OpenZeppelin · bidzyyys · Dec 12, 2024 · Dec 9, 2024 · Dec 10, 2024 · Dec 10, 2024
@@ -23,7 +23,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Implement `AddAssignUnchecked` and `SubAssignUnchecked` for `StorageUint`. #418
 - Implement `MethodError` for `safe_erc20::Error`. #402
 - Use `function_selector!` to calculate transfer type selector in `Erc1155`. #417
-- Update internal functions of `Erc721` and `Erc721Consecutive` accept reference to `Bytes`. #437
+
+### Changed (Breaking)
+
+- Update internal functions of `Erc721` and `Erc721Consecutive` to accept a reference to `Bytes`. #437
+- Stop supporting reentrancy, and borrow `self` immutably in `IErc721::_check_on_erc721_received`. #440
+- Remove `&mut self` parameter from `IErc1155::_check_on_erc1155_received` and make it an associated function. #440
+- Remove `storage: &mut impl TopLevelStorage` parameter from `ecdsa::recover`. #440
+- Remove `TopLevelStorage` trait implementation from `VestingWallet`, `Erc1155`, `Erc20Permit`, `SafeErc20`, `Erc721Consecutive`, and `Erc721`. #440
 
 ### Fixed
 

@@ -32,7 +32,6 @@
     block,
     call::{self, call, Call},
     contract, evm, function_selector,
-    storage::TopLevelStorage,
     stylus_proc::{public, sol_storage, SolidityError},
 };
 
@@ -112,11 +111,6 @@
     }
 }
 
-/// NOTE: Implementation of [`TopLevelStorage`] to be able use `&mut self` when
-/// calling other contracts and not `&mut (impl TopLevelStorage +
-/// BorrowMut<Self>)`. Should be fixed in the future by the Stylus team.
-unsafe impl TopLevelStorage for VestingWallet {}
-
 /// Required interface of a [`VestingWallet`] compliant contract.
 #[interface_id]
 pub trait IVestingWallet {
@@ -346,7 +340,7 @@
    ) -> Result<U256, Self::Error>;
 }

 #[public]
 impl IVestingWallet for VestingWallet {
    type Error = Error;

@@ -420,7 +414,7 @@
 
         let owner = self.ownable.owner();
 
-        call(Call::new_in(self).value(amount), owner, &[])?;
+        call(Call::new().value(amount), owner, &[])?;
 
         evm::log(EtherReleased { amount });
 

@@ -80,7 +80,7 @@
    }
 }

 #[public]
 impl IErc1155 for Erc1155Supply {
    type Error = erc1155::Error;

@@ -279,7 +279,7 @@
         self._update(from, to, ids.clone(), values.clone())?;
 
         if !to.is_zero() {
-            self.erc1155._check_on_erc1155_received(
+            Erc1155::_check_on_erc1155_received(
                 msg::sender(),
                 from,
                 to,

@@ -9,7 +9,6 @@
     call::{self, Call, MethodError},
     evm, function_selector, msg,
     prelude::{public, sol_storage, AddressVM, SolidityError},
-    storage::TopLevelStorage,
 };
 
 use crate::utils::{
@@ -189,11 +188,6 @@
     }
 }
 
-/// NOTE: Implementation of [`TopLevelStorage`] to be able use `&mut self` when
-/// calling other contracts and not `&mut (impl TopLevelStorage +
-/// BorrowMut<Self>)`. Should be fixed in the future by the Stylus team.
-unsafe impl TopLevelStorage for Erc1155 {}
-
 /// Required interface of an [`Erc1155`] compliant contract.
 #[interface_id]
 pub trait IErc1155 {
@@ -384,7 +378,7 @@
    ) -> Result<(), Self::Error>;
 }

 #[public]
 impl IErc1155 for Erc1155 {
    type Error = Error;

