Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: slither v2 action and slither issues #286

Merged
merged 65 commits into from
Aug 6, 2024
Merged

fix: slither v2 action and slither issues #286

merged 65 commits into from
Aug 6, 2024

Conversation

skosito
Copy link
Contributor

@skosito skosito commented Aug 5, 2024
edited by coderabbitai bot
Loading

  • slither actions was not working for v2, fixed that
  • fail on set to medium so it fails if there are issues >= medium
  • fixes most of slither issues, some left are zrc20 low severity issues, i fixed couple smaller ones in zrc20, but not sure if we should modify it further

Summary by CodeRabbit

  • New Features

    • Enhanced the GitHub Actions workflow for Slither to improve Solidity smart contract analysis with specified configurations.
    • Introduced a new RevertContext data structure in IGatewayZEVM for improved error handling during transactions.
    • Added various new methods to IGatewayEVM to facilitate flexible interaction with ERC20 tokens.

  • Improvements

    • Updated smart contract constructor parameter names for better clarity and consistency across contracts.
    • Removed several redundant functions related to tssAddress, streamlining the contract's interface.
    • Implemented security enhancements such as the nonReentrant modifier in critical functions to prevent reentrancy attacks.

  • Bug Fixes

    • Fixed checks for zero addresses in various functions to enhance contract robustness.

  • Documentation

    • Updated ABI and metadata across multiple contracts to reflect recent changes and improvements.

@skosito
access control for erc20 custody new
5b5cc4b
@skosito
cleanup erc20 custody new events and errors
f1cf789
@skosito
access control for gateway evm
8b9669e
@skosito
move connector events to interface
1851b89
@skosito
add tss address to connector and fix uniswap integration test
ba0f25f
@skosito
tests for tss sender in connector
3f4990c
@skosito
remove access control todos from zevm contracts
a686f66
@skosito
generate
58160e8
@skosito
missing access control
0f8ab79
@skosito
init v2 folder
72e1200
@skosito
use npm
8fafcbd
@skosito
moving files
99aaebb
@skosito
moving files
8e5b78f
@skosito
move upgrade test
2964b06
@skosito
connector tests
3eac2ca
@skosito
wip
c0dbd8c
@skosito
forge fmt
394e7c5
@skosito
move echidna
09be45c
@skosito
using submodule for forge-std
6672b9e
@skosito
forge install: openzeppelin-contracts-upgradeable
2ea0a59 
v5.0.2
@skosito
use submodules
a8ec2b1
@skosito
move existing to v1 folder
3a57e9d
@skosito
Merge branch 'main' into v1-v2-split
a3bf3f2
@skosito
yarn generate for v1
731aa1e
@skosito
cleanup
3d6a870
@skosito
conflicts
3d736e5
@skosito
try to fix build action
0ec2a72
@skosito
fixing v1 actions
b334516
@skosito
fix test v1
307a455
@skosito
add paths to v1 actions
d00c832
@gitguardian GitGuardian
Copy link

gitguardian bot commented Aug 5, 2024
edited
Loading

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
13159201 Triggered Alchemy API Key 72e1200 v2/lib/forge-std/src/StdChains.sol View secret
13159201 Triggered Alchemy API Key 8fafcbd v2/lib/forge-std/src/StdChains.sol View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@skosito skosito changed the base branch from main to zrc-20-fixes August 5, 2024 14:01
@skosito skosito marked this pull request as ready for review August 5, 2024 14:34
@skosito skosito marked this pull request as draft August 5, 2024 14:34
@codecov-commenter
Copy link

codecov-commenter commented Aug 5, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 31.70732% with 28 lines in your changes missing coverage. Please review.

Project coverage is 53.39%. Comparing base (8389089) to head (5bee684).

Files Patch % Lines
v2/src/evm/GatewayEVM.sol 55.55% 8 Missing ⚠️
v2/src/evm/ZetaConnectorBase.sol 0.00% 6 Missing ⚠️
v2/src/evm/ERC20Custody.sol 0.00% 5 Missing ⚠️
v2/src/zevm/GatewayZEVM.sol 42.85% 4 Missing ⚠️
v2/src/zevm/ZRC20.sol 0.00% 3 Missing ⚠️
v2/src/evm/ZetaConnectorNonNative.sol 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #286      +/-   ##
==========================================
- Coverage   54.46%   53.39%   -1.07%     
==========================================
  Files          16       16              
  Lines         426      427       +1     
  Branches      102      111       +9     
==========================================
- Hits          232      228       -4     
- Misses        191      196       +5     
  Partials        3        3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@skosito skosito linked an issue Aug 5, 2024 that may be closed by this pull request
Fix Slither issues and consider introducing failure criteria #229
Closed
@skosito skosito changed the title fix: slither not running on v2 contracts fix: slither v2 action and slither issues Aug 5, 2024
@skosito skosito marked this pull request as ready for review August 5, 2024 16:17
Base automatically changed from zrc-20-fixes to main August 5, 2024 17:53
coderabbitai[bot]
coderabbitai bot reviewed Aug 5, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Outside diff range, codebase verification and nitpick comments (9)
v2/src/evm/GatewayEVM.sol (1)

Line range hint 99-115: LGTM! Zero address check enhances robustness.

The addition of the zero address check for the destination parameter improves the function's robustness.

However, consider using a safer method for the low-level call to avoid potential issues.

-  (bool success,) = destination.call{ value: msg.value }("");
+  (bool success,) = destination.call{ value: msg.value }("");
+  require(success, "Low-level call failed");
v2/typechain-types/ZetaConnectorNative.ts (2)

Issues Found: tssAddress property references still exist in the codebase

The removal of the tssAddress property from the ZetaConnectorNative interface is incomplete. The following files still contain references to tssAddress:

  • v2/typechain-types/GatewayEVMEchidnaTest.ts
  • v2/typechain-types/GatewayEVM.ts
  • v2/typechain-types/Zeta.non-eth.sol/ZetaNonEth.ts
  • v2/typechain-types/factories/ZetaConnectorNative__factory.ts
  • v2/typechain-types/factories/ZetaConnectorNonNative__factory.ts
  • v2/typechain-types/factories/ERC20Custody__factory.ts
  • v2/typechain-types/factories/GatewayEVMUpgradeTest__factory.ts
  • v2/typechain-types/factories/Zeta.non-eth.sol/ZetaNonEth__factory.ts
  • v2/typechain-types/factories/GatewayEVMEchidnaTest__factory.ts
  • v2/typechain-types/factories/GatewayEVM__factory.ts
  • v1/typechain-types/factories/contracts/zevm/ZetaConnectorZEVM__factory.ts
  • v1/typechain-types/contracts/evm/ZetaConnector.non-eth.sol/ZetaConnectorNonEth.ts
  • v1/scripts/tools/send-tss-gas.ts
  • v1/scripts/tools/set-zeta-token-addresses.ts
  • v1/scripts/tools/update-zeta-connector.ts
  • v1/scripts/tools/update-tss-address.ts
  • v1/test/ZetaConnector.spec.ts
  • v1/test/ERC20Custody.spec.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-zeta-token.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-erc20-custody.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-zeta-connector.ts
  • v1/scripts/deployments/core/deterministic-deploy-zeta-token.ts
  • v1/scripts/deployments/core/deploy-zeta-connector.ts
  • v1/scripts/deployments/core/deploy-erc20-custody.ts
  • v1/scripts/deployments/core/deterministic-deploy-zeta-connector.ts
  • v1/test/Zeta.non-eth.spec.ts
  • v1/scripts/deployments/core/deterministic-deploy-erc20-custody.ts
  • v1/scripts/deployments/core/deploy-zeta-token.ts

Please review and remove or update these references as necessary.

Analysis chain

Line range hint 1-1:
LGTM! But verify the impact of removing tssAddress property.

The removal of the tssAddress property from the ZetaConnectorNative interface is approved.

However, ensure that all references to tssAddress are removed or updated in the codebase.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `tssAddress` property are removed or updated.

# Test: Search for references to `tssAddress` property. Expect: No occurrences.
rg --type typescript -A 5 $'tssAddress'

Length of output: 73

Script:

#!/bin/bash
# Description: Verify all references to `tssAddress` property are removed or updated.

# Test: Search for references to `tssAddress` property. Expect: No occurrences.
rg --type ts -A 5 $'tssAddress'

Length of output: 131182

Update Required: References to tssAddress

The removal of the tssAddress function from the ZetaConnectorNativeInterface is incomplete. The following files still contain references to tssAddress that need to be updated or removed:

  • v2/typechain-types/factories/ZetaConnectorNative__factory.ts
  • v2/typechain-types/factories/ZetaConnectorNonNative__factory.ts
  • v2/typechain-types/factories/GatewayEVM__factory.ts
  • v1/typechain-types/factories/contracts/zevm/ZetaConnectorZEVM__factory.ts
  • v2/typechain-types/factories/GatewayEVMUpgradeTest__factory.ts
  • v1/typechain-types/factories/contracts/evm/ZetaConnector.non-eth.sol/ZetaConnectorNonEth__factory.ts
  • v1/typechain-types/factories/contracts/evm/ZetaConnector.base.sol/ZetaConnectorBase__factory.ts
  • v2/typechain-types/factories/ERC20Custody__factory.ts
  • v1/typechain-types/factories/contracts/evm/ZetaConnector.eth.sol/ZetaConnectorEth__factory.ts
  • v2/typechain-types/GatewayEVMEchidnaTest.ts
  • v1/test/ZetaConnector.spec.ts
  • v1/scripts/tools/set-zeta-token-addresses.ts
  • v1/scripts/tools/update-zeta-connector.ts
  • v1/scripts/tools/update-tss-address.ts
  • v1/test/ERC20Custody.spec.ts
  • v1/test/Zeta.non-eth.spec.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-zeta-token.ts
  • v1/scripts/deployments/core/deploy-zeta-connector.ts
  • v1/scripts/deployments/core/deterministic-deploy-zeta-connector.ts
  • v2/typechain-types/Zeta.non-eth.sol/ZetaNonEth.ts
  • v1/scripts/tools/send-tss-gas.ts
  • v1/scripts/deployments/core/deploy-zeta-token.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-erc20-custody.ts
  • v1/scripts/deployments/core/deploy-erc20-custody.ts
  • v1/scripts/deployments/core/deterministic-deploy-zeta-token.ts
  • v1/scripts/deployments/core/deterministic-deploy-erc20-custody.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-zeta-connector.ts

Please update or remove all references to tssAddress in these files to ensure consistency across the codebase.

Analysis chain

Line range hint 1-1:
LGTM! But verify the impact of removing tssAddress.

The removal of the tssAddress function from the ZetaConnectorNativeInterface is approved.

However, ensure that all references to tssAddress are removed or updated in the codebase.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `tssAddress` are removed or updated.

# Test: Search for references to `tssAddress`. Expect: No occurrences.
rg --type typescript -A 5 $'tssAddress'

Length of output: 73

Script:

#!/bin/bash
# Description: Verify all references to `tssAddress` are removed or updated.

