Merge branch 'amie/block-delegatecalls-until-initialized' into amie/dependencies

amiecorso · amiecorso · commit 10106b84fd6f · 2025-02-02T09:46:40.000-08:00
diff --git a/lib/solady b/lib/solady
@@ -1 +1 @@
-Subproject commit 5ea5d9f57ed6d24a27d00934f4a3448def931415
+Subproject commit 21202175063a0010826bf42697b5aa2ff0c27f9f
diff --git a/test/EIP7702Proxy/coinbaseImplementation.t.sol b/test/EIP7702Proxy/coinbaseImplementation.t.sol
@@ -167,6 +167,7 @@ contract CoinbaseImplementationTest is Test {
         uint256 amount
     ) public {
         vm.assume(recipient != address(0));
+        vm.assume(recipient != address(_eoa));
         assumeNotPrecompile(recipient);
         assumePayable(recipient);
         vm.assume(amount > 0 && amount <= 100 ether);
@@ -193,6 +194,7 @@ contract CoinbaseImplementationTest is Test {
     ) public {
         vm.assume(nonOwner != address(0));
         vm.assume(nonOwner != _newOwner); // Ensure caller isn't the actual owner
+        vm.assume(nonOwner != _eoa); // Ensure caller isn't the EOA address
 
         address newImpl = address(new CoinbaseSmartWallet());
 
diff --git a/test/EIP7702Proxy/delegate.t.sol b/test/EIP7702Proxy/delegate.t.sol
@@ -68,4 +68,60 @@ contract DelegateTest is EIP7702ProxyBase {
             "State should not change when write fails"
         );
     }
+
+    function test_reverts_whenCallingBeforeInitialization() public {
+        // Deploy a fresh proxy without initializing it
+        address payable uninitProxy = payable(makeAddr("uninitProxy"));
+        _deployProxy(uninitProxy);
+
+        vm.expectRevert(EIP7702Proxy.ProxyNotInitialized.selector);
+        MockImplementation(payable(uninitProxy)).owner();
+    }
+
+    function test_reverts_whenCallingWithArbitraryDataBeforeInitialization(
+        bytes memory arbitraryCalldata
+    ) public {
+        // Deploy a fresh proxy without initializing it
+        address payable uninitProxy = payable(makeAddr("uninitProxy"));
+        _deployProxy(uninitProxy);
+
+        // Test that it reverts with the correct error
+        vm.expectRevert(EIP7702Proxy.ProxyNotInitialized.selector);
+        address(uninitProxy).call(arbitraryCalldata);
+
+        // Also verify the low-level call fails
+        (bool success, ) = address(uninitProxy).call(arbitraryCalldata);
+        assertFalse(success, "Low-level call should fail");
+    }
+
+    function test_continues_delegating_afterUpgrade() public {
+        // Setup will have already initialized the proxy with initial implementation and an owner
+
+        // Deploy a new implementation
+        MockImplementation newImplementation = new MockImplementation();
+
+        // Upgrade to the new implementation
+        vm.prank(_newOwner);
+        MockImplementation(_eoa).upgradeToAndCall(
+            address(newImplementation),
+            ""
+        );
+
+        // Verify the implementation was changed
+        assertEq(
+            _getERC1967Implementation(_eoa),
+            address(newImplementation),
+            "Implementation should be updated"
+        );
+
+        // Try to make a call through the proxy
+        vm.prank(_newOwner);
+        MockImplementation(_eoa).mockFunction();
+
+        // Verify the call succeeded
+        assertTrue(
+            MockImplementation(_eoa).mockFunctionCalled(),
+            "Should be able to call through proxy after upgrade"
+        );
+    }
 }
diff --git a/test/EIP7702Proxy/initialize.t.sol b/test/EIP7702Proxy/initialize.t.sol
@@ -5,6 +5,7 @@ import {EIP7702ProxyBase} from "../base/EIP7702ProxyBase.sol";
 import {EIP7702Proxy} from "../../src/EIP7702Proxy.sol";
 import {MockImplementation, RevertingInitializerMockImplementation} from "../mocks/MockImplementation.sol";
 import {ECDSA} from "openzeppelin-contracts/contracts/utils/cryptography/ECDSA.sol";
+import {ERC1967Utils} from "openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Utils.sol";
 
