feature: new multisig version

packages/contracts/hardhat.config.ts

@@ -158,6 +158,7 @@ const config: HardhatUserConfig = {
   solidity: {
     version: '0.8.17',
     settings: {
+      viaIR: true,
       metadata: {
         // Not including the metadata hash
         // https://github.com/paulrberg/hardhat-template/issues/31

packages/contracts/src/ListedCheckCondition.sol

@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
+pragma solidity ^0.8.8;
+
+import {Multisig} from "./Multisig.sol";
+
+import {PermissionCondition} from "@aragon/osx-commons-contracts/src/permission/condition/PermissionCondition.sol";
+
+contract ListedCheckCondition is PermissionCondition {
+    Multisig private immutable multisig;
+
+    constructor(address _multisig) {
+        multisig = Multisig(_multisig);
+    }
+
+    function isGranted(
+        address _where,
+        address _who,
+        bytes32 _permissionId,
+        bytes calldata _data
+    ) public view override returns (bool) {
+        (_where, _data, _permissionId);
+
+        (bool onlyListed, ) = multisig.multisigSettings();
+
+        if (onlyListed && !multisig.isListed(_who)) {
+            return false;
+        }
+
+        return true;
+    }
+}

packages/contracts/src/Multisig.sol

@@ -9,6 +9,7 @@
 import {Addresslist} from "@aragon/osx-commons-contracts/src/plugin/extensions/governance/Addresslist.sol";
 import {ProposalUpgradeable} from "@aragon/osx-commons-contracts/src/plugin/extensions/proposal/ProposalUpgradeable.sol";
 import {PluginUUPSUpgradeable} from "@aragon/osx-commons-contracts/src/plugin/PluginUUPSUpgradeable.sol";
+import {IProposal} from "@aragon/osx-commons-contracts/src/plugin/extensions/proposal/IProposal.sol";
 import {IDAO} from "@aragon/osx-commons-contracts/src/dao/IDAO.sol";
 
 import {IMultisig} from "./IMultisig.sol";
@@ -45,6 +46,8 @@
         mapping(address => bool) approvers;
         IDAO.Action[] actions;
         uint256 allowFailureMap;
+        address target; // added in v1.3.0
+        Operation operation; // added in v1.3.0
     }
 
     /// @notice A container for the proposal parameters.
@@ -69,15 +72,21 @@
 
     /// @notice The [ERC-165](https://eips.ethereum.org/EIPS/eip-165) interface ID of the contract.
     bytes4 internal constant MULTISIG_INTERFACE_ID =
-        this.initialize.selector ^
-            this.updateMultisigSettings.selector ^
-            this.createProposal.selector ^
+        this.updateMultisigSettings.selector ^
+            bytes4(
+                keccak256(
+                    "createProposal(bytes,(address,uint256,bytes)[],uint256,bool,bool,uint64,uint64)"
+                )
+            ) ^
             this.getProposal.selector;
 
     /// @notice The ID of the permission required to call the `addAddresses` and `removeAddresses` functions.
     bytes32 public constant UPDATE_MULTISIG_SETTINGS_PERMISSION_ID =
         keccak256("UPDATE_MULTISIG_SETTINGS_PERMISSION");
 
+    /// @notice The ID of the permission required to call the `addAddresses` and `removeAddresses` functions.
+    bytes32 public constant CREATE_PROPOSAL_PERMISSION_ID = keccak256("CREATE_PROPOSAL_PERMISSION");
+
     /// @notice A mapping between proposal IDs and proposal information.
     // solhint-disable-next-line named-parameters-mapping
     mapping(uint256 => Proposal) internal proposals;
@@ -117,6 +126,10 @@
     /// @param actual The actual value.
     error AddresslistLengthOutOfBounds(uint16 limit, uint256 actual);
 
+    /// @notice Thrown if the proposal with same actions and metadata already exists.
+    /// @param proposalId The id of the proposal.
+    error ProposalAlreadyExists(uint256 proposalId);
+
     /// @notice Thrown if a date is out of bounds.
     /// @param limit The limit value.
     /// @param actual The actual value.
@@ -140,8 +153,9 @@
     function initialize(
         IDAO _dao,
         address[] calldata _members,
-        MultisigSettings calldata _multisigSettings
-    ) external initializer {
+        MultisigSettings calldata _multisigSettings,
+        TargetConfig calldata _targetConfig
+    ) external reinitializer(2) {
         __PluginUUPSUpgradeable_init(_dao);
 
         if (_members.length > type(uint16).max) {
@@ -152,6 +166,18 @@
         emit MembersAdded({members: _members});
 
         _updateMultisigSettings(_multisigSettings);
+
+        _setTargetConfig(_targetConfig);
+    }
+
+    /// @notice Reinitializes the TokenVoting after an upgrade from a previous protocol version.
+    /// @param _fromBuild The build version number of the previous implementation contract this upgrade is transitioning from.
+    /// @param _initData The initialization data to be passed to via `upgradeToAndCall` (see [ERC-1967](https://docs.openzeppelin.com/contracts/4.x/api/proxy#ERC1967Upgrade)).
+    function initializeFrom(uint16 _fromBuild, bytes calldata _initData) external reinitializer(2) {
+        if (_fromBuild < 3) {
+            TargetConfig memory targetConfig = abi.decode(_initData, (TargetConfig));
+            _setTargetConfig(targetConfig);
+        }
     }
 
