expiration timestamp

Author: kumaryash90

src/PaymentsGateway.sol

@@ -27,6 +27,7 @@ contract PaymentsGateway is EIP712, Ownable, ReentrancyGuard {
     error PaymentsGatewayInvalidAmount(uint256 amount);
     error PaymentsGatewayVerificationFailed();
     error PaymentsGatewayFailedToForward();
+    error PaymentsGatewayRequestExpired(uint256 expirationTimestamp);
 
     event TransferStart(
         bytes32 indexed clientId,
@@ -71,6 +72,7 @@ contract PaymentsGateway is EIP712, Ownable, ReentrancyGuard {
         bytes32 transactionId;
         address tokenAddress;
         uint256 tokenAmount;
+        uint256 expirationTimestamp;
         PayoutInfo[] payouts;
         address payable forwardAddress;
         bytes data;
@@ -80,7 +82,7 @@ contract PaymentsGateway is EIP712, Ownable, ReentrancyGuard {
         keccak256("PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)");
     bytes32 private constant REQUEST_TYPEHASH =
         keccak256(
-            "PayRequest(bytes32 clientId,bytes32 transactionId,address tokenAddress,uint256 tokenAmount,PayoutInfo[] payouts,address forwardAddress,bytes data)PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)"
+            "PayRequest(bytes32 clientId,bytes32 transactionId,address tokenAddress,uint256 tokenAmount,uint256 expirationTimestamp,PayoutInfo[] payouts,address forwardAddress,bytes data)PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)"
         );
     address private constant THIRDWEB_CLIENT_ID = 0x0000000000000000000000000000000000000000;
     address private constant NATIVE_TOKEN_ADDRESS = 0x0000000000000000000000000000000000000000;
@@ -176,6 +178,7 @@ contract PaymentsGateway is EIP712, Ownable, ReentrancyGuard {
                 req.transactionId,
                 req.tokenAddress,
                 req.tokenAmount,
+                req.expirationTimestamp,
                 payoutsHash,
                 req.forwardAddress,
                 keccak256(req.data)
@@ -206,6 +209,11 @@ contract PaymentsGateway is EIP712, Ownable, ReentrancyGuard {
             revert PaymentsGatewayInvalidAmount(req.tokenAmount);
         }
 
+        // verify expiration timestamp
+        if (req.expirationTimestamp < block.timestamp) {
+            revert PaymentsGatewayRequestExpired(req.expirationTimestamp);
+        }
+
         // verify data
         if (!_verifyTransferStart(req, signature)) {
             revert PaymentsGatewayVerificationFailed();

test/PaymentsGateway.t.sol

@@ -62,7 +62,7 @@ contract PaymentsGatewayTest is Test {
 
     function setUp() public {
         owner = payable(vm.addr(1));
-        operator = payable(vm.addr(0x0000000000000000000000000000000000000000000000000000000000000002));
+        operator = payable(vm.addr(2));
         sender = payable(vm.addr(3));
         receiver = payable(vm.addr(4));
         client = payable(vm.addr(5));
@@ -98,7 +98,7 @@ contract PaymentsGatewayTest is Test {
         // EIP712
         typehashPayoutInfo = keccak256("PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)");
         typehashPayRequest = keccak256(
-            "PayRequest(bytes32 clientId,bytes32 transactionId,address tokenAddress,uint256 tokenAmount,PayoutInfo[] payouts,address forwardAddress,bytes data)PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)"
+            "PayRequest(bytes32 clientId,bytes32 transactionId,address tokenAddress,uint256 tokenAmount,uint256 expirationTimestamp,PayoutInfo[] payouts,address forwardAddress,bytes data)PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)"
         );
         nameHash = keccak256(bytes("PaymentsGateway"));
         versionHash = keccak256(bytes("1"));
@@ -125,10 +125,10 @@ contract PaymentsGatewayTest is Test {
     function _hashPayoutInfo(PaymentsGateway.PayoutInfo[] memory _payouts) private view returns (bytes32) {
         bytes32 payoutHash = typehashPayoutInfo;
 
