From 07c8a9355254284e7b0e251ff6104f4ec2644009 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Thu, 19 Oct 2023 19:36:04 +0200 Subject: [PATCH 01/13] Add contract to migrate a Safe from not L2 to L2 - Related to https://github.com/safe-global/safe-transaction-service/issues/1703 --- contracts/libraries/SafeToL2Migration.sol | 131 +++++++++++++++ test/libraries/SafeToL2Migration.spec.ts | 195 ++++++++++++++++++++++ 2 files changed, 326 insertions(+) create mode 100644 contracts/libraries/SafeToL2Migration.sol create mode 100644 test/libraries/SafeToL2Migration.spec.ts diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol new file mode 100644 index 000000000..469bf485f --- /dev/null +++ b/contracts/libraries/SafeToL2Migration.sol @@ -0,0 +1,131 @@ +// SPDX-License-Identifier: LGPL-3.0-only +/* solhint-disable one-contract-per-file */ +pragma solidity >=0.7.0 <0.9.0; + +import {SafeStorage} from "../libraries/SafeStorage.sol"; +import {Enum} from "../common/Enum.sol"; + +interface ISafe { + function VERSION() external view returns (string memory); +} + + + +/** + * @title Migration Contract for updating a Safe from 1.3.0/1.4.1 version to a L2 version. Useful when replaying a Safe from a non L2 network in a L2 network. + * @notice This contract facilitates the migration of a Safe contract from version 1.3.0 to 1.3.0L2 or from 1.4.1 to 1.4.1L2 + * Older versions are not supported + * @dev IMPORTANT: The migration will only work with proxies that store the implementation address in the storage slot 0. + */ +contract SafeToL2Migration is SafeStorage { + // Address of this contract + address public immutable MIGRATION_SINGLETON; + + /** + * @notice Constructor + * @dev Initializes the migrationSingleton with the contract's own address. + */ + constructor() { + MIGRATION_SINGLETON = address(this); + } + + /** + * @notice Event indicating a change of master copy address. + * @param singleton New master copy address + */ + event ChangedMasterCopy(address singleton); + + event SafeMultiSigTransaction( + address to, + uint256 value, + bytes data, + Enum.Operation operation, + uint256 safeTxGas, + uint256 baseGas, + uint256 gasPrice, + address gasToken, + address payable refundReceiver, + bytes signatures, + // We combine nonce, sender and threshold into one to avoid stack too deep + // Dev note: additionalInfo should not contain `bytes`, as this complicates decoding + bytes additionalInfo + ); + + /** + * @notice Migrate from Safe 1.3.0/1.4.1 Singleton (L1) to the same version provided L2 singleton + * @dev This function should only be called via a delegatecall to perform the upgrade. + */ + function migrateToL2(address l2Singleton) public { + require(address(this) != MIGRATION_SINGLETON, "Migration should only be called via delegatecall"); + require(address(singleton) != l2Singleton, "Safe is already using the singleton"); + // Nonce is increased before executing a tx, so first executed tx will have nonce=1 + require(nonce == 1, "Safe must have not executed any tx"); + bytes32 oldSingletonVersion = keccak256(abi.encodePacked(ISafe(singleton).VERSION())); + bytes32 newSingletonVersion = keccak256(abi.encodePacked(ISafe(l2Singleton).VERSION())); + + require(oldSingletonVersion == newSingletonVersion, "L2 singleton must match current version singleton"); + // There's no way to make sure if address is a valid singleton, unless we cofigure the contract for every chain + require(newSingletonVersion == keccak256(abi.encodePacked("1.3.0")) || newSingletonVersion == keccak256(abi.encodePacked("1.4.1")), "Provided singleton version is not supported"); + + singleton = l2Singleton; + + // Simulate a L2 transaction so indexer picks up the Safe + // 0xef2624ae - keccack("migrateToL2(address)") + bytes memory data = abi.encodeWithSelector(0xef2624ae, l2Singleton); + bytes memory additionalInfo; + { + // nonce, sender, threshold + additionalInfo = abi.encode(nonce, msg.sender, threshold); + } + emit SafeMultiSigTransaction( + MIGRATION_SINGLETON, + 0, + data, + Enum.Operation.DelegateCall, + 0, + 0, + 0, + address(0), + address(0), + "", // We cannot detect signatures + additionalInfo + ); + emit ChangedMasterCopy(singleton); + } + + /** + * @notice Checks whether an Ethereum address corresponds to a contract or an externally owned account (EOA). + * + * @param account The Ethereum address to be checked. + * + * @return A boolean value indicating whether the address is associated with a contract (true) or an EOA (false). + * + * @dev This function relies on the `extcodesize` assembly opcode to determine whether an address is a contract. + * It may return incorrect results in some edge cases: + * + * - During the contract deployment process, including the constructor, this function may incorrectly identify the + * contract's own address as an EOA, as the code is not yet deployed. + * + * - If a contract performs a self-destruct operation (using `selfdestruct`) after deployment, this function may + * incorrectly identify the address as an EOA once the contract is destroyed, as its code will be removed. + * + * - When interacting with external contracts that use delegatecall or other mechanisms to execute code from + * different contracts, this function may not accurately distinguish between a contract and an EOA, as it only + * checks the code size at the specified address. + * + * - Contracts that are created using the CREATE2 opcode may not be accurately identified as contracts by this + * function, especially if the code is not deployed until after the creation. + * + * Developers should use caution when relying on the results of this function for critical decision-making. + */ + function isContract(address account) internal view returns (bool) { + uint256 size; + // solhint-disable-next-line no-inline-assembly + assembly { + size := extcodesize(account) + } + + // If the code size is greater than 0, it is a contract; otherwise, it is an EOA. + return size > 0; + } +} diff --git a/test/libraries/SafeToL2Migration.spec.ts