fix: prevent using 0 gas limit for call and withdrawAndCall

[skosito]

Summary by CodeRabbit

• New Features

  • Enhanced error handling for gas limits in the withdrawAndCall and call functions.
  • Added overloads for withdrawAndCall and call functions to accept flexible gas limit specifications.

• Bug Fixes

  • Introduced checks to prevent execution with a zero gas limit, ensuring users receive informative error messages.

• Tests

  • Expanded test cases to validate behavior when gas limits are zero, enhancing coverage for various edge cases.

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes introduced in the GatewayZEVM contract focus on enhancing error handling and functionality related to gas limits. New checks ensure that the gasLimit parameter is not zero in critical functions such as withdrawAndCall and call, with specific revert conditions implemented to trigger the InsufficientGasLimit error. Additionally, overloads for these functions have been added to accommodate a CallOptions struct, allowing for more flexible gas limit specifications. Corresponding updates have been made to the interface and test files to support these changes.

Changes

File Path	Change Summary
v2/contracts/zevm/GatewayZEVM.sol	Updated withdrawAndCall and call methods with new overloads; added checks for zero gas limits; introduced InsufficientGasLimit error.
v2/contracts/zevm/interfaces/IGatewayZEVM.sol	Added new error type InsufficientGasLimit to the IGatewayZEVMErrors interface.
v2/test/GatewayZEVM.t.sol	Added new test cases for gas limit checks; expanded existing tests for error handling related to zero amounts and addresses.

Possibly related PRs

• fix: move system contract to contracts folder #352: Modifications in the GatewayZEVM contract regarding access control and function logic.
• feat: add sender when calling connected chain contracts from zetachain #355: Introduction of the CallOptions structure in the GatewayZEVM contract, relevant to gas limit handling.
• feat: improve revert handling #361: Enhancements to revert handling with the addition of the sender field in the RevertContext struct.
• fix: missing tss update in erc20custody, zetaConnector and gatewayEVM #363: Updates to the GatewayEVM contract involving function additions for TSS address updates, relevant to overall functionality improvements.

Suggested reviewers

• fadeev
• CharlieMc0
• andresaiello
• brewmaster012
• lumtis
• fbac

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.29%. Comparing base (eda1e99) to head (01820b8).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #370      +/-   ##
==========================================
+ Coverage   83.07%   83.29%   +0.21%     
==========================================
  Files           8        8              
  Lines         384      389       +5     
  Branches      122      127       +5     
==========================================
+ Hits          319      324       +5     
  Misses         65       65              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Actionable comments posted: 3

🧹 Outside diff range and nitpick comments (1)

v2/contracts/zevm/interfaces/IGatewayZEVM.sol (1)

89-91: LGTM! Consider adding a comment for clarity.

The addition of the InsufficientGasLimit error aligns well with the PR objective to prevent passing 0 gas limit. This error will allow for more specific handling of gas limit issues in the contract implementation.

Consider adding a brief comment to explain when this error is thrown, for example:

/// @notice Error indicating an insufficient gas limit.
/// @dev Thrown when the provided gas limit is too low or zero.
error InsufficientGasLimit();

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between eda1e99 and 01820b8.

⛔ Files ignored due to path filters (48)

