fix(portal-contract): wrong 'from' when depositing from the contract through Portal.onApprove function

[0x6e616d]

Resolved: External Issue #39

I added a new test for these changes but removed because it only worked with forge test --match-contract OptimismPortal2_Test.

With the contract DeploymentSummaryFaultProofs_TestOptimismPortal that is using Kontrol, vm.startPrank didn't work with l2NativeToken.mint(value) or l2NativeToken.approveAndCall: issue

So we can add the test later. My test

/// @dev Tests that `onApprove` succeeds for an EOA.
    function testFuzz_onApprove_eoa_succeeds(
        address _to,
        uint32 _gasLimit,
        uint256 _value,
        uint256 _mint,
        bool _isCreation,
        bytes memory _data
    )
    external
    {
        _gasLimit = uint32(
            bound(
                _gasLimit,
                optimismPortal2.minimumGasLimit(uint32(_data.length)),
                systemConfig.resourceConfig().maxResourceLimit
            )
        );
        if (_isCreation) _to = address(0);

        vm.startPrank(depositor, depositor);
        l2NativeToken.faucet(_value);

        bytes memory onApproveData = abi.encodePacked(_to, _mint, _gasLimit, _data);

        // EOA emulation
        vm.expectEmit(true, true, true, true);
        emit TransactionDeposited(depositor, _to, 0, onApproveData);

        l2NativeToken.approveAndCall(address(optimismPortal2), _value, onApproveData);
    }

    /// @dev Tests that `onApprove` succeeds for a contract.
    function testFuzz_onApprove_contract_succeeds(
        address _to,
        uint32 _gasLimit,
        uint256 _value,
        uint256 _mint,
        bool _isCreation,
        bytes memory _data
    )
    external
    {
        _gasLimit = uint32(
            bound(
                _gasLimit,
                optimismPortal2.minimumGasLimit(uint32(_data.length)),
                systemConfig.resourceConfig().maxResourceLimit
            )
        );
        if (_isCreation) _to = address(0);

        vm.startPrank(address(this));
        l2NativeToken.faucet(_value);

        bytes memory onApproveData = abi.encodePacked(_to, _mint, _gasLimit, _data);

        vm.expectEmit(true, true, true, false);
        emit TransactionDeposited(AddressAliasHelper.applyL1ToL2Alias(address(this)), _to, 0, hex"");

        l2NativeToken.approveAndCall(address(optimismPortal2), _value, onApproveData);
    }

[steven94kr]

Thank you very much, Nam!
I think we should not merge this yet, shouldn't we?

[0x6e616d]

Thank you very much, Nam! I think we should not merge this yet, shouldn't we?

I think we can submit PR to the external audit team and we'll merge after we finalize the audit.

[theo-learner]

@tokamak-network/layer2-core I will submit this PR to Sherlock. Do we need an additional review of this code? If you need it, please let me know by tomorrow.

[nguyenzung]

I think the code needs to be updated base on the commit c3a2bd6

[theo-learner]

I think the code needs to be updated base on the commit c3a2bd6

Good point. Could you rebase it? @0x6e616d

[0x6e616d]

I think the code needs to be updated base on the commit c3a2bd6

Good point. Could you rebase it? @0x6e616d

Rebased, thank you @nguyenzung @theo-learner

[theo-learner]

I created the new branch for submitting fixed PR. Could you change the base branch to fix-review(https://github.com/tokamak-network/tokamak-thanos/tree/fix-review)?

[0x6e616d]

I created the new branch for submitting fixed PR. Could you change the base branch to fix-review(https://github.com/tokamak-network/tokamak-thanos/tree/fix-review)?

Done, thank youuu