b/test/libraries/SafeToL2Migration.spec.ts new file mode 100644 index 000000000..d1340e69e --- /dev/null +++ b/test/libraries/SafeToL2Migration.spec.ts @@ -0,0 +1,195 @@ +import { expect } from "chai"; +import hre, { ethers, deployments } from "hardhat"; +import { AddressZero } from "@ethersproject/constants"; +import { getSafeWithSingleton, migrationContractTo150, getSafeSingletonAt, getMock } from "../utils/setup"; +import deploymentData from "../json/safeDeployment.json"; +import safeRuntimeBytecode from "../json/safeRuntimeBytecode.json"; +import { buildSafeTransaction, executeContractCallWithSigners, executeTxWithSigners } from "../../src/utils/execution"; + +const SAFE_SINGLETON_141_ADDRESS = "0x3E5c63644E683549055b9Be8653de26E0B4CD36E"; + +const SAFE_SINGLETON_141_L2_ADDRESS = "0xfb1bffC9d739B8D520DaF37dF666da4C687191EA"; + +const SAFE_SINGLETON_150_ADDRESS = "0x88627c8904eCd9DF96A572Ef32A7ff13b199Ed8D"; + +const SAFE_SINGLETON_150_L2_ADDRESS = "0x0Ee37514644683f7EB9745a5726C722DeBa77e52"; + +const FALLBACK_HANDLER_STORAGE_SLOT = "0x6c9a6c4a39284e37ed1cf53d337577d14212a4870fb976a4366c693b939918d5"; + +const GUARD_STORAGE_SLOT = "0x4a204f620c8c5ccdca3fd54d003badd85ba500436a431f0cbda4f558c93c34c8"; + +describe("SafeToL2Migration library", () => { + const migratedInterface = new ethers.Interface(["function masterCopy() view returns(address)"]); + + const setupTests = deployments.createFixture(async ({ deployments }) => { + await deployments.fixture(); + + // Set the runtime code for hardcoded addresses, so the expected events are emitted + await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_141_ADDRESS, safeRuntimeBytecode.safe141]); + await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_141_L2_ADDRESS, safeRuntimeBytecode.safe141l2]); + await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_150_ADDRESS, safeRuntimeBytecode.safe150]); + await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_150_L2_ADDRESS, safeRuntimeBytecode.safe150l2]); + + const signers = await ethers.getSigners(); + const [user1] = signers; + const singleton130Address = (await (await user1.sendTransaction({ data: deploymentData.safe130 })).wait())?.contractAddress; + const singleton130L2Address = (await (await user1.sendTransaction({ data: deploymentData.safe130l2 })).wait())?.contractAddress; + + if (!singleton130Address || !singleton130L2Address) { + throw new Error("Could not deploy Safe130 or Safe130L2"); + } + const singleton130 = await getSafeSingletonAt(singleton130Address); + const singleton130L2 = await getSafeSingletonAt(singleton130L2Address); + + const guardContract = await hre.ethers.getContractAt("Guard", AddressZero); + const guardEip165Calldata = guardContract.interface.encodeFunctionData("supportsInterface", ["0x945b8148"]); + const validGuardMock = await getMock(); + await validGuardMock.givenCalldataReturnBool(guardEip165Calldata, true); + + const invalidGuardMock = await getMock(); + await invalidGuardMock.givenCalldataReturnBool(guardEip165Calldata, false); + + const safeWith1967Proxy = await getSafeSingletonAt( + await hre.ethers + .getContractFactory("UpgradeableProxy") + .then((factory) => + factory.deploy( + singleton130Address, + singleton130.interface.encodeFunctionData("setup", [ + [user1.address], + 1, + AddressZero, + "0x", + AddressZero, + AddressZero, + 0, + AddressZero, + ]), + ), + ) + .then((proxy) => proxy.getAddress()), + ); + const safeToL2MigrationContract = await hre.ethers.getContractFactory("SafeToL2Migration"); + const migration = await safeToL2MigrationContract.deploy(); + return { + safe130: await getSafeWithSingleton(singleton130, [user1.address]), + safe130l2: await getSafeWithSingleton(singleton130L2, [user1.address]), + safeWith1967Proxy, + migration, + signers, + validGuardMock, + invalidGuardMock, + singleton130Address, + singleton130L2Address, + }; + }); + + describe("migrateToL2", () => { + it("reverts if the singleton is not set", async () => { + const { + migration, + safeWith1967Proxy, + signers: [user1], + singleton130L2Address, + } = await setupTests(); + + await expect( + executeContractCallWithSigners(safeWith1967Proxy, migration, "migrateToL2", [singleton130L2Address], [user1], true), + ).to.be.revertedWith("GS013"); + }); + + it("reverts if new singleton is the same as the old one", async () => { + const { + safe130, + migration, + signers: [user1], + singleton130Address, + } = await setupTests(); + await expect( + executeContractCallWithSigners(safe130, migration, "migrateToL2", [singleton130Address], [user1], true), + ).to.be.revertedWith("GS013"); + }); + + it("reverts if new singleton is not supported", async () => { + const { + safe130, + migration, + signers: [user1], + } = await setupTests(); + await expect( + executeContractCallWithSigners(safe130, migration, "migrateToL2", [SAFE_SINGLETON_150_L2_ADDRESS], [user1], true), + ).to.be.revertedWith("GS013"); + }); + + it("reverts if nonce > 0", async () => { + const { + safe130, + migration, + signers: [user1], + singleton130Address, + singleton130L2Address, + } = await setupTests(); + const safeAddress = await safe130.getAddress(); + // The emit matcher checks the address, which is the Safe as delegatecall is used + const migrationSafe = migration.attach(safeAddress); + + // Increase nonce by sending eth + await user1.sendTransaction({ to: safeAddress, value: ethers.parseEther("1") }); + const nonce = 0; + const safeTx = buildSafeTransaction({ to: user1.address, value: ethers.parseEther("1"), nonce }); + await executeTxWithSigners(safe130, safeTx, [user1]); + + await expect( + executeContractCallWithSigners(safe130, migration, "migrateToL2", [singleton130L2Address], [user1], true), + ).to.be.revertedWith("GS013"); + + const singletonResp = await user1.call({ to: safeAddress, data: migratedInterface.encodeFunctionData("masterCopy") }); + expect(migratedInterface.decodeFunctionResult("masterCopy", singletonResp)[0]).to.eq(singleton130Address); + }); + + it("migrates from