v0.4.1 (#154)

Bump version

.github/workflows/unittest.yml

@@ -9,29 +9,37 @@ on:
       - main
       - dev
 
+permissions:
+  packages: read
+
 jobs:
   nodejs:
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout Repo'
+      - name: "Checkout Repo"
         uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 #v3.0.2
 
-      - name: 'Setup Node'
+      - name: "Setup Node"
         uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 #v3.4.1
         with:
           node-version: v14.18.1
 
-      - name: 'Run install'
+      - name: Github private package token in npmrc
+        run: |
+          echo "@axieinfinity:registry=https://npm.pkg.github.com/" >> .npmrc
+          echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" >> .npmrc
+
+      - name: "Run install"
         uses: borales/actions-yarn@97ba8bebfe5b549bb7999261698a52a81fd62f1b #v4.2.0
         with:
           cmd: install
 
-      - name: 'Run Compile'
+      - name: "Run Compile"
         uses: borales/actions-yarn@97ba8bebfe5b549bb7999261698a52a81fd62f1b #v4.2.0
         with:
           cmd: compile
 
-      - name: 'Run Test'
+      - name: "Run Test"
         uses: borales/actions-yarn@97ba8bebfe5b549bb7999261698a52a81fd62f1b #v4.2.0
         with:
           cmd: test

.npmrc.example

@@ -0,0 +1,2 @@
+//npm.pkg.github.com/:_authToken={YOUR_TOKEN}
+@axieinfinity:registry=https://npm.pkg.github.com/

contracts/extensions/GovernanceAdmin.sol

@@ -7,29 +7,29 @@ import "../extensions/collections/HasBridgeContract.sol";
 import "../interfaces/IRoninTrustedOrganization.sol";
 
 abstract contract GovernanceAdmin is CoreGovernance, HasRoninTrustedOrganizationContract, HasBridgeContract {
+  uint256 public roninChainId;
   /// @dev Domain separator
-  bytes32 public constant DOMAIN_SEPARATOR = 0xf8704f8860d9e985bf6c52ec4738bd10fe31487599b36c0944f746ea09dc256b;
+  bytes32 public DOMAIN_SEPARATOR;
 
   modifier onlySelfCall() {
     require(msg.sender == address(this), "GovernanceAdmin: only allowed self-call");
     _;
   }
 
   constructor(
+    uint256 _roninChainId,
     address _roninTrustedOrganizationContract,
     address _bridgeContract,
     uint256 _proposalExpiryDuration
   ) CoreGovernance(_proposalExpiryDuration) {
-    require(
-      keccak256(
-        abi.encode(
-          keccak256("EIP712Domain(string name,string version,bytes32 salt)"),
-          keccak256("GovernanceAdmin"), // name hash
-          keccak256("1"), // version hash
-          keccak256(abi.encode("RONIN_GOVERNANCE_ADMIN", 2020)) // salt
-        )
-      ) == DOMAIN_SEPARATOR,
-      "GovernanceAdmin: invalid domain"
+    roninChainId = _roninChainId;
+    DOMAIN_SEPARATOR = keccak256(
+      abi.encode(
+        keccak256("EIP712Domain(string name,string version,bytes32 salt)"),
+        keccak256("GovernanceAdmin"), // name hash
+        keccak256("2"), // version hash
+        keccak256(abi.encode("RONIN_GOVERNANCE_ADMIN", _roninChainId)) // salt
+      )
     );
     _setRoninTrustedOrganizationContract(_roninTrustedOrganizationContract);
     _setBridgeContract(_bridgeContract);

contracts/extensions/forwarder/Forwarder.sol

@@ -2,143 +2,83 @@
 
 pragma solidity ^0.8.0;
 
-import "./ForwarderLogic.sol";
-import "./ForwarderRole.sol";
+import "@openzeppelin/contracts/access/AccessControlEnumerable.sol";
 
-contract Forwarder is ForwarderLogic, ForwarderRole {
-  /**
-   * @dev Initializes the forwarder with an initial target address and a contract admin.
-   */
-  constructor(address __target, address __admin) payable {
-    _changeTargetTo(__target);
-    _changeAdminTo(__admin);
-  }
-
-  modifier onlyModerator() {
-    require(_isModerator(msg.sender), "Forwarder: unauthorized call");
-    _;
-  }
-
-  modifier adminExecutesOrModeratorForwards() {
-    if (_isAdmin(msg.sender)) {
-      _;
-    } else {
-      require(_isModerator(msg.sender), "Forwarder: unauthorized call");
-      _fallback();
-    }
-  }
-
-  /**
-   * @dev Forwards the call to the target (the `msg.value` is sent along in the call).
-   *
-   * Requirements:
-   * - Only moderator can invoke fallback method.
-   */
-  fallback() external payable override onlyModerator {
-    _fallback();
-  }
-
-  /**
-   * @dev Receives RON transfer from all addresses.
-   */
-  receive() external payable override {}
-
-  /**
-   * @dev Returns the current admin.
-   *
-   * NOTE: Only the admin can call this function. See {ForwarderStorage-_getAdmin}.
-   *
-   * TIP: To get this value clients can read directly from the storage slot shown below using the
-   * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
-   * `0xa8c82e6b38a127695961bbff56774712a221ab251224d4167eab01e23fcee6ca`
-   */
-  function admin() external adminExecutesOrModeratorForwards returns (address admin_) {
-    admin_ = _getAdmin();
-  }
+contract Forwarder is AccessControlEnumerable {
+  /// @dev Only user with moderator role can invoke {functionCall} method to forward the call to the target.
+  bytes32 public constant MODERATOR_ROLE = keccak256("MODERATOR_ROLE");
 