@@ -557,7 +551,7 @@
         self._update(from, to, ids.clone(), values.clone())?;
 
         if !to.is_zero() {
-            self._check_on_erc1155_received(
+            Erc1155::_check_on_erc1155_received(
                 msg::sender(),
                 from,
                 to,
@@ -767,7 +761,6 @@
     ///
     /// # Arguments
     ///
-    /// * `&mut self` - Write access to the contract's state.
     /// * `operator` - Generally the address that initiated the token transfer
     ///   (e.g. `msg::sender()`).
     /// * `from` - Account of the sender.
@@ -786,7 +779,6 @@
     /// interface id or returned with error, then the error
     /// [`Error::InvalidReceiver`] is returned.
     fn _check_on_erc1155_received(
-        &mut self,
         operator: Address,
         from: Address,
         to: Address,
@@ -798,7 +790,7 @@
         }
 
         let receiver = IERC1155Receiver::new(to);
-        let call = Call::new_in(self);
+        let call = Call::new();
         let result = match details.transfer {
             Transfer::Single { id, value } => receiver
                 .on_erc_1155_received(call, operator, from, id, value, data),

@@ -17,7 +17,6 @@
 use stylus_sdk::{
     block,
     prelude::StorageType,
-    storage::TopLevelStorage,
     stylus_proc::{public, sol_storage, SolidityError},
 };
 
@@ -79,12 +78,7 @@
     }
 }
 
-/// NOTE: Implementation of [`TopLevelStorage`] to be able use `&mut self` when
-/// calling other contracts and not `&mut (impl TopLevelStorage +
-/// BorrowMut<Self>)`. Should be fixed in the future by the Stylus team.
-unsafe impl<T: IEip712 + StorageType> TopLevelStorage for Erc20Permit<T> {}
-
 #[public]
 impl<T: IEip712 + StorageType> Erc20Permit<T> {
     /// Returns the current nonce for `owner`.
    ///
@@ -174,7 +168,7 @@
 
         let hash: B256 = self.eip712.hash_typed_data_v4(struct_hash);
 
-        let signer: Address = ecdsa::recover(self, hash, v, r, s)?;
+        let signer: Address = ecdsa::recover(hash, v, r, s)?;
 
         if signer != owner {
             return Err(ERC2612InvalidSigner { signer, owner }.into());

@@ -16,7 +16,6 @@ use stylus_sdk::{
     contract::address,
     evm::gas_left,
     function_selector,
-    storage::TopLevelStorage,
     stylus_proc::{public, sol_storage, SolidityError},
     types::AddressVM,
 };
@@ -80,11 +79,6 @@ sol_storage! {
     pub struct SafeErc20 {}
 }
 
-/// NOTE: Implementation of [`TopLevelStorage`] to be able use `&mut self` when
-/// calling other contracts and not `&mut (impl TopLevelStorage +
-/// BorrowMut<Self>)`. Should be fixed in the future by the Stylus team.
-unsafe impl TopLevelStorage for SafeErc20 {}
-
 /// Required interface of a [`SafeErc20`] utility contract.
 pub trait ISafeErc20 {
     /// The error type associated to this trait implementation.

@@ -31,7 +31,6 @@ use alloy_sol_types::sol;
 use stylus_sdk::{
     abi::Bytes,
     evm, msg,
-    prelude::TopLevelStorage,
     stylus_proc::{public, sol_storage, SolidityError},
 };
 
@@ -134,8 +133,6 @@ pub enum Error {
     ForbiddenBatchBurn(ERC721ForbiddenBatchBurn),
 }
 
-unsafe impl TopLevelStorage for Erc721Consecutive {}
-
 // ************** ERC-721 External **************
 
 #[public]