singleton 1.3.0 to 1.3.0L2", async () => { + const { + safe130, + migration, + signers: [user1], + singleton130L2Address, + } = await setupTests(); + const safeAddress = await safe130.getAddress(); + // The emit matcher checks the address, which is the Safe as delegatecall is used + const migrationSafe = migration.attach(safeAddress); + + await expect(executeContractCallWithSigners(safe130, migration, "migrateToL2", [singleton130L2Address], [user1], true)) + .to.emit(migrationSafe, "ChangedMasterCopy") + .withArgs(singleton130L2Address); + + const singletonResp = await user1.call({ to: safeAddress, data: migratedInterface.encodeFunctionData("masterCopy") }); + expect(migratedInterface.decodeFunctionResult("masterCopy", singletonResp)[0]).to.eq(singleton130L2Address); + }); + + it("doesn't touch important storage slots", async () => { + const { + safe130, + migration, + signers: [user1], + singleton130L2Address, + } = await setupTests(); + const safeAddress = await safe130.getAddress(); + + const ownerCountBeforeMigration = await hre.ethers.provider.getStorage(safeAddress, 3); + const thresholdBeforeMigration = await hre.ethers.provider.getStorage(safeAddress, 4); + const nonceBeforeMigration = await hre.ethers.provider.getStorage(safeAddress, 5); + const guardBeforeMigration = await hre.ethers.provider.getStorage(safeAddress, GUARD_STORAGE_SLOT); + const fallbackHandlerBeforeMigration = await hre.ethers.provider.getStorage(safeAddress, FALLBACK_HANDLER_STORAGE_SLOT); + + await expect(executeContractCallWithSigners(safe130, migration, "migrateToL2", [singleton130L2Address], [user1], true)); + + expect(await hre.ethers.provider.getStorage(safeAddress, 3)).to.be.eq(ownerCountBeforeMigration); + expect(await hre.ethers.provider.getStorage(safeAddress, 4)).to.be.eq(thresholdBeforeMigration); + expect(await hre.ethers.provider.getStorage(safeAddress, 5)).to.be.eq(nonceBeforeMigration); + expect(await hre.ethers.provider.getStorage(safeAddress, GUARD_STORAGE_SLOT)).to.be.eq(guardBeforeMigration); + expect(await hre.ethers.provider.getStorage(safeAddress, FALLBACK_HANDLER_STORAGE_SLOT)).to.be.eq( + fallbackHandlerBeforeMigration, + ); + }); + }); +}); From 3ac8ea6a86e58981da4475f35f53a4c57b7fcf18 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Fri, 20 Oct 2023 10:49:44 +0200 Subject: [PATCH 02/13] Fix linting --- test/libraries/SafeToL2Migration.spec.ts | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/test/libraries/SafeToL2Migration.spec.ts b/test/libraries/SafeToL2Migration.spec.ts index d1340e69e..c774e0099 100644 --- a/test/libraries/SafeToL2Migration.spec.ts +++ b/test/libraries/SafeToL2Migration.spec.ts @@ -1,7 +1,7 @@ import { expect } from "chai"; import hre, { ethers, deployments } from "hardhat"; import { AddressZero } from "@ethersproject/constants"; -import { getSafeWithSingleton, migrationContractTo150, getSafeSingletonAt, getMock } from "../utils/setup"; +import { getSafeWithSingleton, getSafeSingletonAt, getMock } from "../utils/setup"; import deploymentData from "../json/safeDeployment.json"; import safeRuntimeBytecode from "../json/safeRuntimeBytecode.json"; import { buildSafeTransaction, executeContractCallWithSigners, executeTxWithSigners } from "../../src/utils/execution"; @@ -130,8 +130,6 @@ describe("SafeToL2Migration library", () => { singleton130L2Address, } = await setupTests(); const safeAddress = await safe130.getAddress(); - // The emit matcher checks the address, which is the Safe as delegatecall is used - const migrationSafe = migration.attach(safeAddress); // Increase nonce by sending eth await user1.sendTransaction({ to: safeAddress, value: ethers.parseEther("1") }); From 00b13692df6f83957fe9462af6559a57863d386d Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Fri, 20 Oct 2023 14:17:18 +0200 Subject: [PATCH 03/13] Add tests --- contracts/libraries/SafeToL2Migration.sol | 8 +++--- test/libraries/SafeToL2Migration.spec.ts | 31 ++++++++++++++++++++--- 2 files changed, 31 insertions(+), 8 deletions(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index 469bf485f..e7a814219 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -6,6 +6,7 @@ import {SafeStorage} from "../libraries/SafeStorage.sol"; import {Enum} from "../common/Enum.sol"; interface ISafe { + // solhint-disable-next-line function VERSION() external view returns (string memory); } @@ -72,11 +73,8 @@ contract SafeToL2Migration is SafeStorage { // Simulate a L2 transaction so indexer picks up the Safe // 0xef2624ae - keccack("migrateToL2(address)") bytes memory data = abi.encodeWithSelector(0xef2624ae, l2Singleton); - bytes memory additionalInfo; - { - // nonce, sender, threshold - additionalInfo = abi.encode(nonce, msg.sender, threshold); - } + // nonce, sender, threshold + bytes memory additionalInfo = abi.encode(nonce - 1, msg.sender, threshold); emit SafeMultiSigTransaction( MIGRATION_SINGLETON, 0, diff --git a/test/libraries/SafeToL2Migration.spec.ts b/test/libraries/SafeToL2Migration.spec.ts index c774e0099..15ab7343a 100644 --- a/test/libraries/SafeToL2Migration.spec.ts +++ b/test/libraries/SafeToL2Migration.spec.ts @@ -130,6 +130,7 @@ describe("SafeToL2Migration library", () => { singleton130L2Address, } = await setupTests(); const safeAddress = await safe130.getAddress(); + expect(await safe130.nonce()).to.be.eq(0); // Increase nonce by sending eth await user1.sendTransaction({ to: safeAddress, value: ethers.parseEther("1") }); @@ -137,6 +138,7 @@ describe("SafeToL2Migration library", () => { const safeTx = buildSafeTransaction({ to: user1.address, value: ethers.parseEther("1"), nonce }); await executeTxWithSigners(safe130, safeTx, [user1]); + expect(await safe130.nonce()).to.be.eq(1); await expect( executeContractCallWithSigners(safe130, migration, "migrateToL2", [singleton130L2Address], [user1], true), ).to.be.revertedWith("GS013"); @@ -155,13 +157,36 @@ describe("SafeToL2Migration library", () => { const safeAddress = await safe130.getAddress(); // The emit matcher checks the