# Test: Search for references to `tssAddress`. Expect: No occurrences.
rg --type ts -A 5 $'tssAddress'

Length of output: 131182

v2/typechain-types/ZetaConnectorNonNative.ts (1)

Issues Found: Incomplete Removal of tssAddress Property

The tssAddress property is still referenced in multiple files across the codebase. These references indicate that the removal of tssAddress is incomplete and could lead to errors or inconsistencies. Please review and update the following files to ensure all references to tssAddress are removed or appropriately updated:

  • v2/typechain-types/GatewayEVMEchidnaTest.ts
  • v2/typechain-types/GatewayEVM.ts
  • v1/typechain-types/contracts/zevm/ZetaConnectorZEVM.ts
  • v1/typechain-types/contracts/evm/ZetaConnector.eth.sol/ZetaConnectorEth.ts
  • v1/typechain-types/contracts/evm/ZetaConnector.non-eth.sol/ZetaConnectorNonEth.ts
  • v1/typechain-types/contracts/evm/Zeta.non-eth.sol/ZetaNonEth.ts
  • v1/typechain-types/contracts/evm/ZetaConnector.base.sol/ZetaConnectorBase.ts
  • v1/test/ZetaConnector.spec.ts
  • v1/test/Zeta.non-eth.spec.ts
  • v1/test/ERC20Custody.spec.ts
  • v1/scripts/tools/update-zeta-connector.ts
  • v1/scripts/tools/update-tss-address.ts
  • v1/scripts/tools/set-zeta-token-addresses.ts
  • v1/scripts/tools/send-tss-gas.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-zeta-token.ts
  • v1/scripts/deployments/tools/deterministic-get-salt-erc20-custody.ts
  • v1/scripts/deployments/core/deterministic-deploy-zeta-token.ts
  • v1/scripts/deployments/core/deterministic-deploy-zeta-connector.ts
  • v1/scripts/deployments/core/deterministic-deploy-erc20-custody.ts
  • v1/scripts/deployments/core/deploy-zeta-token.ts
  • v1/scripts/deployments/core/deploy-zeta-connector.ts
  • v1/scripts/deployments/core/deploy-erc20-custody.ts
  • v2/typechain-types/factories/ZetaConnectorNonNative__factory.ts
  • v2/typechain-types/factories/ZetaConnectorNative__factory.ts
  • v2/typechain-types/factories/GatewayEVM__factory.ts
  • v2/typechain-types/factories/ERC20Custody__factory.ts
  • v2/typechain-types/factories/GatewayEVMUpgradeTest__factory.ts
  • v2/typechain-types/factories/Zeta.non-eth.sol/ZetaNonEth__factory.ts
  • v2/typechain-types/factories/GatewayEVMEchidnaTest__factory.ts
  • v2/typechain-types/GatewayEVMUpgradeTest.ts
  • v2/typechain-types/Zeta.non-eth.sol/ZetaNonEth.ts

Please ensure that all these references are addressed to maintain code integrity.

Analysis chain

Line range hint 1-1:
LGTM! But verify the impact of removing tssAddress property.

The removal of the tssAddress property from the ZetaConnectorNonNative interface is approved.

However, ensure that all references to tssAddress are removed or updated in the codebase.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `tssAddress` property are removed or updated.

# Test: Search for references to `tssAddress` property. Expect: No occurrences.
rg --type typescript -A 5 $'tssAddress'

Length of output: 73

Script:

#!/bin/bash
# Description: Verify all references to `tssAddress` property are removed or updated.

# Test: Search for references to `tssAddress` property in TypeScript files. Expect: No occurrences.
rg --type ts -A 5 'tssAddress'

Length of output: 131182

v2/pkg/zetaconnectorbase.sol/zetaconnectorbase.go (2)

34-34: The removal of the TssAddress function from ZetaConnectorBaseCaller has a widespread impact.

The function TssAddress is used in multiple files across the codebase, including but not limited to:

  • v2/pkg/zeta.non-eth.sol/zetanoneth.go
  • v1/pkg/contracts/evm/zetaconnector.eth.sol/zetaconnectoreth.go
  • v1/pkg/contracts/evm/zetaconnector.non-eth.sol/zetaconnectornoneth.go
  • v1/pkg/contracts/evm/zetaconnector.base.sol/zetaconnectorbase.go
  • v2/pkg/gatewayevmechidnatest.sol/gatewayevmechidnatest.go
  • v2/pkg/gatewayevm.sol/gatewayevm.go
  • v2/pkg/gatewayevmupgradetest.sol/gatewayevmupgradetest.go

Please ensure that all dependencies are updated accordingly to reflect this change.

Analysis chain

Verify the impact of removing TssAddress from ZetaConnectorBaseCaller.

The removal of this function may affect any code that previously relied on it. Ensure that all dependencies are updated accordingly.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to the removed `TssAddress` function in the codebase.

# Test: Search for the function usage. Expect: No occurrences of the old function.
rg --type go -A 5 $'TssAddress'

Length of output: 195129

34-34: Verify the impact of removing TssAddress from ZetaConnectorBaseSession.

The removal of this function may affect any code that previously relied on it. Ensure that all dependencies are updated accordingly.

#!/bin/bash
# Description: Verify if the `TssAddress` function has been removed from `ZetaConnectorBaseSession` and check if the references have been updated or removed.

# Test: Search for the `TssAddress` function definition in `ZetaConnectorBaseSession`.
rg --type go -A 5 $'func (_ZetaConnectorBase *ZetaConnectorBaseSession) TssAddress'

# Test: Search for the `TssAddress` function references in the codebase. Expect: No occurrences of the old function.
rg --type go -A 5 $'TssAddress'
Analysis chain

Verify the impact of removing TssAddress from ZetaConnectorBaseSession.

The removal of this function may affect any code that previously relied on it. Ensure that all dependencies are updated accordingly.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to the removed `TssAddress` function in the codebase.

# Test: Search for the function usage. Expect: No occurrences of the old function.
rg --type go -A 5 $'TssAddress'

Length of output: 195129

v2/pkg/zrc20.sol/zrc20.go (1)

35-35: Update ABI and metadata documentation.

The ZRC20MetaData variable has been updated to include new constructor inputs and functions. Ensure that the ABI and metadata documentation are updated accordingly to reflect these changes.

v2/pkg/gatewayevm.sol/gatewayevm.go (1)

963-965: Ensure all SetCustody function calls match the new signature

The new signature for the SetCustody function in gatewayevm.go is:

func (_GatewayEVM *GatewayEVMSession) SetCustody(custody_ common.Address) (*types.Transaction, error) {
  return _GatewayEVM.Contract.SetCustody(&_GatewayEVM.TransactOpts, custody_)
}

The following instances do not match this signature and need to be updated:

  • v2/pkg/gatewayevmechidnatest.sol/gatewayevmechidnatest.go:
    • func (_GatewayEVMEchidnaTest *GatewayEVMEchidnaTestTransactor) SetCustody(opts *bind.TransactOpts, custody_ common.Address) (*types.Transaction, error)
    • func (_GatewayEVMEchidnaTest *GatewayEVMEchidnaTestSession) SetCustody(custody_ common.Address) (*types.Transaction, error)
    • func (_GatewayEVMEchidnaTest *GatewayEVMEchidnaTestTransactorSession) SetCustody(custody_ common.Address) (*types.Transaction, error)
  • v2/pkg/gatewayevmupgradetest.sol/gatewayevmupgradetest.go:
    • func (_GatewayEVMUpgradeTest *GatewayEVMUpgradeTestTransactor) SetCustody(opts *bind.TransactOpts, _custody common.Address) (*types.Transaction, error)
    • func (_GatewayEVMUpgradeTest *GatewayEVMUpgradeTestSession) SetCustody(_custody common.Address) (*types.Transaction, error)
    • func (_GatewayEVMUpgradeTest *GatewayEVMUpgradeTestTransactorSession) SetCustody(_custody common.Address) (*types.Transaction, error)
  • v2/pkg/gatewayevm.sol/gatewayevm.go:
    • func (_GatewayEVM *GatewayEVMTransactor) SetCustody(opts *bind.TransactOpts, custody_ common.Address) (*types.Transaction, error)
    • func (_GatewayEVM *GatewayEVMTransactorSession) SetCustody(custody_ common.Address) (*types.Transaction, error)

Please update these instances to match the new signature.

Analysis chain

LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to SetCustody match the new signature.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `SetCustody` match the new signature.

# Test: Search for the function usage. Expect: Only occurrences of the new signature.
rg --type go -A 5 $'SetCustody'

Length of output: 7443

Script:

#!/bin/bash
# Description: Verify all function calls to `SetCustody` match the new signature.

# Search for all instances of SetCustody function definitions in the codebase.
rg --type go -A 5 'func.*SetCustody'

Length of output: 5570

v2/typechain-types/IGatewayEVM.sol/IGatewayEVM.ts (1)

Line range hint 152-270: Consider replacing void with undefined.

Biome hints suggest that void is confusing outside a return type or a type parameter. Consider replacing void with undefined to improve clarity.

-    [void],
+    [undefined],
Tools
Biome

[error] 227-227: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 232-232: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 237-237: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 244-244: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 256-256: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 270-270: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between d4910bf and 915abde.

