Merge branch 'solc-0.7' into solc-0.8
This commit is contained in:
Hadrien Croubois
@ -6,22 +6,22 @@ import "./UpgradeableProxy.sol";
|
||||
|
||||
/**
|
||||
* @dev This contract implements a proxy that is upgradeable by an admin.
|
||||
*
|
||||
*
|
||||
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
|
||||
* clashing], which can potentially be used in an attack, this contract uses the
|
||||
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
|
||||
* things that go hand in hand:
|
||||
*
|
||||
*
|
||||
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
|
||||
* that call matches one of the admin functions exposed by the proxy itself.
|
||||
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
|
||||
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
|
||||
* "admin cannot fallback to proxy target".
|
||||
*
|
||||
*
|
||||
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
|
||||
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
|
||||
* to sudden errors when trying to call a function from the proxy implementation.
|
||||
*
|
||||
*
|
||||
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
|
||||
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
|
||||
*/
|
||||
@ -60,9 +60,9 @@ contract TransparentUpgradeableProxy is UpgradeableProxy {
|
||||
|
||||
/**
|
||||
* @dev Returns the current admin.
|
||||
*
|
||||
*
|
||||
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
|
||||
*
|
||||
*
|
||||
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
|
||||
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
|
||||
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
|
||||
@ -73,9 +73,9 @@ contract TransparentUpgradeableProxy is UpgradeableProxy {
|
||||
|
||||
/**
|
||||
* @dev Returns the current implementation.
|
||||
*
|
||||
*
|
||||
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
|
||||
*
|
||||
*
|
||||
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
|
||||
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
|
||||
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
|
||||
@ -86,12 +86,12 @@ contract TransparentUpgradeableProxy is UpgradeableProxy {
|
||||
|
||||
/**
|
||||
* @dev Changes the admin of the proxy.
|
||||
*
|
||||
*
|
||||
* Emits an {AdminChanged} event.
|
||||
*
|
||||
*
|
||||
* NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
|
||||
*/
|
||||
function changeAdmin(address newAdmin) external ifAdmin {
|
||||
function changeAdmin(address newAdmin) external virtual ifAdmin {
|
||||
require(newAdmin != address(0), "TransparentUpgradeableProxy: new admin is the zero address");
|
||||
emit AdminChanged(_admin(), newAdmin);
|
||||
_setAdmin(newAdmin);
|
||||
@ -99,10 +99,10 @@ contract TransparentUpgradeableProxy is UpgradeableProxy {
|
||||
|
||||
/**
|
||||
* @dev Upgrade the implementation of the proxy.
|
||||
*
|
||||
*
|
||||
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
|
||||
*/
|
||||
function upgradeTo(address newImplementation) external ifAdmin {
|
||||
function upgradeTo(address newImplementation) external virtual ifAdmin {
|
||||
_upgradeTo(newImplementation);
|
||||
}
|
||||
|
||||
@ -110,20 +110,18 @@ contract TransparentUpgradeableProxy is UpgradeableProxy {
|
||||
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
|
||||
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
|
||||
* proxied contract.
|
||||
*
|
||||
*
|
||||
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
|
||||
*/
|
||||
function upgradeToAndCall(address newImplementation, bytes calldata data) external payable ifAdmin {
|
||||
function upgradeToAndCall(address newImplementation, bytes calldata data) external payable virtual ifAdmin {
|
||||
_upgradeTo(newImplementation);
|
||||
// solhint-disable-next-line avoid-low-level-calls
|
||||
(bool success,) = newImplementation.delegatecall(data);
|
||||
require(success);
|
||||
Address.functionDelegateCall(newImplementation, data);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dev Returns the current admin.
|
||||
*/
|
||||
function _admin() internal view returns (address adm) {
|
||||
function _admin() internal view virtual returns (address adm) {
|
||||
bytes32 slot = _ADMIN_SLOT;
|
||||
// solhint-disable-next-line no-inline-assembly
|
||||
assembly {
|
||||
@ -146,7 +144,7 @@ contract TransparentUpgradeableProxy is UpgradeableProxy {
|
||||
/**
|
||||
* @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
|
||||
*/
|
||||
function _beforeFallback() internal override virtual {
|
||||
function _beforeFallback() internal virtual override {
|
||||
require(msg.sender != _admin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
|
||||
super._beforeFallback();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user