A temporary repo for ETH connector to be used by EVM

Related tags

Cryptography eth-connector
Overview

ETH connector for Rainbow bridge

Definitions

bridgedETH - NEP-141 fungible-token representation of ETH inside Near.

nETH - native ETH inside Near EVM.

Deployments

Version Description Status Ethereum Connector Address NEAR Connector Account
v0.1 NEAR testnet - Ropsten Working 0xE3eBE85E0c42cC59cF09a1367d2CA30B26639659 v01.kconnector.testnet
v0.2 NEAR testnet - Ropsten Working 0x4dE5E423CA193dF67081A1BAb17d253B55d63688 v02.kconnector.testnet
no-std NEAR testnet - Ropsten Working 0x88657f6D4c4bbDB193C2b0B78DD74cD38479f819 nostd-v01.kconnector.testnet

Step-by-step testing guide

Pre-requisites

Installation

  1. Make sure you have installed npm.

  2. Install NEAR CLI: $ npm install -g near-cli.

  3. Install Yarn: $ npm install --global yarn.

  4. Clone this repo, and run $ cd eth-custodian and $ yarn install.

  5. Create an account in Metamask in Ropsten testnet.

  6. Get some Ropsten ETH. For example using this faucet: https://faucet.ropsten.be/.

  7. Create an account in NEAR TestNet: https://wallet.testnet.near.org/.

  8. Make sure that you're working with the NEAR TestNet: $ export NODE_ENV=testnet.

  9. Log in to the NEAR Wallet from the CLI: $ near login. The browser should pop up and a NEAR Wallet should ask for a permission for adding a full access key.

Configuration

  1. Copy test-ethereum-config.json to ethereum-config.json with $ cp eth-custodian/scripts/json/test-ethereum-config.json eth-custodian/scripts/json/ethereum-config.json.

  2. Update ethereum-config.json with the actual data on the addresses.

  3. Create .env file inside eth-custodian directory: $ touch .env.

  4. Add to the file your Alchemy API key: $ echo "ALCHEMY_API_KEY=YOUR_ALCHEMY_API_KEY_HERE" >> .env
    RPC access can be easily gained from Alchemy.

  5. Add to the file Ropsten Private key: $ echo "ROPSTEN_PRIVATE_KEY=YOUR_ROPSTEN_PRIVATE_KEY_HERE" >> .env

  6. Add path to the Near credentials (e.g. this usually will be at ~/.near-credentials on Linux
    and /Users/<user>/.near-credentials on MacOS:
    $ echo "NEAR_KEY_STORE_PATH=PATH_TO_YOUR_NEAR_CREDENTIALS_HERE" >> .env

Ethereum -> Near transfer (ETH -> bridgedETH (NEP-141))

  1. Go to eth-custodian directory: $ cd eth-custodian.

  2. Transfer ETH to EthCustodian. Send depositToNear transaction to EthCustodian contract. This will transfer AMOUNT (wei) from your account and deposit AMOUNT (wei) having FEE (wei) to NEAR_RECIPIENT account on Near.
    Run: $ make eth-deposit-to-near NEAR_RECIPIENT=<ACCOUNT_ID_OF_RECIPIENT_HERE> AMOUNT=<DEPOSIT_AMOUNT_HERE> FEE=<DEPOSIT_FEE_HERE>.

  3. Wait sufficiently long You need to wait for 30 confirmations for Ropsten blockchain. This is needed to achieve finality of Ropsten block, including locking transaction. The status of syncing of the bridge can be observed here. First metric (near_bridge_eth2near_client_block_number) should become more than the height of a block with transaction from the step 2 at least by 30, for successfull finalisation of the transfer.

