feat!: add callee params to lsp20 & EXECUTE_RELAY_CALL permission & mapping reentrancyStatus

constants.ts

@@ -26,7 +26,7 @@ export const INTERFACE_IDS = {
   ERC725Y: '0x629aa694',
   LSP0ERC725Account: '0x24871b3d',
   LSP1UniversalReceiver: '0x6bb56a14',
-  LSP6KeyManager: '0x66918867',
+  LSP6KeyManager: '0xe7424397',
   LSP7DigitalAsset: '0x05519512',
   LSP8IdentifiableDigitalAsset: '0x1ae9ba1f',
   LSP9Vault: '0x28af17e6',
@@ -35,7 +35,7 @@ export const INTERFACE_IDS = {
   LSP17Extendable: '0xa918fa6b',
   LSP17Extension: '0xcee78b40',
   LSP20CallVerification: '0x1a0eb6a5',
-  LSP20CallVerifier: '0x480c0ec2',
+  LSP20CallVerifier: '0xc9dfc532',
   LSP25ExecuteRelayCall: '0x5ac79908',
 };
 
@@ -61,9 +61,9 @@ export const ERC1271_VALUES = {
 export const LSP20_MAGIC_VALUES = {
   VERIFY_CALL: {
     // bytes3(keccak256("lsp20VerifyCall(address,uint256,bytes)")) + "0x01"
-    WITH_POST_VERIFICATION: '0x9bf04b01',
+    WITH_POST_VERIFICATION: '0x1a238001',
     // bytes3(keccak256("lsp20VerifyCall(address,uint256,bytes)")) + "0x00"
-    NO_POST_VERIFICATION: '0x9bf04b00',
+    NO_POST_VERIFICATION: '0x1a238000',
   },
   // bytes4(keccak256("lsp20VerifyCallResult(bytes32,bytes)"))
   VERIFY_CALL_RESULT: '0xd3fc45d3',

contracts/LSP20CallVerification/ILSP20CallVerifier.sol

@@ -12,11 +12,13 @@ interface ILSP20CallVerifier {
      * the function is allowed, concatened with a byte that determines if the lsp20VerifyCallResult function should
      * be called after the original function call. The byte that invoke the lsp20VerifyCallResult function is strictly `0x01`.
      *
+     * @param callee The address of the contract that implements the LSP20 interface
      * @param caller The address who called the function on the msg.sender
      * @param value The value sent by the caller to the function called on the msg.sender
      * @param receivedCalldata The receivedCalldata sent by the caller to the msg.sender
      */
     function lsp20VerifyCall(
+        address callee,
         address caller,
         uint256 value,
         bytes memory receivedCalldata

contracts/LSP20CallVerification/LSP20CallVerification.sol

@@ -29,6 +29,7 @@ abstract contract LSP20CallVerification {
         (bool success, bytes memory returnedData) = logicVerifier.call(
             abi.encodeWithSelector(
                 ILSP20.lsp20VerifyCall.selector,
+                address(this),
                 msg.sender,
                 msg.value,
                 msg.data
@@ -56,7 +57,14 @@ abstract contract LSP20CallVerification {
         (bool success, bytes memory returnedData) = logicVerifier.call(
             abi.encodeWithSelector(
                 ILSP20.lsp20VerifyCallResult.selector,
-                keccak256(abi.encodePacked(msg.sender, msg.value, msg.data)),
+                keccak256(
+                    abi.encodePacked(
+                        address(this),
+                        msg.sender,
+                        msg.value,
+                        msg.data
+                    )
+                ),
                 callResult
             )
         );

contracts/LSP20CallVerification/LSP20Constants.sol

@@ -4,14 +4,14 @@ pragma solidity ^0.8.4;
 // bytes4(keccak256("LSP20CallVerification"))
 bytes4 constant _INTERFACEID_LSP20_CALL_VERIFICATION = 0x1a0eb6a5;
 
