remove deposit token allow list

Author: tamirms

solidity-go/bridge.go

@@ -47,14 +47,6 @@ struct SetPausedRequest {
     uint256 expiration; // unix timestamp of when the transaction should expire
 }
 
-// SetDepositAllowedRequest is the payload for the setDepositAllowed() transaction.
-struct SetDepositAllowedRequest {
-    address token; // token to be enabled / disabled
-    bool allowed; // true if depsits are allowed otherwise false
-    uint256 nonce; // used to make each transaction unique for replay prevention
-    uint256 expiration; // unix timestamp of when the transaction should expire
-}
-
 // RegisterStellarAssetRequest is the payload for the registerStellarAsset() transaction.
 // The three fields define a new ERC20 token which represents the ethereum equivalent of
 // a Stellar asset.
@@ -71,8 +63,6 @@ uint8 constant PAUSE_WITHDRAWALS =  1 << 1;
 // bitwise flag representing the state where no withdrawals or deposits are allowed on the bridge
 uint8 constant PAUSE_DEPOSITS_AND_WITHDRAWALS = PAUSE_DEPOSITS | PAUSE_WITHDRAWALS;
 
-// SET_DEPOSIT_ALLOWED is used to distinguish setDepositAllowed() signatures from signatures for other bridge functions.
-bytes32 constant SET_DEPOSIT_ALLOWED = keccak256("setDepositAllowed");
 // SET_PAUSED_ID is used to distinguish setPaused() signatures from signatures for other bridge functions.
 bytes32 constant SET_PAUSED_ID = keccak256("setPaused");
 // REGISTER_STELLAR_ASSET_ID is used to distinguish registerStellarAsset() signatures from signatures for other bridge functions.
@@ -89,10 +79,7 @@ contract Bridge is Auth, ReentrancyGuard {
     event SetPaused(uint8 value);
 
     // to create a Bridge instance you need to provide the validator set configuration
-    constructor(address[] memory _signers, uint8 _minThreshold) Auth(_signers, _minThreshold) {
-        emit SetDepositAllowed(address(0x0), true);
-        depositAllowed[address(0x0)] = true;
-    }
+    constructor(address[] memory _signers, uint8 _minThreshold) Auth(_signers, _minThreshold) {}
 
     // Deposit is emitted whenever ERC20 tokens (or ETH) are deposited on the bridge.
     // The Deposit event initiates a Ethereum -> Stellar transfer.
@@ -123,13 +110,6 @@ contract Bridge is Auth, ReentrancyGuard {
     // created by the bridge.
     mapping(address => bool) public isStellarAsset;
 
-    // depositAllowed identifies whether an ERC20 token is can be deposited on
-    // the bridge.
-    mapping(address => bool) public depositAllowed;
-
-    // SetPaused is emitted whenever the paused state of the bridge changes
-    event SetDepositAllowed(address token, bool allowed);
-
     // depositERC20() deposits ERC20 tokens to the bridge and starts a ERC20 -> Stellar
     // transfer. If deposits are disabled this function will fail.
     function depositERC20(
@@ -140,7 +120,6 @@ contract Bridge is Auth, ReentrancyGuard {
         require((paused & PAUSE_DEPOSITS) == 0, "deposits are paused");
         require(amount > 0, "deposit amount is zero");
         require(token != address(0x0), "invalid token address");
-        require(depositAllowed[token], "deposits not allowed for token");
 
         emit Deposit(token, msg.sender, destination, amount);
 
@@ -163,7 +142,6 @@ contract Bridge is Auth, ReentrancyGuard {
     // depositETH() deposits ETH to the bridge and starts a ETH -> Stellar
     // transfer. If deposits are disabled this function will fail.
     function depositETH(uint256 destination) external payable {
-        require(depositAllowed[address(0)], "eth deposits are not allowed");
         require((paused & PAUSE_DEPOSITS) == 0, "deposits are paused");
         require(msg.value > 0, "deposit amount is zero");
         emit Deposit(address(0), msg.sender, destination, msg.value);
@@ -247,26 +225,6 @@ contract Bridge is Auth, ReentrancyGuard {
         paused = request.value;
     }
 
