Skip to content

Commit

Permalink
Address Cantina audit findings (#2)
Browse files Browse the repository at this point in the history 
Co-authored-by: telome <>
  • Loading branch information
@telome
telome authored Sep 2, 2024
1 parent 4b6cd2a commit bae891c
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion deploy/L2TokenBridgeSpell.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ contract L2TokenBridgeSpell {
L2GovRelayLike l2GovRelay = L2GovRelayLike(l2GovRelay_);

// sanity checks
require(address(l2Bridge) == l2Bridge_, "L2TokenBridgeSpell/l2-gateway-mismatch");
require(address(l2Bridge) == l2Bridge_, "L2TokenBridgeSpell/l2-bridge-mismatch");
require(l2Bridge.isOpen() == 1, "L2TokenBridgeSpell/not-open");
require(l2Bridge.otherBridge() == l1Bridge, "L2TokenBridgeSpell/other-bridge-mismatch");
require(l2Bridge.messenger() == l2Messenger, "L2TokenBridgeSpell/l2-bridge-messenger-mismatch");
Expand Down
4 changes: 2 additions & 2 deletions src/L2TokenBridge.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ contract L2TokenBridge {
bytes memory _extraData
) internal {
require(isOpen == 1, "L2TokenBridge/closed"); // do not allow initiating new xchain messages if bridge is closed
require(_remoteToken != address(0) && l1ToL2Token[_remoteToken] == _localToken, "L2TokenBridge/invalid-token");
require(_localToken != address(0) && l1ToL2Token[_remoteToken] == _localToken, "L2TokenBridge/invalid-token");

TokenLike(_localToken).burn(msg.sender, _amount); // TODO: should l2Tokens allow authed burn?

Expand Down Expand Up @@ -185,7 +185,7 @@ contract L2TokenBridge {
_initiateBridgeERC20(_localToken, _remoteToken, _to, _amount, _minGasLimit, _extraData);
}

/// @notice Finalizes an ERC20 bridge on L2. Can only be triggered by the L2TokenBridge.
/// @notice Finalizes an ERC20 bridge on L2. Can only be triggered by the L1TokenBridge.
/// @param _localToken Address of the ERC20 on L2.
/// @param _remoteToken Address of the corresponding token on L1.
/// @param _from Address of the sender.
Expand Down
2 changes: 1 addition & 1 deletion test/L2TokenBridge.t.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ contract L2TokenBridgeTest is DssTest {
vm.prank(address(0xe0a)); bridge.bridgeERC20(address(l1Token), address(0xbad), 100 ether, 1_000_000, "");

vm.expectRevert("L2TokenBridge/invalid-token");
vm.prank(address(0xe0a)); bridge.bridgeERC20(address(0xbad), address(0), 100 ether, 1_000_000, "");
vm.prank(address(0xe0a)); bridge.bridgeERC20(address(0), address(0xbad), 100 ether, 1_000_000, "");

uint256 supplyBefore = l2Token.totalSupply();
uint256 eoaBefore = l2Token.balanceOf(address(0xe0a));
Expand Down

0 comments on commit bae891c

Please sign in to comment.