 contract InitializeTest is EIP7702ProxyBase {
     function test_succeeds_withValidSignatureAndArgs(address newOwner) public {
@@ -157,4 +158,70 @@ contract InitializeTest is EIP7702ProxyBase {
         vm.expectRevert(EIP7702Proxy.ZeroValueConstructorArguments.selector);
         new EIP7702Proxy(address(_implementation), bytes4(0));
     }
+
+    function test_succeeds_whenImplementationSlotAlreadySetToDifferentAddress(
+        address mockPreviousImpl,
+        address newOwner,
+        uint128 uninitProxyPk
+    ) public {
+        vm.assume(mockPreviousImpl != address(0));
+        vm.assume(mockPreviousImpl != address(_implementation));
+        vm.assume(mockPreviousImpl != address(_eoa));
+        vm.assume(newOwner != address(0));
+        vm.assume(newOwner != mockPreviousImpl);
+        vm.assume(newOwner != _eoa);
+        assumeNotPrecompile(mockPreviousImpl);
+        assumeNotPrecompile(newOwner);
+        vm.assume(uninitProxyPk != 0);
+        vm.assume(uninitProxyPk != _EOA_PRIVATE_KEY);
+
+        // Derive address for uninitProxy from private key
+        address payable uninitProxy = payable(vm.addr(uninitProxyPk));
+
+        // Deploy proxy template and etch its code at the target address
+        EIP7702Proxy proxyTemplate = new EIP7702Proxy(
+            address(_implementation),
+            _initSelector
+        );
+        bytes memory proxyCode = address(proxyTemplate).code;
+        vm.etch(uninitProxy, proxyCode);
+
+        // Set the implementation slot to some other address, simulating a previous implementation
+        vm.store(
+            uninitProxy,
+            ERC1967Utils.IMPLEMENTATION_SLOT,
+            bytes32(uint256(uint160(mockPreviousImpl)))
+        );
+
+        // Verify implementation slot is set to the previous implementation
+        assertEq(
+            _getERC1967Implementation(uninitProxy),
+            mockPreviousImpl,
+            "Implementation slot should be set to previous implementation"
+        );
+
+        // Initialize the proxy
+        bytes memory initArgs = _createInitArgs(_newOwner);
+        bytes32 initHash = keccak256(
+            abi.encode(address(proxyTemplate), initArgs)
+        );
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(uninitProxyPk, initHash);
+        bytes memory signature = abi.encodePacked(r, s, v);
+
+        EIP7702Proxy(uninitProxy).initialize(initArgs, signature);
+
+        // Verify implementation slot was changed to the correct implementation
+        assertEq(
+            _getERC1967Implementation(uninitProxy),
+            address(_implementation),
+            "Implementation slot should be set to correct implementation"
+        );
+
+        // Verify we can make calls through the proxy now
+        assertEq(
+            MockImplementation(payable(uninitProxy)).owner(),
+            _newOwner,
+            "Should be able to call through proxy after initialization"
+        );
+    }
 }
diff --git a/test/EIP7702Proxy/isValidSignature.t.sol b/test/EIP7702Proxy/isValidSignature.t.sol
@@ -114,6 +114,19 @@ contract FailingImplementationTest is IsValidSignatureTestBase {
         );
         assertEq(result, ERC1271_FAIL_VALUE, "Should reject empty signature");
     }
+
+    function test_reverts_whenCalledBeforeInitialization() public {
+        // Deploy a fresh proxy without initializing
+        address payable uninitProxy = payable(makeAddr("uninitProxy"));
+        _deployProxy(uninitProxy);
+
+        // Try to call isValidSignature
+        bytes32 hash = keccak256("test message");
+        bytes memory signature = new bytes(65);
+
+        vm.expectRevert(EIP7702Proxy.ProxyNotInitialized.selector);
+        EIP7702Proxy(uninitProxy).isValidSignature(hash, signature);
+    }
 }
 
 /**
