Skip to content

Remove SafeERC20.safePermit #4582

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
frangio merged 14 commits into from
Sep 11, 2023
Merged

Remove SafeERC20.safePermit #4582

Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
5f9a8e9
Remove SafeERC20.safePermit
Amxx Sep 7, 2023
c15706f
Document the danger of authentication using permit
Amxx Sep 7, 2023
ddd60b3
add changeset
Amxx Sep 7, 2023
cefc133
Update green-pumpkins-end.md
frangio Sep 8, 2023
2f77daf
remove unused variables
frangio Sep 8, 2023
92abe2c
Update green-pumpkins-end.md
frangio Sep 8, 2023
a6e37ad
use inheritdoc
frangio Sep 8, 2023
9a8b2e8
add IERC20Permit on docs site
frangio Sep 8, 2023
db787f6
move recommendations to IERC20Permit
frangio Sep 8, 2023
35664bf
remove broken link
frangio Sep 8, 2023
b09fb90
use full example
frangio Sep 8, 2023
c7c46ea
expand example
frangio Sep 8, 2023
c1c95aa
wording
frangio Sep 8, 2023
487b3f9
Update IERC20Permit.sol
frangio Sep 11, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
expand example
  • Loading branch information
@frangio
frangio committed Sep 8, 2023
commit c7c46ea645991335ca38c568eec29b333d5db1d4
19 changes: 12 additions & 7 deletions contracts/token/ERC20/extensions/IERC20Permit.sol
View file
Open in desktop
Copy link
Contributor

@frangio frangio Sep 8, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like IERC20Permit is not listed in the docs site. (https://docs.openzeppelin.com/contracts/4.x/api/token/erc20)

I added it in this PR, let's see if it looks nice.

When we have this interface/implementation separation I don't like having duplicate docs in the site. The same applies to I/AccessManager, for example. But if the interface is in the library it should be somewhere in the documentation... so I may have to accept adding it.

Using @inheritdoc leads to more duplication but it might make it nicer to navigate than a link like "See IERC20Permit.permit".

Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,24 @@ pragma solidity ^0.8.20;
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the approval in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a good pattern that can
* be generally recommended is:
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a good pattern that may
* be generally recommended is shown below:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) {
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value); // will use token.transferFrom
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. In general, `address(this)` would
* be used as the `spender` parameter.
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
Expand Down