Files selected for processing (45)
  • .github/workflows/slither_v2.yaml (1 hunks)
  • v2/pkg/erc20custody.sol/erc20custody.go (4 hunks)
  • v2/pkg/gatewayevm.sol/gatewayevm.go (3 hunks)
  • v2/pkg/gatewayevmupgradetest.sol/gatewayevmupgradetest.go (1 hunks)
  • v2/pkg/gatewayzevm.sol/gatewayzevm.go (2 hunks)
  • v2/pkg/igatewayevm.sol/igatewayevm.go (3 hunks)
  • v2/pkg/igatewayzevm.sol/igatewayzevm.go (4 hunks)
  • v2/pkg/igatewayzevm.sol/igatewayzevmerrors.go (1 hunks)
  • v2/pkg/senderzevm.sol/senderzevm.go (1 hunks)
  • v2/pkg/zetaconnectorbase.sol/zetaconnectorbase.go (2 hunks)
  • v2/pkg/zetaconnectornative.sol/zetaconnectornative.go (4 hunks)
  • v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go (5 hunks)
  • v2/pkg/zrc20.sol/zrc20.go (1 hunks)
  • v2/src/evm/ERC20Custody.sol (1 hunks)
  • v2/src/evm/GatewayEVM.sol (13 hunks)
  • v2/src/evm/ZetaConnectorBase.sol (2 hunks)
  • v2/src/evm/ZetaConnectorNative.sol (1 hunks)
  • v2/src/evm/ZetaConnectorNonNative.sol (2 hunks)
  • v2/src/evm/interfaces/IGatewayEVM.sol (2 hunks)
  • v2/src/zevm/GatewayZEVM.sol (5 hunks)
  • v2/src/zevm/ZRC20.sol (4 hunks)
  • v2/src/zevm/interfaces/IGatewayZEVM.sol (2 hunks)
  • v2/typechain-types/ERC20Custody.ts (5 hunks)
  • v2/typechain-types/ERC20CustodyEchidnaTest.ts (5 hunks)
  • v2/typechain-types/GatewayEVM.ts (4 hunks)
  • v2/typechain-types/GatewayEVMEchidnaTest.ts (4 hunks)
  • v2/typechain-types/GatewayZEVM.ts (2 hunks)
  • v2/typechain-types/IGatewayEVM.sol/IGatewayEVM.ts (4 hunks)
  • v2/typechain-types/IGatewayZEVM.sol/IGatewayZEVM.ts (9 hunks)
  • v2/typechain-types/ZetaConnectorBase.ts (5 hunks)
  • v2/typechain-types/ZetaConnectorNative.ts (5 hunks)
  • v2/typechain-types/ZetaConnectorNonNative.ts (6 hunks)
  • v2/typechain-types/factories/ERC20Custody__factory.ts (4 hunks)
  • v2/typechain-types/factories/GatewayEVMEchidnaTest__factory.ts (4 hunks)
  • v2/typechain-types/factories/GatewayEVMUpgradeTest__factory.ts (1 hunks)
  • v2/typechain-types/factories/GatewayEVM__factory.ts (4 hunks)
  • v2/typechain-types/factories/GatewayZEVM__factory.ts (3 hunks)
  • v2/typechain-types/factories/IGatewayEVM.sol/IGatewayEVM__factory.ts (2 hunks)
  • v2/typechain-types/factories/IGatewayZEVM.sol/IGatewayZEVMErrors__factory.ts (1 hunks)
  • v2/typechain-types/factories/IGatewayZEVM.sol/IGatewayZEVM__factory.ts (3 hunks)
  • v2/typechain-types/factories/SenderZEVM__factory.ts (1 hunks)
  • v2/typechain-types/factories/ZRC20.sol/ZRC20__factory.ts (1 hunks)
  • v2/typechain-types/factories/ZetaConnectorBase__factory.ts (1 hunks)
  • v2/typechain-types/factories/ZetaConnectorNative__factory.ts (4 hunks)
  • v2/typechain-types/factories/ZetaConnectorNonNative__factory.ts (5 hunks)
Files skipped from review due to trivial changes (6)
  • v2/src/evm/ZetaConnectorNative.sol
  • v2/src/evm/ZetaConnectorNonNative.sol
  • v2/typechain-types/ERC20CustodyEchidnaTest.ts
  • v2/typechain-types/GatewayZEVM.ts
  • v2/typechain-types/factories/GatewayEVM__factory.ts
  • v2/typechain-types/factories/ZetaConnectorNonNative__factory.ts
Additional context used
Biome
v2/typechain-types/IGatewayEVM.sol/IGatewayEVM.ts

[error] 152-152: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 158-158: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 164-164: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 170-170: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 181-181: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 193-193: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 227-227: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 232-232: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 237-237: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 244-244: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 256-256: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 270-270: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

v2/typechain-types/IGatewayZEVM.sol/IGatewayZEVM.ts

[error] 220-220: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 244-244: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 268-268: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 328-328: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 354-354: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

[error] 380-380: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

v2/typechain-types/ZetaConnectorNonNative.ts

[error] 516-516: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

v2/typechain-types/GatewayEVM.ts

[error] 681-681: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

v2/typechain-types/GatewayEVMEchidnaTest.ts

[error] 704-704: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

GitHub Check: Slither
v2/src/evm/GatewayEVM.sol

[warning] 99-115: Low-level calls
Low level call in GatewayEVM.executeRevert(address,bytes) (src/evm/GatewayEVM.sol#99-115):
- (success,None) = destination.call{value: msg.value}() (src/evm/GatewayEVM.sol#110)

[warning] 204-211: Low-level calls
Low level call in GatewayEVM.deposit(address) (src/evm/GatewayEVM.sol#204-211):
- (deposited,None) = tssAddress.call{value: msg.value}() (src/evm/GatewayEVM.sol#206)

[warning] 228-235: Low-level calls
Low level call in GatewayEVM.depositAndCall(address,bytes) (src/evm/GatewayEVM.sol#228-235):
- (deposited,None) = tssAddress.call{value: msg.value}() (src/evm/GatewayEVM.sol#230)

Additional comments not posted (141)
.github/workflows/slither_v2.yaml (4)

60-60: LGTM!

Updating the fail-on parameter to medium ensures that the workflow will fail if any medium severity issues are detected, enhancing the robustness of the analysis.

61-61: LGTM!

Adding the target parameter to direct the analysis to the v2/ directory ensures that the relevant Solidity files are analyzed.

58-58: Verify the existence of the configuration file.

Ensure that the v2/slither.config.json file exists and contains the appropriate configurations for Slither.

Verification successful

The configuration file exists and contains appropriate settings for Slither.

  • The file v2/slither.config.json is present.
  • It contains valid configurations, including detectors_to_exclude and filter_paths.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence of the Slither configuration file.

# Test: Check if the configuration file exists. Expect: File should exist.
if [ -f "v2/slither.config.json" ]; then
  echo "Configuration file exists."
else
  echo "Configuration file does not exist."
fi

Length of output: 98

Script:

#!/bin/bash
# Description: Inspect the contents of the Slither configuration file.

# Display the contents of the configuration file.
cat v2/slither.config.json

Length of output: 171

59-59: Verify the compatibility of the Solidity version.

Ensure that Solidity version 0.8.26 is compatible with the project's contracts.

Verification successful

Verify the compatibility of the Solidity version.

Ensure that Solidity version 0.8.26 is compatible with the project's contracts.

Verified: Solidity version 0.8.26 is compatible with the project's contracts.

The project's contracts are already using Solidity version 0.8.26, ensuring compatibility.

  • Files using pragma solidity 0.8.26:
    • v2/test/utils/Zeta.non-eth.sol
    • v2/test/utils/SystemContractMock.sol
    • v2/test/utils/TestZContract.sol
    • v2/test/utils/IReceiverEVM.sol
    • v2/test/utils/SystemContract.sol
    • v2/test/fuzz/ERC20CustodyEchidnaTest.sol
    • v2/test/utils/WZETA.sol
    • v2/test/utils/TestERC20.sol
    • v2/test/utils/ReceiverEVM.sol
    • v2/test/utils/SenderZEVM.sol
    • v2/test/ZRC20.t.sol
    • v2/test/GatewayEVMZEVM.t.sol
    • v2/test/ZetaConnectorNonNative.t.sol
    • v2/test/fuzz/GatewayEVMEchidnaTest.sol
    • v2/src/zevm/interfaces/zContract.sol
    • v2/test/GatewayZEVM.t.sol
    • v2/src/zevm/interfaces/IZRC20.sol
    • v2/test/ZetaConnectorNative.t.sol
    • v2/src/zevm/interfaces/IWZETA.sol
    • v2/src/zevm/interfaces/IGatewayZEVM.sol
    • v2/src/zevm/GatewayZEVM.sol
    • v2/test/utils/GatewayEVMUpgradeTest.sol
    • v2/src/evm/interfaces/IZetaNonEthNew.sol
    • v2/test/GatewayEVM.t.sol
    • v2/src/evm/interfaces/IZetaConnector.sol
    • v2/src/evm/interfaces/IGatewayEVM.sol
    • v2/src/evm/interfaces/IERC20Custody.sol
    • v2/src/evm/ZetaConnectorNonNative.sol
    • v2/src/evm/ZetaConnectorBase.sol
    • v2/src/evm/ZetaConnectorNative.sol
    • v2/scripts/localnet/ZevmCall.s.sol
    • v2/scripts/localnet/EvmDepositAndCall.s.sol
    • v2/src/zevm/interfaces/ISystem.sol
    • v2/src/zevm/ZRC20.sol
    • v2/scripts/localnet/ZevmWithdrawAndCall.s.sol
    • v2/src/evm/ERC20Custody.sol
    • v2/scripts/localnet/EvmCall.s.sol
    • v2/src/evm/GatewayEVM.sol
    • v2/test/GatewayEVMUpgrade.t.sol
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the compatibility of the Solidity version.

# Test: Check the Solidity version in the project's contracts. Expect: Version should be `0.8.26`.
rg --type solidity 'pragma solidity 0.8.26'

Length of output: 78

Script:

#!/bin/bash
# Description: Verify the compatibility of the Solidity version.

# Locate all Solidity files and search for the pragma statement with version 0.8.26
fd -e sol | xargs rg 'pragma solidity 0.8.26'

Length of output: 2290

v2/typechain-types/factories/IGatewayZEVM.sol/IGatewayZEVMErrors__factory.ts (1)

52-56: LGTM!

The addition of the new error type ZRC20DepositFailed enhances the error handling capabilities of the contract and is consistent with existing error types.

v2/src/evm/ZetaConnectorBase.sol (3)

34-35: LGTM!

The updates to the constructor enhance code readability and ensure that all critical addresses are validated before proceeding.

41-43: LGTM!

The role granting logic remains intact and correctly uses the new parameter names.

Line range hint 16-16:
Verify the impact of the removal of tssAddress.

Ensure that the removal of the tssAddress state variable does not affect other parts of the contract or dependent contracts.

v2/src/evm/ERC20Custody.sol (3)

20-20: Enhance security by making gateway immutable.

Changing gateway to an immutable variable ensures it can only be set once during deployment, preventing future modifications.

28-35: Improve readability and security in the constructor.

Renaming the parameters enhances clarity. Adding a zero address check ensures that critical addresses are valid upon contract creation.

28-35: Simplify contract by removing redundant state variable.

Removing the tssAddress state variable and using the constructor parameter directly simplifies the contract and improves maintainability.

v2/typechain-types/factories/IGatewayEVM.sol/IGatewayEVM__factory.ts (6)

12-29: Enhance contract capabilities with call function.

The call function allows for sending a payload to a specified receiver address without returning any output, enabling interactions with other contracts without transferring assets.

30-42: Enhance contract capabilities with deposit function (ETH).

The first overload of the deposit function allows for depositing ETH to a specified receiver address, enhancing the contract's capabilities.

43-65: Enhance contract capabilities with deposit function (ERC20).

The second overload of the deposit function allows for depositing ERC20 tokens to a specified receiver address, enhancing the contract's capabilities.

66-83: Enhance contract capabilities with depositAndCall function (ETH).

The first overload of the depositAndCall function allows for depositing ETH and calling a contract with a payload, enhancing the contract's capabilities.

84-111: Enhance contract capabilities with depositAndCall function (ERC20).

The second overload of the depositAndCall function allows for depositing ERC20 tokens and calling a contract with a payload, enhancing the contract's capabilities.

136-153: Enhance contract capabilities with executeRevert function.

The executeRevert function allows for transferring msg.value to a specified destination contract and executing its onRevert function, providing a mechanism for handling contract calls that may revert.

v2/src/evm/interfaces/IGatewayEVM.sol (6)

83-87: Enhance interface capabilities with executeRevert function.