  4. Finalise deposit to Near Call deposit in Near blockchain to finalise the deposit transaction with the given TX_HASH. You can find TX_HASH in the output of the previous step. You will need to provide your NEAR_ACCOUNT AccountId which will be used to relay the ETH proof to the Near blockchain to mint appropriate amount of bridgedETH for the NEAR_RECIPIENT (this parameter is optional here and only serves for verbose purposes to show the balance of the recipient before and after)
    Run: $ make eth-finalise-deposit-to-near TX_HASH=<DEPOSIT_TX_HASH_HERE> NEAR_ACCOUNT=<YOUR_NEAR_ACCOUNT_HERE> NEAR_RECIPIENT=<RECIPIENT_HERE>

Near -> Ethereum transfer (bridgedETH -> ETH)

  1. Go to eth-custodian directory: $ cd eth-custodian.

  2. Begin withdraw Send a withdraw transaction to the bridgedETH contract to withdraw AMOUNT bridgedETH (wei) from the NEAR_ACCOUNT and transfer the appropriate amount of ETH (wei) to ETH_RECIPIENT (Specify without '0x' prefix). During the execution, the contract will issue an execution outcome, which would be used during finalisation step to contruct the proof for the EthCustodian in Ethereum.
    Run: $ make near-withdraw-to-eth NEAR_ACCOUNT=<YOUR_NEAR_ACCOUNT_HERE> ETH_RECIPIENT=<ETH_ADDRESS_OF_RECIPIENT_HERE> AMOUNT=<WITHDRAW_AMOUNT_HERE> FEE=<WITHDRAW_FEE_HERE>

  3. Wait sufficiently long This approximately takes 10 minutes for the Ropsten bridge deployment. This is needed to relay NEAR block with the height higher than the block with transaction from previous step to Ethereum, plus wait a challenge period. The status of syncing of the bridge can be observed here. First metric near_bridge_near2eth_client_height should become higher than the block height displayed in console during the previous step.

  4. Finalise withdraw to Eth Call withdraw in Near blockchain to finalise the deposit transaction with the given TX_HASH. You can find TX_HASH in the output of the previous step. Send a withdraw transaction to the EthCustodian contract. After bridge syncing we are able to prove the fact of withdrawal transaction on NEAR to the EthCustodian contract.
    Run: $ make near-finalise-withdraw-to-eth TX_HASH=<WITHDRAW_TX_HASH_HERE>

Ethereum -> Near transfer (ETH -> nETH (native ETH in Near-EVM))

WIP

Near -> Ethereum transfer (nETH -> ETH)

WIP

Comments
  • Pure no-std eth-connector implementation

    Pure no-std eth-connector implementation

    ETH Connector Smart Contract pure implementation

    Rust no-std implied.

    What included:

    • Fungible tokens
    • Log entry RLP parsing
    • ETH Connector
    • Very basic and naive account management
    no-std 
    opened by mrLSD 10
  • `ft_transfer_call` wrong gas allocation

    `ft_transfer_call` wrong gas allocation

    Just noticed that method ft_transfer_call sometime fails with Exceeded the prepaid gas error before the ft_on_transfer call. Method ft_transfer_call is spending some gas on internal_transfer and subsequent gas calculations may became invalid so ft_on_transfer doesn't run even if user attached a lot of additional gas.

    opened by zavodil 4
  • Bump @openzeppelin/contracts from 4.5.0 to 4.7.2 in /eth-custodian

    Bump @openzeppelin/contracts from 4.5.0 to 4.7.2 in /eth-custodian

    Bumps @openzeppelin/contracts from 4.5.0 to 4.7.2.

    Release notes

    Sourced from @​openzeppelin/contracts's releases.

    v4.7.2

    :warning: This is a patch for three issues, including a high severity issue in GovernorVotesQuorumFraction. For more information visit the security advisories (1, 2, 3).

    1. GovernorVotesQuorumFraction: Fixed quorum updates so they do not affect past proposals that failed due to lack of quorum. (#3561)
    2. ERC165Checker: Added protection against large returndata. (#3587)
    3. LibArbitrumL2, CrossChainEnabledArbitrumL2: Fixed detection of cross-chain calls for EOAs. Previously, calls from EOAs would be classified as cross-chain calls. (#3578)

    v4.7.1

    :warning: This is a patch for a medium severity issue affecting SignatureChecker and a high severity issue affecting ERC165Checker. For more information visit the security advisories (1, 2).