address, which is the Safe as delegatecall is used const migrationSafe = migration.attach(safeAddress); - - await expect(executeContractCallWithSigners(safe130, migration, "migrateToL2", [singleton130L2Address], [user1], true)) + const migrationAddress = await migration.getAddress(); + + const functionName = "migrateToL2"; + const expectedData = migration.interface.encodeFunctionData(functionName, [singleton130L2Address]); + const safeThreshold = await safe130.getThreshold(); + const additionalInfo = hre.ethers.AbiCoder.defaultAbiCoder().encode( + ["uint256", "address", "uint256"], + [0, user1.address, safeThreshold], + ); + await expect(executeContractCallWithSigners(safe130, migration, functionName, [singleton130L2Address], [user1], true)) .to.emit(migrationSafe, "ChangedMasterCopy") - .withArgs(singleton130L2Address); + .withArgs(singleton130L2Address) + .to.emit(migrationSafe, "SafeMultiSigTransaction") + .withArgs( + migrationAddress, + 0, + expectedData, + 1, + 0, + 0, + 0, + AddressZero, + AddressZero, + "0x", // We cannot detect signatures + additionalInfo, + ); const singletonResp = await user1.call({ to: safeAddress, data: migratedInterface.encodeFunctionData("masterCopy") }); expect(migratedInterface.decodeFunctionResult("masterCopy", singletonResp)[0]).to.eq(singleton130L2Address); + expect(await safe130.nonce()).to.be.eq(1); }); it("doesn't touch important storage slots", async () => { From 03bd68d90c56dc025b25dd8dad8bf0090c3a9e8b Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Tue, 24 Oct 2023 12:29:48 +0200 Subject: [PATCH 04/13] Remove dead code --- contracts/libraries/SafeToL2Migration.sol | 47 +++-------------------- 1 file changed, 6 insertions(+), 41 deletions(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index e7a814219..4020ad620 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -10,8 +10,6 @@ interface ISafe { function VERSION() external view returns (string memory); } - - /** * @title Migration Contract for updating a Safe from 1.3.0/1.4.1 version to a L2 version. Useful when replaying a Safe from a non L2 network in a L2 network. * @notice This contract facilitates the migration of a Safe contract from version 1.3.0 to 1.3.0L2 or from 1.4.1 to 1.4.1L2 @@ -66,8 +64,11 @@ contract SafeToL2Migration is SafeStorage { require(oldSingletonVersion == newSingletonVersion, "L2 singleton must match current version singleton"); // There's no way to make sure if address is a valid singleton, unless we cofigure the contract for every chain - require(newSingletonVersion == keccak256(abi.encodePacked("1.3.0")) || newSingletonVersion == keccak256(abi.encodePacked("1.4.1")), "Provided singleton version is not supported"); - + require( + newSingletonVersion == keccak256(abi.encodePacked("1.3.0")) || newSingletonVersion == keccak256(abi.encodePacked("1.4.1")), + "Provided singleton version is not supported" + ); + singleton = l2Singleton; // Simulate a L2 transaction so indexer picks up the Safe @@ -85,45 +86,9 @@ contract SafeToL2Migration is SafeStorage { 0, address(0), address(0), - "", // We cannot detect signatures + "", // We cannot detect signatures additionalInfo ); emit ChangedMasterCopy(singleton); } - - /** - * @notice Checks whether an Ethereum address corresponds to a contract or an externally owned account (EOA). - * - * @param account The Ethereum address to be checked. - * - * @return A boolean value indicating whether the address is associated with a contract (true) or an EOA (false). - * - * @dev This function relies on the `extcodesize` assembly opcode to determine whether an address is a contract. - * It may return incorrect results in some edge cases: - * - * - During the contract deployment process, including the constructor, this function may incorrectly identify the - * contract's own address as an EOA, as the code is not yet deployed. - * - * - If a contract performs a self-destruct operation (using `selfdestruct`) after deployment, this function may - * incorrectly identify the address as an EOA once the contract is destroyed, as its code will be removed. - * - * - When interacting with external contracts that use delegatecall or other mechanisms to execute code from - * different contracts, this function may not accurately distinguish between a contract and an EOA, as it only - * checks the code size at the specified address. - * - * - Contracts that are created using the CREATE2 opcode may not be accurately identified as contracts by this - * function, especially if the code is not deployed until after the creation. - * - * Developers should use caution when relying on the results of this function for critical decision-making. - */ - function isContract(address account) internal view returns (bool) { - uint256 size; - // solhint-disable-next-line no-inline-assembly - assembly { - size := extcodesize(account) - } - - // If the code size is greater than 0, it is a contract; otherwise, it is an EOA. - return size > 0; - } } From c1abd945817dc4790fb5a588b404b8c550fe702d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ux=C3=ADo?= Date: Tue, 24 Oct 2023 14:32:04 +0200 Subject: [PATCH 05/13] Update contracts/libraries/SafeToL2Migration.sol Co-authored-by: Mikhail <16622558+mmv08@users.noreply.github.com> --- contracts/libraries/SafeToL2Migration.sol | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index 4020ad620..e8a19eda2 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -72,7 +72,7 @@ contract SafeToL2Migration is SafeStorage { singleton = l2Singleton; // Simulate a L2 transaction so indexer picks up the Safe - // 0xef2624ae - keccack("migrateToL2(address)") + // 0xef2624ae - keccak("migrateToL2(address)") bytes memory data = abi.encodeWithSelector(0xef2624ae, l2Singleton); // nonce, sender, threshold bytes memory additionalInfo = abi.encode(nonce - 1, msg.sender, threshold); From 036adfd1e131e5d4dd414f3f683ad3e891043762 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Tue, 24 Oct 2023 14:35:16 +0200 Subject: [PATCH 06/13] Adding docs --- contracts/libraries/SafeToL2Migration.sol | 2 ++ 1 file changed, 2 insertions(+) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index e8a19eda2..d937fbbef 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -52,7 +52,9 @@ contract SafeToL2Migration is SafeStorage { /** * @notice Migrate from Safe 1.3.0/1.4.1 Singleton (L1) to the same version provided L2 singleton + * Safe is required to have nonce 0 so backend can support it after the migration * @dev This function should only be called via a delegatecall to perform the upgrade. + * Singletons versions will be compared, so it implies that contract exists */ function migrateToL2(address l2Singleton) public { require(address(this) != MIGRATION_SINGLETON, "Migration should only be called via delegatecall"); From e85b404289356ff91b5848a2a2abbbf1281369d0 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Tue, 24 Oct 2023 14:36:05 +0200 Subject: [PATCH 07/13] Fix typo --- contracts/libraries/SafeToL2Migration.sol | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index d937fbbef..608d282cd 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -54,7 +54,7 @@ contract SafeToL2Migration is SafeStorage { * @notice Migrate from Safe 1.3.0/1.4.1 Singleton (L1) to the same version provided L2 singleton * Safe is required to have nonce 0 so backend can support it after the migration * @dev This function should only be called via a delegatecall to perform the upgrade. - * Singletons versions will be compared, so it implies that contract exists + * Singletons versions will be compared, so it implies that contracts exist */ function migrateToL2(address l2Singleton) public { require(address(this) != MIGRATION_SINGLETON, "Migration should only be called via delegatecall"); From 9fd1b877d6b5838e935cee0bb9dfc19e832a2fc1 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Tue, 24 Oct 2023 14:44:17 +0200 Subject: [PATCH 08/13] Add test for migrating from v1.4.1 to v1.4.1 L2 --- test/libraries/SafeToL2Migration.spec.ts | 48 +++++++++++++++++++++--- 1 file changed, 43 insertions(+), 5 deletions(-) diff --git a/test/libraries/SafeToL2Migration.spec.ts b/test/libraries/SafeToL2Migration.spec.ts index 15ab7343a..cee5196ac 100644 --- a/test/libraries/SafeToL2Migration.spec.ts +++ b/test/libraries/SafeToL2Migration.spec.ts @@ -10,8 +10,6 @@ const SAFE_SINGLETON_141_ADDRESS = "0x3E5c63644E683549055b9Be8653de26E0B4CD36E"; const SAFE_SINGLETON_141_L2_ADDRESS = "0xfb1bffC9d739B8D520DaF37dF666da4C687191EA"; -const SAFE_SINGLETON_150_ADDRESS = "0x88627c8904eCd9DF96A572Ef32A7ff13b199Ed8D"; - const SAFE_SINGLETON_150_L2_ADDRESS = "0x0Ee37514644683f7EB9745a5726C722DeBa77e52"; const FALLBACK_HANDLER_STORAGE_SLOT = "0x6c9a6c4a39284e37ed1cf53d337577d14212a4870fb976a4366c693b939918d5"; @@ -27,7 +25,6 @@ describe("SafeToL2Migration library", () => { // Set the runtime code for hardcoded addresses, so the expected events are emitted await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_141_ADDRESS, safeRuntimeBytecode.safe141]); await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_141_L2_ADDRESS, safeRuntimeBytecode.safe141l2]); - await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_150_ADDRESS, safeRuntimeBytecode.safe150]); await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_150_L2_ADDRESS, safeRuntimeBytecode.safe150l2]); const signers = await ethers.getSigners(); @@ -39,7 +36,7 @@ describe("SafeToL2Migration library", () => { throw new Error("Could not deploy Safe130 or Safe130L2"); } const singleton130 = await getSafeSingletonAt(singleton130Address); - const singleton130L2 = await getSafeSingletonAt(singleton130L2Address); + const singleton141 = await getSafeSingletonAt(SAFE_SINGLETON_141_ADDRESS); const guardContract = await hre.ethers.getContractAt("Guard", AddressZero); const guardEip165Calldata = guardContract.interface.encodeFunctionData("supportsInterface", ["0x945b8148"]); @@ -73,7 +70,7 @@ describe("SafeToL2Migration library", () => { const migration = await safeToL2MigrationContract.deploy(); return { safe130: await getSafeWithSingleton(singleton130, [user1.address]), - safe130l2: await getSafeWithSingleton(singleton130L2, [user1.address]), + safe141: await getSafeWithSingleton(singleton141, [user1.address]), safeWith1967Proxy, migration, signers, @@ -189,6 +186,47 @@ describe("SafeToL2Migration library", () => { expect(await safe130.nonce()).to.be.eq(1); }); + it("migrates from singleton 1.4.1 to 1.4.1L2", async () => { + const { + safe141, + migration, + signers: [user1], + } = await setupTests(); + const safeAddress = await safe141.getAddress(); + // The emit matcher checks the address, which is the Safe as delegatecall is used + const migrationSafe = migration.attach(safeAddress); + const migrationAddress = await migration.getAddress(); + + const functionName = "migrateToL2"; + const expectedData = migration.interface.encodeFunctionData(functionName, [SAFE_SINGLETON_141_L2_ADDRESS]); + const safeThreshold = await safe141.getThreshold(); + const additionalInfo = hre.ethers.AbiCoder.defaultAbiCoder().encode( + ["uint256", "address", "uint256"], + [0, user1.address, safeThreshold], + ); + await expect(executeContractCallWithSigners(safe141, migration, functionName, [SAFE_SINGLETON_141_L2_ADDRESS], [user1], true)) + .to.emit(migrationSafe, "ChangedMasterCopy") + .withArgs(SAFE_SINGLETON_141_L2_ADDRESS) + .to.emit(migrationSafe, "SafeMultiSigTransaction") + .withArgs( + migrationAddress, + 0, + expectedData, + 1, + 0, + 0, + 0, + AddressZero, + AddressZero, + "0x", // We cannot detect signatures + additionalInfo, + ); + + const singletonResp = await user1.call({ to: safeAddress, data: migratedInterface.encodeFunctionData("masterCopy") }); + expect(migratedInterface.decodeFunctionResult("masterCopy", singletonResp)[0]).to.eq(SAFE_SINGLETON_141_L2_ADDRESS); + expect(await safe141.nonce()).to.be.eq(1); + }); + it("doesn't touch important storage slots", async () => { const { safe130, From 00ab5eabea08afb9dff11ecf3206a4553acaf876 