Use onlyProxy (#343)

drips-network · Mar 4, 2024 · 7995018 · 7995018
1 parent c534d02
commit 7995018
Show file tree

Hide file tree

Showing 20 changed files with 540 additions and 54 deletions.
diff --git a/src/AddressDriver.sol b/src/AddressDriver.sol
@@ -28,7 +28,7 @@ contract AddressDriver is DriverTransferUtils, Managed {
     /// `driverId (32 bits) | zeros (64 bits) | addr (160 bits)`.
     /// @param addr The address
     /// @return accountId The account ID
-    function calcAccountId(address addr) public view returns (uint256 accountId) {
+    function calcAccountId(address addr) public view onlyProxy returns (uint256 accountId) {
         // By assignment we get `accountId` value:
         // `zeros (224 bits) | driverId (32 bits)`
         accountId = driverId;
@@ -55,7 +55,7 @@ contract AddressDriver is DriverTransferUtils, Managed {
     /// If you use such tokens in the protocol, they can get stuck or lost.
     /// @param transferTo The address to send collected funds to
     /// @return amt The collected amount
-    function collect(IERC20 erc20, address transferTo) public returns (uint128 amt) {
+    function collect(IERC20 erc20, address transferTo) public onlyProxy returns (uint128 amt) {
         return _collectAndTransfer(drips, _callerAccountId(), erc20, transferTo);
     }
 
@@ -70,7 +70,7 @@ contract AddressDriver is DriverTransferUtils, Managed {
     /// or impose any restrictions on holding or transferring tokens are not supported.
     /// If you use such tokens in the protocol, they can get stuck or lost.
     /// @param amt The given amount
-    function give(uint256 receiver, IERC20 erc20, uint128 amt) public {
+    function give(uint256 receiver, IERC20 erc20, uint128 amt) public onlyProxy {
         _giveAndTransfer(drips, _callerAccountId(), receiver, erc20, amt);
     }
 
@@ -131,7 +131,7 @@ contract AddressDriver is DriverTransferUtils, Managed {
         uint32 maxEndHint1,
         uint32 maxEndHint2,
         address transferTo
-    ) public returns (int128 realBalanceDelta) {
+    ) public onlyProxy returns (int128 realBalanceDelta) {
         return _setStreamsAndTransfer(
             drips,
             _callerAccountId(),
@@ -164,15 +164,15 @@ contract AddressDriver is DriverTransferUtils, Managed {
     /// This is usually unwanted, because if splitting is repeated,
     /// funds split to themselves will be again split using the current configuration.
     /// Splitting 100% to self effectively blocks splitting unless the configuration is updated.
-    function setSplits(SplitsReceiver[] calldata receivers) public {
+    function setSplits(SplitsReceiver[] calldata receivers) public onlyProxy {
         drips.setSplits(_callerAccountId(), receivers);
     }
 
     /// @notice Emits the account metadata for the message sender.
     /// The keys and the values are not standardized by the protocol, it's up to the users
     /// to establish and follow conventions to ensure compatibility with the consumers.
     /// @param accountMetadata The list of account metadata.
-    function emitAccountMetadata(AccountMetadata[] calldata accountMetadata) public {
+    function emitAccountMetadata(AccountMetadata[] calldata accountMetadata) public onlyProxy {
         if (accountMetadata.length != 0) {
             drips.emitAccountMetadata(_callerAccountId(), accountMetadata);
         }

diff --git a/src/Drips.sol b/src/Drips.sol
@@ -174,7 +174,7 @@ contract Drips is Managed, Streams, Splits {
     /// It should be a smart contract capable of dealing with the Drips API.
     /// It shouldn't be an EOA because the API requires making multiple calls per transaction.
     /// @return driverId The registered driver ID.
-    function registerDriver(address driverAddr) public returns (uint32 driverId) {
+    function registerDriver(address driverAddr) public onlyProxy returns (uint32 driverId) {
         require(driverAddr != address(0), "Driver registered for 0 address");
         DripsStorage storage dripsStorage = _dripsStorage();
         driverId = dripsStorage.nextDriverId++;
@@ -186,7 +186,7 @@ contract Drips is Managed, Streams, Splits {
     /// @param driverId The driver ID to look up.
     /// @return driverAddr The address of the driver.
     /// If the driver hasn't been registered yet, returns address 0.
-    function driverAddress(uint32 driverId) public view returns (address driverAddr) {
+    function driverAddress(uint32 driverId) public view onlyProxy returns (address driverAddr) {
         return _dripsStorage().driverAddresses[driverId];
     }
 