-        bytes32[] memory payoutsHashes = new bytes32[](payouts.length);
+        bytes32[] memory payoutsHashes = new bytes32[](_payouts.length);
         for (uint i = 0; i < payouts.length; i++) {
             payoutsHashes[i] = keccak256(
-                abi.encode(payoutHash, payouts[i].clientId, payouts[i].payoutAddress, payouts[i].feeBPS)
+                abi.encode(payoutHash, _payouts[i].clientId, _payouts[i].payoutAddress, _payouts[i].feeBPS)
             );
         }
         return keccak256(abi.encodePacked(payoutsHashes));
@@ -147,6 +147,7 @@ contract PaymentsGatewayTest is Test {
                 req.transactionId,
                 req.tokenAddress,
                 req.tokenAmount,
+                req.expirationTimestamp,
                 _payoutsHash,
                 req.forwardAddress,
                 keccak256(req.data)
@@ -184,12 +185,13 @@ contract PaymentsGatewayTest is Test {
         req.tokenAddress = address(mockERC20);
         req.tokenAmount = sendValue;
         req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
         req.data = targetCalldata;
         req.payouts = payouts;
 
         // generate signature
         bytes memory _signature = _prepareAndSignData(
-            0x0000000000000000000000000000000000000000000000000000000000000002, // sign with operator private key, i.e. 2
+            2, // sign with operator private key, i.e. 2
             req
         );
 
@@ -224,6 +226,7 @@ contract PaymentsGatewayTest is Test {
         req.tokenAddress = address(0);
         req.tokenAmount = sendValue;
         req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
         req.data = targetCalldata;
         req.payouts = payouts;
 
@@ -235,7 +238,7 @@ contract PaymentsGatewayTest is Test {
 
         // generate signature
         bytes memory _signature = _prepareAndSignData(
-            0x0000000000000000000000000000000000000000000000000000000000000002, // sign with operator private key, i.e. 2
+            2, // sign with operator private key, i.e. 2
             req
         );
 
@@ -277,12 +280,13 @@ contract PaymentsGatewayTest is Test {
         req.tokenAddress = address(mockERC20);
         req.tokenAmount = sendValue;
         req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
         req.data = targetCalldata;
         req.payouts = payouts;
 
         // generate signature
         bytes memory _signature = _prepareAndSignData(
-            0x0000000000000000000000000000000000000000000000000000000000000002, // sign with operator private key, i.e. 2
+            2, // sign with operator private key, i.e. 2
             req
         );
 
@@ -311,6 +315,7 @@ contract PaymentsGatewayTest is Test {
         req.tokenAddress = address(mockERC20);
         req.tokenAmount = sendValue;
         req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
         req.data = targetCalldata;
         req.payouts = payouts;
 
@@ -326,6 +331,35 @@ contract PaymentsGatewayTest is Test {
         gateway.startTransfer(req, _signature);
     }
 
+    function test_revert_startTransfer_requestExpired() public {
+        uint256 sendValue = 1 ether;
+        bytes memory targetCalldata = "";
+
+        // create pay request
+        PaymentsGateway.PayRequest memory req;
+        bytes32 _transactionId = keccak256("transaction ID");
+
+        req.clientId = clientId;
+        req.transactionId = _transactionId;
+        req.tokenAddress = address(mockERC20);
+        req.tokenAmount = sendValue;
+        req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
+        req.data = targetCalldata;
+        req.payouts = payouts;
+
+        // generate signature
+        bytes memory _signature = _prepareAndSignData(2, req);
+
+        vm.warp(req.expirationTimestamp + 1);
+        // send transaction
+        vm.prank(sender);
+        vm.expectRevert(
+            abi.encodeWithSelector(PaymentsGateway.PaymentsGatewayRequestExpired.selector, req.expirationTimestamp)
+        );
+        gateway.startTransfer(req, _signature);
+    }
+
     // /*///////////////////////////////////////////////////////////////
     //                 Test `endTransfer`
     // //////////////////////////////////////////////////////////////*/

