absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 20:29:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add supporting security commentary to Router.sol

Browse Source
This commit is contained in:
Luke Parker
2025-01-27 07:36:23 -05:00
parent ea00ba9ff8
commit 0957460f27
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
processor/ethereum/router/contracts/Router.sol
View File

@@ -22,6 +22,15 @@ import "IRouter.sol";
The `execute` function pays a relayer, as expected for use in the account-abstraction model. Other The `execute` function pays a relayer, as expected for use in the account-abstraction model. Other
functions also expect relayers, yet do not explicitly pay fees. Those calls are expected to be functions also expect relayers, yet do not explicitly pay fees. Those calls are expected to be
justified via the backpressure of transactions with fees. justified via the backpressure of transactions with fees.
We do transfer ERC20s to contracts before their successful deployment. The usage of CREATE should
prevent deployment failures premised on address collisions, leaving failures to be failures with
the user-provided code/gas limit. Those failures are deemed to be the user's fault. Alternative
designs not only have increased overhead yet their own concerns around complexity (the Router
calling itself via msg.sender), justifying this as acceptable.
Historically, the call-stack-depth limit would've made this design untenable. Due to EIP-150, even
with 1 billion gas transactions, the call-stack-depth limit remains unreachable.
*/ */
// slither-disable-start low-level-calls,unchecked-lowlevel // slither-disable-start low-level-calls,unchecked-lowlevel