-// `lsp20VerifyCall(address,uint256,bytes)` selector XOR `lsp20VerifyCallResult(bytes32,bytes)` selector
-bytes4 constant _INTERFACEID_LSP20_CALL_VERIFIER = 0x480c0ec2;
+// `lsp20VerifyCall(address,address,uint256,bytes)` selector XOR `lsp20VerifyCallResult(bytes32,bytes)` selector
+bytes4 constant _INTERFACEID_LSP20_CALL_VERIFIER = 0xc9dfc532;
 
 // bytes4(bytes.concat(bytes3(ILSP20.lsp20VerifyCall.selector), hex"01"))
-bytes4 constant _LSP20_VERIFY_CALL_MAGIC_VALUE_WITH_POST_VERIFICATION = 0x9bf04b01;
+bytes4 constant _LSP20_VERIFY_CALL_MAGIC_VALUE_WITH_POST_VERIFICATION = 0x1a238001;
 
 // bytes4(bytes.concat(bytes3(ILSP20.lsp20VerifyCall.selector), hex"00"))
-bytes4 constant _LSP20_VERIFY_CALL_MAGIC_VALUE_WITHOUT_POST_VERIFICATION = 0x9bf04b00;
+bytes4 constant _LSP20_VERIFY_CALL_MAGIC_VALUE_WITHOUT_POST_VERIFICATION = 0x1a238000;
 
 // bytes4(ILSP20.lsp20VerifyCallResult.selector)
 bytes4 constant _LSP20_VERIFY_CALL_RESULT_MAGIC_VALUE = 0xd3fc45d3;

contracts/LSP6KeyManager/LSP6Constants.sol

@@ -2,7 +2,7 @@
 pragma solidity ^0.8.4;
 
 // --- ERC165 interface ids
-bytes4 constant _INTERFACEID_LSP6 = 0x66918867;
+bytes4 constant _INTERFACEID_LSP6 = 0xe7424397;
 
 // --- ERC725Y Data Keys
 

contracts/LSP6KeyManager/LSP6KeyManagerCore.sol

@@ -313,10 +313,11 @@ abstract contract LSP6KeyManagerCore is
      * on the {`target`} contract (while sending `msgValue` alongside the call).
      *
      * If the permissions have been verified successfully and `caller` is authorized, one of the following two LSP20 magic value will be returned:
-     *  - `0x9bf04b00`: LSP20 magic value **without** post verification (last byte is `0x00`).
-     *  - `0x9bf04b01`: LSP20 magic value **with** post-verification (last byte is `0x01`).
+     *  - `0x1a238000`: LSP20 magic value **without** post verification (last byte is `0x00`).
+     *  - `0x1a238001`: LSP20 magic value **with** post-verification (last byte is `0x01`).
      */
     function lsp20VerifyCall(
+        address callee,
         address caller,
         uint256 msgValue,
         bytes calldata data
@@ -330,10 +331,10 @@ abstract contract LSP6KeyManagerCore is
         }
 
         // If target is invoking the verification, emit the event and change the reentrancy guard
-        if (msg.sender == _target) {
+        if (msg.sender == callee) {
             bool isReentrantCall = _nonReentrantBefore(isSetData, caller);
 
-            _verifyPermissions(caller, msgValue, data);
+            _verifyPermissions(callee, caller, msgValue, data);
             emit PermissionsVerified(caller, msgValue, bytes4(data));
 
             // if it's a setData call, do not invoke the `lsp20VerifyCallResult(..)` function
@@ -350,12 +351,12 @@ abstract contract LSP6KeyManagerCore is
             if (isReentrantCall) {
                 _requirePermissions(
                     caller,
-                    ERC725Y(_target).getPermissionsFor(caller),
+                    ERC725Y(callee).getPermissionsFor(caller),
                     _PERMISSION_REENTRANCY
                 );
             }
 
-            _verifyPermissions(caller, msgValue, data);
+            _verifyPermissions(callee, caller, msgValue, data);
 
             // if it's a setData call, do not invoke the `lsp20VerifyCallResult(..)` function
             return
@@ -398,7 +399,7 @@ abstract contract LSP6KeyManagerCore is
 
         bool isReentrantCall = _nonReentrantBefore(isSetData, msg.sender);
 
