From db994effde17e16ed1e01be43040620804f4a5a9 Mon Sep 17 00:00:00 2001
From: Alistair Singh <alistair.singh7@gmail.com>
Date: Sat, 25 Nov 2023 08:10:29 +0200
Subject: [PATCH] validate validator sets on initialization

---
 contracts/src/BeefyClient.sol            |  4 ++++
 contracts/test/BeefyClient.t.sol         | 14 ++++++++++++++
 contracts/test/mocks/BeefyClientMock.sol |  2 +-
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/contracts/src/BeefyClient.sol b/contracts/src/BeefyClient.sol
index 7a657df533..2c39f58482 100644
--- a/contracts/src/BeefyClient.sol
+++ b/contracts/src/BeefyClient.sol
@@ -199,6 +199,7 @@ contract BeefyClient {
     error InvalidSignature();
     error InvalidTicket();
     error InvalidValidatorProof();
+    error InvalidValidatorSetData();
     error CommitmentNotRelevant();
     error NotEnoughClaims();
     error PrevRandaoAlreadyCaptured();
@@ -215,6 +216,9 @@ contract BeefyClient {
         ValidatorSet memory _initialValidatorSet,
         ValidatorSet memory _nextValidatorSet
     ) {
+        if (_nextValidatorSet.id != _initialValidatorSet.id + 1) {
+            revert InvalidValidatorSetData();
+        }
         randaoCommitDelay = _randaoCommitDelay;
         randaoCommitExpiration = _randaoCommitExpiration;
         minNumRequiredSignatures = _minNumRequiredSignatures;
diff --git a/contracts/test/BeefyClient.t.sol b/contracts/test/BeefyClient.t.sol
index df41eeafc1..e00297ec95 100644
--- a/contracts/test/BeefyClient.t.sol
+++ b/contracts/test/BeefyClient.t.sol
@@ -730,4 +730,18 @@ contract BeefyClientTest is Test {
     function testStorageToStorageCopies() public {
         beefyClient.copyCounters();
     }
+
+    function testFuzzInitializationValidation(uint128 currentId, uint128 nextId) public {
+        vm.assume(currentId < type(uint128).max);
+        vm.assume(currentId + 1 != nextId);
+        vm.expectRevert(BeefyClient.InvalidValidatorSetData.selector);
+        new BeefyClient(
+            randaoCommitDelay,
+            randaoCommitExpiration,
+            minNumRequiredSignatures,
+            0,
+            BeefyClient.ValidatorSet(currentId, 0, 0x0),
+            BeefyClient.ValidatorSet(nextId, 0, 0x0)
+        );
+    }
 }
diff --git a/contracts/test/mocks/BeefyClientMock.sol b/contracts/test/mocks/BeefyClientMock.sol
index 7a70b65730..e52de34fda 100644
--- a/contracts/test/mocks/BeefyClientMock.sol
+++ b/contracts/test/mocks/BeefyClientMock.sol
@@ -15,7 +15,7 @@ contract BeefyClientMock is BeefyClient {
             minNumRequiredSignatures,
             0,
             BeefyClient.ValidatorSet(0, 0, 0x0),
-            BeefyClient.ValidatorSet(0, 0, 0x0)
+            BeefyClient.ValidatorSet(1, 0, 0x0)
         )
     {}