalid signature with correct method and data for valid user', async function () {
        (await this.sigBouncer.checkValidSignatureAndData(authorizedUser, BYTES_VALUE, UINT_VALUE, INVALID_SIGNATURE)
        ).should.equal(false);
      });

      it('does not validate valid signature with correct method and incorrect data for valid user',
        async function () {
          (await this.sigBouncer.checkValidSignatureAndData(authorizedUser, BYTES_VALUE, UINT_VALUE + 10,
            await this.signFor(authorizedUser, 'checkValidSignatureAndData', [authorizedUser, BYTES_VALUE, UINT_VALUE]))
          ).should.equal(false);
        }
      );

      it('does not validate valid signature with correct method and data for anyone', async function () {
        (await this.sigBouncer.checkValidSignatureAndData(anyone, BYTES_VALUE, UINT_VALUE,
          await this.signFor(authorizedUser, 'checkValidSignatureAndData', [authorizedUser, BYTES_VALUE, UINT_VALUE]))
        ).should.equal(false);
      });

      it('does not validate valid non-method-data signature with correct method and data for valid user',
        async function () {
          (await this.sigBouncer.checkValidSignatureAndData(authorizedUser, BYTES_VALUE, UINT_VALUE,
            await this.signFor(authorizedUser, 'checkValidSignatureAndData'))
          ).should.equal(false);
        }
      );
    });
  });
});