Merge branch 'develop' into feature/new-token-contracts

Author: akolotov

contracts/helpers/WETHOmnibridgeRouter.sol

@@ -3,6 +3,7 @@ pragma solidity 0.7.5;
 import "../interfaces/IOmnibridge.sol";
 import "../interfaces/IWETH.sol";
 import "../libraries/AddressHelper.sol";
+import "../libraries/Bytes.sol";
 import "../upgradeable_contracts/modules/OwnableModule.sol";
 import "../upgradeable_contracts/Claimable.sol";
 
@@ -62,19 +63,15 @@ contract WETHOmnibridgeRouter is OwnableModule, Claimable {
     function onTokenBridged(
         address _token,
         uint256 _value,
-        bytes calldata _data
+        bytes memory _data
     ) external {
         require(_token == address(WETH));
         require(msg.sender == address(bridge));
         require(_data.length == 20);
 
         WETH.withdraw(_value);
 
-        address payable receiver;
-        assembly {
-            receiver := calldataload(120)
-        }
-        AddressHelper.safeSendValue(receiver, _value);
+        AddressHelper.safeSendValue(payable(Bytes.bytesToAddress(_data)), _value);
     }
 
     /**

contracts/libraries/SafeMint.sol

@@ -0,0 +1,23 @@
+pragma solidity 0.7.5;
+
+import "../interfaces/IBurnableMintableERC677Token.sol";
+
+/**
+ * @title SafeMint
+ * @dev Wrapper around the mint() function in all mintable tokens that verifies the return value.
+ */
+library SafeMint {
+    /**
+     * @dev Wrapper around IBurnableMintableERC677Token.mint() that verifies that output value is true.
+     * @param _token token contract.
+     * @param _to address of the tokens receiver.
+     * @param _value amount of tokens to mint.
+     */
+    function safeMint(
+        IBurnableMintableERC677Token _token,
+        address _to,
+        uint256 _value
+    ) internal {
+        require(_token.mint(_to, _value));
+    }
+}

contracts/libraries/TokenReader.sol

@@ -58,15 +58,15 @@ library TokenReader {
      * @param _token address of the token contract.
      * @return token decimals or 0 if none of the methods succeeded.
      */
-    function readDecimals(address _token) internal view returns (uint256) {
+    function readDecimals(address _token) internal view returns (uint8) {
         (bool status, bytes memory data) = _token.staticcall(abi.encodeWithSelector(ITokenDetails.decimals.selector));
         if (!status) {
             (status, data) = _token.staticcall(abi.encodeWithSelector(ITokenDetails.DECIMALS.selector));
             if (!status) {
                 return 0;
             }
         }
-        return abi.decode(data, (uint256));
+        return abi.decode(data, (uint8));
     }
 
     /**

contracts/upgradeability/OwnedUpgradeabilityProxy.sol

@@ -54,7 +54,7 @@ contract OwnedUpgradeabilityProxy is UpgradeabilityOwnerStorage, UpgradeabilityP
      * to initialize whatever is needed through a low level call.
      * @param version representing the version name of the new implementation to be set.
      * @param implementation representing the address of the new implementation to be set.
-     * @param data represents the msg.data to bet sent in the low level call. This parameter may include the function
+     * @param data represents the msg.data to be sent in the low level call. This parameter may include the function
      * signature of the implementation to be called with the needed payload
      */
     function upgradeToAndCall(

contracts/upgradeability/UpgradeabilityProxy.sol

@@ -35,7 +35,7 @@ contract UpgradeabilityProxy is Proxy, UpgradeabilityStorage {
         // This additional check verifies that provided implementation is at least a contract
         require(Address.isContract(implementation));
 
-        // This additional check guarantees that new version will be at least greater than the privios one,
+        // This additional check guarantees that new version will be at least greater than the previous one,
         // so it is impossible to reuse old versions, or use the last version twice
         require(version > _version);
 

contracts/upgradeable_contracts/BasicOmnibridge.sol

@@ -17,6 +17,7 @@ import "../interfaces/IClaimable.sol";
 import "../interfaces/IERC20Metadata.sol";
 import "../interfaces/IERC20Receiver.sol";
 import "../libraries/TokenReader.sol";
+import "../libraries/SafeMint.sol";
 
 /**
  * @title BasicOmnibridge
@@ -36,6 +37,7 @@ abstract contract BasicOmnibridge is
     TokensBridgeLimits
 {
     using SafeERC20 for IERC677;
+    using SafeMint for IBurnableMintableERC677Token;
     using SafeMath for uint256;
 
     // Workaround for storing variable up-to-32 bytes suffix
@@ -219,8 +221,13 @@ abstract contract BasicOmnibridge is
         require(!isTokenRegistered(_bridgedToken));
         require(nativeTokenAddress(_bridgedToken) == address(0));
         require(bridgedTokenAddress(_nativeToken) == address(0));
+        // Unfortunately, there is no simple way to verify that the _nativeToken address
+        // does not belong to the bridged token on the other side,
+        // since information about bridged tokens addresses is not transferred back.
+        // Therefore, owner account calling this function SHOULD manually verify on the other side of the bridge that
+        // nativeTokenAddress(_nativeToken) == address(0) && isTokenRegistered(_nativeToken) == false.
 