The executeRevert function allows for transferring msg.value to a specified destination contract and executing its onRevert function, providing a mechanism for handling contract calls that may revert.

102-105: Enhance interface capabilities with deposit function (ETH).

The first overload of the deposit function allows for depositing ETH to a specified receiver address, enhancing the interface's capabilities.

106-111: Enhance interface capabilities with deposit function (ERC20).

The second overload of the deposit function allows for depositing ERC20 tokens to a specified receiver address, enhancing the interface's capabilities.

112-116: Enhance interface capabilities with depositAndCall function (ETH).

The first overload of the depositAndCall function allows for depositing ETH and calling a contract with a payload, enhancing the interface's capabilities.

117-122: Enhance interface capabilities with depositAndCall function (ERC20).

The second overload of the depositAndCall function allows for depositing ERC20 tokens and calling a contract with a payload, enhancing the interface's capabilities.

124-127: Enhance interface capabilities with call function.

The call function allows for calling an omnichain smart contract without transferring any assets, enabling interactions with other contracts without transferring assets.

v2/src/zevm/interfaces/IGatewayZEVM.sol (4)

75-87: LGTM!

The depositAndCall function is well-defined and correctly typed.

88-102: LGTM!

The executeRevert function is well-defined and correctly typed.

103-116: LGTM!

The depositAndRevert function is well-defined and correctly typed.

165-167: LGTM!

The ZRC20DepositFailed error is well-defined and consistent with the existing error handling mechanisms.

v2/typechain-types/factories/IGatewayZEVM.sol/IGatewayZEVM__factory.ts (3)

58-102: The function depositAndCall looks good.

The structured input parameter context is correctly defined, and the function parameters align with the intended functionality.

153-202: The function depositAndRevert looks good.

The structured input parameter context is correctly defined, and the function parameters align with the intended functionality.

253-302: The function executeRevert looks good.

The structured input parameter context is correctly defined, and the function parameters align with the intended functionality.

v2/pkg/igatewayzevm.sol/igatewayzevmerrors.go (1)

34-34: The addition of the error type ZRC20DepositFailed looks good.

The new error type is correctly defined and integrated within the ABI.

v2/typechain-types/factories/ZetaConnectorBase__factory.ts (1)

Line range hint 1-1:
Verify the impact of the removal of the tssAddress function.

Ensure that the removal of the tssAddress function does not impact other parts of the codebase.

v2/src/zevm/ZRC20.sol (4)

45-45: Good use of the immutable keyword.

Changing _decimals to immutable ensures it is set only once during deployment, enhancing security and gas efficiency.

73-73: Good input validation.

The check for zero addresses in the constructor prevents potential vulnerabilities and ensures the integrity of the contract's operations.

279-279: Good input validation.

The check for zero addresses in updateSystemContractAddress ensures the system contract address is always valid.

289-289: Good input validation.

The check for zero addresses in updateGatewayAddress ensures the gateway address is always valid.

v2/typechain-types/IGatewayZEVM.sol/IGatewayZEVM.ts (7)

36-47: Addition of new types for transaction context.

The new types RevertContextStruct and RevertContextStructOutput encapsulate details about the transaction context during a revert operation, enhancing the interface's ability to manage complex transaction scenarios.

53-55: Update to getFunction method.

The inclusion of new function signatures ensures that the interface can properly handle the new operations related to transaction contexts.

73-89: Update to encodeFunctionData method.

The updates to handle new function signatures are necessary for encoding data for the new operations, ensuring proper functionality.

124-139: Update to decodeFunctionResult method.

The updates to handle new function signatures are necessary for decoding data for the new operations, ensuring proper functionality.

213-223: Overloading depositAndCall method.

The overloading of depositAndCall to accept different signatures enhances the interface's flexibility by accommodating both a direct deposit and a deposit with an additional revert context.

Tools
Biome

[error] 220-220: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

236-247: Introduction of depositAndRevert method.

The depositAndRevert method allows for more complex transaction handling scenarios by taking a RevertContextStruct along with other parameters, enhancing the interface's functionality.

Tools
Biome

[error] 244-244: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

260-271: Introduction of executeRevert method.

The executeRevert method enhances the interface's ability to manage operations that may revert by accepting a RevertContextStruct.

Tools
Biome

[error] 268-268: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

v2/src/zevm/GatewayZEVM.sol (5)

19-19: Explicit implementation of IGatewayZEVM interface.

Explicitly implementing the IGatewayZEVM interface indicates a clearer adherence to defined behaviors and expectations, improving code clarity.

54-65: Improved parameter naming and input validation in initialize function.

The improved naming conventions enhance readability, and the check for zero addresses ensures the integrity of the contract's operations.

186-186: Addition of failure check in deposit function.

The failure check for the deposit call on the IZRC20 interface enhances the robustness of the contract by ensuring that any failure in the deposit operation is appropriately managed.

228-228: Addition of failure check in depositAndCall function.

The failure check for the deposit call on the IZRC20 interface ensures that any failure in the deposit operation is appropriately managed, enhancing the robustness of the contract.

292-292: Addition of failure check in depositAndRevert function.

The failure check for the deposit call on the IZRC20 interface ensures that any failure in the deposit operation is appropriately managed, enhancing the robustness of the contract.

v2/src/evm/GatewayEVM.sol (7)

53-67: LGTM! Parameter renaming improves readability.

The initialize function's parameter names have been updated for clarity, and the logic remains correct.

130-133: LGTM! Addition of nonReentrant modifier enhances security.

The nonReentrant modifier prevents reentrancy attacks, thereby enhancing the security of the execute function.

156-156: LGTM! Addition of nonReentrant modifier enhances security.

The nonReentrant modifier prevents reentrancy attacks, thereby enhancing the security of the executeWithERC20 function.

192-192: LGTM! Addition of nonReentrant modifier enhances security.

The nonReentrant modifier prevents reentrancy attacks, thereby enhancing the security of the revertWithERC20 function.

262-262: LGTM! Addition of nonReentrant modifier enhances security.

The nonReentrant modifier prevents reentrancy attacks, thereby enhancing the security of the call function.

267-273: LGTM! Parameter renaming improves readability.

The setCustody function's parameter names have been updated for clarity, and the logic remains correct.

277-283: LGTM! Parameter renaming improves readability.

The setConnector function's parameter names have been updated for clarity, and the logic remains correct.

v2/typechain-types/ERC20Custody.ts (4)

Line range hint 34-34: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the encodeFunctionData method for tssAddress aligns with the overall changes and does not impact the interface functionality.

Line range hint 61-61: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the decodeFunctionResult method for tssAddress aligns with the overall changes and does not impact the interface functionality.

140-140: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the tssAddress property from the ERC20Custody interface aligns with the overall changes and does not impact the interface functionality.

Line range hint 274-274: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the getFunction method for tssAddress aligns with the overall changes and does not impact the interface functionality.

v2/typechain-types/ZetaConnectorBase.ts (4)

Line range hint 34-34: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the encodeFunctionData method for tssAddress aligns with the overall changes and does not impact the interface functionality.

Line range hint 61-61: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the decodeFunctionResult method for tssAddress aligns with the overall changes and does not impact the interface functionality.

Line range hint 140-140: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the tssAddress property from the ZetaConnectorBase interface aligns with the overall changes and does not impact the interface functionality.

Line range hint 274-274: LGTM! Removal of tssAddress function is consistent with the overall changes.

The removal of the getFunction method for tssAddress aligns with the overall changes and does not impact the interface functionality.

v2/typechain-types/ZetaConnectorNative.ts (2)

Line range hint 1-1:
LGTM! But verify the impact of removing encodeFunctionData and decodeFunctionResult for tssAddress.

The removal of the encodeFunctionData and decodeFunctionResult methods for tssAddress from the ZetaConnectorNativeInterface is approved.

However, ensure that all references to these methods are removed or updated in the codebase.

Verification successful

LGTM! The removal of encodeFunctionData and decodeFunctionResult for tssAddress is consistent.

No references to encodeFunctionData("tssAddress") or decodeFunctionResult("tssAddress") were found in the codebase.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `encodeFunctionData` and `decodeFunctionResult` for `tssAddress` are removed or updated.

# Test: Search for references to `encodeFunctionData("tssAddress")` and `decodeFunctionResult("tssAddress")`. Expect: No occurrences.
rg --type typescript -A 5 $'encodeFunctionData("tssAddress")'
rg --type typescript -A 5 $'decodeFunctionResult("tssAddress")'

Length of output: 197

Script:

#!/bin/bash
# Description: Verify all references to `encodeFunctionData` and `decodeFunctionResult` for `tssAddress` are removed or updated.

# Test: Search for references to `encodeFunctionData("tssAddress")` and `decodeFunctionResult("tssAddress")`. Expect: No occurrences.
rg -A 5 $'encodeFunctionData("tssAddress")'
rg -A 5 $'decodeFunctionResult("tssAddress")'

Length of output: 91

Line range hint 1-1:
LGTM! But verify the impact of removing getFunction(nameOrSignature: "tssAddress").

The removal of the getFunction(nameOrSignature: "tssAddress") from the ZetaConnectorNative interface is approved.

However, ensure that all references to this method are removed or updated in the codebase.

Verification successful

LGTM! The removal of getFunction(nameOrSignature: "tssAddress") from the ZetaConnectorNative interface is verified.

No references to getFunction(nameOrSignature: "tssAddress") were found in the codebase, confirming that all references have been removed or updated.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `getFunction(nameOrSignature: "tssAddress")` are removed or updated.

# Test: Search for references to `getFunction(nameOrSignature: "tssAddress")`. Expect: No occurrences.
rg --type typescript -A 5 $'getFunction(nameOrSignature: "tssAddress")'

Length of output: 107

Script:

#!/bin/bash
# Description: Verify all references to `getFunction(nameOrSignature: "tssAddress")` are removed or updated.

# Test: Search for references to `getFunction(nameOrSignature: "tssAddress")`. Expect: No occurrences.
rg -A 5 $'getFunction(nameOrSignature: "tssAddress")'

Length of output: 54

v2/pkg/senderzevm.sol/senderzevm.go (1)

35-35: LGTM! But verify the impact of updating the bytecode.

The update of the bytecode in the Bin field of the SenderZEVMMetaData variable is approved.

However, ensure that the new bytecode is correct and consistent with the contract's functionality.

v2/typechain-types/ZetaConnectorNonNative.ts (3)

412-412: LGTM!

The modification in parameter naming for the setMaxSupply method from _maxSupply to maxSupply_ is approved. This change improves clarity.

Line range hint 1-1:
LGTM! But verify the impact of removing tssAddress.

The removal of the tssAddress function from the ZetaConnectorNonNativeInterface is approved.

However, ensure that all references to tssAddress are removed or updated in the codebase.

Line range hint 1-1:
LGTM! But verify the impact of removing encodeFunctionData and decodeFunctionResult for tssAddress.

The removal of the encodeFunctionData and decodeFunctionResult methods for tssAddress from the ZetaConnectorNonNativeInterface is approved.