    • SignatureChecker: Fix an issue that causes isValidSignatureNow to revert when the target contract returns ill-encoded data. (#3552)
    • ERC165Checker: Fix an issue that causes supportsInterface to revert when the target contract returns ill-encoded data. (#3552)

    v4.7.0

    • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
    • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
    • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
    • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
    • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
    • Math: add a mulDiv function that can round the result either up or down. (#3171)
    • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
    • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
    • EnumerableMap: add new UintToUintMap map type. (#3338)
    • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
    • SafeCast: add support for many more types, using procedural code generation. (#3245)
    • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
    • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
    • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
    • ERC721: removed redundant require statement. (#3434)
    • PaymentSplitter: add releasable getters. (#3350)
    • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
    • Proxies: remove runtime check of ERC1967 storage slots. (#3455)

    Breaking changes

    • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.

    v4.7.0-rc.0

    This prerelease is now available for open review! Let us know your feedback and if you find any security issues.

    We have a bug bounty with rewards of up to USD $25,000 and a special POAP for submitting a valid issue.

    See the announcement for more details.

    v4.6.0

    • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
    • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
    • EnumerableMap: add new AddressToUintMap map type. (#3150)
    • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
    • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)

    ... (truncated)

    Changelog

    Sourced from @​openzeppelin/contracts's changelog.

    4.7.2

    • LibArbitrumL2, CrossChainEnabledArbitrumL2: Fixed detection of cross-chain calls for EOAs. Previously, calls from EOAs would be classified as cross-chain calls. (#3578)
    • GovernorVotesQuorumFraction: Fixed quorum updates so they do not affect past proposals that failed due to lack of quorum. (#3561)
    • ERC165Checker: Added protection against large returndata. (#3587)

    4.7.1

    • SignatureChecker: Fix an issue that causes isValidSignatureNow to revert when the target contract returns ill-encoded data. (#3552)
    • ERC165Checker: Fix an issue that causes supportsInterface to revert when the target contract returns ill-encoded data. (#3552)

    4.7.0 (2022-06-29)

    • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
    • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
    • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
    • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
    • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
    • Math: add a mulDiv function that can round the result either up or down. (#3171)
    • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
    • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
    • EnumerableMap: add new UintToUintMap map type. (#3338)
    • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
    • SafeCast: add support for many more types, using procedural code generation. (#3245)
    • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
    • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
    • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
    • ERC721: removed redundant require statement. (#3434)
    • PaymentSplitter: add releasable getters. (#3350)
    • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
    • Proxies: remove runtime check of ERC1967 storage slots. (#3455)

    Breaking changes

    • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.

    4.6.0 (2022-04-26)

    • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
    • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
    • EnumerableMap: add new AddressToUintMap map type. (#3150)
    • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
    • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)
    • ERC20Wrapper: the decimals() function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. (#3259)
    • draft-ERC20Permit: replace immutable with constant for _PERMIT_TYPEHASH since the keccak256 of string literals is treated specially and the hash is evaluated at compile time. (#3196)
    • ERC1155: Add a _afterTokenTransfer hook for improved extensibility. (#3166)
    • ERC1155URIStorage: add a new extension that implements a _setURI behavior similar to ERC721's _setTokenURI. (#3210)
    • DoubleEndedQueue: a new data structure that supports efficient push and pop to both front and back, useful for FIFO and LIFO queues. (#3153)
    • Governor: improved security of onlyGovernance modifier when using an external executor contract (e.g. a timelock) that can operate without necessarily going through the governance protocol. (#3147)
    • Governor: Add a way to parameterize votes. This can be used to implement voting systems such as fractionalized voting, ERC721 based voting, or any number of other systems. The params argument added to _countVote method, and included in the newly added _getVotes method, can be used by counting and voting modules respectively for such purposes. (#3043)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump @openzeppelin/contracts from 4.5.0 to 4.7.1 in /eth-custodian

    Bump @openzeppelin/contracts from 4.5.0 to 4.7.1 in /eth-custodian

    Bumps @openzeppelin/contracts from 4.5.0 to 4.7.1.

    Release notes

    Sourced from @​openzeppelin/contracts's releases.

    v4.7.1

    :warning: This is a patch for a medium severity issue affecting SignatureChecker and a high severity issue affecting ERC165Checker. For more information visit the security advisories (1, 2).

