From bb7ca7d151ac4bd76da702a30095ddce0253f3ef Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Tue, 5 Sep 2023 23:47:05 +0200 Subject: [PATCH] Prevent setting address(0) as the initialAdmin in AccessManager (#4570) Co-authored-by: Francisco --- contracts/access/manager/AccessManager.sol | 4 ++++ contracts/access/manager/IAccessManager.sol | 1 + test/access/manager/AccessManager.test.js | 8 +++++++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/contracts/access/manager/AccessManager.sol b/contracts/access/manager/AccessManager.sol index d80e8e358..66bca0890 100644 --- a/contracts/access/manager/AccessManager.sol +++ b/contracts/access/manager/AccessManager.sol @@ -104,6 +104,10 @@ contract AccessManager is Context, Multicall, IAccessManager { } constructor(address initialAdmin) { + if (initialAdmin == address(0)) { + revert AccessManagerInvalidInitialAdmin(address(0)); + } + // admin is active immediately and without any execution delay. _grantGroup(ADMIN_GROUP, initialAdmin, 0, 0); } diff --git a/contracts/access/manager/IAccessManager.sol b/contracts/access/manager/IAccessManager.sol index 17b9e1aff..4f28baa7e 100644 --- a/contracts/access/manager/IAccessManager.sol +++ b/contracts/access/manager/IAccessManager.sol @@ -49,6 +49,7 @@ interface IAccessManager { error AccessManagerUnauthorizedAccount(address msgsender, uint64 groupId); error AccessManagerUnauthorizedCall(address caller, address target, bytes4 selector); error AccessManagerCannotCancel(address msgsender, address caller, address target, bytes4 selector); + error AccessManagerInvalidInitialAdmin(address initialAdmin); function canCall( address caller, diff --git a/test/access/manager/AccessManager.test.js b/test/access/manager/AccessManager.test.js index 697f871ea..dcf285c77 100644 --- a/test/access/manager/AccessManager.test.js +++ b/test/access/manager/AccessManager.test.js @@ -1,5 +1,5 @@ const { web3 } = require('hardhat'); -const { expectEvent, time } = require('@openzeppelin/test-helpers'); +const { constants, expectEvent, time } = require('@openzeppelin/test-helpers'); const { expectRevertCustomError } = require('../../helpers/customError'); const { selector } = require('../../helpers/methods'); const { clockFromReceipt } = require('../../helpers/time'); @@ -38,6 +38,12 @@ contract('AccessManager', function (accounts) { await this.manager.$_grantGroup(GROUPS.SOME, member, 0, 0); }); + it('rejects zero address for initialAdmin', async function () { + await expectRevertCustomError(AccessManager.new(constants.ZERO_ADDRESS), 'AccessManagerInvalidInitialAdmin', [ + constants.ZERO_ADDRESS, + ]); + }); + it('default minsetback is 1 day', async function () { expect(await this.manager.minSetback()).to.be.bignumber.equal(MINSETBACK); });