However, ensure that all references to these methods are removed or updated in the codebase.

Verification successful

LGTM! The removal of encodeFunctionData and decodeFunctionResult for tssAddress is consistent and does not leave any orphaned references.

  • No occurrences of encodeFunctionData("tssAddress") or decodeFunctionResult("tssAddress") were found in the codebase.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `encodeFunctionData` and `decodeFunctionResult` for `tssAddress` are removed or updated.

# Test: Search for references to `encodeFunctionData("tssAddress")` and `decodeFunctionResult("tssAddress")`. Expect: No occurrences.
rg --type typescript -A 5 $'encodeFunctionData("tssAddress")'
rg --type typescript -A 5 $'decodeFunctionResult("tssAddress")'

Length of output: 197

Script:

#!/bin/bash
# Description: Verify all references to `encodeFunctionData` and `decodeFunctionResult` for `tssAddress` are removed or updated.

# Test: Search for references to `encodeFunctionData("tssAddress")` and `decodeFunctionResult("tssAddress")`. Expect: No occurrences.
rg --type ts -A 5 $'encodeFunctionData("tssAddress")'
rg --type ts -A 5 $'decodeFunctionResult("tssAddress")'

Length of output: 111

v2/typechain-types/factories/ERC20Custody__factory.ts (3)

24-34: Parameter Renaming for Clarity.

The constructor parameters have been renamed to improve readability and follow common naming conventions. This change enhances the clarity of the ABI definition.

605-613: Parameter Renaming for Consistency.

The parameters in the getDeployTransaction method have been renamed to match the updated constructor parameters. This change ensures consistency across the codebase.

618-626: Parameter Renaming for Consistency.

The parameters in the deploy method have been renamed to match the updated constructor parameters. This change ensures consistency across the codebase.

v2/pkg/igatewayevm.sol/igatewayevm.go (5)

34-34: Updated ABI with New Method Definitions.

The ABI has been updated with new method definitions, expanding the contract's functionality. This change enhances the contract's capabilities.

183-203: Addition of Call Method.

The Call method has been added to the IGatewayEVMTransactor, IGatewayEVMSession, and IGatewayEVMTransactorSession structs. This method facilitates sending a payload to a specified address.

204-244: Addition of Deposit and Deposit0 Methods.

The Deposit and Deposit0 methods have been added to the IGatewayEVMTransactor, IGatewayEVMSession, and IGatewayEVMTransactorSession structs. These methods facilitate deposits with and without additional parameters.

246-286: Addition of DepositAndCall and DepositAndCall0 Methods.

The DepositAndCall and DepositAndCall0 methods have been added to the IGatewayEVMTransactor, IGatewayEVMSession, and IGatewayEVMTransactorSession structs. These methods facilitate deposits with additional payload data.

309-328: Addition of ExecuteRevert Method.

The ExecuteRevert method has been added to the IGatewayEVMTransactor, IGatewayEVMSession, and IGatewayEVMTransactorSession structs. This method handles transactions that may revert.

v2/typechain-types/factories/ZetaConnectorNative__factory.ts (3)

27-42: Parameter Renaming for Clarity.

The constructor parameters have been renamed to improve readability and follow common naming conventions. This change enhances the clarity of the ABI definition.

621-631: Parameter Renaming for Consistency.

The parameters in the getDeployTransaction method have been renamed to match the updated constructor parameters. This change ensures consistency across the codebase.

636-646: Parameter Renaming for Consistency.

The parameters in the deploy method have been renamed to match the updated constructor parameters. This change ensures consistency across the codebase.

v2/typechain-types/GatewayEVMEchidnaTest.ts (3)

668-670: LGTM!

The parameter renaming in the initialize function enhances clarity and consistency.

Tools
Biome

[error] 669-669: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

703-704: LGTM!

The parameter renaming in the setConnector function enhances clarity and consistency.

Tools
Biome

[error] 704-704: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

709-710: LGTM!

The parameter renaming in the setCustody function enhances clarity and consistency.

Tools
Biome

[error] 710-710: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.

(lint/suspicious/noConfusingVoidType)

v2/typechain-types/factories/GatewayEVMUpgradeTest__factory.ts (1)

1041-1041: Verify the correctness of the new bytecode.

The extensive changes to the bytecode string suggest significant updates to the contract's implementation. Ensure that the new bytecode has been thoroughly tested and reviewed.

#!/bin/bash
# Description: Verify the correctness of the new bytecode.

# Test: Search for the new bytecode string. Expect: Only occurrences of the new bytecode.
rg --type js --type ts '0x60a06040523060805234801561001457600080fd5b5061001d610022565b6100d4565b7ff0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00805468010000000000000000900460ff16156100725760405163f92ee8a960e01b815260040160405180910390fd5b80546001600160401b03908116146100d15780546001600160401b0319166001600160401b0390811782556040519081527fc7f505b2f371ae2175ee4913f4499e1f2633a7b5936321eed1cdaeb6115181d29060200160405180910390a15b50565b608051612d526100fd60003960008181611ab101528181611ada0152611f250152612d526000f3fe6080604052600436106101e35760003560e01c80635c975abb11610102578063ae7a3a6f11610095578063dda79b7511610064578063dda79b751461062e578063e63ab1e91461064e578063f340fa0114610682578063f45346dc1461069557600080fd5b8063ae7a3a6f146105ae578063b8969bd4146105ce578063c0c53b8b146105ee578063d547741f1461060e57600080fd5b806391d14854116100d157806391d14854146104b7578063a217fddf1461051c578063a783c78914610531578063ad3cb1cc1461056557600080fd5b80635c975abb146104175780635d62c8601461044e5780638456cb59146104825780638c6f037f1461049757600080fd5b806335c018db1161017a5780635131ab59116101495780635131ab59146103a257806352d1902d146103c257806357bec62f146103d75780635b112591146103f757600080fd5b806335c018db1461034757806336568abe1461035a5780633f4ba83a1461037a5780634f1ef2861461038f57600080fd5b806321e093b1116101b657806321e093b11461027f578063248a9ca3146102b757806329c59b5d146103145780632f2ff15d1461032757600080fd5b806301ffc9a7146101e857806310188aef1461021d5780631b8b921d1461023f5780631cff79cd1461025f575b600080fd5b3480156101f457600080fd5b506102086102033660046127c5565b6106b5565b60405190151581526020015b60405180910390f35b34801561022957600080fd5b5061023d610238366004612823565b61074e565b005b34801561024b57600080fd5b5061023d61025a366004612887565b610842565b61027261026d366004612887565b610894565b6040516102149190612948565b34801561028b57600080fd5b5060035461029f906001600160a01b031681565b6040516001600160a01b039091168152602001610214565b3480156102c357600080fd5b506103066102d236600461295b565b60009081527f02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800602052604090206001015490565b604051908152602001610214565b61023d610322366004612887565b61091d565b34801561033357600080fd5b5061023d610342366004612974565b610a42565b61023d610355366004612887565b610a8c565b34801561036657600080fd5b5061023d610375366004612974565b610c0b565b34801561038657600080fd5b5061023d610c5c565b61023d61039d3660046129cf565b610c91565b3480156103ae57600080fd5b5061023d6103bd366004612ad6565b610cb0565b3480156103ce57600080fd5b50610306610f85565b3480156103e357600080fd5b5060025461029f906001600160a01b031681565b34801561040357600080fd5b5060015461029f906001600160a01b031681565b34801561042357600080fd5b507fcd5ed15c6e187e77e9aee88184c21f4f2182ab5827cb3b7e07fbedcd63f033005460ff16610208565b34801561045a57600080fd5b506103067f584a0b16e9f616d90ccec14a0b852c19aceccfd3d60699398a57dce2b0de01b981565b34801561048e57600080fd5b5061023d610fb4565b3480156104a357600080fd5b5061023d6104b2366004612b45565b610fe6565b3480156104c357600080fd5b506102086104d2366004612974565b60009182527f02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800602090815260408084206001600160a01b0393909316845291905290205460ff1690565b34801561052857600080fd5b50610306600081565b34801561053d57600080fd5b506103067f0da06bffcb63442de88b7f8385468eaf51e47079d4fa96875938e2c27c451deb81565b34801561057157600080fd5b506102726040518060400160405280600581526020017f352e302e3000000000000000000000000000000000000000000000000000000081525081565b3480156105ba57600080fd5b5061023d6105c9366004612823565b611083565b3480156105da57600080fd5b5061023d6105e9366004612ad6565b611177565b3480156105fa57600080fd5b5061023d610609366004612b97565b6112e9565b34801561061a57600080fd5b5061023d610629366004612974565b61159e565b34801561063a57600080fd5b5060005461029f906001600160a01b031681565b34801561065a57600080fd5b506103067f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a81565b61023d610690366004612823565b6115e2565b3480156106a157600080fd5b5061023d6106b0366004612bda565b611707565b60007fffffffff0000000000000000000000000000000000000000000000000000000082167f7965db0b00000000000000000000000000000000000000000000000000000000148061074857507f01ffc9a7000000000000000000000000000000000000000000000000000000007fffffffff000000000000000000000000000000000000000000000000000000008316145b92915050565b6000610759816117b2565b6002546001600160a01b03161561079c576040517fb337f37800000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6001600160a01b0382166107dc576040517fd92e233d00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6108067f584a0b16e9f616d90ccec14a0b852c19aceccfd3d60699398a57dce2b0de01b9836117bc565b5050600280547fffffffffffffffffffffffff0000000000000000000000000000000000000000166001600160a01b0392909216919091179055565b826001600160a01b0316336001600160a01b03167f2a21062ee9199c2e205622999eeb7c3da73153674f36a0acd3f74fa6af67bde38484604051610887929190612c56565b60405180910390a3505050565b60607f0da06bffcb63442de88b7f8385468eaf51e47079d4fa96875938e2c27c451deb6108c0816117b2565b60006108cd8686866118a9565b9050856001600160a01b03167f373df382b9c587826f3de13f16d67f8d99f28ee947fc0924c6ef2d6d2c7e854634878760405161090c93929190612c72565b60405180910390a295945050505050565b34600003610957576040517f7671265e00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6001546040516000916001600160a01b03169034908381818185875af1925050503d80600081146109a4576040519150601f19603f3d011682016040523d82523d6000602084013e6109a9565b606091505b50909150508015156000036109ea576040517f79cacff100000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b836001600160a01b0316336001600160a01b03167f2103daedac6c1eee9e5bfbd02064d751c9ec3c03fb9bc3e4f94ca41afa38c1a43460008787604051610a349493929190612c8c565b60405180910390a350505050565b60008281527f02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b6268006020526040902060010154610a7c816117b2565b610a8683836117bc565b50505050565b7f0da06bffcb63442de88b7f8385468eaf51e47079d4fa96875938e2c27c451deb610ab6816117b2565b600080856001600160a01b03163460405160006040518083038185875af1925050503d8060008114610b04576040519150601f19603f3d011682016040523d82523d6000602084013e610b09565b606091505b509150915081610b45576040517facfdb44400000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6040517f8fcaa0b50000000000000000000000000000000000000000000000000000000081526001600160a01b03871690638fcaa0b590610b8c9088908890600401612c56565b600060405180830381600087803b158015610ba657600080fd5b505af1158015610bba573d6000803e3d6000fd5b50505050856001600160a01b03167fd5d7616b1678354a0dea9d7e57e6a090bff5babe9f8d6381fdbad16e89ba311c348787604051610bfb93929190612c72565b60405180910390a2505050505050565b6001600160a01b0381163314610c4d576040517f6697b23200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610c578282611952565b505050565b7f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a610c86816117b2565b610c8e611a16565b50565b610c99611aa6565b610ca282611b78565b610cac8282611b83565b5050565b610cb8611ca7565b7f584a0b16e9f616d90ccec14a0b852c19aceccfd3d60699398a57dce2b0de01b9610ce2816117b2565b83600003610d1c576040517f951e

</blockquote></details>
<details>
<summary>v2/typechain-types/factories/GatewayZEVM__factory.ts (3)</summary><blockquote>

`433-438`: **LGTM! Parameter renaming improves readability.**

The parameters `_zetaToken` and `_admin` have been renamed to `zetaToken_` and `admin_` respectively, enhancing clarity and consistency.