-    // setDepositAllowed() will enable or disable deposits for a specific token.
-    // setDepositAllowed() must be authorized by the bridge validators otherwise the transaction
-    // will fail. Replay prevention is implemented by storing the request hash in the
-    // fulfilledrequests set.
-    function setDepositAllowed(
-        SetDepositAllowedRequest memory request,
-        bytes[] calldata signatures,
-        uint8[] calldata indexes
-    ) external {
-        bytes32 requestHash = keccak256(abi.encode(domainSeparator, SET_DEPOSIT_ALLOWED, request));
-        // ensure the same setPaused() transaction cannot be used more than once
-        verifyRequest(requestHash, requestHash, request.expiration, signatures, indexes);
-        emit SetDepositAllowed(request.token, request.allowed);
-        if (request.allowed) {
-            depositAllowed[request.token] = true;
-        } else {
-            delete(depositAllowed[request.token]);
-        }
-    }
-
     // registerStellarAsset() will creates an ERC20 token to represent a stellar asset.
     // registerStellarAsset() must be authorized by the bridge validators otherwise the transaction
     // will fail. Replay prevention is impemented by creating the ERC20 via the CREATE2 opcode (see
@@ -303,8 +261,6 @@ contract Bridge is Auth, ReentrancyGuard {
         );
 
         emit RegisterStellarAsset(asset);
-        emit SetDepositAllowed(asset, true);
         isStellarAsset[asset] = true;
-        depositAllowed[asset] = true;
     }
 }

solidity/contracts/Bridge.sol

@@ -13,7 +13,6 @@ describe("Deploy Bridge", function() {
       for(let i = 0; i < 20; i++) {
         expect(await bridge.signers(i)).to.equal(addresses[i]);
       }
-      expect(await bridge.depositAllowed("0x0000000000000000000000000000000000000000")).to.be.true;
       await expect(bridge.signers(20)).to.be.reverted;
     });
 

solidity/test/bridge.js

@@ -3,7 +3,6 @@ const { ethers } = require("hardhat");
 const { PAUSE_DEPOSITS, PAUSE_NOTHING, PAUSE_WITHDRAWALS_AND_DEPOSITS, setPaused, nextPauseNonce, PAUSE_WITHDRAWALS } = require("./paused");
 const { updateSigners } = require("./updateSigners");
 const { validTimestamp, expiredTimestamp } = require("./util");
-const { setDepositAllowed } = require("./setDepositAllowed");
 
 async function withdrawERC20(bridge, token, signers, id, domainSeparator, expiration, recipient, amount) {
     const request = [id, expiration, recipient, token.address, amount];
@@ -37,7 +36,6 @@ describe("Deposit & Withdraw ERC20", function() {
         token = await ERC20.deploy("Test Token", "TEST", 18);
         await token.mint(sender.address, ethers.utils.parseEther("100.0"));
         await token.approve(bridge.address, ethers.utils.parseEther("300.0"));
-        await setDepositAllowed(bridge, signers, domainSeparator, token.address, true, 0, validTimestamp());
     });
 
     it("deposits of 0 are rejected", async function() {
@@ -60,44 +58,11 @@ describe("Deposit & Withdraw ERC20", function() {
         await feeToken.mint(sender.address, ethers.utils.parseEther("100.0"));
         await feeToken.approve(bridge.address, ethers.utils.parseEther("300.0"));
 
-        await setDepositAllowed(bridge, signers, domainSeparator, feeToken.address, true, 1, validTimestamp());
-        expect(await bridge.depositAllowed(feeToken.address)).to.be.true;
-
         await expect(bridge.depositERC20(
             feeToken.address, 1, ethers.utils.parseEther("1.0")
         )).to.be.revertedWith("received amount not equal to expected amount");
     });
 