@@ -195,15 +195,15 @@ contract Drips is Managed, Streams, Splits {
     /// @param newDriverAddr The new address of the driver.
     /// It should be a smart contract capable of dealing with the Drips API.
     /// It shouldn't be an EOA because the API requires making multiple calls per transaction.
-    function updateDriverAddress(uint32 driverId, address newDriverAddr) public {
+    function updateDriverAddress(uint32 driverId, address newDriverAddr) public onlyProxy {
         _assertCallerIsDriver(driverId);
         _dripsStorage().driverAddresses[driverId] = newDriverAddr;
         emit DriverAddressUpdated(driverId, msg.sender, newDriverAddr);
     }
 
     /// @notice Returns the driver ID which will be assigned for the next registered driver.
     /// @return driverId The next driver ID.
-    function nextDriverId() public view returns (uint32 driverId) {
+    function nextDriverId() public view onlyProxy returns (uint32 driverId) {
         return _dripsStorage().nextDriverId;
     }
 
@@ -225,6 +225,7 @@ contract Drips is Managed, Streams, Splits {
     function balances(IERC20 erc20)
         public
         view
+        onlyProxy
         returns (uint128 streamsBalance, uint128 splitsBalance)
     {
         Balance storage balance = _dripsStorage().balances[erc20];
@@ -308,7 +309,7 @@ contract Drips is Managed, Streams, Splits {
     /// @param amt The withdrawn amount.
     /// It must be at most the difference between the balance of the token held by the Drips
     /// contract address and the sum of balances managed by the protocol as indicated by `balances`.
-    function withdraw(IERC20 erc20, address receiver, uint256 amt) public {
+    function withdraw(IERC20 erc20, address receiver, uint256 amt) public onlyProxy {
         (uint128 streamsBalance, uint128 splitsBalance) = balances(erc20);
         uint256 withdrawable = erc20.balanceOf(address(this)) - streamsBalance - splitsBalance;
         require(amt <= withdrawable, "Withdrawal amount too high");
@@ -330,6 +331,7 @@ contract Drips is Managed, Streams, Splits {
     function receivableStreamsCycles(uint256 accountId, IERC20 erc20)
         public
         view
+        onlyProxy
         returns (uint32 cycles)
     {
         return Streams._receivableStreamsCycles(accountId, erc20);
@@ -350,6 +352,7 @@ contract Drips is Managed, Streams, Splits {
     function receiveStreamsResult(uint256 accountId, IERC20 erc20, uint32 maxCycles)
         public
         view
+        onlyProxy
         returns (uint128 receivableAmt)
     {
         (receivableAmt,,,,) = Streams._receiveStreamsResult(accountId, erc20, maxCycles);
@@ -371,6 +374,7 @@ contract Drips is Managed, Streams, Splits {
     /// @return receivedAmt The received amount
     function receiveStreams(uint256 accountId, IERC20 erc20, uint32 maxCycles)
         public
+        onlyProxy
         returns (uint128 receivedAmt)
     {
         receivedAmt = Streams._receiveStreams(accountId, erc20, maxCycles);
@@ -406,7 +410,7 @@ contract Drips is Managed, Streams, Splits {
         uint256 senderId,
         bytes32 historyHash,
         StreamsHistory[] memory streamsHistory
-    ) public returns (uint128 amt) {
+    ) public onlyProxy returns (uint128 amt) {
         amt = Streams._squeezeStreams(accountId, erc20, senderId, historyHash, streamsHistory);
         if (amt != 0) {
             _moveBalanceFromStreamsToSplits(erc20, amt);
@@ -433,7 +437,7 @@ contract Drips is Managed, Streams, Splits {
         uint256 senderId,
         bytes32 historyHash,
         StreamsHistory[] memory streamsHistory
-    ) public view returns (uint128 amt) {
+    ) public view onlyProxy returns (uint128 amt) {
         (amt,,,,) =
             Streams._squeezeStreamsResult(accountId, erc20, senderId, historyHash, streamsHistory);
     }
@@ -447,7 +451,12 @@ contract Drips is Managed, Streams, Splits {
     /// or impose any restrictions on holding or transferring tokens are not supported.
     /// If you use such tokens in the protocol, they can get stuck or lost.
     /// @return amt The amount received but not split yet.
-    function splittable(uint256 accountId, IERC20 erc20) public view returns (uint128 amt) {
+    function splittable(uint256 accountId, IERC20 erc20)
+        public
+        view
+        onlyProxy
+        returns (uint128 amt)
+    {
         return Splits._splittable(accountId, erc20);
     }
 