---

`1011-1015`: **LGTM! New error type enhances error handling.**

The new error type `ZRC20DepositFailed` improves the contract's robustness by providing more granular error reporting.

---

`1029-1029`: **LGTM! ABI and bytecode updates likely reflect optimizations.**

Extensive updates to the ABI and bytecode sections indicate potential changes in the contract's functionality. Ensure that these changes are consistent with the intended functionality.

</blockquote></details>
<details>
<summary>v2/typechain-types/factories/GatewayEVMEchidnaTest__factory.ts (5)</summary><blockquote>

`350-360`: **LGTM! Improved parameter naming convention.**

The change enhances clarity and consistency in the naming convention used across the contract's ABI.

---

`470-470`: **LGTM! Improved parameter naming convention.**

The change enhances clarity and consistency in the naming convention used across the contract's ABI.

---

`483-483`: **LGTM! Improved parameter naming convention.**

The change enhances clarity and consistency in the naming convention used across the contract's ABI.

---

`1065-1065`: **LGTM! Updated ABI and bytecode.**

The class now uses the updated ABI and bytecode, ensuring consistency with the changes made.

---

`1065-1065`: **Verify the implications of the bytecode changes.**

The bytecode string has been altered. Ensure that the changes do not introduce any unintended side effects.

</blockquote></details>
<details>
<summary>v2/pkg/zetaconnectorbase.sol/zetaconnectorbase.go (1)</summary><blockquote>

`34-34`: **Verify the impact of removing `TssAddress` from `ZetaConnectorBaseCallerSession`.**

The removal of this function may affect any code that previously relied on it. Ensure that all dependencies are updated accordingly.

</blockquote></details>
<details>
<summary>v2/pkg/erc20custody.sol/erc20custody.go (2)</summary><blockquote>

`34-35`: **LGTM! The updated parameter names improve clarity.**

The changes to the ABI string enhance readability and consistency.

---

Line range hint `47-56`: 
**LGTM! But verify the function usage in the codebase.**

The changes to the function signature improve readability and consistency.


However, ensure that all function calls to `DeployERC20Custody` match the new signature.

</blockquote></details>
<details>
<summary>v2/pkg/zetaconnectornative.sol/zetaconnectornative.go (2)</summary><blockquote>

`34-35`: **LGTM! ABI and Bin updates are correct.**

The ABI and Bin fields in `ZetaConnectorNativeMetaData` have been updated to reflect the new parameter names in the constructor, ensuring consistency.

---

Line range hint `47-56`: 
**LGTM! Parameter renaming is correct.**

The function `DeployZetaConnectorNative` has been updated to use the new parameter names, ensuring consistency with the updated ABI.

</blockquote></details>
<details>
<summary>v2/pkg/zrc20.sol/zrc20.go (7)</summary><blockquote>

Line range hint `122-122`: **Ensure correct handling of new constructor parameters.**

The `DeployZRC20` function has been updated to include new constructor parameters. Verify that the function correctly handles these parameters during contract deployment.

---

Line range hint `172-172`: **Verify binding to updated contract instance.**

The `NewZRC20` function creates a new instance of the ZRC20 contract. Ensure that the function correctly binds to the updated contract instance.

---

Line range hint `1052-1052`: **Ensure correct update of gas limit parameter.**

The `UpdateGasLimit` function has been added or modified. Verify that the function correctly updates the gas limit parameter in the contract.

---

Line range hint `1060-1060`: **Ensure correct update of gateway address parameter.**

The `UpdateGatewayAddress` function has been added or modified. Verify that the function correctly updates the gateway address parameter in the contract.

---

Line range hint `1068-1068`: **Ensure correct update of protocol flat fee parameter.**

The `UpdateProtocolFlatFee` function has been added or modified. Verify that the function correctly updates the protocol flat fee parameter in the contract.

---

Line range hint `1076-1076`: **Ensure correct update of system contract address parameter.**

The `UpdateSystemContractAddress` function has been added or modified. Verify that the function correctly updates the system contract address parameter in the contract.

---

Line range hint `1084-1084`: **Verify event handling logic.**

Several events have been added or modified in the ABI. Ensure that the event handling logic correctly processes these events.

</blockquote></details>
<details>
<summary>v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go (4)</summary><blockquote>

`636-638`: **LGTM! Verify the consistency of parameter names.**

The changes improve consistency across the contract's interface by using `maxSupply_` as the parameter name.


However, ensure that the new parameter name (`maxSupply_`) is consistent across the function body.

<details>
<summary>Verification successful</summary>



---

<!-- [monologue]
[task review_file_1/1 function_4/4] Verify the consistency of the new parameter name `maxSupply_` in the function `SetMaxSupply`.
[observations] The search results show multiple occurrences of the parameter name `maxSupply_` in different functions within the file.
[analysis] The new parameter name `maxSupply_` is consistently used across the function `SetMaxSupply` and other related functions in the file. There are no inconsistencies or remnants of the old parameter name.
[actions] Conclude the verification process and generate the final response indicating successful verification.
-->

**Verified: The parameter name `maxSupply_` is used consistently across the function `SetMaxSupply`.**

The changes improve consistency across the contract's interface, and the new parameter name is consistently used throughout the file.

- `v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go`: Verified consistent usage of `maxSupply_`.



</details>


<details>
<summary>Scripts executed</summary>

The following scripts were executed for the analysis:

Script:

```shell
#!/bin/bash
# Description: Verify the consistency of new parameter name.

# Test: Search for the old parameter name. Expect: No occurrences of the old parameter name.
rg --type go -A 5 $'_maxSupply'

Length of output: 30

Script:

#!/bin/bash
# Description: Verify the consistency of the new parameter name `maxSupply_`.

# Test: Search for the new parameter name. Expect: Consistent usage of `maxSupply_`.
rg --type go -A 5 'maxSupply_' v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go

Length of output: 21769

622-624: LGTM! Verify the consistency of parameter names.

The changes improve consistency across the contract's interface by using maxSupply_ as the parameter name.

However, ensure that the new parameter name (maxSupply_) is consistent across the function body.

Verification successful

The parameter name maxSupply_ is used consistently across the function body.

The changes have been applied correctly and uniformly across the codebase.

  • v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go
  • v1/pkg/contracts/evm/zetaconnector.non-eth.sol/zetaconnectornoneth.go
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the consistency of new parameter name.

# Test: Search for the old parameter name. Expect: No occurrences of the old parameter name.
rg --type go -A 5 $'_maxSupply'

Length of output: 30

Script:

#!/bin/bash
# Description: Verify the consistency of the new parameter name `maxSupply_` in the function `SetMaxSupply`.

# Test: Search for the new parameter name `maxSupply_` in the function `SetMaxSupply`.
ast-grep --lang go --pattern $'func ($_ *ZetaConnectorNonNativeTransactor) SetMaxSupply($_, maxSupply_ *big.Int) ($_, $_) {
  $$$
  maxSupply_
  $$$
}'

Length of output: 152

Script:

#!/bin/bash
# Description: Verify the consistency of the new parameter name `maxSupply_` in the function `SetMaxSupply`.

# Test: Search for the function definition `SetMaxSupply` and check the usage of `maxSupply_` within the function body.
rg --type go 'func (_ZetaConnectorNonNative \*ZetaConnectorNonNativeTransactor) SetMaxSupply' -A 10

Length of output: 101

Script:

#!/bin/bash
# Description: Verify the consistency of the new parameter name `maxSupply_` in the function `SetMaxSupply`.

# Test: Search for the function name `SetMaxSupply` across the entire codebase and include more context lines to understand its usage.
rg 'SetMaxSupply' -A 20

Length of output: 9160

Line range hint 47-56:
LGTM! Verify the consistency of parameter names.

The changes improve readability and maintainability by using more descriptive parameter names.

However, ensure that the new parameter names (gateway_, zetaToken_, tssAddress_, admin_) are consistent across the function body.

Verification successful

The script output indicates that the old parameter names are still present in the codebase, but this does not necessarily affect the specific function DeployZetaConnectorNonNative. We need to verify the consistency of the new parameter names within this function in the file v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go.

Parameter names are consistent.

The new parameter names (gateway_, zetaToken_, tssAddress_, admin_) are used consistently within the function DeployZetaConnectorNonNative.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the consistency of new parameter names.

# Test: Search for the old parameter names. Expect: No occurrences of old parameter names.
rg --type go -A 5 $'_gateway|_zetaToken|_tssAddress|_admin'

Length of output: 48081

Script:

#!/bin/bash
# Description: Verify the consistency of new parameter names within the function `DeployZetaConnectorNonNative`.

# Search for the function definition and its body to ensure the new parameter names are used consistently.
ast-grep --lang go --pattern $'func DeployZetaConnectorNonNative(auth *bind.TransactOpts, backend bind.ContractBackend, gateway_ common.Address, zetaToken_ common.Address, tssAddress_ common.Address, admin_ common.Address) {
  $$$
}' --search-inside

Length of output: 471

Script:

#!/bin/bash
# Description: Verify the consistency of new parameter names within the function `DeployZetaConnectorNonNative`.

# Search for the function definition and its body to ensure the new parameter names are used consistently.
ast-grep --lang go --pattern $'func DeployZetaConnectorNonNative(auth *bind.TransactOpts, backend bind.ContractBackend, gateway_ common.Address, zetaToken_ common.Address, tssAddress_ common.Address, admin_ common.Address) {
  $$$
}'

Length of output: 234

Script:

#!/bin/bash
# Description: Verify the consistency of new parameter names within the function `DeployZetaConnectorNonNative`.

# Search for the function definition and its usage to ensure the new parameter names are used consistently.
rg 'DeployZetaConnectorNonNative' -A 10 v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go

Length of output: 870

629-631: LGTM! Verify the consistency of parameter names.

The changes improve consistency across the contract's interface by using maxSupply_ as the parameter name.

However, ensure that the new parameter name (maxSupply_) is consistent across the function body.

Verification successful

Parameter name maxSupply_ is consistently used in the SetMaxSupply function.

The parameter name maxSupply_ is consistently applied across all relevant instances of the SetMaxSupply function. There are no occurrences of the old parameter name maxSupply within the context of this function.

  • v2/pkg/zetaconnectornonnative.sol/zetaconnectornonnative.go
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the consistency of new parameter name.

# Test: Search for the old parameter name. Expect: No occurrences of the old parameter name.
rg --type go -A 5 $'_maxSupply'

Length of output: 30

Script:

#!/bin/bash
# Description: Verify the consistency of the new parameter name `maxSupply_` and check for any occurrences of the old parameter name `maxSupply`.

# Test: Search for the new parameter name `maxSupply_`. Expect: Occurrences in relevant function definitions and usage.
rg --type go -A 5 'maxSupply_'

# Test: Search for the old parameter name `maxSupply`. Expect: No occurrences if the parameter name has been consistently updated.
rg --type go -A 5 'maxSupply'

Length of output: 160334

v2/pkg/gatewayzevm.sol/gatewayzevm.go (3)

699-701: LGTM! Parameter renaming for consistency.

The parameter renaming improves readability and consistency. Ensure the changes are reflected in the calling code.

706-708: LGTM! Parameter renaming for consistency.

The parameter renaming improves readability and consistency. Ensure the changes are reflected in the calling code.

713-715: LGTM! Parameter renaming for consistency.

The parameter renaming improves readability and consistency. Ensure the changes are reflected in the calling code.

v2/pkg/gatewayevm.sol/gatewayevm.go (8)

837-839: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to Initialize match the new signature.

844-846: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to Initialize match the new signature.

830-832: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to Initialize match the new signature.

956-958: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to SetCustody match the new signature.

935-937: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to SetConnector match the new signature.

942-944: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to SetConnector match the new signature.

Verification successful

Verification successful: All function calls to SetConnector match the new signature.

The function SetConnector within the GatewayEVMSession struct has been verified to use the new signature correctly.

  • v2/pkg/gatewayevm.sol/gatewayevm.go
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `SetConnector` match the new signature.

# Test: Search for the function usage. Expect: Only occurrences of the new signature.
rg --type go -A 5 $'SetConnector'

Length of output: 62231

Script:

#!/bin/bash
# Description: Verify all function calls to SetConnector within GatewayEVMSession match the new signature.

# Test: Search for the function usage within the GatewayEVMSession struct. Expect: Only occurrences of the new signature.
ast-grep --lang go --pattern $'func ($_ *GatewayEVMSession) SetConnector($_ common.Address) (*types.Transaction, error)' -A 5

Length of output: 926

949-951: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to SetConnector match the new signature.

Verification successful

Verification Successful: Function usage matches the new signature

All instances of the SetConnector function in the codebase match the new signature. No discrepancies were found.

  • v2/pkg/gatewayevm.sol/gatewayevm.go
  • v2/pkg/systemcontract.sol/systemcontract.go
  • v2/pkg/gatewayevmechidnatest.sol/gatewayevmechidnatest.go
  • v2/pkg/gatewayevmupgradetest.sol/gatewayevmupgradetest.go
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `SetConnector` match the new signature.

# Test: Search for the function usage. Expect: Only occurrences of the new signature.
rg --type go -A 5 $'SetConnector'

Length of output: 62231

Script:

#!/bin/bash
# Description: Verify all function calls to `SetConnector` match the new signature.

# Test: Search for the function usage and check if they match the new signature.
rg --type go -A 5 'SetConnector'

Length of output: 62231

970-972: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to SetCustody match the new signature.

v2/pkg/gatewayevmupgradetest.sol/gatewayevmupgradetest.go (2)

35-35: Verify the correctness of the updated ABI.

The updated ABI includes new functions, modifications to existing function signatures, and the removal of certain functions. Ensure these changes are consistent with the contract's functionality and do not introduce any errors.

35-35: Ensure the binary representation is up-to-date.

The binary representation of the contract has been updated. Verify that it is consistent with the latest contract source code.

#!/bin/bash
# Description: Verify the binary representation is up-to-date.

# Test: Compare the binary representation with the compiled bytecode of the contract.
solc --bin --optimize --overwrite -o build/contracts v2/pkg/gatewayevmupgradetest.sol/GatewayEVMUpgradeTest.sol
diff build/contracts/GatewayEVMUpgradeTest.bin <(echo "0x60a06040523060805234801561001457600080fd5b5061001d610022565b6100d4565b7ff0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00805468010000000000000000900460ff16156100725760405163f92ee8a960e01b815260040160405180910390fd5b80546001600160401b03908116146100d15780546001600160401b0319166001600160401b0390811782556040519081527fc7f505b2f371ae2175ee4913f4499e1f2633a7b5936321eed1cdaeb6115181d29060200160405180910390a15b50565b608051612d526100fd60003960008181611ab101528181611ada0152611f250152612d526000f3fe6080604052600436106101e35760003560e01c80635c975abb11610102578063ae7a3a6f11610095578063dda79b7511610064578063dda79b751461062e578063e63ab1e91461064e578063f340fa0114610682578063f45346dc1461069557600080fd5b8063ae7a3a6f146105ae578063b8969bd4146105ce578063c0c53b8b146105ee578063d547741f1461060e57600080fd5b806391d14854116100d157806391d14854146104b7578063a217fddf1461051c578063a783c78914610531578063ad3cb1cc1461056557600080fd5b80635c975abb146104175780635d62c8601461044e5780638456cb59146104825780638c6f037f1461049757600080fd5b806335c018db1161017a5780635131ab59116101495780635131ab59146103a257806352d1902d146103c257806357bec62f146103d75780635b112591146103f757600080fd5b806335c018db1461034757806336568abe1461035a5780633f4ba83a1461037a5780634f1ef2861461038f57600080fd5b806321e093b1116101b657806321e093b11461027f578063248a9ca3146102b757806329c59b5d146103145780632f2ff15d1461032757600080fd5b806301ffc9a7146101e857806310188aef1461021d5780631b8b921d1461023f5780631cff79cd1461025f575b600080fd5b3480156101f457600080fd5b506102086102033660046127c5565b6106b5565b60405190151581526020015b60405180910390f35b34801561022957600080fd5b5061023d610238366004612823565b61074e565b005b34801561024b57600080fd5b5061023d61025a366004612887565b610842565b61027261026d366004612887565b610894565b6040516102149190612948565b34801561028b57600080fd5b5060035461029f906001600160a01b031681565b6040516001600160a01b039091168152602001610214565b3480156102c357600080fd5b506103066102d236600461295b565b60009081527f02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800602052604090206001015490565b604051908152602001610214565b61023d610322366004612887565b61091d565b34801561033357600080fd5b5061023d610342366004612974565b610a42565b61023d610355366004612887565b610a8c565b34801561036657600080fd5b5061023d610375366004612974565b610c0b565b34801561038657600080fd5b5061023d610c5c565b61023d61039d3660046129cf565b610c91565b3480156103ae57600080fd5b5061023d6103bd366004612ad6565b610cb0565b3480156103ce57600080fd5b50610306610f85565b3480156103e357600080fd5b5060025461029f906001600160a01b031681565b34801561040357600080fd5b5060015461029f906001600160a01b031681565b34801561042357600080fd5b507fcd5ed15c6e187e77e9aee88184c21f4f2182ab5827cb3b7e07fbedcd63f033005460ff16610208565b34801561045a57600080fd5b506103067f584a0b16e9f616d90ccec14a0b852c19aceccfd3d60699398a57dce2b0de01b981565b34801561048e57600080fd5b5061023d610fb4565b3480156104a357600080fd5b5061023d6104b2366004612b45565b610fe6565b3480156104c357600080fd5b506102086104d2366004612974565b60009182527f02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800602090815260408084206001600160a01b0393909316845291905290205460ff1690565b34801561052857600080fd5b50610306600081565b34801561053d57600080fd5b506103067f0da06bffcb63442de88b7f8385468eaf51e47079d4fa96875938e2c27c451deb81565b34801561057157600080fd5b506102726040518060400160405280600581526020017f352e302e3000000000000000000000000000000000000000000000000000000081525081565b3480156105ba57600080fd5b5061023d6105c9366004612823565b611083565b3480156105da57600080fd5b5061023d6105e9366004612ad6565b611177565b3480156105fa57600080fd5b5061023d610609366004612b97565b6112e9565b34801561061a57600080fd5b5061023d610629366004612974565b61159e565b34801561063a57600080fd5b5060005461029f906001600160a01b031681565b34801561065a57600080fd5b506103067f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