Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Tags: mezo-org/musd

Tags

v1.1.0

v1.0.2

v1.0.0

v0.1.0

Toggle v0.1.0's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
Function delegation for openTrove (#139)

## **PR Description**

This PR introduces functionality to enable contracts to call functions
on behalf of users, as described in
[ENG-553](https://linear.app/thesis-co/issue/ENG-553/remove-reliance-on-msgsender-from-borroweroperation-calls).
Specifically, it provides an example implementation using the
`openTrove` function as a starting point.

We maintain the existing `openTrove` function, which uses `msg.sender`
as the borrower address, and introduce a new function,
`openTroveWithSignature`, to support delegated calls. The new function
leverages the EIP712 standard to provide enhanced security and usability
for delegated transactions.

---

## **Key Changes**

### **New Functionality: `openTroveWithSignature`**
This function allows a borrower to delegate the execution of `openTrove`
to another contract or entity by signing a message. The following
security features are implemented using the EIP712 standard:

1. **Message Hash Signing**  
The borrower signs a message hash that includes all function parameters
and a domain separator. The domain separator incorporates the contract
name, version, chain ID, and address to:
   - Verify the borrower address.
   - Prevent cross-chain or cross-contract replay attacks.

2. **Per-User Nonces**  
Nonces are used to ensure that each signed message can only be executed
once, preventing replay attacks.

3. **Deadlines**  
A deadline parameter is included to prevent attacks where a user signs a
transaction but does not execute it (e.g., in the case of a conditional
order).

4. **Typed Data Signing**  
By using EIP712's typed data signing, users can better understand what
they are signing. Wallet integrations show a much clearer message rather
than just showing a hex string, which gives more user confidence and
helps prevent phishing attacks. This also simplifies integration with
frontends and third-party tools.

---

## **Notes for Review**

1. **Test Duplication**  
The tests for `openTroveWithSignature` currently have some duplication,
as they follow a similar pattern. While it’s possible to refactor these
tests now, I decided to wait until we add more delegated functions. Once
we have additional functions, we can refactor the tests to make them
more compact and reusable.

2. **Security Features**  
Some of the security features (e.g., domain separator) may seem
excessive. However, these are included by default when following the
EIP712 standard. Adopting this standardized approach ensures a higher
level of security and simplifies future dApp integrations, avoiding the
risks of a custom implementation.

---

## **Summary of Changes**
- Added `openTroveWithSignature` function to support delegated calls.
- Implemented EIP712-based message signing for enhanced security.
- Introduced per-user nonces and deadlines to prevent replay attacks.
- Updated tests to cover the new functionality.

This PR provides a foundation for enabling delegated calls across other
functions in the contract. Future iterations will include additional
delegated functions and potential refactoring of shared logic.