@@ -200,11 +200,6 @@ sol_storage! {
     }
 }
 
-/// NOTE: Implementation of [`TopLevelStorage`] to be able use `&mut self` when
-/// calling other contracts and not `&mut (impl TopLevelStorage +
-/// BorrowMut<Self>)`. Should be fixed in the future by the Stylus team.
-unsafe impl TopLevelStorage for Erc721 {}
-
 /// Required interface of an [`Erc721`] compliant contract.
 #[interface_id]
 pub trait IErc721 {
@@ -1097,7 +1092,7 @@ impl Erc721 {
     ///
     /// # Arguments
     ///
-    /// * `&mut self` - Write access to the contract's state.
+    /// * `&self` - Read access to the contract's state.
     /// * `operator` - Account to add to the set of authorized operators.
     /// * `from` - Account of the sender.
     /// * `to` - Account of the recipient.
@@ -1111,7 +1106,7 @@ impl Erc721 {
     /// interface id or returned with error, then the error
     /// [`Error::InvalidReceiver`] is returned.
     pub fn _check_on_erc721_received(
-        &mut self,
+        &self,
         operator: Address,
         from: Address,
         to: Address,
@@ -1123,7 +1118,7 @@ impl Erc721 {
         }
 
         let receiver = IERC721Receiver::new(to);
-        let call = Call::new_in(self);
+        let call = Call::new();
         let result = receiver.on_erc_721_received(
             call,
             operator,

@@ -8,7 +8,6 @@ use alloy_primitives::{address, uint, Address, B256, U256};
 use alloy_sol_types::{sol, SolType};
 use stylus_sdk::{
     call::{self, Call, MethodError},
-    storage::TopLevelStorage,
     stylus_proc::SolidityError,
 };
 
@@ -71,7 +70,6 @@ sol! {
 ///
 /// # Arguments
 ///
-/// * `storage` - Write access to storage.
 /// * `hash` - Hash of the message.
 /// * `v` - `v` value from the signature.
 /// * `r` - `r` value from the signature.
@@ -87,16 +85,10 @@ sol! {
 /// # Panics
 ///
 /// * If the `ecrecover` precompile fails to execute.
-pub fn recover(
-    storage: &mut impl TopLevelStorage,
-    hash: B256,
-    v: u8,
-    r: B256,
-    s: B256,
-) -> Result<Address, Error> {
+pub fn recover(hash: B256, v: u8, r: B256, s: B256) -> Result<Address, Error> {
     check_if_malleable(&s)?;
     // If the signature is valid (and not malleable), return the signer address.
-    _recover(storage, hash, v, r, s)
+    _recover(hash, v, r, s)
 }
 
 /// Calls `ecrecover` EVM precompile.
@@ -106,7 +98,6 @@ pub fn recover(
 ///
 /// # Arguments
 ///
-/// * `storage` - Write access to storage.
 /// * `hash` - Hash of the message.
 /// * `v` - `v` value from the signature.
 /// * `r` - `r` value from the signature.
@@ -122,13 +113,7 @@ pub fn recover(
 /// # Panics
 ///
 /// * If the `ecrecover` precompile fails to execute.
-fn _recover(
-    storage: &mut impl TopLevelStorage,
-    hash: B256,
-    v: u8,
-    r: B256,
-    s: B256,
-) -> Result<Address, Error> {
+fn _recover(hash: B256, v: u8, r: B256, s: B256) -> Result<Address, Error> {
     let calldata = encode_calldata(hash, v, r, s);
 
     if v == 0 || v == 1 {
@@ -139,9 +124,8 @@ fn _recover(
         return Err(ECDSAInvalidSignature {}.into());
     }
 
-    let recovered =
-        call::static_call(Call::new_in(storage), ECRECOVER_ADDR, &calldata)
-            .expect("should call `ecrecover` precompile");
+    let recovered = call::static_call(Call::new(), ECRECOVER_ADDR, &calldata)
+        .expect("should call `ecrecover` precompile");
 
     let recovered = Address::from_slice(&recovered[12..]);
 

@@ -21,7 +21,7 @@ impl ECDSAExample {
         r: B256,
         s: B256,
     ) -> Result<Address, Vec<u8>> {
-        let signer = ecdsa::recover(self, hash, v, r, s)?;
+        let signer = ecdsa::recover(hash, v, r, s)?;
         Ok(signer)
     }
 }