Referral audit fix (stader-labs#27)

* [auto-update] Bump SDK to latest develop version 4d8e044

* directly assign string constants

* remove unused context

* enabled debug flag

* updating build and test step in readme

* disable debug flag and disable unused param warning

* whitespaces

* added technical specs explicitly in the readme

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: apaillier-ledger <[email protected]>

PLUGIN_SPECIFICATION.md

@@ -0,0 +1,64 @@
+# Technical Specification
+
+## About
+
+This documentation describes the smart contracts and functions supported by the staderlabs plugin.
+
+#### MATICx
+
+| Network  | Contract Name | Smart Contract                               |
+| -------- | ------------- | -------------------------------------------- |
+| Ethereum | MaticX        | `0xf03a7eb46d01d9ecaa104558c732cf82f6b6b645` |
+| Polygon  | ChildPool     | `0xfd225c9e6601c9d38d8f98d8731bf59efcf8c0e3` |
+
+Functions covered by above contract/s :
+|Contract | Function | Selector | Displayed Parameters |
+| --- | --- | --- | --- |
+|MaticX | submit(uint256 \_amount) | `0xea99c2a6`| `_amount` |
+|MaticX | requestWithdraw(uint256 \_amount) | `0x745400c9`| `_amount` |
+|MaticX | claimWithdrawal(uint256 \_idx) | `0xf8444436`| |
+|ChildPool | swapMaticForMaticXViaInstantPool() | `0xc78cf1a0`| native_token_amount (matic) |
+|ChildPool | requestMaticXSwap(uint256 \_amount) | `0x48eaf6d6`| `_amount` |
+|ChildPool | claimMaticXSwap(uint256 \_idx) | `0x77baf209`| |
+
+#### BNBx
+
+| Network | Contract Name | Smart Contract                               |
+| ------- | ------------- | -------------------------------------------- |
+| BSC     | StakeManager  | `0x7276241a669489E4BBB76f63d2A43Bfe63080F2F` |
+
+Functions covered by above contract/s :
+|Contract | Function | Selector | Displayed Parameters |
+| --- | --- | --- | --- |
+|StakeManager | deposit() | `0xd0e30db0`| native_token_amount (bnb) |
+|StakeManager | requestWithdraw(uint256 \_amountInBnbX) | `0x745400c9`| `_amountInBnbX` |
+|StakeManager | claimWithdraw(uint256 \_idx) | `0xb13acedd`| |
+
+#### FTMx
+
+| Network | Contract Name | Smart Contract                               |
+| ------- | ------------- | -------------------------------------------- |
+| Fantom  | FTMStaking    | `0xb458bfc855ab504a8a327720fcef98886065529b` |
+
+Functions covered by above contract/s :
+|Contract | Function | Selector | Displayed Parameters |
+| --- | --- | --- | --- |
+|FTMStaking | deposit() | `0xd0e30db0`| native_token_amount (ftm) |
+|FTMStaking | undelegate(uint256 wrID, uint256 amountFTMx, uint256 minAmountFTM) | `0x4f864df4`| `amountFTMx` |
+|FTMStaking | withdraw(uint256 wrID, uint256 bitmaskToSkip) | `0x441a3e70`| |
+
+#### ETHx
+
+| Network  | Contract Name           | Smart Contract                               |
+| -------- | ----------------------- | -------------------------------------------- |
+| Ethereum | StaderStakePoolsManager | `0xcf5ea1b38380f6af39068375516daf40ed70d299` |
+| Ethereum | UserWithdrawalManager   | `0x9f0491b32dbce587c50c4c43ab303b06478193a7` |
+
+Functions covered by above contract/s :
+|Contract | Function | Selector | Displayed Parameters |
+| --- | --- | --- | --- |
+|StaderStakePoolsManager | deposit(address \_receiver, string calldata \_referralId) | `0xb7482509`| `_receiver`, native_token_amount (eth) |
+|UserWithdrawalManager | requestWithdraw(uint256 \_ethXAmount, address \_owner, string calldata \_referralId) | `0x1f7ec122`| `_ethXAmount`, `_owner` |
+|UserWithdrawalManager | claim(uint256 \_requestId) | `0x379607f5`| |
+|StaderStakePoolsManager | deposit(address \_receiver) | `0xf340fa01`| `_receiver`, native_token_amount (eth) |
+|UserWithdrawalManager | requestWithdraw(uint256 \_ethXAmount, address \_owner) | `0xccc143b8`| `_ethXAmount`, `_owner` |

README.md

@@ -2,60 +2,56 @@
 
 This is a plugin for the Ethereum application which helps parsing and displaying relevant information when signing a Staderlabs transaction.
 