a81565b61023d610690366004612823565b6115e2565b3480156106a157600080fd5b5061023d6106b0366004612bda565b611707565b60007fffffffff0000000000000000000000000000000000000000000000000000000082167f7965db0b00000000000000000000000000000000000000000000000000000148061074857507f01ffc9a7000000000000000000000000000000000000000000000000000000007fffffffff000000000000000000000000000000000000000000000000000000008316145b92915050565b6000610759816117b2565b6002546001600160a01b03161561079c576040517fb337f37800000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6001600160a01b0382166107dc576040517fd92e233d00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6108067f584a0b16e9f616d90ccec14a0b852c19aceccfd3d60699398a57dce2b0de01b9836117bc565b5050600280547fffffffffffffffffffffffff0000000000000000000000000000000000000000166001600160a01b0392909216919091179055565b826001600160a01b0316336001600160a01b03167f2a21062ee9199c2e205622999eeb7c3da73153674f36a0acd3f74fa6af67bde38484604051610887929190612c56565b60405180910390a3505050565b60607f0da06bffcb63442de88b7f8385468eaf51e47079d4fa96875938e2c27c451deb6108c0816117b2565b60006108cd8686866118a9565b9050856001600160a01b03167f373df382b9c587826f3de13f16d67f8d99f28ee947fc0924c6ef2d6d2c7e854634878760405161090c93929190612c72565b60405180910390a295945050505050565b34600003610957576040517f7671265e00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6001546040516000916001600160a01b03169034908381818185875af1925050503d80600081146109a4576040519150601f19603f3d011682016040523d82523d6000602084013e6109a9565b606091505b50909150508015156000036109ea576040517f79cacff100000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b836001600160a01b0316336001600160a01b03167f2103daedac6c1eee9e5bfbd02064d751c9ec3c03fb9bc3e4f94ca41afa38c1a43460008787604051610a349493929190612c8c565b60405180910390a350505050565b60008281527f02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b6268006020526040902060010154610a7c816117b2565b610a8683836117bc565b50505050565b7f0da06bffcb63442de88b7f8385468eaf51e47079d4fa96875938e2c27c451deb610ab6816117b2565b600080856001600160a01b03163460405160006040518083038185875af1925050503d8060008114610b04576040519150601f19603f3d011682016040523d82523d6000602084013e610b09565b606091505b509150915081610b45576040517facfdb44400000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6040517f8fcaa0b50000000000000000000000000000000000000000000000000000000081526001600160a01b03871690638fcaa0b590610b8c9088908890600401612c56565b600060405180830381600087803b158015610ba657600080fd5b505af1158015610bba573d6000803e3d6000fd5b50505050856001600160a01b03167fd5d7616b1678354a0dea9d7e57e6a090bff5babe9f8d6381fdbad16e89ba311c348787604051610bfb93929190612c72565b60405180910390a2505050505050565b6001600160a01b0381163314610c4d576040517f6697b23200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610c578282611952565b505050565b7f65d7a28e3265b37a6474929f336521b332c1681b933f6cb9f3376673440d862a610c86816117b2565b610c8e611a16565b50565b610c99611aa6565b610ca282611b78565b610cac8282611b83565b5050565b610cb8611ca7565b7f584a0b16e9f616d90ccec14a0b852c19aceccfd3d60699398a57dce2b0de01b9610ce2816117b2565b83600003610d1c576040517f951e19ed00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610d268686611d28565b610d5c576040517f8164f84200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6040517f095ea7b30000000000000000000000000000000000000000000000000000000081526001600160a01b0386811660048301526024820186905287169063095ea7b3906044016020604051808303816000875af1158015610dc4573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610de89190612cb5565b610e1e576040517f8164f84200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6000610e2b8685856118a9565b9050610e378787611d28565b610e6d576040517f8164f84200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6040517

</blockquote></details>
<details>
<summary>v2/typechain-types/factories/SenderZEVM__factory.ts (1)</summary><blockquote>

`123-123`: **Verify the bytecode update.**

The bytecode string has been updated. Ensure that this change is consistent with the expected contract logic and there are no syntax errors.

</blockquote></details>
<details>
<summary>v2/typechain-types/IGatewayEVM.sol/IGatewayEVM.ts (5)</summary><blockquote>

`26-35`: **Verify the addition of new function signatures in `getFunction`.**

Ensure that the new function signatures are correctly added and consistent with the expected contract logic.

---

`38-65`: **Verify the addition of new overloads in `encodeFunctionData`.**

Ensure that the new overloads are correctly added and consistent with the expected contract logic.

---

`75-96`: **Verify the addition of new overloads in `decodeFunctionResult`.**

Ensure that the new overloads are correctly added and consistent with the expected contract logic.

---

`150-196`: **Verify the addition of new methods.**

Ensure that the new methods for `call`, `deposit`, `depositAndCall`, and their overloads are correctly added and consistent with the expected contract logic.

<details>
<summary>Tools</summary>

<details>
<summary>Biome</summary><blockquote>

[error] 152-152: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 158-158: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 164-164: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 170-170: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 181-181: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 193-193: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

</blockquote></details>

</details>

---

`223-272`: **Verify the addition of new overloads in `getFunction`.**

Ensure that the new overloads are correctly added and consistent with the expected contract logic.

<details>
<summary>Tools</summary>

<details>
<summary>Biome</summary><blockquote>

[error] 227-227: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 232-232: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 237-237: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 244-244: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 256-256: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

---

[error] 270-270: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

</blockquote></details>

</details>

</blockquote></details>
<details>
<summary>v2/typechain-types/factories/ZRC20.sol/ZRC20__factory.ts (1)</summary><blockquote>

`674-674`: **Verify the bytecode update.**

The bytecode string has been updated. Ensure that this change is consistent with the expected contract logic and there are no syntax errors.

</blockquote></details>
<details>
<summary>v2/pkg/igatewayzevm.sol/igatewayzevm.go (7)</summary><blockquote>

`32-37`: **LGTM!**

The `RevertContext` struct is well-defined and follows Go conventions.

---

`281-286`: **LGTM!**

The `DepositAndRevert` function in `IGatewayZEVMTransactor` is well-defined and follows Go conventions.

---

`288-293`: **LGTM!**

The `DepositAndRevert` function in `IGatewayZEVMSession` is well-defined and follows Go conventions.

---

`295-299`: **LGTM!**

The `DepositAndRevert` function in `IGatewayZEVMTransactorSession` is well-defined and follows Go conventions.

---

`323-328`: **LGTM!**

The `ExecuteRevert` function in `IGatewayZEVMTransactor` is well-defined and follows Go conventions.

---

`330-335`: **LGTM!**

The `ExecuteRevert` function in `IGatewayZEVMSession` is well-defined and follows Go conventions.

---

`337-341`: **LGTM!**

The `ExecuteRevert` function in `IGatewayZEVMTransactorSession` is well-defined and follows Go conventions.

</blockquote></details>
<details>
<summary>v2/typechain-types/GatewayEVM.ts (6)</summary><blockquote>

`645-647`: **LGTM!**

The parameter renaming in the `initialize` method improves readability and follows TypeScript conventions.

<details>
<summary>Tools</summary>

<details>
<summary>Biome</summary><blockquote>

[error] 646-646: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

</blockquote></details>

</details>

---

`680-682`: **LGTM!**

The parameter renaming in the `setConnector` method improves readability and follows TypeScript conventions.

<details>
<summary>Tools</summary>

<details>
<summary>Biome</summary><blockquote>

[error] 681-681: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

</blockquote></details>

</details>

---

`686-688`: **LGTM!**

The parameter renaming in the `setCustody` method improves readability and follows TypeScript conventions.

<details>
<summary>Tools</summary>

<details>
<summary>Biome</summary><blockquote>

[error] 687-687: void is confusing outside a return type or a type parameter.

Unsafe fix: Use undefined instead.


(lint/suspicious/noConfusingVoidType)

</blockquote></details>

</details>

---

`815-817`: **LGTM!**

The parameter renaming in the `getFunction` method for `initialize` improves readability and follows TypeScript conventions.

---

`856-858`: **LGTM!**

The parameter renaming in the `getFunction` method for `setConnector` improves readability and follows TypeScript conventions.

---

`859-861`: **LGTM!**

The parameter renaming in the `getFunction` method for `setCustody` improves readability and follows TypeScript conventions.

</blockquote></details>

</blockquote></details>

</details>

<!-- This is an auto-generated comment by CodeRabbit for review status -->

v2/src/evm/GatewayEVM.sol
Comment on lines +204 to 211
function deposit(address receiver) external payable whenNotPaused nonReentrant {
if (msg.value == 0) revert InsufficientETHAmount();
(bool deposited,) = tssAddress.call{ value: msg.value }("");

if (deposited == false) revert DepositFailed();
if (!deposited) revert DepositFailed();

emit Deposit(msg.sender, receiver, msg.value, address(0), "");
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Addition of nonReentrant modifier enhances security.

The nonReentrant modifier prevents reentrancy attacks, thereby enhancing the security of the deposit function.

However, consider using a safer method for the low-level call to avoid potential issues.

-  (bool deposited,) = tssAddress.call{ value: msg.value }("");
+  (bool deposited,) = tssAddress.call{ value: msg.value }("");
+  require(deposited, "Low-level call failed");
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function deposit(address receiver) external payable whenNotPaused nonReentrant {
if (msg.value == 0) revert InsufficientETHAmount();
(bool deposited,) = tssAddress.call{ value: msg.value }("");
if (deposited == false) revert DepositFailed();
if (!deposited) revert DepositFailed();
emit Deposit(msg.sender, receiver, msg.value, address(0), "");
}
function deposit(address receiver) external payable whenNotPaused nonReentrant {
if (msg.value == 0) revert InsufficientETHAmount();
(bool deposited,) = tssAddress.call{ value: msg.value }("");
require(deposited, "Low-level call failed");
if (!deposited) revert DepositFailed();
emit Deposit(msg.sender, receiver, msg.value, address(0), "");
}
Tools
GitHub Check: Slither

[warning] 204-211: Low-level calls
Low level call in GatewayEVM.deposit(address) (src/evm/GatewayEVM.sol#204-211):
- (deposited,None) = tssAddress.call{value: msg.value}() (src/evm/GatewayEVM.sol#206)

v2/src/evm/GatewayEVM.sol
Comment on lines +228 to 235
function depositAndCall(address receiver, bytes calldata payload) external payable whenNotPaused nonReentrant {
if (msg.value == 0) revert InsufficientETHAmount();
(bool deposited,) = tssAddress.call{ value: msg.value }("");

if (deposited == false) revert DepositFailed();
if (!deposited) revert DepositFailed();

emit Deposit(msg.sender, receiver, msg.value, address(0), payload);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Addition of nonReentrant modifier enhances security.

The nonReentrant modifier prevents reentrancy attacks, thereby enhancing the security of the depositAndCall function.

However, consider using a safer method for the low-level call to avoid potential issues.

-  (bool deposited,) = tssAddress.call{ value: msg.value }("");
+  (bool deposited,) = tssAddress.call{ value: msg.value }("");
+  require(deposited, "Low-level call failed");
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function depositAndCall(address receiver, bytes calldata payload) external payable whenNotPaused nonReentrant {
if (msg.value == 0) revert InsufficientETHAmount();
(bool deposited,) = tssAddress.call{ value: msg.value }("");
if (deposited == false) revert DepositFailed();
if (!deposited) revert DepositFailed();
emit Deposit(msg.sender, receiver, msg.value, address(0), payload);
}
function depositAndCall(address receiver, bytes calldata payload) external payable whenNotPaused nonReentrant {
if (msg.value == 0) revert InsufficientETHAmount();
(bool deposited,) = tssAddress.call{ value: msg.value }("");
require(deposited, "Low-level call failed");
if (!deposited) revert DepositFailed();
emit Deposit(msg.sender, receiver, msg.value, address(0), payload);
}
Tools
GitHub Check: Slither

[warning] 228-235: Low-level calls
Low level call in GatewayEVM.depositAndCall(address,bytes) (src/evm/GatewayEVM.sol#228-235):
- (deposited,None) = tssAddress.call{value: msg.value}() (src/evm/GatewayEVM.sol#230)

lumtis
lumtis approved these changes Aug 6, 2024
View reviewed changes
Copy link
Member

@lumtis lumtis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

fbac
fbac approved these changes Aug 6, 2024
View reviewed changes
.github/workflows/slither_v2.yaml Show resolved Hide resolved
@skosito skosito merged commit 141f951 into main Aug 6, 2024
8 of 9 checks passed
@skosito skosito deleted the fix-slither-not-running branch August 6, 2024 22:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@fbac fbac fbac approved these changes

@lumtis lumtis lumtis approved these changes

@andresaiello andresaiello Awaiting requested review from andresaiello andresaiello is a code owner

@brewmaster012 brewmaster012 Awaiting requested review from brewmaster012 brewmaster012 is a code owner

@CharlieMc0 CharlieMc0 Awaiting requested review from CharlieMc0 CharlieMc0 is a code owner

@fadeev fadeev Awaiting requested review from fadeev fadeev is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fix Slither issues and consider introducing failure criteria
4 participants
@skosito @codecov-commenter @lumtis @fbac