     /// @notice Checks if this or the parent contract supports an interface by its ID.
@@ -236,11 +262,7 @@
         bool _tryExecution,
         uint64 _startDate,
         uint64 _endDate
-    ) external returns (uint256 proposalId) {
-        if (multisigSettings.onlyListed && !isListed(_msgSender())) {
-            revert ProposalCreationForbidden(_msgSender());
-        }
-
+    ) public auth(CREATE_PROPOSAL_PERMISSION_ID) returns (uint256 proposalId) {
         uint64 snapshotBlock;
         unchecked {
             // The snapshot block must be mined already to protect the transaction against backrunning transactions
@@ -264,23 +286,32 @@
             revert DateOutOfBounds({limit: _startDate, actual: _endDate});
         }
 
-        proposalId = _createProposal({
-            _creator: _msgSender(),
-            _metadata: _metadata,
-            _startDate: _startDate,
-            _endDate: _endDate,
-            _actions: _actions,
-            _allowFailureMap: _allowFailureMap
-        });
+        proposalId = createProposalId(_actions, _metadata);
 
         // Create the proposal
         Proposal storage proposal_ = proposals[proposalId];
 
+        // Multisig doesn't allow `minApprovals` settings to be less than 0.
+        // If it is, that means proposal hasn't been created yet.
+        if (proposal_.parameters.minApprovals != 0) {
+            revert ProposalAlreadyExists(proposalId);
+        }
+
         proposal_.parameters.snapshotBlock = snapshotBlock;
         proposal_.parameters.startDate = _startDate;
         proposal_.parameters.endDate = _endDate;
         proposal_.parameters.minApprovals = multisigSettings.minApprovals;
 
+        TargetConfig memory currentTarget = getTargetConfig();
+
+        if (currentTarget.target == address(0)) {
+            proposal_.target = address(dao());
+            proposal_.operation = Operation.Call;
+        } else {
+            proposal_.target = currentTarget.target;
+            proposal_.operation = currentTarget.operation;
+        }
+
         // Reduce costs
         if (_allowFailureMap != 0) {
             proposal_.allowFailureMap = _allowFailureMap;
@@ -296,6 +327,26 @@
         if (_approveProposal) {
             approve(proposalId, _tryExecution);
         }
+
+        emit ProposalCreated(
+            proposalId,
+            _msgSender(),
+            _startDate,
+            _endDate,
+            _metadata,
+            _actions,
+            _allowFailureMap
+        );
+    }
+
+    function createProposal(
+        bytes calldata _metadata,
+        IDAO.Action[] calldata _actions,
+        uint64 _startDate,
+        uint64 _endDate
+    ) external override returns (uint256 proposalId) {
+        // Calls public function for permission check.
+        proposalId = createProposal(_metadata, _actions, 0, false, false, _startDate, _endDate);
     }
 
     /// @inheritdoc IMultisig
@@ -328,7 +379,9 @@
     }
 
     /// @inheritdoc IMultisig
-    function canExecute(uint256 _proposalId) external view returns (bool) {
+    function canExecute(
+        uint256 _proposalId
+    ) external view override(IMultisig, IProposal) returns (bool) {
         return _canExecute(_proposalId);
     }
 
@@ -382,19 +435,41 @@
         return isListed(_account);
     }
 
+    /// @notice Hashing function used to (re)build the proposal id from the proposal details..
+    /// @dev The proposal id is produced by hashing the ABI encoded `targets` array, the `values` array, the `calldatas` array
+    /// and the descriptionHash (bytes32 which itself is the keccak256 hash of the description string). This proposal id
+    /// can be produced from the proposal data which is part of the {ProposalCreated} event. It can even be computed in
+    /// advance, before the proposal is submitted.
+    /// The chainId and the governor address are not part of the proposal id computation. Consequently, the
+    /// same proposal (with same operation and same description) will have the same id if submitted on multiple governors
+    /// across multiple networks. This also means that in order to execute the same operation twice (on the same
+    /// governor) the proposer will have to change the description in order to avoid proposal id conflicts.
+    /// @param _actions The actions that will be executed after the proposal passes.
+    /// @param _metadata The metadata of the proposal.
+    /// @return proposalId The ID of the proposal.
+    function createProposalId(
+        IDAO.Action[] calldata _actions,
+        bytes memory _metadata
+    ) public pure override returns (uint256) {
+        return uint256(keccak256(abi.encode(_actions, _metadata)));
+    }
+
     /// @notice Internal function to execute a vote. It assumes the queried proposal exists.
     /// @param _proposalId The ID of the proposal.
     function _execute(uint256 _proposalId) internal {
         Proposal storage proposal_ = proposals[_proposalId];
 
         proposal_.executed = true;
 
-        _executeProposal(
-            dao(),
-            _proposalId,
+        _execute(
+            proposal_.target,
+            bytes32(_proposalId),
             proposals[_proposalId].actions,
-            proposals[_proposalId].allowFailureMap
+            proposals[_proposalId].allowFailureMap,
+            proposal_.operation
         );
+
+        emit ProposalExecuted(_proposalId);
     }
 
     /// @notice Internal function to check if an account can approve. It assumes the queried proposal exists.