test/benchmarks/BenchmarkPaymentsGateway.t.sol

@@ -35,7 +35,7 @@ contract BenchmarkPaymentsGatewayTest is Test {
 
     function setUp() public {
         owner = payable(vm.addr(1));
-        operator = payable(vm.addr(0x0000000000000000000000000000000000000000000000000000000000000002));
+        operator = payable(vm.addr(2));
         sender = payable(vm.addr(3));
         receiver = payable(vm.addr(4));
         client = payable(vm.addr(5));
@@ -66,7 +66,7 @@ contract BenchmarkPaymentsGatewayTest is Test {
         // EIP712
         typehashPayoutInfo = keccak256("PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)");
         typehashPayRequest = keccak256(
-            "PayRequest(bytes32 clientId,bytes32 transactionId,address tokenAddress,uint256 tokenAmount,PayoutInfo[] payouts,address forwardAddress,bytes data)PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)"
+            "PayRequest(bytes32 clientId,bytes32 transactionId,address tokenAddress,uint256 tokenAmount,uint256 expirationTimestamp,PayoutInfo[] payouts,address forwardAddress,bytes data)PayoutInfo(bytes32 clientId,address payoutAddress,uint256 feeBPS)"
         );
         nameHash = keccak256(bytes("PaymentsGateway"));
         versionHash = keccak256(bytes("1"));
@@ -91,19 +91,12 @@ contract BenchmarkPaymentsGatewayTest is Test {
     }
 
     function _hashPayoutInfo(PaymentsGateway.PayoutInfo[] memory _payouts) private view returns (bytes32) {
-        // bytes32 payoutHash = keccak256(abi.encodePacked("PayoutInfo"));
         bytes32 payoutHash = typehashPayoutInfo;
-        // for (uint256 i = 0; i < _payouts.length; ++i) {
-        //     payoutHash = keccak256(
-        //         abi.encode(payoutHash, _payouts[i].clientId, _payouts[i].payoutAddress, _payouts[i].feeBPS)
-        //     );
-        // }
-        // return payoutHash;
-
-        bytes32[] memory payoutsHashes = new bytes32[](payouts.length);
+
+        bytes32[] memory payoutsHashes = new bytes32[](_payouts.length);
         for (uint i = 0; i < payouts.length; i++) {
             payoutsHashes[i] = keccak256(
-                abi.encode(payoutHash, payouts[i].clientId, payouts[i].payoutAddress, payouts[i].feeBPS)
+                abi.encode(payoutHash, _payouts[i].clientId, _payouts[i].payoutAddress, _payouts[i].feeBPS)
             );
         }
         return keccak256(abi.encodePacked(payoutsHashes));
@@ -122,6 +115,7 @@ contract BenchmarkPaymentsGatewayTest is Test {
                 req.transactionId,
                 req.tokenAddress,
                 req.tokenAmount,
+                req.expirationTimestamp,
                 _payoutsHash,
                 req.forwardAddress,
                 keccak256(req.data)
@@ -160,12 +154,13 @@ contract BenchmarkPaymentsGatewayTest is Test {
         req.tokenAddress = address(mockERC20);
         req.tokenAmount = sendValue;
         req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
         req.data = targetCalldata;
         req.payouts = payouts;
 
         // generate signature
         bytes memory _signature = _prepareAndSignData(
-            0x0000000000000000000000000000000000000000000000000000000000000002, // sign with operator private key, i.e. 2
+            2, // sign with operator private key, i.e. 2
             req
         );
 
@@ -190,12 +185,13 @@ contract BenchmarkPaymentsGatewayTest is Test {
         req.tokenAddress = address(0);
         req.tokenAmount = sendValue;
         req.forwardAddress = payable(address(mockTarget));
+        req.expirationTimestamp = 1000;
         req.data = targetCalldata;
         req.payouts = payouts;
 
         // generate signature
         bytes memory _signature = _prepareAndSignData(
-            0x0000000000000000000000000000000000000000000000000000000000000002, // sign with operator private key, i.e. 2
+            2, // sign with operator private key, i.e. 2
             req
         );