   /**
-   * @dev Changes the admin of the forwarder.
-   *
-   * Emits an {AdminChanged} event.
-   *
-   * NOTE: Only the admin can call this function. See {ForwarderStorage-_changeAdminTo}.
+   * @dev The target contracts must be registerred by the admin before called to. The admin can register the targets at
+   * the contract construction or by assigning {TARGET_ROLE} to the target addresses.
    */
-  function changeAdminTo(address newAdmin) external virtual adminExecutesOrModeratorForwards {
-    _changeAdminTo(newAdmin);
-  }
+  bytes32 public constant TARGET_ROLE = keccak256("TARGET_ROLE");
 
   /**
-   * @dev Returns the current target.
-   *
-   * NOTE: Only the admin can call this function. See {ForwarderStorage-_getTarget}.
-   *
-   * TIP: To get this value clients can read directly from the storage slot shown below using the
-   * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
-   * `0xcbec2a70e8f0a52aeb8f96e02517dc497e58d9a6fa86ab4056563f1e6baf3d3e`
+   * @dev Initializes the forwarder with an initial target address and a contract admin.
    */
-  function moderator() external adminExecutesOrModeratorForwards returns (address moderator_) {
-    moderator_ = _getModerator();
+  constructor(
+    address[] memory _targets,
+    address _admin,
+    address _moderator
+  ) payable {
+    for (uint _i = 0; _i < _targets.length; _i++) {
+      _setupRole(TARGET_ROLE, _targets[_i]);
+    }
+    _setupRole(DEFAULT_ADMIN_ROLE, _admin);
+    _setupRole(MODERATOR_ROLE, _moderator);
   }
 
-  /**
-   * @dev Changes the moderator of the forwarder.
-   *
-   * Emits an {ModeratorChanged} event.
-   *
-   * NOTE: Only the moderator can call this function. See {ForwarderStorage-_changeModeratorTo}.
-   */
-  function changeModeratorTo(address newModerator) external virtual adminExecutesOrModeratorForwards {
-    _changeModeratorTo(newModerator);
+  modifier validTarget(address _target) {
+    _checkRole(TARGET_ROLE, _target);
+    _;
   }
 
   /**
-   * @dev Returns the current target.
-   *
-   * NOTE: Only the moderator can call this function. See {ForwarderStorage-_getTarget}.
-   *
-   * TIP: To get this value clients can read directly from the storage slot shown below using the
-   * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
-   * `0x58221d865d4bfcbfe437720ee0c958ac3269c4e9c775f643bf474ed980d61168`
+   * @dev Receives RON transfer from all addresses.
    */
-  function target() external adminExecutesOrModeratorForwards returns (address target_) {
-    target_ = _target();
-  }
+  fallback() external payable {}
 
   /**
-   * @dev Changes the target of the forwarder.
-   *
-   * Emits an {TargetChanged} event.
-   *
-   * NOTE: Only the admin can call this function. See {ForwarderStorage-_changeTargetTo}.
+   * @dev Receives RON transfer from all addresses.
    */
-  function changeTargetTo(address newTarget) external virtual adminExecutesOrModeratorForwards {
-    _changeTargetTo(newTarget);
-  }
+  receive() external payable {}
 
   /**
    * @dev Forwards the encoded call specified by `_data` to the target. The forwarder attachs `_val` value
    * from the forwarder contract and sends along with the call.
    *
    * Requirements:
-   * - Only moderator can call this method.
+   * - Only target with {TARGET_ROLE} can be called to.
+   * - Only user with {MODERATOR_ROLE} can call this method.
    */
-  function functionCall(bytes memory _data, uint256 _val) external payable onlyModerator {
-    _functionCall(_data, _val);
-  }
-
-  /**
-   * @dev Calls a function from the current forwarder to the target as specified by `_data`, which should be an encoded
-   * function call, with the value `_val`.
-   */
-  function _functionCall(bytes memory _data, uint256 _val) internal {
+  function functionCall(
+    address _target,
+    bytes memory _data,
+    uint256 _val
+  ) external payable validTarget(_target) onlyRole(MODERATOR_ROLE) {
     require(_val <= address(this).balance, "Forwarder: invalid forwarding value");
-    _call(_target(), _data, _val);
+    _call(_target, _data, _val);
   }
 
   /**
-   * @dev Returns the current target address.
+   * @dev Forwards the current call to `target`.
+   *
+   * This function does not return to its internal call site, it will return directly to the external caller.
    */
-  function _target() internal view virtual override returns (address target_) {
-    return _getTarget();
+  function _call(
+    address _target,
+    bytes memory _data,
+    uint256 _value
+  ) internal {
+    (bool _success, bytes memory _res) = _target.call{ value: _value }(_data);
+    if (!_success) {
+      uint _size = _res.length;
+      require(_size >= 4, "Forwarder: target reverts silently");
+      assembly {
+        _res := add(_res, 0x20)
+        revert(_res, _size)
+      }
+    }
   }
 }