-## Prerequisite
+## Setup
 
 Clone the plugin to a new folder.
 
 ```shell
-git clone https://github.com/stader-labs/app-plugin-staderlabs.git
+mkdir staderlabs_plugin_folder
+cd staderlabs_plugin_folder
+
+git clone --recurse-submodules https://github.com/LedgerHQ/app-plugin-staderlabs.git
 ```
 
-Then in the same folder clone two more repositories, which is the plugin-tools and app-ethereum.
+Then in the same folder clone app-ethereum.
 
 ```shell
-git clone https://github.com/LedgerHQ/plugin-tools.git                          #plugin-tools
 git clone --recurse-submodules https://github.com/LedgerHQ/app-ethereum.git     #app-ethereum
 ```
 
-## Documentation
-
-Need more information about the interface, the architecture, or general stuff about ethereum plugins? You can find more about them in the [ethereum-app documentation](https://github.com/LedgerHQ/app-ethereum/blob/master/doc/ethapp_plugins.asc).
-
-## Smart Contracts
-
-Smart contracts covered by this plugin are:
-
-| Network  | Contract Name           | Smart Contract                               |
-| -------- | ----------------------- | -------------------------------------------- |
-| Ethereum | MaticX                  | `0xf03a7eb46d01d9ecaa104558c732cf82f6b6b645` |
-| Polygon  | ChildPool               | `0xfd225c9e6601c9d38d8f98d8731bf59efcf8c0e3` |
-| BSC      | StakeManager            | `0x7276241a669489E4BBB76f63d2A43Bfe63080F2F` |
-| Fantom   | FTMStaking              | `0xb458bfc855ab504a8a327720fcef98886065529b` |
-| Ethereum | StaderStakePoolsManager | `0xcf5ea1b38380f6af39068375516daf40ed70d299` |
-| Ethereum | UserWithdrawalManager   | `0x9f0491b32dbce587c50c4c43ab303b06478193a7` |
-
-## Build
-
-Go to the plugin-tools folder and run the "./start" script.
+Launch the docker
 
 ```shell
-cd plugin-tools  # go to plugin folder
-./start.sh       # run the script start.sh
+brew install coreutils          #For mac users if below command errors out (realpath doesn't exist)
+sudo docker run --rm -ti -v "$(realpath .):/app" --user $(id -u $USER):$(id -g $USER) ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest
 ```
 
-The script will build a docker image and attach a console.
-When the docker image is running go to the "app-plugin-staderlabs" folder and build the ".elf" files.
+From the Docker console
 
 ```shell
-cd app-plugin-staderlabs/tests       # go to the tests folder in app-plugin-staderlabs
-./build_local_test_elfs.sh           # run the script build_local_test_elfs.sh
+#build the staderlabs plugin
+cd app-plugin-staderlabs
+make
+
+#go to tests folder inside staderlabs plugin and build the ".elf" files for testing
+cd tests
+./build_local_test_elfs.sh
 ```
 
 ## Tests
 
-To test the plugin go to the tests folder from the "app-plugin-staderlabs" and run the script "test"
+Open a new Terminal and go to staderlabs_plugin_folder
 
 ```shell
-cd app-plugin-staderlabs/tests       # go to the tests folder in app-plugin-staderlabs
-yarn test                            # run the script test
+cd app-plugin-staderlabs/tests      #go to tests folder inside app-plugin-staderlabs
+yarn install                        #install node packages
+yarn test                           #run tests
 ```
+
+## Ethereum-App
+
+Need more information about the interface, the architecture, or general stuff about ethereum plugins? You can find more about them in the [ethereum-app documentation](https://github.com/LedgerHQ/app-ethereum/blob/master/doc/ethapp_plugins.asc).
+
+## Smart Contracts
+
+Smart contracts covered by this plugin are documented in [PLUGIN_SPECIFICATON.md](https://github.com/LedgerHQ/app-plugin-staderlabs/blob/develop/PLUGIN_SPECIFICATION.md)

src/contract.c

@@ -95,13 +95,14 @@ static const uint32_t FTM_WITHDRAW_SELECTOR = 0x441a3e70;
 