-        _verifyPermissions(msg.sender, msgValue, payload);
+        _verifyPermissions(_target, msg.sender, msgValue, payload);
         emit PermissionsVerified(msg.sender, msgValue, bytes4(payload));
 
         bytes memory result = _executePayload(msgValue, payload);
@@ -463,7 +464,7 @@ abstract contract LSP6KeyManagerCore is
 
         bool isReentrantCall = _nonReentrantBefore(isSetData, signer);
 
-        _verifyPermissions(signer, msgValue, payload);
+        _verifyPermissions(_target, signer, msgValue, payload);
         emit PermissionsVerified(signer, msgValue, bytes4(payload));
 
         bytes memory result = _executePayload(msgValue, payload);
@@ -503,11 +504,12 @@ abstract contract LSP6KeyManagerCore is
      * @param payload The abi-encoded function call to execute on the {target} contract.
      */
     function _verifyPermissions(
+        address callee,
         address from,
         uint256 msgValue,
         bytes calldata payload
     ) internal view virtual {
-        bytes32 permissions = ERC725Y(_target).getPermissionsFor(from);
+        bytes32 permissions = ERC725Y(callee).getPermissionsFor(from);
         if (permissions == bytes32(0)) revert NoPermissionsSet(from);
 
         bytes4 erc725Function = bytes4(payload);
@@ -521,7 +523,7 @@ abstract contract LSP6KeyManagerCore is
             );
 
             LSP6SetDataModule._verifyCanSetData(
-                _target,
+                callee,
                 from,
                 permissions,
                 inputKey,
@@ -535,7 +537,7 @@ abstract contract LSP6KeyManagerCore is
                 .decode(payload[4:], (bytes32[], bytes[]));
 
             LSP6SetDataModule._verifyCanSetData(
-                _target,
+                callee,
                 from,
                 permissions,
                 inputKeys,
@@ -552,7 +554,7 @@ abstract contract LSP6KeyManagerCore is
             ) = abi.decode(payload[4:], (uint256, address, uint256, bytes));
 
             LSP6ExecuteModule._verifyCanExecute(
-                _target,
+                callee,
                 from,
                 permissions,
                 operationType,

contracts/Mocks/KeyManager/KeyManagerInternalsTester.sol

@@ -118,7 +118,7 @@ contract KeyManagerInternalTester is LSP6KeyManager {
         uint256 msgValue,
         bytes calldata payload
     ) public {
-        super._verifyPermissions(from, msgValue, payload);
+        super._verifyPermissions(_target, from, msgValue, payload);
 
         // This event is emitted just for a sake of not marking this function as `view`,
         // as Hardhat has a bug that does not catch error that occured from failed `abi.decode`

contracts/Mocks/LSP20Owners/FirstCallReturnExpandedInvalidValue.sol

@@ -14,13 +14,14 @@ contract FirstCallReturnExpandedInvalidValue {
     address public target;
 
     function lsp20VerifyCall(
+        address callee,
         address caller,
         uint256 value,
         bytes memory data
     ) external returns (bytes32) {
         emit CallVerified();
 
-        return keccak256(abi.encode(caller, value, data));
+        return keccak256(abi.encode(callee, caller, value, data));
     }
 
     function acceptOwnership(address newTarget) external {

contracts/Mocks/LSP20Owners/FirstCallReturnInvalidMagicValue.sol

@@ -13,6 +13,7 @@ contract FirstCallReturnInvalidMagicValue {
     address public target;
 
     function lsp20VerifyCall(
+        address,
         address,
         uint256,
         bytes memory

