fix: transfer to ZetaChain requires no gas error

[fadeev]

Throw an error if the destination is ZetaChain, but msg.value > 0.

Summary by CodeRabbit

• New Features
  • Enhanced cross-chain transfer validations to ensure that transfers to ZetaChain do not include any unintended gas. This update provides clear error notifications if an extra gas fee is attached, ensuring transfers adhere to the required conditions.

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request introduces a new error type, TransferToZetaChainRequiresNoGas, to both the UniversalNFTCore and UniversalTokenCore contracts. In the transferCrossChain function of each contract, a check is added that triggers this error if the destination address is zero (indicating a transfer to ZetaChain) while a non-zero msg.value is sent. This additional control flow ensures that cross-chain transfers to ZetaChain do not include gas, enforcing proper usage.

Changes

File(s)	Change Summary
contracts/.../UniversalNFTCore.sol contracts/.../UniversalTokenCore.sol	Added a new error TransferToZetaChainRequiresNoGas and integrated a check in the transferCrossChain function to revert if transferring to ZetaChain with non-zero gas.

Sequence Diagram(s)

sequenceDiagram
    participant U as User
    participant C as Contract (UniversalNFTCore/UniversalTokenCore)
    U->>C: transferCrossChain(destination, msg.value)
    alt destination is zero and msg.value > 0
        C->>U: Revert with TransferToZetaChainRequiresNoGas error
    else
        C->>U: Process transfer
    end

Loading

Possibly related PRs

• refactor: extracted core logic into an abstract UniversalNFTCore contract #36: Introduced the TransferToZetaChainRequiresNoGas error in a similar context within cross-chain transfer functionality.
• fix: refund unused tokens on revert #41: Also implemented error handling for transfers to ZetaChain using the same error type in a different contract module.

Suggested reviewers

• lumtis
• 0xM3R
• skosito

Tip

⚡🧪 Multi-step agentic review comment chat (experimental)

• We're introducing multi-step agentic chat in review comments. This experimental feature enhances review discussions with the CodeRabbit agentic chat by enabling advanced interactions, including the ability to create pull requests directly from comments.
  - To enable this feature, set early_access to true under in the settings.

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e8c1178 and 76379e6.

📒 Files selected for processing (2)

• contracts/nft/contracts/evm/UniversalNFTCore.sol (2 hunks)
• contracts/token/contracts/evm/UniversalTokenCore.sol (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: slither (contracts/token, token.sarif)
• GitHub Check: slither (contracts/nft, nft.sarif)

🔇 Additional comments (4)

contracts/token/contracts/evm/UniversalTokenCore.sol (2)

39-39: Well-named error type for clarity

The addition of the TransferToZetaChainRequiresNoGas error type provides clear feedback to users when they attempt to send gas with ZetaChain transfers. The name is descriptive and follows the naming convention of other error types in the contract.

---

126-128: Good validation to prevent unnecessary gas usage

This check correctly prevents users from sending gas with transfers to ZetaChain, which would be unnecessary and wasteful. The condition is placed in the right logical branch and provides clear feedback through the custom error.

contracts/nft/contracts/evm/UniversalNFTCore.sol (2)

40-40: Consistent error handling across contracts

The addition of the same error type in the NFT contract ensures consistent behavior and error reporting across both token standards. This is a good practice that helps maintain a uniform API.

---

128-130: Properly implemented gas validation for NFT transfers

This check correctly prevents users from sending gas with NFT transfers to ZetaChain, mirroring the functionality in the token contract. The implementation aligns perfectly with the PR objectives to prevent unnecessary gas fees.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[fadeev]

I was thinking of splitting the function into two: one payable with destination argument for transferring to another connected chain, another one non-payable without destination for transferring to ZetaChain.

    /**
     * @notice Transfers an NFT to ZetaChain.
     * @dev Burns the NFT locally, then uses the Gateway to send a message to
     *      mint the same NFT on ZetaChain.
     * @param tokenId The ID of the NFT to transfer.
     * @param receiver The address on ZetaChain that will receive the NFT.
     */
    function transferCrossChain(
        uint256 tokenId,
        address receiver
    ) external virtual {
        if (receiver == address(0)) revert InvalidAddress();

        string memory uri = tokenURI(tokenId);

        _burn(tokenId);

        bytes memory message = abi.encode(
            address(0),
            receiver,
            tokenId,
            uri,
            msg.sender
        );

        emit TokenTransfer(address(0), receiver, tokenId, uri);

        gateway.call(
            universal,
            message,
            RevertOptions(address(this), false, universal, message, 0)
        );
    }

    /**
     * @notice Transfers an NFT to another chain.
     * @dev Burns the NFT locally, then uses the Gateway to send a message to
     *      mint the same NFT on the destination chain.
     * @param tokenId The ID of the NFT to transfer.
     * @param receiver The address on the destination chain that will receive the NFT.
     * @param destination The ZRC-20 address of the gas token of the destination chain.
     */
    function transferCrossChain(
        uint256 tokenId,
        address receiver,
        address destination
    ) external payable virtual {
        if (receiver == address(0)) revert InvalidAddress();
        if (destination == address(0)) revert InvalidAddress();

        string memory uri = tokenURI(tokenId);

        _burn(tokenId);

        bytes memory message = abi.encode(
            destination,
            receiver,
            tokenId,
            uri,
            msg.sender
        );

        emit TokenTransfer(destination, receiver, tokenId, uri);

        gateway.depositAndCall{value: msg.value}(
            universal,
            message,
            RevertOptions(
                address(this),
                true,
                universal,
                abi.encode(receiver, tokenId, uri, msg.sender),
                gasLimitAmount
            )
        );
    }

I don't know if I like it or not, though.

[s2imonovic]

Looks good to me. I might keep the previous implementation with an additional check, but it's up to you.

[fadeev]

@s2imonovic yeah, probably having a check is enough. Can you, please, leave a review? Thanks!

[s2imonovic]

Looks good