MezzGuard

Inherits: BaseGuard, Initializable, Credentialed, CommonValidation, IMezzGuard

Author: Daniel Yamagata & Jerry Qi & Naveen Ailawadi

A base contract inherited by guards used in Mezzanine. A 'Guard' refers to Safe Guards.

Mezzanine guards are set up such that adding, swapping, or removing owners, setting a guard, or enabling a module is disabled via the multi-signature funcitonality of the 'controlled'. Instead, particular functions in departments and the treasury must be used to access these functions. Specifically, access control is managed such that only an 'ancestor' or governance can call these functions

State Variables

MezzGuardStorageLocation

bytes32 private constant MezzGuardStorageLocation = 0xe3d6cd3491c5540f279d53d4dae5705fec2cdb498a14a972c3514ce2c3f77200;

Functions

_getMezzGuardStorage

function _getMezzGuardStorage() internal pure returns (MezzGuardStorage storage $);

constructor

constructor();

onlyController

modifier onlyController();

init

Initializes the Mezz Guard's state. Sets the defaults from the deployer

Mezz Guards are initialized atomically as they are deployed

function init(
    address initControlled,
    address initController,
    address[] calldata contractListDefaults,
    DataTypes.GuardSelector[] calldata selectorListDefaults,
    bytes memory
) external virtual initializer;

Parameters

Name

Type

Description

initControlled

address

initController

address

contractListDefaults

address[]

The default contracts to add to the contract list

selectorListDefaults

DataTypes.GuardSelector[]

The default selectors to add to the selector list

<none>

bytes

__MezzGuard_init

Initializes the Mezz Guard's state. Sets the defaults from the deployer

function __MezzGuard_init(
    address initControlled,
    address initController,
    address[] memory contractListDefaults,
    DataTypes.GuardSelector[] memory selectorListDefaults
) internal;

addSelectorToList

Adds a guard selector to the selector list, which will either enable or disable the function to be called by 'controlled'. A guard selector is made up of an address and a function selector

function addSelectorToList(DataTypes.GuardSelector memory selectorToAdd) external onlyController;

Parameters

Name

Type

Description

selectorToAdd

DataTypes.GuardSelector

The contract address and function selector pair to be added to the list

_addSelectorToList

Adds the selector to the list. Updates the index for the selector. Reverts if the selector is already on the list

function _addSelectorToList(DataTypes.GuardSelector memory selectorToAdd) internal virtual;

removeSelectorFromList

Removes a guard selector from the selector list, which will either enable or disable the function to be called by 'controlled'. A guard selector is made up of an address and a function selector.

function removeSelectorFromList(DataTypes.GuardSelector memory selectorToRemove) external onlyController;

Parameters

Name

Type

Description

selectorToRemove

DataTypes.GuardSelector

A contract address and function selector pair to be removed from the list

addContractToList

Adds a contract to the contract list, which will either enable or disable the function to be called by 'controlled'

function addContractToList(address contractToAdd) external onlyController;

_addContractToList

Adds the contract to the list. Reverts if the contract is already on the list

function _addContractToList(address contractToAdd) internal virtual;

removeContractFromList

Removes a contract from the contract list. Any contract removed from the list will be either enabled or disabled for the 'controlled' to interact with depending on whether the guard is a whitelist or blacklist guard, respectively. This is true no matter the function selector

function removeContractFromList(address contractToRemove) external onlyController;

onList

Returns true if '_to' or the function selector of '_data' for '_to' is on either the contract list or selector list. Otherwise, returns false.

function onList(address _to, bytes memory _data) public view virtual returns (bool);

checkAfterExecution

Called by a Safe after the execution of a transaction. Reverts if the transaction failed

Reference: https://github.com/safe-global/safe-smart-account/blob/f03dfae65fd1d085224b00a10755c509a4eaacfe/contracts/Safe.sol#L215-L217

function checkAfterExecution(bytes32, bool success) external pure virtual;

checkModuleTransaction

Safe modules are always disabled in the initial version of Mezzanine

function checkModuleTransaction(address, uint256, bytes memory, Enum.Operation, address)
    external
    pure
    returns (bytes32);

getSelectorList

Returns the selectors list which may either be whitelisted or blacklisted depending on the guard

function getSelectorList() external view returns (DataTypes.GuardSelector[] memory);

getContractList

Returns the contracts list which may be either whitelisted or blacklisted depending on the guard

function getContractList() external view returns (address[] memory);

getControlled

function getControlled() external view returns (address);

Returns

Name

Type

Description

<none>

address

The controlled, which is a team whose guard is likely to be 'this'

getController

function getController() external view returns (address);

Returns

Name

Type

Description

<none>

address

The address which has admin control over the guard. The 'controller' can add or remove functions on both the '_selectorList' and '_contractList'.

coreId

Returns the coreId of the implementation as a bytes32

The core ID is the keccak256 hash of the contract name followed by a version under the following syntax: "mezzanine.coreId.ContractName.vX" For example, the core ID of the 2nd version of the Treasury would be the following: keccak256(abi.encodePacked("mezzanine.coreId.Treasury.v2"))

function coreId() public pure virtual override(Credentialed, ICredentialed) returns (bytes32);

version

Returns the version of the implementation as a uint256

function version() public pure virtual override(Credentialed, ICredentialed) returns (uint256);

supportsInterface

ERC165 support

function supportsInterface(bytes4 interfaceId)
    public
    view
    virtual
    override(BaseGuard, Credentialed, IMezzGuard)
    returns (bool);

_checkTransaction

*Reverts under the following scenarios:

The '_operation' is a delegate call
The '_data' is an add owner, remove owner, or swap owner on the msg.sender
The '_data' is a set guard
The '_data' is to enable a module*

function _checkTransaction(address to, bytes memory data, Enum.Operation operation) internal view virtual;

_onSelectorList

Returns true if the index of '_listInfo' is not 0, false otherwise

function _onSelectorList(DataTypes.GuardSelector memory _listInfo) internal view virtual returns (bool);

_onContractList

Returns true if the '_to' is on the '_contractList', false otherwise

function _onContractList(address _to) internal view virtual returns (bool);

_validateCallerIsController

Validates that the caller is '__controller();

function _validateCallerIsController() internal view;

__controller

Returns the '_controller'. Can be overridden to return an arbitrary address

function __controller() internal view virtual returns (address);

Structs

MezzGuardStorage

struct MezzGuardStorage {
    address _controlled;
    address _controller;
    EnumerableSet.AddressSet _contractList;
    DataTypes.GuardSelector[] _selectorList;
    mapping(address => mapping(bytes4 => uint256)) _selectorIndexes;
}

PreviousLateStageGovernor NextBlacklistGuard

Last updated 1 year ago