 // Network: Ethereum
 // Contract: StaderStakePoolsManager
-// Method: function deposit(address _receiver)
+// Method: function deposit(address _receiver, string calldata _referralId)
 // Selector: 0xb7482509
 static const uint32_t ETHX_DEPOSIT_SELECTOR = 0xb7482509;
 
 // Network: Ethereum
 // Contract: UserWithdrawalManager
-// Method: function requestWithdraw(uint256 _ethXAmount, address _owner)
+// Method:
+// function requestWithdraw(uint256 _ethXAmount, address _owner, string calldata _referralId)
 // Selector: 0x1f7ec122
 static const uint32_t ETHX_REQUEST_WITHDRAW_SELECTOR = 0x1f7ec122;
 

src/handle_provide_parameter.c

@@ -5,8 +5,12 @@ static void handle_amount_received(const ethPluginProvideParameter_t *msg, conte
     copy_parameter(context->amount_received, msg->parameter, sizeof(context->amount_received));
 }
 
-static void handle_unsupported_param(ethPluginProvideParameter_t *msg, const context_t *context) {
+static void handle_unsupported_param(ethPluginProvideParameter_t *msg) {
+#ifdef DEBUG
+    context_t *context = (context_t *) msg->pluginContext;
     PRINTF("Param not supported: %d\n", context->next_param);
+#endif
+
     msg->result = ETH_PLUGIN_RESULT_ERROR;
 }
 
@@ -19,7 +23,7 @@ static void handle_stake(ethPluginProvideParameter_t *msg, context_t *context) {
             break;
         // Keep this
         default:
-            handle_unsupported_param(msg, context);
+            handle_unsupported_param(msg);
             break;
     }
 }
@@ -37,7 +41,7 @@ static void handle_unstake(ethPluginProvideParameter_t *msg, context_t *context)
             break;
         // Keep this
         default:
-            handle_unsupported_param(msg, context);
+            handle_unsupported_param(msg);
             break;
     }
 }
@@ -55,7 +59,7 @@ static void handle_ethx_deposit(ethPluginProvideParameter_t *msg, context_t *con
 
         // Keep this
         default:
-            handle_unsupported_param(msg, context);
+            handle_unsupported_param(msg);
             break;
     }
 }
@@ -78,7 +82,7 @@ static void handle_ethx_request_withdraw(ethPluginProvideParameter_t *msg, conte
 
         // Keep this
         default:
-            handle_unsupported_param(msg, context);
+            handle_unsupported_param(msg);
             break;
     }
 }

src/handle_query_contract_ui.c

@@ -7,9 +7,8 @@ static bool set_native_token_stake_ui(ethQueryContractUI_t *msg, context_t *cont
     const uint8_t *native_token_amount = msg->pluginSharedRO->txContent->value.value;
     uint8_t native_token_amount_size = msg->pluginSharedRO->txContent->value.length;
 
-    char ftm_ticker[MAX_TICKER_LEN] = "FTM";
-    if (memcmp(msg->network_ticker, ftm_ticker, 3) == 0) {
-        context->ticker = ftm_ticker;
+    if (memcmp(msg->network_ticker, "FTM", 3) == 0) {
+        context->ticker = "FTM";
     }
 
     // Converts the uint256 number located in `native_token_amount` to its string representation and

tests/build_local_test_elfs.sh

@@ -4,7 +4,7 @@
 NANOS_SDK=$NANOS_SDK
 NANOSP_SDK=$NANOSP_SDK
 NANOX_SDK=$NANOX_SDK
-APP_ETHEREUM=${APP_ETHEREUM:-"/plugin_dev/app-ethereum"}
+APP_ETHEREUM=${APP_ETHEREUM:-"/app/app-ethereum"}
 
 set -e