    • SignatureChecker: Fix an issue that causes isValidSignatureNow to revert when the target contract returns ill-encoded data. (#3552)
    • ERC165Checker: Fix an issue that causes supportsInterface to revert when the target contract returns ill-encoded data. (#3552)

    v4.7.0

    • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
    • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
    • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
    • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
    • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
    • Math: add a mulDiv function that can round the result either up or down. (#3171)
    • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
    • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
    • EnumerableMap: add new UintToUintMap map type. (#3338)
    • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
    • SafeCast: add support for many more types, using procedural code generation. (#3245)
    • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
    • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
    • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
    • ERC721: removed redundant require statement. (#3434)
    • PaymentSplitter: add releasable getters. (#3350)
    • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
    • Proxies: remove runtime check of ERC1967 storage slots. (#3455)

    Breaking changes

    • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.

    v4.7.0-rc.0

    This prerelease is now available for open review! Let us know your feedback and if you find any security issues.

    We have a bug bounty with rewards of up to USD $25,000 and a special POAP for submitting a valid issue.

    See the announcement for more details.

    v4.6.0

    • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
    • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
    • EnumerableMap: add new AddressToUintMap map type. (#3150)
    • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
    • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)
    • ERC20Wrapper: the decimals() function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. (#3259)
    • draft-ERC20Permit: replace immutable with constant for _PERMIT_TYPEHASH since the keccak256 of string literals is treated specially and the hash is evaluated at compile time. (#3196)
    • ERC1155: Add a _afterTokenTransfer hook for improved extensibility. (#3166)
    • ERC1155URIStorage: add a new extension that implements a _setURI behavior similar to ERC721's _setTokenURI. (#3210)
    • DoubleEndedQueue: a new data structure that supports efficient push and pop to both front and back, useful for FIFO and LIFO queues. (#3153)
    • Governor: improved security of onlyGovernance modifier when using an external executor contract (e.g. a timelock) that can operate without necessarily going through the governance protocol. (#3147)
    • Governor: Add a way to parameterize votes. This can be used to implement voting systems such as fractionalized voting, ERC721 based voting, or any number of other systems. The params argument added to _countVote method, and included in the newly added _getVotes method, can be used by counting and voting modules respectively for such purposes. (#3043)

    ... (truncated)

    Changelog

    Sourced from @​openzeppelin/contracts's changelog.

    4.7.1

    • SignatureChecker: Fix an issue that causes isValidSignatureNow to revert when the target contract returns ill-encoded data. (#3552)
    • ERC165Checker: Fix an issue that causes supportsInterface to revert when the target contract returns ill-encoded data. (#3552)

    4.7.0 (2022-06-29)

    • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
    • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
    • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
    • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
    • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
    • Math: add a mulDiv function that can round the result either up or down. (#3171)
    • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
    • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
    • EnumerableMap: add new UintToUintMap map type. (#3338)
    • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
    • SafeCast: add support for many more types, using procedural code generation. (#3245)
    • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
    • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
    • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
    • ERC721: removed redundant require statement. (#3434)
    • PaymentSplitter: add releasable getters. (#3350)
    • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
    • Proxies: remove runtime check of ERC1967 storage slots. (#3455)

    Breaking changes

    • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.

    4.6.0 (2022-04-26)

    • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
    • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
    • EnumerableMap: add new AddressToUintMap map type. (#3150)
    • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
    • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)
    • ERC20Wrapper: the decimals() function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. (#3259)
    • draft-ERC20Permit: replace immutable with constant for _PERMIT_TYPEHASH since the keccak256 of string literals is treated specially and the hash is evaluated at compile time. (#3196)
    • ERC1155: Add a _afterTokenTransfer hook for improved extensibility. (#3166)
    • ERC1155URIStorage: add a new extension that implements a _setURI behavior similar to ERC721's _setTokenURI. (#3210)
    • DoubleEndedQueue: a new data structure that supports efficient push and pop to both front and back, useful for FIFO and LIFO queues. (#3153)
    • Governor: improved security of onlyGovernance modifier when using an external executor contract (e.g. a timelock) that can operate without necessarily going through the governance protocol. (#3147)
    • Governor: Add a way to parameterize votes. This can be used to implement voting systems such as fractionalized voting, ERC721 based voting, or any number of other systems. The params argument added to _countVote method, and included in the newly added _getVotes method, can be used by counting and voting modules respectively for such purposes. (#3043)
    • Governor: rewording of revert reason for consistency. (#3275)
    • Governor: fix an inconsistency in data locations that could lead to invalid bytecode being produced. (#3295)
    • Governor: Implement IERC721Receiver and IERC1155Receiver to improve token custody by governors. (#3230)
    • TimelockController: Implement IERC721Receiver and IERC1155Receiver to improve token custody by timelocks. (#3230)
    • TimelockController: Add a separate canceller role for the ability to cancel. (#3165)
    • Initializable: add a reinitializer modifier that enables the initialization of new modules, added to already initialized contracts through upgradeability. (#3232)