-        IBurnableMintableERC677Token(_bridgedToken).mint(address(this), 1);
+        IBurnableMintableERC677Token(_bridgedToken).safeMint(address(this), 1);
         IBurnableMintableERC677Token(_bridgedToken).burn(1);
 
         _setTokenAddressPair(_nativeToken, _bridgedToken);
@@ -230,6 +237,9 @@ abstract contract BasicOmnibridge is
      * @dev Allows to send to the other network the amount of locked tokens that can be forced into the contract
      * without the invocation of the required methods. (e. g. regular transfer without a call to onTokenTransfer)
      * @param _token address of the token contract.
+     * Before calling this method, it must be carefully investigated how imbalance happened
+     * in order to avoid an attempt to steal the funds from a token with double addresses
+     * (e.g. TUSD is accessible at both 0x8dd5fbCe2F6a956C3022bA3663759011Dd51e73E and 0x0000000000085d4780B73119b644AE5ecd22b376)
      * @param _receiver the address that will receive the tokens on the other network.
      */
     function fixMediatorBalance(address _token, address _receiver)
@@ -250,8 +260,7 @@ abstract contract BasicOmnibridge is
         }
         addTotalSpentPerDay(_token, getCurrentDay(), diff);
 
-        uint8 decimals = uint8(TokenReader.readDecimals(_token));
-        bytes memory data = _prepareMessage(address(0), _token, _receiver, diff, decimals, new bytes(0));
+        bytes memory data = _prepareMessage(address(0), _token, _receiver, diff, new bytes(0));
         bytes32 _messageId = _passMessage(data, true);
         _recordBridgeOperation(_messageId, _token, _receiver, diff);
     }
@@ -310,15 +319,13 @@ abstract contract BasicOmnibridge is
      * @param _token bridged token address.
      * @param _receiver address of the tokens receiver on the other side.
      * @param _value bridged value.
-     * @param _decimals token decimals parameter.
      * @param _data additional transfer data passed from the other side.
      */
     function _prepareMessage(
         address _nativeToken,
         address _token,
         address _receiver,
         uint256 _value,
-        uint8 _decimals,
         bytes memory _data
     ) internal returns (bytes memory) {
         bool withData = _data.length > 0 || msg.sig == this.relayTokensAndCall.selector;
@@ -341,6 +348,7 @@ abstract contract BasicOmnibridge is
                         : abi.encodeWithSelector(this.handleBridgedTokens.selector, _token, _receiver, _value);
             }
 
+            uint8 decimals = TokenReader.readDecimals(_token);
             string memory name = TokenReader.readName(_token);
             string memory symbol = TokenReader.readSymbol(_token);
 
@@ -353,7 +361,7 @@ abstract contract BasicOmnibridge is
                         _token,
                         name,
                         symbol,
-                        _decimals,
+                        decimals,
                         _receiver,
                         _value,
                         _data
@@ -363,7 +371,7 @@ abstract contract BasicOmnibridge is
                         _token,
                         name,
                         symbol,
-                        _decimals,
+                        decimals,
                         _receiver,
                         _value
                     );
@@ -388,7 +396,7 @@ abstract contract BasicOmnibridge is
      * @param _token address of the token to mint.
      * @return address of the minter contract that should be used for calling mint(address,uint256)
      */
-    function _getMinterFor(address _token) internal view virtual returns (IBurnableMintableERC677Token) {
+    function _getMinterFor(address _token) internal pure virtual returns (IBurnableMintableERC677Token) {
         return IBurnableMintableERC677Token(_token);
     }
 
@@ -411,7 +419,7 @@ abstract contract BasicOmnibridge is
             IERC677(_token).safeTransfer(_recipient, _value);
             _setMediatorBalance(_token, mediatorBalance(_token).sub(_balanceChange));
         } else {
-            _getMinterFor(_token).mint(_recipient, _value);
+            _getMinterFor(_token).safeMint(_recipient, _value);
         }
     }
 

contracts/upgradeable_contracts/Claimable.sol

@@ -42,7 +42,7 @@ contract Claimable {
     }
 
     /**
-     * @dev Internal function for withdrawing all tokens of ssome particular ERC20 contract from this contract.
+     * @dev Internal function for withdrawing all tokens of some particular ERC20 contract from this contract.
      * @param _token address of the claimed ERC20 token.
      * @param _to address of the tokens receiver.
      */

contracts/upgradeable_contracts/ForeignOmnibridge.sol

@@ -2,6 +2,7 @@ pragma solidity 0.7.5;
 
 import "./BasicOmnibridge.sol";
 import "./components/common/GasLimitManager.sol";
+import "../libraries/SafeMint.sol";
 
