Skip to content

Change forwardToStrategy access control: strategies -> vault #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gnarvaja merged 5 commits into from
Jan 3, 2025
Merged

Change forwardToStrategy access control: strategies -> vault #19

gnarvaja merged 5 commits into from
Jan 3, 2025

Conversation

@gnarvaja
Copy link
Contributor

@gnarvaja gnarvaja commented Jan 3, 2025

Previously the forwardToStrategy calls where open to anyone and the strategies implemented the access control, assuming the vault was an IAccessControl.

Now the strategies don't implement any access control logic, and this responsability is left to the vaults.

The MultiStrategyERC4626 implements the access control by requiring two roles, one generic (FORWARD_TO_STRATEGY_ROLE) and one specific of the strategy and method being called.

The AccessManagedMSV implements the access control by requiring from the access manager an authorization to call a fake method id (bytes4 selector) generated from the specific of the
strategy and method being called. Also the permission to call forwardToStrategy must be granted too.

@gnarvaja
Change forwardToStrategy access control: strategies -> vault
be55db3 
Previously the forwardToStrategy calls where open to anyone and the
strategies implemented the access control, assuming the vault was an
IAccessControl.

Now the strategies don't implement any access control logic, and this
responsability is left to the vaults.

The MultiStrategyERC4626 implements the access control by requiring two
roles, one generic (FORWARD_TO_STRATEGY_ROLE) and one specific of the
strategy and method being called.

The AccessManagedMSV implements the access control by requiring from the
access manager an authorization to call a fake method id (bytes4
selector) generated from the specific of the
strategy and method being called. Also the permission to call
forwardToStrategy must be granted too.
@gnarvaja
Moves SingleStrategyERC4626 to mocks
6ec167d 
We are not using this contract in production and has known errors. It
only makes sense for testing individual strategies.
@gnarvaja
Fix broken test
ae60d37
@gnarvaja
New variant in strategies tests using AccessManagedMSV
a98cb4c 
Also, it uses customized deployProxy call available since OZ-upgrades
3.7.
@gnarvaja
Remove access control error defined in strategies
5faac92 
The strategies no longer raise these kind of errors.
@gnarvaja gnarvaja merged commit 69dcbb6 into main Jan 3, 2025
2 checks passed
@gnarvaja gnarvaja deleted the fix-forward-to-strategy-access branch January 3, 2025 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gnarvaja