Closed hackfisher closed 4 months ago
Again, the xtoken Issuing contact have special auth to some contacts such as mint/burn, so check interface like EIP165 is mandatory, carefully audit must be done, better to make the interface unique.
This is extensible as it make other use cases possible, e.g. the recipient call back could be a extension for users to swap tokens in dex like Uniswap. (But be carefully about MEV, and relayers should use rpcs like Flashbots to avoid MEV attacks.)
https://github.com/helix-bridge/contracts/blob/fab321ee8af549074936c319afd959c9b64ba459/helix-contract/contracts/mapping-token/v3/base/xTokenIssuing.sol#L94-L101
Similar to https://docs.uniswap.org/contracts/v3/reference/core/interfaces/callback/IUniswapV3SwapCallback
Must use https://github.com/ethereum/ercs/blob/master/ERCS/erc-165.md
Normal contracts do NOT set this interface.
Use cases:
https://github.com/orgs/dcdao/discussions/89#discussioncomment-8474171
Supporting wrap to RING after issuing xRING directly, do not need further tx on target chain. implementing a callback contract implementing this interface and be set as the _recipient, and it will wrap_to() target address as RING after being called here. (How to estimate the gas? or giving a limited gas for the callback, can not exceed it.)
Security audit needed.