From 0860d67d7a339a0fcc2533be856b64b1db394764 Mon Sep 17 00:00:00 2001 From: Diana Carvalho Date: Mon, 3 Feb 2025 16:50:19 +0000 Subject: [PATCH 1/3] feat: Verify that no amount in is left in the router --- don't change below this line --- ENG-4087 Took 1 hour 41 minutes Took 2 minutes --- foundry/src/TychoRouter.sol | 7 +++++ foundry/test/TychoRouter.t.sol | 52 ++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) diff --git a/foundry/src/TychoRouter.sol b/foundry/src/TychoRouter.sol index b9f4d1c..84d686d 100644 --- a/foundry/src/TychoRouter.sol +++ b/foundry/src/TychoRouter.sol @@ -18,6 +18,7 @@ import {LibSwap} from "../lib/LibSwap.sol"; error TychoRouter__WithdrawalFailed(); error TychoRouter__AddressZero(); error TychoRouter__NegativeSlippage(uint256 amount, uint256 minAmount); +error TychoRouter__AmountInNotFullySpent(uint256 leftoverAmount); error TychoRouter__MessageValueMismatch(uint256 value, uint256 amount); contract TychoRouter is @@ -153,6 +154,7 @@ contract TychoRouter is // For native ETH, assume funds already in our router. Else, transfer and handle approval. if (wrapEth) { _wrapETH(amountIn); + tokenIn = address(_weth); } else if (tokenIn != address(0)) { permit2.permit(msg.sender, permitSingle, signature); permit2.transferFrom( @@ -175,6 +177,11 @@ contract TychoRouter is revert TychoRouter__NegativeSlippage(amountOut, minAmountOut); } + uint256 leftoverAmountIn = IERC20(tokenIn).balanceOf(address(this)); + if (leftoverAmountIn > 0) { + revert TychoRouter__AmountInNotFullySpent(leftoverAmountIn); + } + if (unwrapEth) { _unwrapETH(amountOut); } diff --git a/foundry/test/TychoRouter.t.sol b/foundry/test/TychoRouter.t.sol index a842595..af6d925 100644 --- a/foundry/test/TychoRouter.t.sol +++ b/foundry/test/TychoRouter.t.sol @@ -733,4 +733,56 @@ contract TychoRouterTest is TychoRouterTestSetup { // all of it (and thus our splits are correct). assertEq(IERC20(WETH_ADDR).balanceOf(tychoRouterAddr), 0); } + + function testSwapAmountInNotFullySpent() public { + // Trade 1 WETH for DAI with 1 swap on Uniswap V2 + // Has invalid data as input! There is only one swap with 60% of the input amount + uint256 amountIn = 1 ether; + deal(WETH_ADDR, ALICE, amountIn); + + vm.startPrank(ALICE); + + ( + IAllowanceTransfer.PermitSingle memory permitSingle, + bytes memory signature + ) = handlePermit2Approval(WETH_ADDR, amountIn); + + bytes memory protocolData = encodeUniswapV2Swap( + WETH_ADDR, WETH_DAI_POOL, tychoRouterAddr, false + ); + + bytes memory swap = encodeSwap( + uint8(0), + uint8(1), + (0xffffff * 60) / 100, // 60% + address(usv2Executor), + bytes4(0), + protocolData + ); + + bytes[] memory swaps = new bytes[](1); + swaps[0] = swap; + + vm.expectRevert( + abi.encodeWithSelector( + TychoRouter__AmountInNotFullySpent.selector, 400000000000000000 + ) + ); + + tychoRouter.swap( + amountIn, + WETH_ADDR, + DAI_ADDR, + 0, + false, + false, + 2, + ALICE, + permitSingle, + signature, + pleEncode(swaps) + ); + + vm.stopPrank(); + } } From 2aa1df9b0d094125bf89489744ea19e8be289e38 Mon Sep 17 00:00:00 2001 From: Diana Carvalho Date: Mon, 3 Feb 2025 16:50:42 +0000 Subject: [PATCH 2/3] chore: Move methods around and improve docstrings --- don't change below this line --- ENG-4087 Took 30 seconds Took 5 seconds --- .../src/CallbackVerificationDispatcher.sol | 2 +- foundry/src/ExecutionDispatcher.sol | 2 +- foundry/src/TychoRouter.sol | 74 ++++++++++++------- 3 files changed, 49 insertions(+), 29 deletions(-) diff --git a/foundry/src/CallbackVerificationDispatcher.sol b/foundry/src/CallbackVerificationDispatcher.sol index 17c318e..87ccc8e 100644 --- a/foundry/src/CallbackVerificationDispatcher.sol +++ b/foundry/src/CallbackVerificationDispatcher.sol @@ -13,7 +13,7 @@ error CallbackVerificationDispatcher__NonContractVerifier(); * verification. This allows dynamically adding new supported protocols * without needing to upgrade any contracts. * - * Note Verifier contracts need to implement the ICallbackVerifier interface + * Note: Verifier contracts need to implement the ICallbackVerifier interface */ contract CallbackVerificationDispatcher { mapping(address => bool) public callbackVerifiers; diff --git a/foundry/src/ExecutionDispatcher.sol b/foundry/src/ExecutionDispatcher.sol index e8b36e8..9e084c0 100644 --- a/foundry/src/ExecutionDispatcher.sol +++ b/foundry/src/ExecutionDispatcher.sol @@ -15,7 +15,7 @@ error ExecutionDispatcher__NonContractExecutor(); * be called using delegatecall so they can share state with the main * contract if needed. * - * Note Executor contracts need to implement the IExecutor interface unless + * Note: Executor contracts need to implement the IExecutor interface unless * an alternate selector is specified. */ contract ExecutionDispatcher { diff --git a/foundry/src/TychoRouter.sol b/foundry/src/TychoRouter.sol index 84d686d..c08ad4b 100644 --- a/foundry/src/TychoRouter.sol +++ b/foundry/src/TychoRouter.sol @@ -74,32 +74,6 @@ contract TychoRouter is _usv3Factory = usv3Factory; } - /** - * @dev We use the fallback function to allow flexibility on callback. - * This function will delegate call a verifier contract and should revert if the - * caller is not a pool. - */ - fallback() external { - _executeGenericCallback(msg.data); - } - - /** - * @dev Check if the sender is correct and executes callback actions. - * @param msgData encoded data. It must includes data for the verification. - */ - function _executeGenericCallback(bytes calldata msgData) internal { - (uint256 amountOwed, address tokenOwed) = _callVerifyCallback(msgData); - - IERC20(tokenOwed).safeTransfer(msg.sender, amountOwed); - } - - /** - * @dev Pauses the contract - */ - function pause() external onlyRole(PAUSER_ROLE) { - _pause(); - } - /** * @dev Unpauses the contract */ @@ -116,7 +90,7 @@ contract TychoRouter is * - If `wrapEth` is true, the contract wraps the provided native ETH into WETH and uses it as the sell token. * - If `unwrapEth` is true, the contract converts the resulting WETH back into native ETH before sending it to the receiver. * - For ERC20 tokens, Permit2 is used to approve and transfer tokens from the caller to the router. - * - Swaps are executed sequentially using the `_splitSwap` function. + * - Swaps are executed sequentially using the `_swap` function. * - A fee is deducted from the output token if `fee > 0`, and the remaining amount is sent to the receiver. * - Reverts with `TychoRouter__NegativeSlippage` if the output amount is less than `minAmountOut` and `minAmountOut` is bigger than 0. * @@ -193,6 +167,26 @@ contract TychoRouter is } } + /** + * @dev Executes sequential swaps as defined by the provided swap graph. + * + * This function processes a series of swaps encoded in the `swaps_` byte array. Each swap operation determines: + * - The indices of the input and output tokens (via `tokenInIndex()` and `tokenOutIndex()`). + * - The portion of the available amount to be used for the swap, indicated by the `split` value. + * + * Two important notes: + * - The contract assumes that token indexes follow a specific order: the sell token is at index 0, followed by any + * intermediary tokens, and finally the buy token. + * - A `split` value of 0 is interpreted as 100% of the available amount (i.e., the entire remaining balance). + * This means that in scenarios without explicit splits the value should be 0, and when splits are present, + * the last swap should also have a split value of 0. + * + * @param amountIn The initial amount of the sell token to be swapped. + * @param nTokens The total number of tokens involved in the swap path, used to initialize arrays for internal tracking. + * @param swaps_ Encoded swap graph data containing the details of each swap operation. + * + * @return The total amount of the buy token obtained after all swaps have been executed. + */ function _swap(uint256 amountIn, uint256 nTokens, bytes calldata swaps_) internal returns (uint256) @@ -231,6 +225,32 @@ contract TychoRouter is return amounts[tokenOutIndex]; } + /** + * @dev We use the fallback function to allow flexibility on callback. + * This function will static call a verifier contract and should revert if the + * caller is not a pool. + */ + fallback() external { + _executeGenericCallback(msg.data); + } + + /** + * @dev Check if the sender is correct and executes callback actions. + * @param msgData encoded data. It must includes data for the verification. + */ + function _executeGenericCallback(bytes calldata msgData) internal { + (uint256 amountOwed, address tokenOwed) = _callVerifyCallback(msgData); + + IERC20(tokenOwed).safeTransfer(msg.sender, amountOwed); + } + + /** + * @dev Pauses the contract + */ + function pause() external onlyRole(PAUSER_ROLE) { + _pause(); + } + /** * @dev Allows granting roles to multiple accounts in a single call. */ From c4eb7b03b2660b814e6560ae6bb10beb4dfe68d3 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 3 Feb 2025 17:43:04 +0000 Subject: [PATCH 3/3] chore(release): 0.26.0 [skip ci] ## [0.26.0](https://github.com/propeller-heads/tycho-execution/compare/0.25.3...0.26.0) (2025-02-03) ### Features * Verify that no amount in is left in the router ([0860d67](https://github.com/propeller-heads/tycho-execution/commit/0860d67d7a339a0fcc2533be856b64b1db394764)) --- CHANGELOG.md | 7 +++++++ Cargo.lock | 2 +- Cargo.toml | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f3950e..bb693b5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## [0.26.0](https://github.com/propeller-heads/tycho-execution/compare/0.25.3...0.26.0) (2025-02-03) + + +### Features + +* Verify that no amount in is left in the router ([0860d67](https://github.com/propeller-heads/tycho-execution/commit/0860d67d7a339a0fcc2533be856b64b1db394764)) + ## [0.25.3](https://github.com/propeller-heads/tycho-execution/compare/0.25.2...0.25.3) (2025-01-31) diff --git a/Cargo.lock b/Cargo.lock index 0d94215..5afed2f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4163,7 +4163,7 @@ dependencies = [ [[package]] name = "tycho-execution" -version = "0.25.3" +version = "0.26.0" dependencies = [ "alloy", "alloy-primitives", diff --git a/Cargo.toml b/Cargo.toml index 89f5b55..eecc2ee 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tycho-execution" -version = "0.25.3" +version = "0.26.0" edition = "2021" [dependencies]