From 6cac3e731abac906ac494f67a6e614e9caf43162 Mon Sep 17 00:00:00 2001 From: mike Date: Fri, 13 Dec 2024 10:35:44 +0100 Subject: [PATCH] Fix unsafe abi encoding --- contracts/interfaces/IStakeSubscriber.sol | 11 +++++++++++ contracts/sfc/SFC.sol | 3 ++- 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 contracts/interfaces/IStakeSubscriber.sol diff --git a/contracts/interfaces/IStakeSubscriber.sol b/contracts/interfaces/IStakeSubscriber.sol new file mode 100644 index 0000000..a873173 --- /dev/null +++ b/contracts/interfaces/IStakeSubscriber.sol @@ -0,0 +1,11 @@ +// SPDX-License-Identifier: UNLICENSED +pragma solidity 0.8.27; + +/** + * @title Stake Subscriber Interface + * @notice Used to recount votes from delegators in the governance contract + * @custom:security-contact security@fantom.foundation + */ +interface IStakeSubscriber { + function announceStakeChange(address delegator, address validator) external; +} diff --git a/contracts/sfc/SFC.sol b/contracts/sfc/SFC.sol index 5b97ec3..e6fd81e 100644 --- a/contracts/sfc/SFC.sol +++ b/contracts/sfc/SFC.sol @@ -7,6 +7,7 @@ import {Decimal} from "../common/Decimal.sol"; import {NodeDriverAuth} from "./NodeDriverAuth.sol"; import {ConstantsManager} from "./ConstantsManager.sol"; import {Version} from "../version/Version.sol"; +import {IStakeSubscriber} from "../interfaces/IStakeSubscriber.sol"; /** * @title Special Fee Contract for Sonic network @@ -1052,7 +1053,7 @@ contract SFC is OwnableUpgradeable, UUPSUpgradeable, Version { // Don't allow announceStakeChange to use up all the gas // solhint-disable-next-line avoid-low-level-calls (bool success, ) = stakeSubscriberAddress.call{gas: 8000000}( - abi.encodeWithSignature("announceStakeChange(address,address)", delegator, validatorAuth) + abi.encodeCall(IStakeSubscriber.announceStakeChange, (delegator, validatorAuth)) ); // Don't revert if announceStakeChange failed unless strict mode enabled if (!success && strict) {