Skip to content

Commit

Permalink
Merge pull request #69 from hyperledger-labs/factory-onlyOwner
Browse files Browse the repository at this point in the history
Make the factory's registerImplementation() method onlyOwner
  • Loading branch information
jimthematrix authored Sep 12, 2024
2 parents 110eecc + d156fa6 commit c6ff39b
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 4 deletions.
7 changes: 4 additions & 3 deletions solidity/contracts/factory.sol
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,11 @@
pragma solidity ^0.8.20;

import {Clones} from "@openzeppelin/contracts/proxy/Clones.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
import {IZetoFungibleInitializable} from "./lib/interfaces/zeto_fungible_initializable.sol";
import {IZetoNonFungibleInitializable} from "./lib/interfaces/zeto_nf_initializable.sol";

contract ZetoTokenFactory {
contract ZetoTokenFactory is Ownable {
// all the addresses needed by the factory to
// clone a Zeto token and initialize it. The
// "implementation" is used to clone the token,
Expand All @@ -35,12 +36,12 @@ contract ZetoTokenFactory {

mapping(string => ImplementationInfo) internal implementations;

constructor() {}
constructor() Ownable(msg.sender) {}

function registerImplementation(
string memory name,
ImplementationInfo memory implementation
) public {
) public onlyOwner {
require(
implementation.implementation != address(0),
"Factory: implementation address is required"
Expand Down
17 changes: 16 additions & 1 deletion solidity/test/factory.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,28 @@ import { expect } from 'chai';

describe("Zeto based fungible token with anonymity without encryption or nullifier", function () {
let deployer: Signer;
let nonOwner: Signer;

before(async function () {
if (network.name !== 'hardhat') {
// accommodate for longer block times on public networks
this.timeout(120000);
}
[deployer] = await ethers.getSigners();
[deployer, nonOwner] = await ethers.getSigners();
});

it("attempting to register an implementation as a non-owner should fail", async function () {
const Factory = await ethers.getContractFactory("ZetoTokenFactory");
const factory = await Factory.deploy();
await factory.waitForDeployment();

const implInfo = {
implementation: "0xae92d5aD7583AD66E49A0c67BAd18F6ba52dDDc1",
verifier: "0xae92d5aD7583AD66E49A0c67BAd18F6ba52dDDc1",
depositVerifier: "0xae92d5aD7583AD66E49A0c67BAd18F6ba52dDDc1",
withdrawVerifier: "0xae92d5aD7583AD66E49A0c67BAd18F6ba52dDDc1",
};
await expect(factory.connect(nonOwner).registerImplementation("test", implInfo as any)).rejectedWith(`reverted with custom error 'OwnableUnauthorizedAccount(`);
});

it("attempting to register an implementation without the required implementation value should fail", async function () {
Expand Down

0 comments on commit c6ff39b

Please sign in to comment.