fix: native restaking withdrawal checks could be bypassed

adu-web3 commented 2 months ago

Description

closes: #84

the solution is simple, before sending the withdrawal request to Exocore in LSTRestakingController.withdrawPrincipalFromExocore, we try to get corresponding vault for the specified token. If we could get the vault, the token cannot be VIRTUAL_STAKED_ETH_ADDRESS.

Simply checking that the token being not equal to VIRTUAL_STAKED_ETH_ADDRESS is also a good approach, but _getVault could guarantee not only the token is LST token but also the vault exists

Summary by CodeRabbit

New Features
- Enhanced security measures for token withdrawals, preventing unauthorized access to natively staked ETH.
- Introduced a new contract for improved testing of withdrawal scenarios, ensuring robust handling of edge cases.
Bug Fixes
- Improved clarity and consistency in contract naming conventions to adhere to best practices.
Documentation
- Added comments to clarify conditions for vault deployments related to natively staked ETH, enhancing code readability.
- Introduced a new error type for better handling of vault deployment scenarios involving natively staked ETH.

coderabbitai[bot] commented 2 months ago

Walkthrough

The changes introduce enhanced security measures in the LSTRestakingController contract to prevent unauthorized withdrawals by enforcing stricter checks on the token parameter. Additionally, the test suite is expanded with a new contract for validating withdrawal scenarios, ensuring robust handling of edge cases and adherence to naming conventions.

Changes

File	Change Summary
`src/core/LSTRestakingController.sol`	Added logic to prevent `VIRTUAL_STAKED_ETH_ADDRESS` from being used if the vault can be retrieved, enhancing security against unauthorized withdrawals.
`src/core/Bootstrap.sol`	Introduced a conditional check to prevent vault deployment for `VIRTUAL_STAKED_ETH_ADDRESS`, refining token-specific handling.
`src/core/ClientGatewayLzReceiver.sol`	Added comments clarifying that vaults should not be deployed for `VIRTUAL_STAKED_ETH_ADDRESS`, improving code documentation.
`src/libraries/Errors.sol`	Added a new error declaration to prohibit vault deployment for `VIRTUAL_STAKED_ETH_ADDRESS`, enhancing error handling.
`src/storage/BootstrapStorage.sol`	Introduced a constant for `VIRTUAL_STAKED_ETH_ADDRESS` and added validation in `_deployVault` to prevent vault deployment for this address, improving control flow and error handling.
`src/storage/ClientChainGatewayStorage.sol`	Removed the constant for `VIRTUAL_STAKED_ETH_ADDRESS`, indicating a shift in how staked ETH is managed.
`test/foundry/unit/ClientChainGateway.t.sol`	Renamed `withdrawNonBeaconChainETHFromCapsule` to `WithdrawNonBeaconChainETHFromCapsule` for consistency; introduced `WithdrawalPrincipalFromExocore` contract with tests for various withdrawal scenarios, enhancing testing capabilities.
`test/foundry/unit/Bootstrap.t.sol`	Added a constant for `VIRTUAL_STAKED_ETH_ADDRESS` and a new test function to verify that a vault is not deployed for this address, ensuring correct handling of the virtual staked ETH scenario.

Assessment against linked issues

Objective	Addressed	Explanation
Prevent bypassing of withdrawal checks (#84)	✅

🐰 Hopping through the code, what a sight to see,
New checks and balances, as safe as can be!
With names that shine bright, and tests that are keen,
Our staking's now stronger, a well-oiled machine!
So let’s cheer for the changes, with a joyful little dance,
For security’s a treasure, and we’ve taken a chance! 🎉

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` or `@coderabbitai title` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

Early access features: disabled

We are currently testing the following features in early access: - **Anthropic `claude-3-5-sonnet` for code reviews**: Anthropic claims that the new Claude model has stronger code understanding and code generation capabilities than their previous models. Note: Our default code review model was also updated late last week. Please compare the quality of the reviews between the two models by toggling the early access feature. Note: - You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file. - Please join our [Discord Community](https://discord.com/invite/GsXnASn26c) to provide feedback and report issues on the [discussion post](https://discordapp.com/channels/1134356397673414807/1279579842131787838).

adu-web3 commented 2 months ago

in this new commit, we forbid deploying vault for VIRTUAL_STAKED_ETH_ADDRESS, so that whether for Bootstrap or ClientChainGateway, there is no possibility that a vault is deployed for VIRTUAL_STAKED_ETH_ADDRESS.

We should forbid deploying vault for VIRTUAL_STAKED_ETH_ADDRESS because this could lead to bypassing the native restaking withdrawal checks

ExocoreNetwork / exocore-contracts