Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CCIP-3799 add condition for Execution plugin in _afterOCR3ConfigSet #14951

Merged
merged 5 commits into from
Oct 25, 2024
Merged

CCIP-3799 add condition for Execution plugin in _afterOCR3ConfigSet #14951

merged 5 commits into from
Oct 25, 2024

Conversation

0xsuryansh
Copy link
Member

This PR fixes a missing condition for the Execution plugin in the _afterOCR3ConfigSet function. Now, the function correctly reverts if signature verification is enabled for the Execution plugin. The updated logic ensures that:

Commit Plugin: Signature verification must be enabled.
Execution Plugin: Signature verification must be disabled.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 25, 2024
edited
Loading

Static analysis results are available

Hey @0xsuryansh, you can view Slither reports in the job summary here or download them as artifact here.
Please check them before merging and make sure you have addressed all issues.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 25, 2024
edited
Loading

Solidity Review Jira issue

Hey! We have taken the liberty to link this PR to a Jira issue for Solidity Review.

This is a new feature, that's currently in the pilot phase, so please make sure that the linkage is correct. In a contrary case, please update it manually in JIRA and replace Solidity Review issue key in the changeset file with the correct one.
Please reach out to the Test Tooling team and notify them about any issues you encounter.

Any changes to the Solidity Review Jira issue should be reflected in the changeset file. If you need to update the issue key, please do so manually in the following changeset file: contracts/.changeset/two-feet-tap.md

This PR has been linked to Solidity Review Jira issue: CCIP-3966

RensR
RensR reviewed Oct 25, 2024
View reviewed changes
contracts/src/v0.8/ccip/offRamp/OffRamp.sol Outdated
@@ -63,7 +63,8 @@ contract OffRamp is ITypeAndVersion, MultiOCR3Base {
error ZeroAddressNotAllowed();
error InvalidMessageDestChainSelector(uint64 messageDestChainSelector);
error SourceChainSelectorMismatch(uint64 reportSourceChainSelector, uint64 messageSourceChainSelector);
error SignatureVerificationDisabled();
error SignatureVerificationRequired(uint8 pluginType);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's remove the args as these can only be thrown with a single arg which we can make a part of the error name

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/smartcontractkit/chainlink/pull/14951/files#diff-865ecf8626037bea80482f856f6aff9bdd5a948982897dab6e2b4ff335af032aR66-R67

contracts/src/v0.8/ccip/offRamp/OffRamp.sol Outdated
@@ -882,16 +883,23 @@ contract OffRamp is ITypeAndVersion, MultiOCR3Base {
function _afterOCR3ConfigSet(
uint8 ocrPluginType
) internal override {
bool isEnabled = s_ocrConfigs[ocrPluginType].configInfo.isSignatureVerificationEnabled;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you rename this to sigVerificationEnabled or something similar?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/smartcontractkit/chainlink/pull/14951/files#diff-865ecf8626037bea80482f856f6aff9bdd5a948982897dab6e2b4ff335af032aR886

@0xsuryansh
change var name and custom error name
e66283d
@0xsuryansh
Merge remote-tracking branch 'origin/CCIP-3799_execution-plugin-preco…
c7ce58a 
…ndition-enforcement' into CCIP-3799_execution-plugin-precondition-enforcement
@cl-sonarqube-production
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@0xsuryansh 0xsuryansh added this pull request to the merge queue Oct 25, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Oct 25, 2024
@RensR RensR added this pull request to the merge queue Oct 25, 2024
Merged via the queue into develop with commit 2fab939 Oct 25, 2024
171 checks passed
@RensR RensR deleted the CCIP-3799_execution-plugin-precondition-enforcement branch October 25, 2024 14:04
@chainchad chainchad mentioned this pull request Nov 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RayXpub RayXpub RayXpub approved these changes

@RensR RensR RensR approved these changes

@matYang matYang Awaiting requested review from matYang

@jhweintraub jhweintraub Awaiting requested review from jhweintraub

@RyanRHall RyanRHall Awaiting requested review from RyanRHall

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@0xsuryansh @RensR @RayXpub