feat: added check for recipient during redeemRequest (#267)

liquid-collective · Jun 7, 2024 · cb31185 · cb31185
1 parent 3e32b97
commit cb31185
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 0 deletions.
diff --git a/contracts/src/RedeemManager.1.sol b/contracts/src/RedeemManager.1.sol
@@ -132,6 +132,10 @@ contract RedeemManagerV1 is Initializable, IRedeemManagerV1 {
         onlyRedeemerOrRiver
         returns (uint32 redeemRequestId)
     {
+        IRiverV1 river = _castedRiver();
+        if (IAllowlistV1(river.getAllowlist()).isDenied(_recipient)) {
+            revert RecipientIsDenied();
+        }
         return _requestRedeem(_lsETHAmount, _recipient);
     }
 

diff --git a/contracts/src/interfaces/IRedeemManager.1.sol b/contracts/src/interfaces/IRedeemManager.1.sol
@@ -101,6 +101,9 @@ interface IRedeemManagerV1 {
     /// @notice Thrown when the claim owner is denied
     error ClaimOwnerIsDenied();
 
+    /// @notice Thrown when the recipient of redeemRequest is denied
+    error RecipientIsDenied();
+
     /// @param _river The address of the River contract
     function initializeRedeemManagerV1(address _river) external;
 

diff --git a/contracts/test/RedeemManager.1.t.sol b/contracts/test/RedeemManager.1.t.sol
@@ -254,6 +254,56 @@ contract RedeemManagerV1Tests is Test {
         redeemManager.requestRedeem(amount, user);
     }
 
+    function testRequestRedeemWithAuthorizedRecipient(uint256 _salt, uint256 _salt2) external {
+        vm.assume(_salt != _salt2);
+        address user = _generateAllowlistedUser(_salt);
+        address recipient = uf._new(_salt2);
+
+        uint128 amount = uint128(bound(_salt, 1, type(uint128).max));
+
+        river.sudoDeal(user, amount);
+
+        vm.prank(user);
+        river.approve(address(redeemManager), amount);
+
+        assertEq(river.balanceOf(user), amount);
+
+        vm.prank(user);
+        vm.expectEmit(true, true, true, true);
+        emit RequestedRedeem(recipient, 0, amount, amount, 0);
+        redeemManager.requestRedeem(amount, recipient);
+
+        uint32[] memory requests = new uint32[](1);
+        requests[0] = 0;
+
+        assertEq(requests[0], 0);
+
+        {
+            RedeemQueue.RedeemRequest memory rr = redeemManager.getRedeemRequestDetails(0);
+
+            assertEq(rr.height, 0);
+            assertEq(rr.amount, amount);
+            assertEq(rr.owner, recipient);
+            assertEq(rr.maxRedeemableEth, amount);
+        }
+
+        assertEq(river.balanceOf(user), 0);
+        assertEq(redeemManager.getRedeemRequestCount(), 1);
+    }
+
+    function testRequestRedeemUnauthorizedRecipient(uint256 _salt, uint256 _salt2) external {
+        vm.assume(_salt != _salt2);
+        address user = _generateAllowlistedUser(_salt);
+        address recipient = uf._new(_salt2);
+        uint128 amount = uint128(bound(_salt, 1, type(uint128).max));
+
+        _denyUser(recipient);
+
+        vm.prank(user);
+        vm.expectRevert(abi.encodeWithSignature("RecipientIsDenied()"));
+        redeemManager.requestRedeem(amount, recipient);
+    }
+
     function testRequestRedeemMultiple(uint256 _salt) external {
         address user0 = _generateAllowlistedUser(_salt);
         address user1 = _generateAllowlistedUser(uint256(keccak256(abi.encode(_salt))));