| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175 |
- const ethSigUtil = require('eth-sig-util');
- const Wallet = require('ethereumjs-wallet').default;
- const { getDomain, domainType } = require('../helpers/eip712');
- const { expectEvent } = require('@openzeppelin/test-helpers');
- const { expect } = require('chai');
- const ERC2771ContextMock = artifacts.require('ERC2771ContextMock');
- const MinimalForwarder = artifacts.require('MinimalForwarder');
- const ContextMockCaller = artifacts.require('ContextMockCaller');
- const { shouldBehaveLikeRegularContext } = require('../utils/Context.behavior');
- contract('ERC2771Context', function (accounts) {
- const [, trustedForwarder, other] = accounts;
- beforeEach(async function () {
- this.forwarder = await MinimalForwarder.new();
- this.recipient = await ERC2771ContextMock.new(this.forwarder.address);
- this.domain = await getDomain(this.forwarder);
- this.types = {
- EIP712Domain: domainType(this.domain),
- ForwardRequest: [
- { name: 'from', type: 'address' },
- { name: 'to', type: 'address' },
- { name: 'value', type: 'uint256' },
- { name: 'gas', type: 'uint256' },
- { name: 'nonce', type: 'uint256' },
- { name: 'data', type: 'bytes' },
- ],
- };
- });
- it('recognize trusted forwarder', async function () {
- expect(await this.recipient.isTrustedForwarder(this.forwarder.address));
- });
- context('when called directly', function () {
- beforeEach(async function () {
- this.context = this.recipient; // The Context behavior expects the contract in this.context
- this.caller = await ContextMockCaller.new();
- });
- shouldBehaveLikeRegularContext(...accounts);
- });
- context('when receiving a relayed call', function () {
- beforeEach(async function () {
- this.wallet = Wallet.generate();
- this.sender = web3.utils.toChecksumAddress(this.wallet.getAddressString());
- this.data = {
- types: this.types,
- domain: this.domain,
- primaryType: 'ForwardRequest',
- };
- });
- describe('msgSender', function () {
- it('returns the relayed transaction original sender', async function () {
- const data = this.recipient.contract.methods.msgSender().encodeABI();
- const req = {
- from: this.sender,
- to: this.recipient.address,
- value: '0',
- gas: '100000',
- nonce: (await this.forwarder.getNonce(this.sender)).toString(),
- data,
- };
- const sign = ethSigUtil.signTypedMessage(this.wallet.getPrivateKey(), { data: { ...this.data, message: req } });
- expect(await this.forwarder.verify(req, sign)).to.equal(true);
- const { tx } = await this.forwarder.execute(req, sign);
- await expectEvent.inTransaction(tx, ERC2771ContextMock, 'Sender', { sender: this.sender });
- });
- it('returns the original sender when calldata length is less than 20 bytes (address length)', async function () {
- // The forwarder doesn't produce calls with calldata length less than 20 bytes
- const recipient = await ERC2771ContextMock.new(trustedForwarder);
- const { receipt } = await recipient.msgSender({ from: trustedForwarder });
- await expectEvent(receipt, 'Sender', { sender: trustedForwarder });
- });
- });
- describe('msgData', function () {
- it('returns the relayed transaction original data', async function () {
- const integerValue = '42';
- const stringValue = 'OpenZeppelin';
- const data = this.recipient.contract.methods.msgData(integerValue, stringValue).encodeABI();
- const req = {
- from: this.sender,
- to: this.recipient.address,
- value: '0',
- gas: '100000',
- nonce: (await this.forwarder.getNonce(this.sender)).toString(),
- data,
- };
- const sign = ethSigUtil.signTypedMessage(this.wallet.getPrivateKey(), { data: { ...this.data, message: req } });
- expect(await this.forwarder.verify(req, sign)).to.equal(true);
- const { tx } = await this.forwarder.execute(req, sign);
- await expectEvent.inTransaction(tx, ERC2771ContextMock, 'Data', { data, integerValue, stringValue });
- });
- });
- it('returns the full original data when calldata length is less than 20 bytes (address length)', async function () {
- // The forwarder doesn't produce calls with calldata length less than 20 bytes
- const recipient = await ERC2771ContextMock.new(trustedForwarder);
- const { receipt } = await recipient.msgDataShort({ from: trustedForwarder });
- const data = recipient.contract.methods.msgDataShort().encodeABI();
- await expectEvent(receipt, 'DataShort', { data });
- });
- it('multicall poison attack', async function () {
- const attacker = Wallet.generate();
- const attackerAddress = attacker.getChecksumAddressString();
- const nonce = await this.forwarder.getNonce(attackerAddress);
- const msgSenderCall = web3.eth.abi.encodeFunctionCall(
- {
- name: 'msgSender',
- type: 'function',
- inputs: [],
- },
- [],
- );
- const data = web3.eth.abi.encodeFunctionCall(
- {
- name: 'multicall',
- type: 'function',
- inputs: [
- {
- internalType: 'bytes[]',
- name: 'data',
- type: 'bytes[]',
- },
- ],
- },
- [[web3.utils.encodePacked({ value: msgSenderCall, type: 'bytes' }, { value: other, type: 'address' })]],
- );
- const req = {
- from: attackerAddress,
- to: this.recipient.address,
- value: '0',
- gas: '100000',
- data,
- nonce: Number(nonce),
- };
- const signature = await ethSigUtil.signTypedMessage(attacker.getPrivateKey(), {
- data: {
- types: this.types,
- domain: this.domain,
- primaryType: 'ForwardRequest',
- message: req,
- },
- });
- expect(await this.forwarder.verify(req, signature)).to.equal(true);
- const receipt = await this.forwarder.execute(req, signature);
- await expectEvent.inTransaction(receipt.tx, ERC2771ContextMock, 'Sender', { sender: attackerAddress });
- });
- });
- });
|