docs/_interface_ids_table.mdx

@@ -6,7 +6,7 @@
 | **ERC725Y**                      | `0x629aa694` | General Data key-value store.                                                                                                                            |
 | **LSP0ERC725Account**            | `0x24871b3d` | Interface of the [LSP-0-ERC725Account] standard, an account based smart contract that represents an identity on-chain.                                   |
 | **LSP1UniversalReceiver**        | `0x6bb56a14` | Interface of the LSP1 - Universal Receiver standard, an entry function for a contract to receive arbitrary information.                                  |
-| **LSP6KeyManager**               | `0x66918867` | Interface of the LSP6 - Key Manager standard, a contract acting as a controller of an ERC725 Account using predfined permissions.                        |
+| **LSP6KeyManager**               | `0xe7424397` | Interface of the LSP6 - Key Manager standard, a contract acting as a controller of an ERC725 Account using predfined permissions.                        |
 | **LSP7DigitalAsset**             | `0x05519512` | Interface of the LSP7 - Digital Asset standard, a fungible digital asset.                                                                                |
 | **LSP8IdentifiableDigitalAsset** | `0x1ae9ba1f` | Interface of the LSP8 - Identifiable Digital Asset standard, a non-fungible digital asset.                                                               |
 | **LSP9Vault**                    | `0x28af17e6` | Interface of LSP9 - Vault standard, a blockchain vault that can hold assets and interact with other smart contracts.                                     |
@@ -15,5 +15,5 @@
 | **LSP17Extendable**              | `0xa918fa6b` | Module to add more functionalities to a contract using extensions.                                                                                       |
 | **LSP17Extension**               | `0xcee78b40` | Module to create a contract that can act as an extension.                                                                                                |
 | **LSP20CallVerification**        | `0x1a0eb6a5` | Implementation of a contract calling the verification functions according to LSP20 - Call Verification standard.                                         |
-| **LSP20CallVerifier**            | `0x480c0ec2` | Interface for the LSP20 Call Verification standard, a set of functions intended to perform verifications on behalf of another contract.                  |
+| **LSP20CallVerifier**            | `0xc9dfc532` | Interface for the LSP20 Call Verification standard, a set of functions intended to perform verifications on behalf of another contract.                  |
 | **LSP25ExecuteRelayCall**        | `0x5ac79908` |                                                                                                                                                          |

docs/contracts/LSP6KeyManager/LSP6KeyManager.md

@@ -332,22 +332,23 @@ Checks if a signature was signed by a controller that has the permission `SIGN`.
 
 - Specification details: [**LSP-6-KeyManager**](https://github.com/lukso-network/lips/tree/main/LSPs/LSP-6-KeyManager.md#lsp20verifycall)
 - Solidity implementation: [`LSP6KeyManager.sol`](https://github.com/lukso-network/lsp-smart-contracts/blob/develop/contracts/LSP6KeyManager/LSP6KeyManager.sol)
-- Function signature: `lsp20VerifyCall(address,uint256,bytes)`
-- Function selector: `0x9bf04b11`
+- Function signature: `lsp20VerifyCall(address,address,uint256,bytes)`
+- Function selector: `0x1a2380e1`
 
 :::
 
 :::tip Hint
 
 This function can call by any other address than the {`target`}. This allows to verify permissions in a _"read-only"_ manner. Anyone can call this function to verify if the `caller` has the right permissions to perform the abi-encoded function call `data` on the {`target`} contract (while sending `msgValue` alongside the call). If the permissions have been verified successfully and `caller` is authorized, one of the following two LSP20 magic value will be returned:
 
-- `0x9bf04b00`: LSP20 magic value **without** post verification (last byte is `0x00`).
-- `0x9bf04b01`: LSP20 magic value **with** post-verification (last byte is `0x01`).
+- `0x1a238000`: LSP20 magic value **without** post verification (last byte is `0x00`).
+- `0x1a238001`: LSP20 magic value **with** post-verification (last byte is `0x01`).
 
 :::
 
 ```solidity
 function lsp20VerifyCall(
+  address callee,
   address caller,
   uint256 msgValue,
   bytes data
@@ -356,11 +357,12 @@ function lsp20VerifyCall(
 
 #### Parameters
 
-| Name       |   Type    | Description                                           |
-| ---------- | :-------: | ----------------------------------------------------- |
-| `caller`   | `address` | The address who called the function on the msg.sender |
-| `msgValue` | `uint256` | -                                                     |
-| `data`     |  `bytes`  | -                                                     |
+| Name       |   Type    | Description                                                     |
+| ---------- | :-------: | --------------------------------------------------------------- |
+| `callee`   | `address` | The address of the contract that implements the LSP20 interface |
+| `caller`   | `address` | The address who called the function on the msg.sender           |
+| `msgValue` | `uint256` | -                                                               |
+| `data`     |  `bytes`  | -                                                               |
 
 #### Returns
 
@@ -1150,6 +1152,7 @@ _Execute the `payload` passed to `execute(...)` or `executeRelayCall(...)`_
 