    ... (truncated)

    Commits
    • 3b8b4ba 4.7.1
    • 212de08 Fix issues caused by abi.decode reverting (#3552)
    • 8c49ad7 4.7.0
    • 0b238a5 Minor wording fixes ERC4626 contract (#3510)
    • e4748fb Support memory arrays in MerkleTree multiproof (#3493)
    • b971092 Make ERC4626 _deposit and _withdraw internal virtual (#3504)
    • 4307d74 Add a caution note to ERC4626 about EOA access (#3503)
    • 1e7d735 Clarify PaymentSplitter shares are static
    • 029706d Fix check for generated code when last updated is a release candidate
    • 97c46a7 Output diff when test:generation fails
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • EthCustodian: `withdraw` method improvements. Update OZ version.

    EthCustodian: `withdraw` method improvements. Update OZ version.

    • EthCustodian: withdraw() method - use call() instead of transfer().
    • EthCustodian: upgrade OpenZeppelin contracts dependency to 4.5

    It's required to change it for the future as transfer() gas provided might change. Reentrancy is being handled because the proof is consumed at the very beginning of the method.

    enhancement security 
    opened by sept-en 1
  • Remove unused components

    Remove unused components

    So far only eth-custodian contracts are being used. evm-fungible-token and pure-eth-connector were rather concepts and never used in production. Thus, we need to remove it.

    opened by sept-en 1
  • Upgrade to Solidity 0.8. Fix `rainbow-bridge` dependency

    Upgrade to Solidity 0.8. Fix `rainbow-bridge` dependency

    Upgrade the Solidity version of EthCustodian and dependent contracts to ^0.8.

    The PR depends on rainbow-bridge#589 PR. This PR should stay in draft until the mentioned PR is merged.

    enhancement 
    opened by sept-en 1
  • Adjust scripts to work with Aurora. Add more util scripts. README improvements.

    Adjust scripts to work with Aurora. Add more util scripts. README improvements.

    The scripts are compatible with this Aurora version deployed on the testnet.

    Also addressed step-by-step guide comments by @joshuajbouw (thanks for pointing them out!)

    opened by sept-en 1
  • Bump shelljs from 0.8.4 to 0.8.5 in /eth-custodian

    Bump shelljs from 0.8.4 to 0.8.5 in /eth-custodian

    Bumps shelljs from 0.8.4 to 0.8.5.

    Release notes

    Sourced from shelljs's releases.

    v0.8.5

    This was a small security fix for #1058.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump simple-get from 2.8.1 to 2.8.2 in /eth-custodian

    Bump simple-get from 2.8.1 to 2.8.2 in /eth-custodian

    Bumps simple-get from 2.8.1 to 2.8.2.

    Commits
    Maintainer changes

    This version was pushed to npm by linusu, a new releaser for simple-get since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump follow-redirects from 1.13.2 to 1.14.9 in /eth-custodian

    Bump follow-redirects from 1.13.2 to 1.14.9 in /eth-custodian

    Bumps follow-redirects from 1.13.2 to 1.14.9.

    Commits
    • 13136e9 Release version 1.14.9 of the npm package.
    • 2ec9b0b Keep headers when upgrading from HTTP to HTTPS.
    • 5fc74dd Reduce nesting.
    • 3d81dc3 Release version 1.14.8 of the npm package.
    • 62e546a Drop confidential headers across schemes.
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump json-pointer from 0.6.1 to 0.6.2 in /eth-custodian

    Bump json-pointer from 0.6.1 to 0.6.2 in /eth-custodian

    Bumps json-pointer from 0.6.1 to 0.6.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump express from 4.17.1 to 4.18.2 in /eth-custodian

    Bump express from 4.17.1 to 4.18.2 in /eth-custodian

    Bumps express from 4.17.1 to 4.18.2.