@@ -465,6 +474,7 @@ contract Drips is Managed, Streams, Splits {
     function splitResult(uint256 accountId, SplitsReceiver[] memory currReceivers, uint128 amount)
         public
         view
+        onlyProxy
         returns (uint128 collectableAmt, uint128 splitAmt)
     {
         return Splits._splitResult(accountId, currReceivers, amount);
@@ -495,6 +505,7 @@ contract Drips is Managed, Streams, Splits {
     /// @return splitAmt The amount split to the account's splits receivers
     function split(uint256 accountId, IERC20 erc20, SplitsReceiver[] memory currReceivers)
         public
+        onlyProxy
         returns (uint128 collectableAmt, uint128 splitAmt)
     {
         return Splits._split(accountId, erc20, currReceivers);
@@ -509,7 +520,12 @@ contract Drips is Managed, Streams, Splits {
     /// or impose any restrictions on holding or transferring tokens are not supported.
     /// If you use such tokens in the protocol, they can get stuck or lost.
     /// @return amt The collectable amount.
-    function collectable(uint256 accountId, IERC20 erc20) public view returns (uint128 amt) {
+    function collectable(uint256 accountId, IERC20 erc20)
+        public
+        view
+        onlyProxy
+        returns (uint128 amt)
+    {
         return Splits._collectable(accountId, erc20);
     }
 
@@ -526,6 +542,7 @@ contract Drips is Managed, Streams, Splits {
     /// @return amt The collected amount
     function collect(uint256 accountId, IERC20 erc20)
         public
+        onlyProxy
         onlyDriver(accountId)
         returns (uint128 amt)
     {
@@ -549,6 +566,7 @@ contract Drips is Managed, Streams, Splits {
     /// @param amt The given amount
     function give(uint256 accountId, uint256 receiver, IERC20 erc20, uint128 amt)
         public
+        onlyProxy
         onlyDriver(accountId)
     {
         if (amt != 0) _increaseSplitsBalance(erc20, amt);
@@ -571,6 +589,7 @@ contract Drips is Managed, Streams, Splits {
     function streamsState(uint256 accountId, IERC20 erc20)
         public
         view
+        onlyProxy
         returns (
             bytes32 streamsHash,
             bytes32 streamsHistoryHash,
@@ -602,7 +621,7 @@ contract Drips is Managed, Streams, Splits {
         IERC20 erc20,
         StreamReceiver[] memory currReceivers,
         uint32 timestamp
-    ) public view returns (uint128 balance) {
+    ) public view onlyProxy returns (uint128 balance) {
         return Streams._balanceAt(accountId, erc20, currReceivers, timestamp);
     }
 
