import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { VersionRegistry } from "./VersionRegistry.sol";
import { RoleRegistry } from "./RoleRegistry.sol";
import { ReentrancyGuard } from "@openzeppelin/contracts/security/ReentrancyGuard.sol";
/**
@title Asset Plugin Registry
@notice A tiny contract for tracking asset plugins
*/
contract AssetPluginRegistry is ReentrancyGuard {
VersionRegistry public immutable versionRegistry;
RoleRegistry public immutable roleRegistry;
Lines of code
https://github.com/code-423n4/2024-07-reserve/blob/3f133997e186465f4904553b0f8e86ecb7bbacbf/contracts/registry/AssetPluginRegistry.sol#L1
Vulnerability details
// SPDX-License-Identifier: BlueOak-1.0.0 pragma solidity 0.8.19;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol"; import { VersionRegistry } from "./VersionRegistry.sol"; import { RoleRegistry } from "./RoleRegistry.sol"; import { ReentrancyGuard } from "@openzeppelin/contracts/security/ReentrancyGuard.sol";
/**
@notice A tiny contract for tracking asset plugins */ contract AssetPluginRegistry is ReentrancyGuard { VersionRegistry public immutable versionRegistry; RoleRegistry public immutable roleRegistry;
// versionHash => asset => isValid mapping(bytes32 => mapping(address => bool)) private _isValidAsset; mapping(address => bool) public isDeprecated;
error AssetPluginRegistryInvalidAsset(); error AssetPluginRegistryInvalidCaller(); error AssetPluginRegistryInvalidVersion(); error AssetPluginRegistryLengthMismatch();
event AssetPluginRegistryUpdated(bytes32 versionHash, address asset, bool validity); event AssetDeprecated(address asset);
constructor(address _versionRegistry) { require(_versionRegistry != address(0), "Invalid VersionRegistry address");
}
modifier onlyOwner() { if (!roleRegistry.isOwner(msg.sender)) { revert AssetPluginRegistry_InvalidCaller(); } ; }
modifier onlyOwnerOrEmergencyCouncil() { if (!roleRegistry.isOwnerOrEmergencyCouncil(msg.sender)) { revert AssetPluginRegistry_InvalidCaller(); } ; }
function registerAsset(address _asset, bytes32[] calldata validForVersions) external nonReentrant onlyOwner { if (_asset == address(0)) { revert AssetPluginRegistry__InvalidAsset(); }
}
function updateVersionsByAsset( address _asset, bytes32[] calldata _versionHashes, bool[] calldata _validities ) external nonReentrant onlyOwner { if (_versionHashes.length != _validities.length) { revert AssetPluginRegistry__LengthMismatch(); } if (_asset == address(0)) { revert AssetPluginRegistry__InvalidAsset(); }
}
function updateAssetsByVersion( bytes32 _versionHash, address[] calldata _assets, bool[] calldata _validities ) external nonReentrant onlyOwner { if (_assets.length != _validities.length) { revert AssetPluginRegistry__LengthMismatch(); } if (address(versionRegistry.deployments(_versionHash)) == address(0)) { revert AssetPluginRegistry__InvalidVersion(); }
}
function deprecateAsset(address _asset) external nonReentrant onlyOwnerOrEmergencyCouncil { if (_asset == address(0)) { revert AssetPluginRegistry__InvalidAsset(); }
}
function isValidAsset(bytes32 _versionHash, address _asset) external view returns (bool) { if (!isDeprecated[_asset]) { return _isValidAsset[_versionHash][_asset]; } return false; } }
Assessed type
Access Control