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump decode-uri-component from 0.2.0 to 0.2.2 in /eth-custodian

    Bump decode-uri-component from 0.2.0 to 0.2.2 in /eth-custodian

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump qs from 6.5.2 to 6.5.3 in /eth-custodian

    Bump qs from 6.5.2 to 6.5.3 in /eth-custodian

    Bumps qs from 6.5.2 to 6.5.3.

    Changelog

    Sourced from qs's changelog.

    6.5.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Refactor] parse: only need to reassign the var once
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] always use String(x) over x.toString()
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main
    Commits
    • 298bfa5 v6.5.3
    • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 12ac1c4 [meta] fix README.md (#399)
    • 0338716 [actions] backport actions from main
    • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • 51b8a0b add FUNDING.yml
    • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • f814a7f [Dev Deps] backport from main
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump @openzeppelin/contracts from 4.5.0 to 4.7.3 in /eth-custodian

    Bump @openzeppelin/contracts from 4.5.0 to 4.7.3 in /eth-custodian

    Bumps @openzeppelin/contracts from 4.5.0 to 4.7.3.

    Release notes

    Sourced from @​openzeppelin/contracts's releases.

    v4.7.3

    :warning: This is a patch for a high severity issue. For more information visit the security advisory.

    Breaking changes

    • ECDSA: recover(bytes32,bytes) and tryRecover(bytes32,bytes) no longer accept compact signatures to prevent malleability. Compact signature support remains available using recover(bytes32,bytes32,bytes32) and tryRecover(bytes32,bytes32,bytes32).

    v4.7.2

    :warning: This is a patch for three issues, including a high severity issue in GovernorVotesQuorumFraction. For more information visit the security advisories (1, 2, 3).

    1. GovernorVotesQuorumFraction: Fixed quorum updates so they do not affect past proposals that failed due to lack of quorum. (#3561)
    2. ERC165Checker: Added protection against large returndata. (#3587)
    3. LibArbitrumL2, CrossChainEnabledArbitrumL2: Fixed detection of cross-chain calls for EOAs. Previously, calls from EOAs would be classified as cross-chain calls. (#3578)

    v4.7.1

    :warning: This is a patch for a medium severity issue affecting SignatureChecker and a high severity issue affecting ERC165Checker. For more information visit the security advisories (1, 2).

    • SignatureChecker: Fix an issue that causes isValidSignatureNow to revert when the target contract returns ill-encoded data. (#3552)
    • ERC165Checker: Fix an issue that causes supportsInterface to revert when the target contract returns ill-encoded data. (#3552)

    v4.7.0

    • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
    • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
    • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
    • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
    • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
    • Math: add a mulDiv function that can round the result either up or down. (#3171)
    • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
    • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
    • EnumerableMap: add new UintToUintMap map type. (#3338)
    • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
    • SafeCast: add support for many more types, using procedural code generation. (#3245)
    • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
    • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
    • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
    • ERC721: removed redundant require statement. (#3434)
    • PaymentSplitter: add releasable getters. (#3350)
    • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
    • Proxies: remove runtime check of ERC1967 storage slots. (#3455)

    Breaking changes

    • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.

    v4.7.0-rc.0

    This prerelease is now available for open review! Let us know your feedback and if you find any security issues.

    We have a bug bounty with rewards of up to USD $25,000 and a special POAP for submitting a valid issue.

    See the announcement for more details.

    ... (truncated)

    Changelog

    Sourced from @​openzeppelin/contracts's changelog.

    4.7.3

    Breaking changes

    • ECDSA: recover(bytes32,bytes) and tryRecover(bytes32,bytes) no longer accept compact signatures to prevent malleability. Compact signature support remains available using recover(bytes32,bytes32,bytes32) and tryRecover(bytes32,bytes32,bytes32).