• v2/docs/src/contracts/Revert.sol/interface.Revertable.md is excluded by !v2/docs/**
• v2/docs/src/contracts/Revert.sol/struct.RevertContext.md is excluded by !v2/docs/**
• v2/docs/src/contracts/Revert.sol/struct.RevertOptions.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/ERC20Custody.sol/contract.ERC20Custody.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/GatewayEVM.sol/contract.GatewayEVM.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/ZetaConnectorBase.sol/abstract.ZetaConnectorBase.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/ZetaConnectorNative.sol/contract.ZetaConnectorNative.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/ZetaConnectorNonNative.sol/contract.ZetaConnectorNonNative.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IERC20Custody.sol/interface.IERC20Custody.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IERC20Custody.sol/interface.IERC20CustodyErrors.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IERC20Custody.sol/interface.IERC20CustodyEvents.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IGatewayEVM.sol/interface.Callable.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IGatewayEVM.sol/interface.IGatewayEVM.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IGatewayEVM.sol/interface.IGatewayEVMErrors.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IGatewayEVM.sol/interface.IGatewayEVMEvents.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IGatewayEVM.sol/struct.MessageContext.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IZetaConnector.sol/interface.IZetaConnectorEvents.md is excluded by !v2/docs/**
• v2/docs/src/contracts/evm/interfaces/IZetaNonEthNew.sol/interface.IZetaNonEthNew.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/GatewayZEVM.sol/contract.GatewayZEVM.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/SystemContract.sol/contract.SystemContract.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/SystemContract.sol/interface.SystemContractErrors.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/ZRC20.sol/contract.ZRC20.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/ZRC20.sol/interface.ZRC20Errors.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IGatewayZEVM.sol/interface.IGatewayZEVM.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IGatewayZEVM.sol/interface.IGatewayZEVMErrors.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IGatewayZEVM.sol/interface.IGatewayZEVMEvents.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IGatewayZEVM.sol/struct.CallOptions.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/ISystem.sol/interface.ISystem.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IWZETA.sol/interface.IWETH9.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IZRC20.sol/enum.CoinType.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IZRC20.sol/interface.IZRC20.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IZRC20.sol/interface.IZRC20Metadata.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/IZRC20.sol/interface.ZRC20Events.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/UniversalContract.sol/interface.UniversalContract.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/UniversalContract.sol/interface.zContract.md is excluded by !v2/docs/**
• v2/docs/src/contracts/zevm/interfaces/UniversalContract.sol/struct.zContext.md is excluded by !v2/docs/**
• v2/pkg/gatewayevmzevm.t.sol/gatewayevmzevmtest.go is excluded by !v2/pkg/**
• v2/pkg/gatewayzevm.sol/gatewayzevm.go is excluded by !v2/pkg/**
• v2/pkg/gatewayzevm.t.sol/gatewayzevminboundtest.go is excluded by !v2/pkg/**
• v2/pkg/gatewayzevm.t.sol/gatewayzevmoutboundtest.go is excluded by !v2/pkg/**
• v2/pkg/igatewayzevm.sol/igatewayzevm.go is excluded by !v2/pkg/**
• v2/pkg/igatewayzevm.sol/igatewayzevmerrors.go is excluded by !v2/pkg/**
• v2/pkg/senderzevm.sol/senderzevm.go is excluded by !v2/pkg/**
• v2/pkg/zrc20.t.sol/zrc20test.go is excluded by !v2/pkg/**
• v2/types/factories/GatewayZEVM__factory.ts is excluded by !v2/types/**
• v2/types/factories/IGatewayZEVM.sol/IGatewayZEVMErrors__factory.ts is excluded by !v2/types/**
• v2/types/factories/IGatewayZEVM.sol/IGatewayZEVM__factory.ts is excluded by !v2/types/**
• v2/types/factories/SenderZEVM__factory.ts is excluded by !v2/types/**

📒 Files selected for processing (3)

• v2/contracts/zevm/GatewayZEVM.sol (5 hunks)
• v2/contracts/zevm/interfaces/IGatewayZEVM.sol (1 hunks)
• v2/test/GatewayZEVM.t.sol (4 hunks)

🔇 Additional comments (6)

v2/contracts/zevm/interfaces/IGatewayZEVM.sol (2)

Line range hint 1-324: Summary: New error added to enhance gas limit handling

The addition of the InsufficientGasLimit error to the IGatewayZEVMErrors interface is a focused change that enhances the contract's ability to handle gas limit issues. This change:

1. Aligns with the PR objective to prevent passing 0 gas limit.
2. Maintains consistency with the existing error structure in the interface.
3. Provides a specific error for gas limit-related issues, improving error handling and debugging.

The impact of this change is minimal on the interface level but potentially significant for the contract implementation. Ensure that the new error is utilized appropriately in the contract code, particularly in functions dealing with gas limits.

---

89-91: Verify usage of InsufficientGasLimit error in contract implementation

The new InsufficientGasLimit error has been added to the interface, which is good. To ensure it's being used correctly:

1. Verify that this error is thrown in the contract implementation when a zero or insufficient gas limit is provided.
2. Check functions like withdrawAndCall and call that accept gasLimit or CallOptions to ensure they use this error appropriately.

To help verify the implementation, you can run the following script:

This script will help identify where the new error is being used and where gas limit checks are performed in the codebase.

✅ Verification successful

InsufficientGasLimit error is correctly implemented and utilized

The InsufficientGasLimit error is properly used in the contract implementation. Multiple functions, including withdrawAndCall and call, revert with InsufficientGasLimit when the gasLimit is zero. Additionally, corresponding tests ensure that this error handling is validated.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for the usage of InsufficientGasLimit error in the contract implementation

echo "Searching for InsufficientGasLimit usage:"
rg --type solidity "InsufficientGasLimit" -C 5

echo "\nSearching for gas limit checks:"
rg --type solidity "gasLimit\s*==?\s*0" -C 5
rg --type solidity "gasLimit\s*[<>]=?\s*" -C 5

Length of output: 411

---

Script:

#!/bin/bash
# Search for the usage of InsufficientGasLimit error in Solidity files

echo "Searching for InsufficientGasLimit usage in .sol files:"
rg "InsufficientGasLimit" --glob "*.sol" -C 5

echo "\nSearching for gas limit checks in .sol files:"
rg "gasLimit\s*==?\s*0" --glob "*.sol" -C 5
rg "gasLimit\s*[<>]=?\s*" --glob "*.sol" -C 5

Length of output: 14831

v2/test/GatewayZEVM.t.sol (4)

155-159: Test correctly handles zero gas limit for withdrawAndCallZRC20

The test function testWithdrawAndCallZRC20FailsIfGasLimitIsZero properly verifies that calling withdrawAndCall with a gas limit of zero reverts with InsufficientGasLimit.selector.

