-
Notifications
You must be signed in to change notification settings - Fork 15
docs: final doc version, extend EVM flow documentation #442
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
b431a2f
final docs version, extend EVM flow
keyleu 6d8c484
remove security email and under development message
keyleu c68bb25
Update README.md
keyleu 04b9b3c
Update docs/src/authorizations_processors/evm_authorization_contract.md
keyleu 3d7f547
Update docs/src/authorizations_processors/evm_authorization_contract.md
keyleu 291cb86
Update docs/src/authorizations_processors/evm_authorization_contract.md
keyleu e568a75
Update docs/src/authorizations_processors/evm_authorization_contract.md
keyleu File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
67 changes: 67 additions & 0 deletions
67
docs/src/authorizations_processors/evm_authorization_contract.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| # EVM Authorization Contract | ||
|
|
||
| If a general message passing protocol like Hyperlane wants to be avoided to not require the deployment of additional infrastructure, we also provide a Solidity version of the Authorization contract with similar functionality than the CosmWasm version. | ||
|
|
||
| These are the steps to set up our EVM program using the EVM Authorization contract instead of Hyperlane: | ||
|
|
||
| 1) Deploy `Authorization.sol` providing the program owner, the lite processor address (previously deployed) and a flag specifying if we want to store the callbacks in the contract state or just emit them as events (less gas consumption): | ||
|
|
||
| ```solidity | ||
| constructor(address _owner, address _processor, bool _storeCallbacks) Ownable(_owner) | ||
| ``` | ||
|
|
||
| 2) Once it's deployed, we need to set the authorization contract as an authorized address on the processor. | ||
|
|
||
| ```solidity | ||
| function addAuthorizedAddress(address _address) | ||
| ``` | ||
|
|
||
| This will allow processing the messages that the newly deployed authorization contract will forward to the processor. | ||
|
|
||
| 3) Now we can start adding our authorizations: | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice Adds standard authorizations for a specific label | ||
| * @dev Can only be called by the owner | ||
| * @param _labels Array of labels for the authorizations | ||
| * @param _users Array of arrays of user addresses associated with each label | ||
| * @param _authorizationData Array of arrays of authorization data associated with each label | ||
| */ | ||
| function addStandardAuthorizations( | ||
| string[] memory _labels, | ||
| address[][] memory _users, | ||
| AuthorizationData[][] memory _authorizationData | ||
| ) | ||
| ``` | ||
|
|
||
| This method allows adding multiple authorizations at the same time using arrays, to optimize the gas consumption. The most important part here is the `AuthorizationData`, which is defined as follows: | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice Structure representing the data for the authorization label | ||
| * @dev This structure contains the contract address and the function signature hash | ||
| * @param contractAddress The address of the contract that is authorized to be called | ||
| * @param useFunctionSelector Boolean indicating if the function selector should be used instead of callHash | ||
| * @param functionSelector The function selector of the function that is authorized to be called | ||
| * @param callHash The function signature hash of the function that is authorized to be called | ||
| */ | ||
| struct AuthorizationData { | ||
| address contractAddress; | ||
| bool useFunctionSelector; | ||
| bytes4 functionSelector; | ||
| bytes32 callHash; | ||
| } | ||
| ``` | ||
|
|
||
| As explained above, we have two ways of defining our authorization: using the function selector or a callHash. If we use a function selector, the authorized address is allowed to execute that specific function with **ANY** arguments. For example, if the function is `transfer(uint256 amount)` the address can specify any amount value when calling the authorization. On the other hand, if we want to restrict the call to a specific value, we provide the call hash so that only those specific call bytes can be executed. For example, we compute the `keccak256` hash of the encoded call data (e.g., `abi.encodeWithSignature("transfer(uint256)", 1000)`) and provide that as the `callHash`. Then the authorized address can **ONLY** call this authorization with that specific value. | ||
|
|
||
| As we can see this is less flexible than the CosmWasm version due to the nature of the Solidity language vs Rust but tends to be enough for most of the programs. If more flexibility is required, the option of using a message passing protocol with our encoding/decoding mechanisms or using the ZK Coprocessor is also available. | ||
|
|
||
| 4) Now that everything is set up, we can execute our authorization like this: | ||
|
|
||
| ```solidity | ||
| function sendProcessorMessage(string calldata label, bytes calldata _message) | ||
| ``` | ||
|
|
||
| We simply need to specify what label we want to execute and the encoded `ProcessorMessage` that will be forwarded to the Processor. This performs all the checks against our AuthorizationData, and if they all pass, the message will be forwarded to the processor, executed, and a callback will be received on the Authorization contract. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,2 @@ | ||
| # Security | ||
| Valence Programs have been independently audited. Please find audit reports [here](https://github.com/timewave-computer/valence-protocol/tree/main/audits/). | ||
|
|
||
| If you believe you've found a security-related issue with Valence Programs, please disclose responsibly by contacting the Timewave team at [security@timewave.computer](mailto:security@timewave.computer). |
Empty file.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.