fix: audit L-03 (#275)

matter-labs · Feb 10, 2025 · 9f2cd09 · 9f2cd09
1 parent b7ad1df
commit 9f2cd09
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 22 deletions.
diff --git a/src/SsoAccount.sol b/src/SsoAccount.sol
@@ -22,6 +22,8 @@ import { SignatureDecoder } from "./libraries/SignatureDecoder.sol";
 import { ERC1271Handler } from "./handlers/ERC1271Handler.sol";
 import { BatchCaller } from "./batch/BatchCaller.sol";
 
+import { BootloaderAuth } from "./auth/BootloaderAuth.sol";
+
 import { ISsoAccount } from "./interfaces/ISsoAccount.sol";
 import { IModuleValidator } from "./interfaces/IModuleValidator.sol";
 
@@ -32,7 +34,15 @@ import { IModuleValidator } from "./interfaces/IModuleValidator.sol";
 /// @notice This contract is a modular and extensible account implementation with support of
 /// multi-ownership, custom modules, validation/execution hooks and different signature validation formats.
 /// @dev Contract is expected to be used as Beacon proxy implementation.
-contract SsoAccount is Initializable, HookManager, ERC1271Handler, TokenCallbackHandler, BatchCaller, ISsoAccount {
+contract SsoAccount is
+  Initializable,
+  HookManager,
+  ERC1271Handler,
+  TokenCallbackHandler,
+  BatchCaller,
+  ISsoAccount,
+  BootloaderAuth
+{
   // Helper library for the Transaction struct
   using TransactionHelper for Transaction;
 

diff --git a/src/auth/Auth.sol b/src/auth/Auth.sol
diff --git a/src/managers/HookManager.sol b/src/managers/HookManager.sol
@@ -6,7 +6,7 @@ import { EnumerableSet } from "@openzeppelin/contracts/utils/structs/EnumerableS
 import { Transaction } from "@matterlabs/zksync-contracts/l2/system-contracts/libraries/TransactionHelper.sol";
 import { ExcessivelySafeCall } from "@nomad-xyz/excessively-safe-call/src/ExcessivelySafeCall.sol";
 
-import { Auth } from "../auth/Auth.sol";
+import { SelfAuth } from "../auth/SelfAuth.sol";
 import { SsoStorage } from "../libraries/SsoStorage.sol";
 import { Errors } from "../libraries/Errors.sol";
 import { IExecutionHook, IValidationHook } from "../interfaces/IHook.sol";
@@ -19,7 +19,7 @@ import { IModule } from "../interfaces/IModule.sol";
  * @dev Hook addresses are stored in a linked list
  * @author https://getclave.io
  */
-abstract contract HookManager is IHookManager, Auth {
+abstract contract HookManager is IHookManager, SelfAuth {
   using EnumerableSet for EnumerableSet.AddressSet;
   // Interface helper library
   using ERC165Checker for address;
@@ -124,7 +124,7 @@ abstract contract HookManager is IHookManager, Auth {
     emit HookRemoved(hook);
   }
 
-  function _isHook(address addr) internal view override returns (bool) {
+  function _isHook(address addr) internal view returns (bool) {
     return _validationHooks().contains(addr) || _executionHooks().contains(addr);
   }
 

diff --git a/src/managers/OwnerManager.sol b/src/managers/OwnerManager.sol
@@ -4,7 +4,7 @@ pragma solidity ^0.8.24;
 import { EnumerableSet } from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
 import { SsoStorage } from "../libraries/SsoStorage.sol";
 import { Errors } from "../libraries/Errors.sol";
-import { Auth } from "../auth/Auth.sol";
+import { SelfAuth } from "../auth/SelfAuth.sol";
 import { IOwnerManager } from "../interfaces/IOwnerManager.sol";
 
 /**
@@ -14,7 +14,7 @@ import { IOwnerManager } from "../interfaces/IOwnerManager.sol";
  * @dev Owners are stored in a linked list
  * @author https://getclave.io
  */
-abstract contract OwnerManager is IOwnerManager, Auth {
+abstract contract OwnerManager is IOwnerManager, SelfAuth {
   using EnumerableSet for EnumerableSet.AddressSet;
 
   /// @inheritdoc IOwnerManager

diff --git a/src/managers/ValidatorManager.sol b/src/managers/ValidatorManager.sol
@@ -5,7 +5,7 @@ import { ERC165Checker } from "@openzeppelin/contracts/utils/introspection/ERC16
 import { EnumerableSet } from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
 import { ExcessivelySafeCall } from "@nomad-xyz/excessively-safe-call/src/ExcessivelySafeCall.sol";
 
-import { Auth } from "../auth/Auth.sol";
+import { SelfAuth } from "../auth/SelfAuth.sol";
 import { Errors } from "../libraries/Errors.sol";
 import { SsoStorage } from "../libraries/SsoStorage.sol";
 import { IValidatorManager } from "../interfaces/IValidatorManager.sol";
@@ -18,7 +18,7 @@ import { IModule } from "../interfaces/IModule.sol";
  * @dev Validators are stored in an enumerable set
  * @author https://getclave.io
  */
-abstract contract ValidatorManager is IValidatorManager, Auth {
+abstract contract ValidatorManager is IValidatorManager, SelfAuth {
   using EnumerableSet for EnumerableSet.AddressSet;
   // Interface helper library
   using ERC165Checker for address;