 ```solidity
 function _verifyPermissions(
+  address callee,
   address from,
   uint256 msgValue,
   bytes payload
@@ -1162,6 +1165,7 @@ Verify if the `from` address is allowed to execute the `payload` on the [`target
 
 | Name       |   Type    | Description                                                         |
 | ---------- | :-------: | ------------------------------------------------------------------- |
+| `callee`   | `address` | -                                                                   |
 | `from`     | `address` | Either the caller of {execute} or the signer of {executeRelayCall}. |
 | `msgValue` | `uint256` | -                                                                   |
 | `payload`  |  `bytes`  | The abi-encoded function call to execute on the {target} contract.  |

tests/LSP20CallVerification/LSP6/Interactions/PermissionCall.test.ts

@@ -497,7 +497,7 @@ export const shouldBehaveLikePermissionCall = (
     it('Should revert when caller calls the KeyManager through execute', async () => {
       const lsp20VerifyCallPayload = context.keyManager.interface.encodeFunctionData(
         'lsp20VerifyCall',
-        [context.accounts[2].address, 0, '0xaabbccdd'], // random arguments
+        [context.keyManager.address, context.accounts[2].address, 0, '0xaabbccdd'], // random arguments
       );
 
       await expect(

tests/LSP20CallVerification/LSP6/Interactions/Security.test.ts

@@ -106,7 +106,7 @@ export const testSecurityScenarios = (buildContext: () => Promise<LSP6TestContex
   it('Should revert when caller calls the KeyManager through `ERC725X.execute`', async () => {
     const lsp20VerifyCallPayload = context.keyManager.interface.encodeFunctionData(
       'lsp20VerifyCall',
-      [context.accounts[2].address, 0, '0xaabbccdd'], // random arguments
+      [context.keyManager.address, context.accounts[2].address, 0, '0xaabbccdd'], // random arguments
     );
 
     await expect(
@@ -290,6 +290,7 @@ export const testSecurityScenarios = (buildContext: () => Promise<LSP6TestContex
         ]);
 
         const tx = await context.keyManager.lsp20VerifyCall(
+          context.universalProfile.address,
           context.owner.address,
           0,
           emptyCallPayload,

tests/LSP6KeyManager/Interactions/PermissionCall.test.ts

@@ -1023,7 +1023,7 @@ export const shouldBehaveLikePermissionCall = (
     it('Should revert when caller calls the KeyManager through execute', async () => {
       const lsp20VerifyCallPayload = context.keyManager.interface.encodeFunctionData(
         'lsp20VerifyCall',
-        [context.accounts[2].address, 0, '0xaabbccdd'], // random arguments
+        [context.keyManager.address, context.accounts[2].address, 0, '0xaabbccdd'], // random arguments
       );
 
       const executePayload = context.universalProfile.interface.encodeFunctionData('execute', [

tests/foundry/LSP6KeyManager/LSP6SetDataTest.t.sol

@@ -102,7 +102,12 @@ contract LSP6SetDataTest is Test {
         keyManager.execute(callData);
 
         // CHECK the LSP20 verification function reverts as well
-        keyManager.lsp20VerifyCall(malicious, 0, functionArgs);
+        keyManager.lsp20VerifyCall(
+            address(universalProfile),
+            malicious,
+            0,
+            functionArgs
+        );
 
         // CHECK it reverts when calling directly the Universal Profile
         universalProfile.setData(dataKey, dataValue);
@@ -222,7 +227,12 @@ contract LSP6SetDataTest is Test {
         keyManager.execute(callData);
 
         // CHECK the LSP20 verification function reverts as well
-        keyManager.lsp20VerifyCall(malicious, 0, functionArgs);
+        keyManager.lsp20VerifyCall(
+            address(universalProfile),
+            malicious,
+            0,
+            functionArgs
+        );
 
         // CHECK it reverts when calling directly the Universal Profile
         universalProfile.setData(dataKey, dataValue);