-    it("block deposits for a specific ERC20 token", async function() {
-        const blockedToken = await ERC20.deploy("Blocked Test Token", "BLOCKED", 18);
-        await blockedToken.mint(sender.address, ethers.utils.parseEther("100.0"));
-        await blockedToken.approve(bridge.address, ethers.utils.parseEther("300.0"));
-
-        expect(await bridge.depositAllowed(blockedToken.address)).to.be.false;
-        await expect(bridge.depositERC20(
-            blockedToken.address, 1, ethers.utils.parseEther("1.0")
-        )).to.be.revertedWith("deposits not allowed for token");
-
-        await setDepositAllowed(bridge, signers, domainSeparator, blockedToken.address, true, 1, validTimestamp());
-        expect(await bridge.depositAllowed(blockedToken.address)).to.be.true;
-
-        const before = await token.balanceOf(bridge.address);
-
-        await bridge.depositERC20(
-            blockedToken.address, 1, ethers.utils.parseEther("1.0")
-        );
-
-        const after = await blockedToken.balanceOf(bridge.address);
-        expect(after.sub(before)).to.equal(ethers.utils.parseEther("1.0"));
-
-        await setDepositAllowed(bridge, signers, domainSeparator, blockedToken.address, false, 2, validTimestamp());
-
-        expect(await bridge.depositAllowed(blockedToken.address)).to.be.false;
-        await expect(bridge.depositERC20(
-            blockedToken.address, 1, ethers.utils.parseEther("1.0")
-        )).to.be.revertedWith("deposits not allowed for token");
-    });
-
     it("cannot deposit more tokens than current balance", async function() {
         await expect(bridge.depositERC20(
             token.address, 1, ethers.utils.parseEther("200")

solidity/test/erc20.js

@@ -3,7 +3,6 @@ const { ethers, waffle } = require("hardhat");
 const { PAUSE_DEPOSITS, PAUSE_NOTHING, PAUSE_WITHDRAWALS_AND_DEPOSITS, setPaused, nextPauseNonce, PAUSE_WITHDRAWALS } = require("./paused");
 const { updateSigners } = require("./updateSigners");
 const { validTimestamp, expiredTimestamp } = require("./util");
-const { setDepositAllowed } = require("./setDepositAllowed");
 
 describe("Deposit & Withdraw ETH", function() {
     let signers;
@@ -31,34 +30,6 @@ describe("Deposit & Withdraw ETH", function() {
         await expect(bridge.depositETH(1, {value: 0})).to.be.revertedWith("deposit amount is zero");
     });
 
-    it("block deposits of ETH", async function() {
-        const ERC20 = await ethers.getContractFactory("StellarAsset");
-        const token = await ERC20.deploy("Blocked Test Token", "BLOCKED", 18);
-        await token.mint(sender.address, ethers.utils.parseEther("100.0"));
-        await token.approve(bridge.address, ethers.utils.parseEther("300.0"));
-
-        await setDepositAllowed(bridge, signers, domainSeparator, token.address, true, 0, validTimestamp());
-        expect(await bridge.depositAllowed(token.address)).to.be.true;
-
-        const ethAddress = "0x0000000000000000000000000000000000000000";
-        await setDepositAllowed(bridge, signers, domainSeparator, ethAddress, false, 1, validTimestamp());
-        expect(await bridge.depositAllowed(ethAddress)).to.be.false;
-
-        const before = await token.balanceOf(bridge.address);
-
-        await bridge.depositERC20(
-            token.address, 1, ethers.utils.parseEther("1.0")
-        );
-
-        const after = await token.balanceOf(bridge.address);
-        expect(after.sub(before)).to.equal(ethers.utils.parseEther("1.0"));
-
-        await expect(bridge.depositETH(1, {value: ethers.utils.parseEther("1.0")})).to.be.revertedWith("eth deposits are not allowed");
-
-        await setDepositAllowed(bridge, signers, domainSeparator, ethAddress, true, 2, validTimestamp());
-        expect(await bridge.depositAllowed(ethAddress)).to.be.true;
-    });
-
     it("deposits are rejected when bridge is paused", async function() {
         await setPaused(bridge, signers, domainSeparator, PAUSE_DEPOSITS, nextPauseNonce(), validTimestamp());
         await expect(bridge.depositETH(1, {value: ethers.utils.parseEther("1.0")})).to.be.revertedWith("deposits are paused");

solidity/test/eth.js

@@ -49,7 +49,6 @@ describe("registerStellarAsset", function() {
         expect(await wrappedXLM.name()).to.be.eql("Stellar Lumens");
         expect(await wrappedXLM.symbol()).to.be.eql("XLM");
         expect(await bridge.isStellarAsset(wrappedXLM.address)).to.be.true;
-        expect(await bridge.depositAllowed(wrappedXLM.address)).to.be.true;
     });
 
     it("rejects duplicate transactions", async function() {