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Wed, 25 Oct 2023 12:40:30 +0200 Subject: [PATCH 09/13] Add support to migrate from v1.1.1 --- contracts/libraries/SafeToL2Migration.sol | 121 +++++++++++++++++----- test/libraries/SafeToL2Migration.spec.ts | 81 ++++++++++++++- 2 files changed, 175 insertions(+), 27 deletions(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index 608d282cd..ddc6d6c8a 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -8,12 +8,18 @@ import {Enum} from "../common/Enum.sol"; interface ISafe { // solhint-disable-next-line function VERSION() external view returns (string memory); + + function setFallbackHandler(address handler) external; + + function getOwners() external view returns (address[] memory); + + function getThreshold() external view returns (uint256); } /** - * @title Migration Contract for updating a Safe from 1.3.0/1.4.1 version to a L2 version. Useful when replaying a Safe from a non L2 network in a L2 network. - * @notice This contract facilitates the migration of a Safe contract from version 1.3.0 to 1.3.0L2 or from 1.4.1 to 1.4.1L2 - * Older versions are not supported + * @title Migration Contract for updating a Safe from 1.1.1/1.3.0/1.4.1 versions to a L2 version. Useful when replaying a Safe from a non L2 network in a L2 network. + * @notice This contract facilitates the migration of a Safe contract from version 1.1.1 to 1.3.0/1.4.1 L2, 1.3.0 to 1.3.0L2 or from 1.4.1 to 1.4.1L2 + * Other versions are not supported * @dev IMPORTANT: The migration will only work with proxies that store the implementation address in the storage slot 0. */ contract SafeToL2Migration is SafeStorage { @@ -34,6 +40,8 @@ contract SafeToL2Migration is SafeStorage { */ event ChangedMasterCopy(address singleton); + event SafeSetup(address indexed initiator, address[] owners, uint256 threshold, address initializer, address fallbackHandler); + event SafeMultiSigTransaction( address to, uint256 value, @@ -50,14 +58,48 @@ contract SafeToL2Migration is SafeStorage { bytes additionalInfo ); + /** + * @notice Modifier to make a function callable via delegatecall only. + * If the function is called via a regular call, it will revert. + */ + modifier onlyDelegateCall() { + require(address(this) != MIGRATION_SINGLETON, "Migration should only be called via delegatecall"); + _; + } + + /** + * @dev Internal function with common migration steps, changes the singleton and emits SafeMultiSigTransaction event + */ + function migrate(address l2Singleton, bytes memory functionData) private { + singleton = l2Singleton; + + // Encode nonce, sender, threshold + bytes memory additionalInfo = abi.encode(nonce - 1, msg.sender, threshold); + + // Simulate a L2 transaction so Safe Tx Service indexer picks up the Safe + emit SafeMultiSigTransaction( + MIGRATION_SINGLETON, + 0, + functionData, + Enum.Operation.DelegateCall, + 0, + 0, + 0, + address(0), + address(0), + "", // We cannot detect signatures + additionalInfo + ); + emit ChangedMasterCopy(singleton); + } + /** * @notice Migrate from Safe 1.3.0/1.4.1 Singleton (L1) to the same version provided L2 singleton * Safe is required to have nonce 0 so backend can support it after the migration * @dev This function should only be called via a delegatecall to perform the upgrade. * Singletons versions will be compared, so it implies that contracts exist */ - function migrateToL2(address l2Singleton) public { - require(address(this) != MIGRATION_SINGLETON, "Migration should only be called via delegatecall"); + function migrateToL2(address l2Singleton) public onlyDelegateCall { require(address(singleton) != l2Singleton, "Safe is already using the singleton"); // Nonce is increased before executing a tx, so first executed tx will have nonce=1 require(nonce == 1, "Safe must have not executed any tx"); @@ -71,26 +113,57 @@ contract SafeToL2Migration is SafeStorage { "Provided singleton version is not supported" ); - singleton = l2Singleton; - - // Simulate a L2 transaction so indexer picks up the Safe // 0xef2624ae - keccak("migrateToL2(address)") - bytes memory data = abi.encodeWithSelector(0xef2624ae, l2Singleton); - // nonce, sender, threshold - bytes memory additionalInfo = abi.encode(nonce - 1, msg.sender, threshold); - emit SafeMultiSigTransaction( - MIGRATION_SINGLETON, - 0, - data, - Enum.Operation.DelegateCall, - 0, - 0, - 0, - address(0), - address(0), - "", // We cannot detect signatures - additionalInfo + bytes memory functionData = abi.encodeWithSelector(0xef2624ae, l2Singleton); + migrate(l2Singleton, functionData); + } + + /** + * @notice Migrate from Safe 1.1.1 Singleton to 1.3.1 or 1.4.1 L2 + * Safe is required to have nonce 0 so backend can support it after the migration + * @dev This function should only be called via a delegatecall to perform the upgrade. + * Singletons version will be checked, so it implies that contracts exist. + * A valid and compatible fallbackHandler needs to be provided, only existance will be checked. + */ + function migrateFromV111(address l2Singleton, address fallbackHandler) public onlyDelegateCall { + require(isContract(fallbackHandler), "fallbackHandler is not a contract"); + + bytes32 oldSingletonVersion = keccak256(abi.encodePacked(ISafe(singleton).VERSION())); + require(oldSingletonVersion == keccak256(abi.encodePacked("1.1.1")), "Provided singleton version is not supported"); + + bytes32 newSingletonVersion = keccak256(abi.encodePacked(ISafe(l2Singleton).VERSION())); + require( + newSingletonVersion == keccak256(abi.encodePacked("1.3.0")) || newSingletonVersion == keccak256(abi.encodePacked("1.4.1")), + "Provided singleton version is not supported" ); - emit ChangedMasterCopy(singleton); + + ISafe safe = ISafe(address(this)); + safe.setFallbackHandler(fallbackHandler); + + // Safes < 1.3.0 did not emit SafeSetup, so Safe Tx Service backend needs the event to index the Safe + emit SafeSetup(MIGRATION_SINGLETON, safe.getOwners(), safe.getThreshold(), address(0), fallbackHandler); + + // 0xd9a20812 - keccak("migrateFromV111(address,address)") + bytes memory functionData = abi.encodeWithSelector(0xd9a20812, l2Singleton, fallbackHandler); + migrate(l2Singleton, functionData); + } + + /** + * @notice Checks whether an Ethereum address corresponds to a contract or an externally owned account (EOA). + * @param account The Ethereum address to be checked. + * @return A boolean value indicating whether the address is associated with a contract (true) or an EOA (false). + * @dev This function relies on the `extcodesize` assembly opcode to determine whether an address is a contract. + * It may return incorrect results in some edge cases (see documentation for details). + * Developers should use caution when relying on the results of this function for critical decision-making. + */ + function isContract(address account) internal view returns (bool) { + uint256 size; + // solhint-disable-next-line no-inline-assembly + assembly { + size := extcodesize(account) + } + + // If the code size is greater than 0, it is a contract; otherwise, it is an EOA. + return size > 0; } } diff --git a/test/libraries/SafeToL2Migration.spec.ts b/test/libraries/SafeToL2Migration.spec.ts index cee5196ac..66aa7aa6d 100644 --- a/test/libraries/SafeToL2Migration.spec.ts +++ b/test/libraries/SafeToL2Migration.spec.ts @@ -4,7 +4,13 @@ import { AddressZero } from "@ethersproject/constants"; import { getSafeWithSingleton, getSafeSingletonAt, getMock } from "../utils/setup"; import deploymentData from "../json/safeDeployment.json"; import safeRuntimeBytecode from "../json/safeRuntimeBytecode.json"; -import { buildSafeTransaction, executeContractCallWithSigners, executeTxWithSigners } from "../../src/utils/execution"; +import { + buildSafeTransaction, + executeContractCallWithSigners, + executeTx, + executeTxWithSigners, + safeApproveHash, +} from "../../src/utils/execution"; const SAFE_SINGLETON_141_ADDRESS = "0x3E5c63644E683549055b9Be8653de26E0B4CD36E"; @@ -12,6 +18,8 @@ const SAFE_SINGLETON_141_L2_ADDRESS = "0xfb1bffC9d739B8D520DaF37dF666da4C687191E const SAFE_SINGLETON_150_L2_ADDRESS = "0x0Ee37514644683f7EB9745a5726C722DeBa77e52"; +const COMPATIBILITY_FALLBACK_HANDLER_150 = "0x8aa755cB169991fEDC3E306751dCb71964A041c7"; + const FALLBACK_HANDLER_STORAGE_SLOT = "0x6c9a6c4a39284e37ed1cf53d337577d14212a4870fb976a4366c693b939918d5"; const GUARD_STORAGE_SLOT = "0x4a204f620c8c5ccdca3fd54d003badd85ba500436a431f0cbda4f558c93c34c8"; @@ -26,15 +34,21 @@ describe("SafeToL2Migration library", () => { await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_141_ADDRESS, safeRuntimeBytecode.safe141]); await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_141_L2_ADDRESS, safeRuntimeBytecode.safe141l2]); await hre.network.provider.send("hardhat_setCode", [SAFE_SINGLETON_150_L2_ADDRESS, safeRuntimeBytecode.safe150l2]); + await hre.network.provider.send("hardhat_setCode", [ + COMPATIBILITY_FALLBACK_HANDLER_150, + safeRuntimeBytecode.safe150CompatibilityFallbackHandler, + ]); const signers = await ethers.getSigners(); const [user1] = signers; + const singleton111Address = (await (await user1.sendTransaction({ data: deploymentData.safe111 })).wait())?.contractAddress; const singleton130Address = (await (await user1.sendTransaction({ data: deploymentData.safe130 })).wait())?.contractAddress; const singleton130L2Address = (await (await user1.sendTransaction({ data: deploymentData.safe130l2 })).wait())?.contractAddress; - if (!singleton130Address || !singleton130L2Address) { - throw new Error("Could not deploy Safe130 or Safe130L2"); + if (!singleton111Address || !singleton130Address || !singleton130L2Address) { + throw new Error("Could not deploy Safe111, Safe130 or Safe130L2"); } + const singleton111 = await getSafeSingletonAt(singleton111Address); const singleton130 = await getSafeSingletonAt(singleton130Address); const singleton141 = await getSafeSingletonAt(SAFE_SINGLETON_141_ADDRESS); @@ -69,6 +83,7 @@ describe("SafeToL2Migration library", () => { const safeToL2MigrationContract = await hre.ethers.getContractFactory("SafeToL2Migration"); const migration = await safeToL2MigrationContract.deploy(); return { + safe111: await getSafeWithSingleton(singleton111, [user1.address]), safe130: await getSafeWithSingleton(singleton130, [user1.address]), safe141: await getSafeWithSingleton(singleton141, [user1.address]), safeWith1967Proxy, @@ -227,6 +242,66 @@ describe("SafeToL2Migration library", () => { expect(await safe141.nonce()).to.be.eq(1); }); + it("migrates from singleton 1.1.1 to 1.4.1L2", async () => { + const { + safe111, + migration, + signers: [user1], + } = await setupTests(); + const safeAddress = await safe111.getAddress(); + expect(await safe111.VERSION()).eq("1.1.1"); + expect("0x" + (await hre.ethers.provider.getStorage(safeAddress, FALLBACK_HANDLER_STORAGE_SLOT)).slice(26)).to.be.eq( + AddressZero, + ); + + // The emit matcher checks the address, which is the Safe as delegatecall is used + const migrationSafe = migration.attach(safeAddress); + const migrationAddress = await migration.getAddress(); + + const functionName = "migrateFromV111"; + const data = migration.interface.encodeFunctionData(functionName, [ + SAFE_SINGLETON_141_L2_ADDRESS, + COMPATIBILITY_FALLBACK_HANDLER_150, + ]); + const nonce = await safe111.nonce(); + expect(nonce).to.be.eq(0); + const safeThreshold = await safe111.getThreshold(); + const additionalInfo = hre.ethers.AbiCoder.defaultAbiCoder().encode( + ["uint256", "address", "uint256"], + [0, user1.address, safeThreshold], + ); + + const tx = buildSafeTransaction({ to: migrationAddress, data, operation: 1, nonce }); + + expect(await executeTx(safe111, tx, [await safeApproveHash(user1, safe111, tx, true)])) + .to.emit(migrationSafe, "ChangedMasterCopy") + .withArgs(SAFE_SINGLETON_141_L2_ADDRESS) + .to.emit(migrationSafe, "SafeMultiSigTransaction") + .withArgs( + migrationAddress, + 0, + data, + 1, + 0, + 0, + 0, + AddressZero, + AddressZero, + "0x", // We cannot detect signatures + additionalInfo, + ) + .to.emit(migrationSafe, "SafeSetup") + .withArgs(migrationAddress, await safe111.getOwners(), safeThreshold, AddressZero, COMPATIBILITY_FALLBACK_HANDLER_150); + + expect(await safe111.nonce()).to.be.eq(1); + expect(await safe111.VERSION()).to.be.eq("1.4.1"); + const singletonResp = await user1.call({ to: safeAddress, data: migratedInterface.encodeFunctionData("masterCopy") }); + expect(migratedInterface.decodeFunctionResult("masterCopy", singletonResp)[0]).to.eq(SAFE_SINGLETON_141_L2_ADDRESS); + expect("0x" + (await hre.ethers.provider.getStorage(safeAddress, FALLBACK_HANDLER_STORAGE_SLOT)).slice(26)).to.be.eq( + COMPATIBILITY_FALLBACK_HANDLER_150.toLowerCase(), + ); + }); + it("doesn't touch important storage slots", async () => { const { safe130, From 1417a085b07a242fffb0ad4605c815d2cf85b80e Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Thu, 26 Oct 2023 16:31:18 +0200 Subject: [PATCH 10/13] Fix typo --- contracts/libraries/SafeToL2Migration.sol | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index ddc6d6c8a..9699ab66d 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -119,7 +119,7 @@ contract SafeToL2Migration is SafeStorage { } /** - * @notice Migrate from Safe 1.1.1 Singleton to 1.3.1 or 1.4.1 L2 + * @notice Migrate from Safe 1.1.1 Singleton to 1.3.0 or 1.4.1 L2 * Safe is required to have nonce 0 so backend can support it after the migration * @dev This function should only be called via a delegatecall to perform the upgrade. * Singletons version will be checked, so it implies that contracts exist. From 788597125272ecf183124b5a4e1264e1677e4539 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Mon, 30 Oct 2023 11:48:36 +0100 Subject: [PATCH 11/13] Add modifier only nonce zero - Hardcode nonce 0 in event instead of nonce - 1, should be more gas efficient --- contracts/libraries/SafeToL2Migration.sol | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/contracts/libraries/SafeToL2Migration.sol b/contracts/libraries/SafeToL2Migration.sol index 9699ab66d..c4cf1f16c 100644 --- a/contracts/libraries/SafeToL2Migration.sol +++ b/contracts/libraries/SafeToL2Migration.sol @@ -67,6 +67,16 @@ contract SafeToL2Migration is SafeStorage { _; } + /** + * @notice Modifier to prevent using initialized Safes. + * If Safe has a nonce higher than 0, it will revert + */ + modifier onlyNonceZero() { + // Nonce is increased before executing a tx, so first executed tx will have nonce=1 + require(nonce == 1, "Safe must have not executed any tx"); + _; + } + /** * @dev Internal function with common migration steps, changes the singleton and emits SafeMultiSigTransaction event */ @@ -74,7 +84,7 @@ contract SafeToL2Migration is SafeStorage { singleton = l2Singleton; // Encode nonce, sender, threshold - bytes memory additionalInfo = abi.encode(nonce - 1, msg.sender, threshold); + bytes memory additionalInfo = abi.encode(0, msg.sender, threshold); // Simulate a L2 transaction so Safe Tx Service indexer picks up the Safe emit SafeMultiSigTransaction( @@ -99,10 +109,8 @@ contract SafeToL2Migration is SafeStorage { * @dev This function should only be called via a delegatecall to perform the upgrade. * Singletons versions will be compared, so it implies that contracts exist */ - function migrateToL2(address l2Singleton) public onlyDelegateCall { + function migrateToL2(address l2Singleton) public onlyDelegateCall onlyNonceZero { require(address(singleton) != l2Singleton, "Safe is already using the singleton"); - // Nonce is increased before executing a tx, so first executed tx will have nonce=1 - require(nonce == 1, "Safe must have not executed any tx"); bytes32 oldSingletonVersion = keccak256(abi.encodePacked(ISafe(singleton).VERSION())); bytes32 newSingletonVersion = keccak256(abi.encodePacked(ISafe(l2Singleton).VERSION())); @@ -125,7 +133,7 @@ contract SafeToL2Migration is SafeStorage { * Singletons version will be checked, so it implies that contracts exist. * A valid and compatible fallbackHandler needs to be provided, only existance will be checked. */ - function migrateFromV111(address l2Singleton, address fallbackHandler) public onlyDelegateCall { + function migrateFromV111(address l2Singleton, address fallbackHandler) public onlyDelegateCall onlyNonceZero { require(isContract(fallbackHandler), "fallbackHandler is not a contract"); bytes32 oldSingletonVersion = keccak256(abi.encodePacked(ISafe(singleton).VERSION())); From 7bef949d8f1c3a662c473f0b34c6ea77b61ecb81 Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Mon, 30 Oct 2023 12:42:29 +0100 Subject: [PATCH 12/13] Add script to deploy L2 migration --- src/deploy/deploy_l2_migration.ts | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 src/deploy/deploy_l2_migration.ts diff --git a/src/deploy/deploy_l2_migration.ts b/src/deploy/deploy_l2_migration.ts new file mode 100644 index 000000000..9dac4194c --- /dev/null +++ b/src/deploy/deploy_l2_migration.ts @@ -0,0 +1,18 @@ +import { DeployFunction } from "hardhat-deploy/types"; +import { HardhatRuntimeEnvironment } from "hardhat/types"; + +const deploy: DeployFunction = async function (hre: HardhatRuntimeEnvironment) { + const { deployments, getNamedAccounts } = hre; + const { deployer } = await getNamedAccounts(); + const { deploy } = deployments; + + await deploy("SafeToL2Migration", { + from: deployer, + args: [], + log: true, + deterministicDeployment: true, + }); +}; + +deploy.tags = ["not-l2-to-l2-migration", "migration"]; +export default deploy; From 58ca94e651f2b2ec42ed6a37ea2b7244d225cd8f Mon Sep 17 00:00:00 2001 From: Uxio Fuentefria Date: Mon, 30 Oct 2023 18:24:28 +0100 Subject: [PATCH 13/13] Rename deploy migrations script --- src/deploy/{deploy_l2_migration.ts => deploy_migrations.ts} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename src/deploy/{deploy_l2_migration.ts => deploy_migrations.ts} (100%) diff --git a/src/deploy/deploy_l2_migration.ts b/src/deploy/deploy_migrations.ts similarity index 100% rename from src/deploy/deploy_l2_migration.ts rename to src/deploy/deploy_migrations.ts