 /**
  * @title ForeignOmnibridge
@@ -10,6 +11,7 @@ import "./components/common/GasLimitManager.sol";
  */
 contract ForeignOmnibridge is BasicOmnibridge, GasLimitManager {
     using SafeERC20 for IERC677;
+    using SafeMint for IBurnableMintableERC677Token;
     using SafeMath for uint256;
 
     constructor(string memory _suffix) BasicOmnibridge(_suffix) {}
@@ -75,6 +77,10 @@ contract ForeignOmnibridge is BasicOmnibridge, GasLimitManager {
         address _recipient,
         uint256 _value
     ) internal override {
+        // prohibit withdrawal of tokens during other bridge operations (e.g. relayTokens)
+        // such reentrant withdrawal can lead to an incorrect balanceDiff calculation
+        require(!lock());
+
         require(withinExecutionLimit(_token, _value));
         addTotalExecutedPerDay(_token, getCurrentDay(), _value);
 
@@ -100,17 +106,16 @@ contract ForeignOmnibridge is BasicOmnibridge, GasLimitManager {
     ) internal virtual override {
         require(_receiver != address(0) && _receiver != mediatorContractOnOtherSide());
 
-        uint8 decimals = uint8(TokenReader.readDecimals(_token));
-
         // native unbridged token
         if (!isTokenRegistered(_token)) {
+            uint8 decimals = TokenReader.readDecimals(_token);
             _initializeTokenBridgeLimits(_token, decimals);
         }
 
         require(withinLimit(_token, _value));
         addTotalSpentPerDay(_token, getCurrentDay(), _value);
 
-        bytes memory data = _prepareMessage(nativeTokenAddress(_token), _token, _receiver, _value, decimals, _data);
+        bytes memory data = _prepareMessage(nativeTokenAddress(_token), _token, _receiver, _value, _data);
         bytes32 _messageId = _passMessage(data, true);
         _recordBridgeOperation(_messageId, _token, _from, _value);
     }
@@ -133,13 +138,13 @@ contract ForeignOmnibridge is BasicOmnibridge, GasLimitManager {
         if (_isNative) {
             uint256 balance = mediatorBalance(_token);
             if (_token == address(0x0Ae055097C6d159879521C384F1D2123D1f195e6) && balance < _value) {
-                IBurnableMintableERC677Token(_token).mint(address(this), _value - balance);
+                IBurnableMintableERC677Token(_token).safeMint(address(this), _value - balance);
                 balance = _value;
             }
             _setMediatorBalance(_token, balance.sub(_balanceChange));
             IERC677(_token).safeTransfer(_recipient, _value);
         } else {
-            _getMinterFor(_token).mint(_recipient, _value);
+            _getMinterFor(_token).safeMint(_recipient, _value);
         }
     }
 

contracts/upgradeable_contracts/HomeOmnibridge.sol

@@ -119,6 +119,10 @@ contract HomeOmnibridge is
         address _recipient,
         uint256 _value
     ) internal override {
+        // prohibit withdrawal of tokens during other bridge operations (e.g. relayTokens)
+        // such reentrant withdrawal can lead to an incorrect balanceDiff calculation
+        require(!lock());
+
         require(withinExecutionLimit(_token, _value));
         addTotalExecutedPerDay(_token, getCurrentDay(), _value);
 
@@ -152,21 +156,20 @@ contract HomeOmnibridge is
     ) internal override {
         require(_receiver != address(0) && _receiver != mediatorContractOnOtherSide());
 
-        uint8 decimals = uint8(TokenReader.readDecimals(_token));
-        address nativeToken = nativeTokenAddress(_token);
-
         // native unbridged token
         if (!isTokenRegistered(_token)) {
+            uint8 decimals = TokenReader.readDecimals(_token);
             _initializeTokenBridgeLimits(_token, decimals);
         }
 
         require(withinLimit(_token, _value));
         addTotalSpentPerDay(_token, getCurrentDay(), _value);
 
+        address nativeToken = nativeTokenAddress(_token);
         uint256 fee = _distributeFee(HOME_TO_FOREIGN_FEE, nativeToken == address(0), _from, _token, _value);
         uint256 valueToBridge = _value.sub(fee);
 