    4.7.2

    • LibArbitrumL2, CrossChainEnabledArbitrumL2: Fixed detection of cross-chain calls for EOAs. Previously, calls from EOAs would be classified as cross-chain calls. (#3578)
    • GovernorVotesQuorumFraction: Fixed quorum updates so they do not affect past proposals that failed due to lack of quorum. (#3561)
    • ERC165Checker: Added protection against large returndata. (#3587)

    4.7.1

    • SignatureChecker: Fix an issue that causes isValidSignatureNow to revert when the target contract returns ill-encoded data. (#3552)
    • ERC165Checker: Fix an issue that causes supportsInterface to revert when the target contract returns ill-encoded data. (#3552)

    4.7.0 (2022-06-29)

    • TimelockController: Migrate _call to _execute and allow inheritance and overriding similar to Governor. (#3317)
    • CrossChainEnabledPolygonChild: replace the require statement with the custom error NotCrossChainCall. (#3380)
    • ERC20FlashMint: Add customizable flash fee receiver. (#3327)
    • ERC4626: add an extension of ERC20 that implements the ERC4626 Tokenized Vault Standard. (#3171)
    • SafeERC20: add safePermit as mitigation against phantom permit functions. (#3280)
    • Math: add a mulDiv function that can round the result either up or down. (#3171)
    • Math: Add a sqrt function to compute square roots of integers, rounding either up or down. (#3242)
    • Strings: add a new overloaded function toHexString that converts an address with fixed length of 20 bytes to its not checksummed ASCII string hexadecimal representation. (#3403)
    • EnumerableMap: add new UintToUintMap map type. (#3338)
    • EnumerableMap: add new Bytes32ToUintMap map type. (#3416)
    • SafeCast: add support for many more types, using procedural code generation. (#3245)
    • MerkleProof: add multiProofVerify to prove multiple values are part of a Merkle tree. (#3276)
    • MerkleProof: add calldata versions of the functions to avoid copying input arrays to memory and save gas. (#3200)
    • ERC721, ERC1155: simplified revert reasons. (#3254, (#3438))
    • ERC721: removed redundant require statement. (#3434)
    • PaymentSplitter: add releasable getters. (#3350)
    • Initializable: refactored implementation of modifiers for easier understanding. (#3450)
    • Proxies: remove runtime check of ERC1967 storage slots. (#3455)

    Breaking changes

    • Initializable: functions decorated with the modifier reinitializer(1) may no longer invoke each other.

    4.6.0 (2022-04-26)

    • crosschain: Add a new set of contracts for cross-chain applications. CrossChainEnabled is a base contract with instantiations for several chains and bridges, and AccessControlCrossChain is an extension of access control that allows cross-chain operation. (#3183)
    • AccessControl: add a virtual _checkRole(bytes32) function that can be overridden to alter the onlyRole modifier behavior. (#3137)
    • EnumerableMap: add new AddressToUintMap map type. (#3150)
    • EnumerableMap: add new Bytes32ToBytes32Map map type. (#3192)
    • ERC20FlashMint: support infinite allowance when paying back a flash loan. (#3226)
    • ERC20Wrapper: the decimals() function now tries to fetch the value from the underlying token instance. If that calls revert, then the default value is used. (#3259)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • EthCustodian: check the proof acception by tx height

    EthCustodian: check the proof acception by tx height

    Currently, the block verification height is happening against proofBlockHeight which is incorrect as this represents the height of the generated proof and not the tx block height. This should be fixed to use the height of the block where the tx originated.

    bug 
    opened by sept-en 0
Releases(0.3)

  • 0.3(Apr 7, 2022)

    What's Changed

    • EthCustodian: make AdminControlled and pausable
    • EthCustodian: stylistic fixes
    • Update contracts, scripts, and guide to working with Aurora
    • README improvements

    Full Changelog: https://github.com/aurora-is-near/eth-connector/compare/v0.2...0.3

    Source code(tar.gz)
    Source code(zip)

  • aurora-testnet-v01(May 7, 2021)

  • v0.2(Apr 27, 2021)

Owner
Project Aurora
Project Aurora
GitHub
Rust project for working with ETH - Ethereum transactions with Rust on Ganache and also deploy smart contracts :)

Just a test project to work with Ethereum but using Rust. I'm using plain Rust here, not Foundry. In future we will use Foundry. Hope you're already f

Akhil Sharma 2 Dec 20, 2022
Ethereum key tool - Lightweight CLI tool to deal with ETH keys written in rust

ekt - Etherum Key Tool ekt is a lightweight tool to generate ethereum keys and addresses. Installation Either clone it and run it with cargo or instal

null 5 May 8, 2023
This is the Repo used to learn blockchain development in conjusction with the CyberGen NFT Project.

