Function: modifyLocker(address locker, bool isLocker, uint64 nonce, ValidatorSet activeColdValidatorSet, address[] signers, Signature[] signatures)
This function can be used to grant or revoke authorization for the locker role, which grants the ability to pause the contract.
Inputs
locker
Control: Arbitrary.
Constraints: None.
Impact: Address of the locker.
isLocker
Control: Arbitrary.
Constraints: None.
Impact: If true, the permission will be granted; otherwise, it will be revoked.
nonce
Control: Arbitrary.
Constraints: None.
Impact: Nonce used as part of the signed action.
activeColdValidatorSet
Control: Arbitrary.
Constraints: The hash must match the stored cold validator set hash.
Impact: The currently active set of cold validators.
signers
Control: Arbitrary.
Constraints: Length must match
signatures
.Impact: Addresses of the signers for the request.
signatures
Control: Arbitrary.
Constraints: Each element must be a valid signature for the corresponding
signers
entry.Impact: Signatures authorizing the action.
Branches and code coverage (including function calls)
Intended branches
Checks for signature reuse, checks the signatures' validity, and grants/revokes permissions.
Negative behavior
Reverts if the same signature was already used.
Reverts if the validator set does not match the expected one.
Reverts if the sum of the signers' voting power is insufficient.
Reverts if the length of the signers and signatures do not match.
Function call analysis
rootFunction -> hash(agent)
What is controllable?
agent
, indirectly (some parts of the hash).If return value controllable, how is it used and how can it go wrong? Not controllable --- used to identify the transfer.
What happens if it reverts, reenters, or does other unusual control flow? Reverts and reentrancy cannot happen.
rootFunction -> checkMessageNotUsed(message)
What is controllable?
message
, indirectly (some parts of the hash).If return value controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy cannot happen (no external calls).
rootFunction -> checkValidatorSignatures(...)
What is controllable?
message
(some parts of the hash),activeColdValidatorSet
,signers
, andsignatures
.If return value controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy cannot happen (no external calls).