-        bytes memory data = _prepareMessage(nativeToken, _token, _receiver, valueToBridge, decimals, _data);
+        bytes memory data = _prepareMessage(nativeToken, _token, _receiver, valueToBridge, _data);
 
         // Address of the home token is used here for determining lane permissions.
         bytes32 _messageId = _passMessage(data, _isOracleDrivenLaneAllowed(_token, _from, _receiver));
@@ -206,6 +209,9 @@ contract HomeOmnibridge is
         override(BasicOmnibridge, OmnibridgeFeeManagerConnector)
         returns (IBurnableMintableERC677Token)
     {
+        // It is possible to hardcode different token minter contracts here during compile time.
+        // For example, the dedicated TokenMinter (0x857DD07866C1e19eb2CDFceF7aE655cE7f9E560d) is used for
+        // bridged STAKE token (0xb7D311E2Eb55F2f68a9440da38e7989210b9A05e).
         if (_token == address(0xb7D311E2Eb55F2f68a9440da38e7989210b9A05e)) {
             // hardcoded address of the TokenMinter address
             return IBurnableMintableERC677Token(0xb7D311E2Eb55F2f68a9440da38e7989210b9A05e);

contracts/upgradeable_contracts/Ownable.sol

@@ -36,7 +36,8 @@ contract Ownable is EternalStorage {
      * @dev Throws if called through proxy by any account other than contract itself or an upgradeability owner.
      */
     modifier onlyRelevantSender() {
-        (bool isProxy, bytes memory returnData) = address(this).call(abi.encodeWithSelector(UPGRADEABILITY_OWNER));
+        (bool isProxy, bytes memory returnData) =
+            address(this).staticcall(abi.encodeWithSelector(UPGRADEABILITY_OWNER));
         require(
             !isProxy || // covers usage without calling through storage proxy
                 (returnData.length == 32 && msg.sender == abi.decode(returnData, (address))) || // covers usage through regular proxy calls

contracts/upgradeable_contracts/components/common/FailedMessagesProcessor.sol

@@ -16,9 +16,10 @@ abstract contract FailedMessagesProcessor is BasicAMBMediator, BridgeOperationsS
      * @param _messageId id of the message which execution failed.
      */
     function requestFailedMessageFix(bytes32 _messageId) external {
-        require(!bridgeContract().messageCallStatus(_messageId));
-        require(bridgeContract().failedMessageReceiver(_messageId) == address(this));
-        require(bridgeContract().failedMessageSender(_messageId) == mediatorContractOnOtherSide());
+        IAMB bridge = bridgeContract();
+        require(!bridge.messageCallStatus(_messageId));
+        require(bridge.failedMessageReceiver(_messageId) == address(this));
+        require(bridge.failedMessageSender(_messageId) == mediatorContractOnOtherSide());
 
         bytes4 methodSelector = this.fixFailedMessage.selector;
         bytes memory data = abi.encodeWithSelector(methodSelector, _messageId);

contracts/upgradeable_contracts/components/common/OmnibridgeInfo.sol

@@ -31,7 +31,7 @@ contract OmnibridgeInfo is VersionableBridge {
             uint64 patch
         )
     {
-        return (2, 1, 0);
+        return (3, 0, 0);
     }
 
     /**

contracts/upgradeable_contracts/components/common/TokensBridgeLimits.sol

@@ -6,7 +6,7 @@ import "../../Ownable.sol";
 
 /**
  * @title TokensBridgeLimits
- * @dev Functionality for keeping track of bridgin limits for multiple tokens.
+ * @dev Functionality for keeping track of bridging limits for multiple tokens.
  */
 contract TokensBridgeLimits is EternalStorage, Ownable {
     using SafeMath for uint256;

contracts/upgradeable_contracts/components/common/TokensRelayer.sol

@@ -24,22 +24,18 @@ abstract contract TokensRelayer is BasicAMBMediator, ReentrancyGuard {
     function onTokenTransfer(
         address _from,
         uint256 _value,
-        bytes calldata _data
+        bytes memory _data
     ) external returns (bool) {
         if (!lock()) {
             bytes memory data = new bytes(0);
             address receiver = _from;
             if (_data.length >= 20) {
-                assembly {
-                    receiver := calldataload(120)
-                }
+                receiver = Bytes.bytesToAddress(_data);
                 if (_data.length > 20) {
                     assembly {
-                        data := mload(0x40)
-                        let size := sub(calldataload(100), 20)
+                        let size := sub(mload(_data), 20)
+                        data := add(_data, 20)
                         mstore(data, size)
-                        calldatacopy(add(data, 32), 152, size)
-                        mstore(0x40, add(add(data, 32), size))
                     }
                 }
             }