@@ -667,7 +686,7 @@ contract Drips is Managed, Streams, Splits {
         // slither-disable-next-line similar-names
         uint32 maxEndHint1,
         uint32 maxEndHint2
-    ) public onlyDriver(accountId) returns (int128 realBalanceDelta) {
+    ) public onlyProxy onlyDriver(accountId) returns (int128 realBalanceDelta) {
         if (balanceDelta > 0) _increaseStreamsBalance(erc20, uint128(balanceDelta));
         realBalanceDelta = Streams._setStreams(
             accountId, erc20, currReceivers, balanceDelta, newReceivers, maxEndHint1, maxEndHint2
@@ -730,6 +749,7 @@ contract Drips is Managed, Streams, Splits {
     /// Splitting 100% to self effectively blocks splitting unless the configuration is updated.
     function setSplits(uint256 accountId, SplitsReceiver[] memory receivers)
         public
+        onlyProxy
         onlyDriver(accountId)
     {
         Splits._setSplits(accountId, receivers);
@@ -738,7 +758,7 @@ contract Drips is Managed, Streams, Splits {
     /// @notice Current account's splits hash, see `hashSplits`.
     /// @param accountId The account ID.
     /// @return currSplitsHash The current account's splits hash
-    function splitsHash(uint256 accountId) public view returns (bytes32 currSplitsHash) {
+    function splitsHash(uint256 accountId) public view onlyProxy returns (bytes32 currSplitsHash) {
         return Splits._splitsHash(accountId);
     }
 
@@ -761,6 +781,7 @@ contract Drips is Managed, Streams, Splits {
     /// @param accountMetadata The list of account metadata.
     function emitAccountMetadata(uint256 accountId, AccountMetadata[] calldata accountMetadata)
         public
+        onlyProxy
         onlyDriver(accountId)
     {
         unchecked {

diff --git a/src/Giver.sol b/src/Giver.sol
@@ -68,7 +68,7 @@ contract GiversRegistry is Managed {
     }
 
     /// @notice Initialize this instance of the contract.
-    function initialize() public {
+    function initialize() public onlyProxy {
         if (!Address.isContract(_giverLogic(address(this)))) new Giver();
     }
 
@@ -77,7 +77,7 @@ contract GiversRegistry is Managed {
     /// to its address will be `give`n when `give` is called.
     /// @param accountId The ID of the account to which the `Giver` is assigned.
     /// @return giver_ The address of the `Giver`.
-    function giver(uint256 accountId) public view returns (address giver_) {
+    function giver(uint256 accountId) public view onlyProxy returns (address giver_) {
         return _giver(accountId, address(this));
     }
 
@@ -106,7 +106,7 @@ contract GiversRegistry is Managed {
     /// If it's the zero address, `Giver` wraps all the native tokens it holds using
     /// `nativeTokenWrapper`, and then `give`s to the account all the wrapped tokens it holds.
     /// @param amt The amount of tokens that were `give`n.
-    function give(uint256 accountId, IERC20 erc20) public returns (uint256 amt) {
+    function give(uint256 accountId, IERC20 erc20) public onlyProxy returns (uint256 amt) {
         address giver_ = giver(accountId);
         if (!Address.isContract(giver_)) {
             // slither-disable-next-line unused-return

diff --git a/src/ImmutableSplitsDriver.sol b/src/ImmutableSplitsDriver.sol
@@ -38,7 +38,7 @@ contract ImmutableSplitsDriver is Managed {
     /// Every account ID is a 256-bit integer constructed by concatenating:
     /// `driverId (32 bits) | accountIdsCounter (224 bits)`.
     /// @return accountId The account ID.
-    function nextAccountId() public view returns (uint256 accountId) {
+    function nextAccountId() public view onlyProxy returns (uint256 accountId) {
         // By assignment we get `accountId` value:
         // `zeros (224 bits) | driverId (32 bits)`
         accountId = driverId;
@@ -70,7 +70,7 @@ contract ImmutableSplitsDriver is Managed {
     function createSplits(
         SplitsReceiver[] calldata receivers,
         AccountMetadata[] calldata accountMetadata
-    ) public returns (uint256 accountId) {
+    ) public onlyProxy returns (uint256 accountId) {
         accountId = nextAccountId();
         StorageSlot.getUint256Slot(_counterSlot).value++;
         uint256 weightSum = 0;