Environment Setup Install Rust from https://rustup.rs/ Install Solana from https://docs.solana.com/cli/install-solana-cli-tools#use-solanas-install-to

null 1 Nov 3, 2021
Temporary edit external crates that your project depends on

rhack You want to quickly put a sneaky macro kind of like dbg! into external crates to find out how some internal data structure works? If so rhack is

Ryo Nakao 119 Nov 3, 2022
EVM compatible chain with NPoS/PoC consensus

Reef Chain Reef chain is written in Rust. A basic familiarity with Rust tooling is required. To learn more about Reef chain, please refer to Documenta

Reef Finance 148 Dec 31, 2022
Fiddi is a command line tool that does the boring and complex process of checking and processing/watching transactions on EVM compatible Blockchain.

Fiddi is a command line tool that does the boring and complex process of checking and processing/watching transactions on EVM compatible Blockchain.

Ahmad Abdullahi Adamu 7 Jan 9, 2023
DFIP 2111-B: VOC: Ethereum Virtual Machine (EVM) Support

DeFiCh/metachain is a codename research & development for DFIP 2111-B: VOC: Ethereum Virtual Machine (EVM) Support . Proposed as a DFIP on Nov 2021; D

DeFiChain 19 Dec 6, 2022
Selendra is a multichains interoperable nominated Proof-of-Stake network for developing and running Substrate-based and EVM compatible blockchain applications.

Selendra An interoperable nominated Proof-of-Stake network for developing and running Substrate-based and EVM compatible blockchain applications. Read

Selendra 16 Nov 29, 2022
Parser and test runner for testing compatable common Ethereum full node tests against Polygon Zero's EVM.

EVM Test Parses and runs compatible common Ethereum tests from ethereum/tests against Polygon Zero's EVM. Note: This repo is currently very early in d

Mir Protocol 3 Nov 4, 2022
Minimalistic EVM-compatible chain indexer.

EVM Indexer Minimalistic EVM-compatible blockchain indexer written in rust. This repository contains a program to index helpful information from any E

Kike B 14 Dec 24, 2022
Binding generator for EVM and ink!

Sumi is a binding generator specifically designed for Astar Network ecosystem with XVM in mind. It takes EVM metadata and converts it to an ink! modul

Dmitry 4 Dec 15, 2022
Minimalistic EVM-compatible chain indexer.

EVM Indexer Minimalistic EVM-compatible blockchain indexer written in rust. This repository contains a program to index helpful information from any E

LlamaFolio 11 Dec 15, 2022
Tiny CLI for submitting large calldata transactions to EVM networks to stress test the networking layer. Main motivation: EIP4844blobs.

stress4844 Tiny CLI for submitting large calldata transactions to EVM networks to stress test the networking layer. Main motivation: EIP4844 blobs. ca

Paradigm 50 Jan 4, 2023
Tiny CLI for submitting large calldata transactions to EVM networks to stress test the networking layer

Tiny CLI for submitting large calldata transactions to EVM networks to stress test the networking layer. Main motivation: EIP4844blobs.

Paradigm 50 Jan 4, 2023
An EVM low-level language that gives full control over the control flow of the smart contract.

Meplang - An EVM low-level language Meplang is a low-level programming language that produces EVM bytecode. It is designed for developers who need ful

MEP 19 Jan 31, 2023
A framework for developing EVM-compatible chains

rt-evm A compact development framework for creating EVM-compatible runtimes/chains. Usage Check the example for details. Projects referenced trie, MPT

Rust Util Collections 4 Mar 15, 2023
🛠️ Uses zkevm-circuits and anvil mainnetfork to prove that a tx solves an EVM challenge

zk-proof-of-evm-execution This is a PoC developed at hackathon that enables a user to prove that they know some calldata that can solve a challenge on

soham 9 Mar 29, 2023
An extensible and practical demonstration of constructing evm-based sandwich attacks built with ethers-rs and Huff language.

subway-rs • Construct evm-based sandwich attacks using Rust and Huff. Getting Started subway-rs is a port of libevm's original subway, implemented wit

refcell.eth 230 Apr 25, 2023
A Minimalistic Rust library to extract all potential function selectors from EVM bytecode without source code.

EVM Hound A Minimalistic Rust library to extract all potential function selectors from EVM bytecode without source code. Installation $ cargo add evm_

null 34 Dec 3, 2023