From e9397891ed0319dd100a7d9dfa952fe155fe6934 Mon Sep 17 00:00:00 2001 From: openhands Date: Sat, 14 Mar 2026 15:10:59 +0000 Subject: [PATCH] =?UTF-8?q?fix:=20remove=20setRecenterAccess=20from=20red-?= =?UTF-8?q?team.sh=20=E2=80=94=20recenter()=20is=20now=20public?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- scripts/harb-evaluator/red-team.sh | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/scripts/harb-evaluator/red-team.sh b/scripts/harb-evaluator/red-team.sh index 66b02d6..8aae354 100755 --- a/scripts/harb-evaluator/red-team.sh +++ b/scripts/harb-evaluator/red-team.sh @@ -33,7 +33,7 @@ DEPLOYMENTS="$REPO_ROOT/onchain/deployments-local.json" # ── Anvil accounts ───────────────────────────────────────────────────────────── # Account 8 — adversary (10k ETH, 0 KRK) ADV_PK=0xdbda1821b80551c9d65939329250298aa3472ba22feea921c0cf5d620ea67b97 -# Account 2 — recenter caller (granted recenterAccess by bootstrap) +# Account 2 — recenter caller (recenter is public, any account can call) RECENTER_PK=0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a # ── Infrastructure constants ─────────────────────────────────────────────────── @@ -94,21 +94,9 @@ POOL=$("$CAST" call "$V3_FACTORY" "getPool(address,address,uint24)(address)" \ "$WETH" "$KRK" "$POOL_FEE" --rpc-url "$RPC_URL" | sed 's/\[.*//;s/[[:space:]]//g') log " Pool: $POOL" -# ── 3a. Grant recenterAccess FIRST (while original feeDestination is still set) ── -FEE_DEST=$("$CAST" call "$LM" "feeDestination()(address)" --rpc-url "$RPC_URL") \ - || die "Failed to read feeDestination() from LM" -FEE_DEST=$(echo "$FEE_DEST" | sed 's/\[.*//;s/[[:space:]]//g') -log "Granting recenterAccess to account 2 ($RECENTER_ADDR) via feeDestination ($FEE_DEST) ..." -# feeDest may be a keccak-derived address with zero balance — fund it for gas -"$CAST" rpc --rpc-url "$RPC_URL" anvil_setBalance "$FEE_DEST" "0xDE0B6B3A7640000" 2>/dev/null || true -"$CAST" rpc --rpc-url "$RPC_URL" anvil_impersonateAccount "$FEE_DEST" \ - || die "anvil_impersonateAccount $FEE_DEST failed" -"$CAST" send --rpc-url "$RPC_URL" --from "$FEE_DEST" --unlocked \ - "$LM" "setRecenterAccess(address)" "$RECENTER_ADDR" >/dev/null 2>&1 \ - || die "setRecenterAccess($RECENTER_ADDR) failed" -"$CAST" rpc --rpc-url "$RPC_URL" anvil_stopImpersonatingAccount "$FEE_DEST" \ - || die "anvil_stopImpersonatingAccount $FEE_DEST failed" -log " recenterAccess granted" +# ── 3a. recenter() is now public (no recenterAccess needed) ── +# Any address can call recenter() — TWAP oracle enforces safety. +log "recenter() is public — no access grant needed" # ── 3b. Set feeDestination to LM itself (fees accrue as liquidity) ───────────── # setFeeDestination allows repeated EOA sets; setting to a contract locks it permanently. @@ -154,7 +142,7 @@ LM_ETH=$("$CAST" balance "$LM" --rpc-url "$RPC_URL" | sed 's/\[.*//;s/[[:space:] LM_WETH=$("$CAST" call "$WETH" "balanceOf(address)(uint256)" "$LM" --rpc-url "$RPC_URL" | sed 's/\[.*//;s/[[:space:]]//g') log " LM after recenter: ETH=$LM_ETH WETH=$LM_WETH" -# ── 4. Take Anvil snapshot (clean baseline, includes recenterAccess grant) ───── +# ── 4. Take Anvil snapshot (clean baseline) ───── log "Taking Anvil snapshot..." SNAP=$("$CAST" rpc anvil_snapshot --rpc-url "$RPC_URL" | tr -d '"') log " Snapshot ID: $SNAP" @@ -399,7 +387,7 @@ CAST binary: /home/debian/.foundry/bin/cast ### Recenter caller — Anvil account 2 - Address: ${RECENTER_ADDR} - Private key: ${RECENTER_PK} -- Has recenterAccess on LiquidityManager +- Can call recenter() (public, TWAP-enforced) --- @@ -426,7 +414,7 @@ to rebalance, then re-deploys positions at the current price. It: - Can mint NEW KRK (increasing supply → decreasing floor) - Can burn KRK (decreasing supply → increasing floor) - Moves ETH between positions -Only recenterAccess account can call it. +Any account can call it (public). TWAP oracle enforces safety. ### Staking \`Stake.snatch(assets, receiver, taxRateIndex, positionsToSnatch)\`