---

216-221: Test correctly handles zero gas limit in callOptions for withdrawAndCallZRC20

The test function testWithdrawAndCallZRC20WithCallOptsFailsIfGasLimitIsZero correctly sets callOptions.gasLimit to zero and expects a revert with InsufficientGasLimit.selector when calling withdrawAndCall.

---

511-515: Test correctly handles zero gas limit for call

The test function testCallFailsIfGasLimitIsZero accurately expects a revert with InsufficientGasLimit.selector when gateway.call is invoked with a gas limit of zero.

---

531-536: Test correctly handles zero gas limit in callOptions for call

The test function testCallWithCallOptsFailsIfGasLimitIsZero properly sets callOptions.gasLimit to zero and verifies that gateway.call reverts with InsufficientGasLimit.selector.

[coderabbitai]

⚠️ Potential issue

Define InsufficientGasLimit error

The error InsufficientGasLimit() is used but not defined in the contract. Please define the InsufficientGasLimit error to maintain consistency with other error handling.

Suggested addition:

/// @notice Error indicating that the provided gas limit is zero.
error InsufficientGasLimit();

Place this definition alongside other error definitions in the contract.

Also applies to: 218-218, 323-323, 348-348, 370-370

---

⚠️ Potential issue

Add unit tests for gas limit validations

To ensure the new InsufficientGasLimit checks function as intended, please add unit tests that verify the contract correctly reverts when a zero gas limit is provided.

Also applies to: 218-218, 323-323, 348-348, 370-370

[coderabbitai]

⚠️ Potential issue

Test may not correctly validate gas limit zero due to zero allowance

In the test function testWithdrawZETAWithCallOptsWithMessageFailsIfGasLimitIsZero, the allowance for the gateway is removed by setting zetaToken.approve(address(gateway), 0); before setting callOptions.gasLimit = 0. This causes the withdrawAndCall call to revert due to insufficient allowance, potentially causing the test to fail for the wrong reason.

Apply this diff to fix the test:

-            // Remove allowance for gateway
-            vm.prank(owner);
-            zetaToken.approve(address(gateway), 0);

             callOptions.gasLimit = 0;
             vm.expectRevert(InsufficientGasLimit.selector);
             gateway.withdrawAndCall(abi.encodePacked(addr1), amount, chainId, message, callOptions, revertOptions);

By removing the code that resets the allowance, the test will correctly check for a revert due to an InsufficientGasLimit, ensuring the test validates the intended behavior.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	function testWithdrawZETAWithCallOptsWithMessageFailsIfGasLimitIsZero() public {
	uint256 amount = 1;
	uint256 ownerBalanceBefore = zetaToken.balanceOf(owner);
	uint256 gatewayBalanceBefore = zetaToken.balanceOf(address(gateway));
	uint256 protocolAddressBalanceBefore = protocolAddress.balance;
	bytes memory message = abi.encodeWithSignature("hello(address)", addr1);
	uint256 chainId = 1;
	// Remove allowance for gateway
	vm.prank(owner);
	zetaToken.approve(address(gateway), 0);
	callOptions.gasLimit = 0;
	vm.expectRevert(InsufficientGasLimit.selector);
	gateway.withdrawAndCall(abi.encodePacked(addr1), amount, chainId, message, callOptions, revertOptions);
	}
	function testWithdrawZETAWithCallOptsWithMessageFailsIfGasLimitIsZero() public {
	uint256 amount = 1;
	uint256 ownerBalanceBefore = zetaToken.balanceOf(owner);
	uint256 gatewayBalanceBefore = zetaToken.balanceOf(address(gateway));
	uint256 protocolAddressBalanceBefore = protocolAddress.balance;
	bytes memory message = abi.encodeWithSignature("hello(address)", addr1);
	uint256 chainId = 1;
	callOptions.gasLimit = 0;
	vm.expectRevert(InsufficientGasLimit.selector);
	gateway.withdrawAndCall(abi.encodePacked(addr1), amount, chainId, message, callOptions, revertOptions);
	}