AA-284 L-04: Incomplete Generalization in TokenPaymaster (eth-infinitism#425)

* AA-284 L-04: Incomplete Generalization in TokenPaymaster

Author: forshtat

contracts/samples/TokenPaymaster.sol

@@ -126,12 +126,12 @@ contract TokenPaymaster is BasePaymaster, UniswapHelper, OracleHelper {
                 "TPM: invalid data length"
             );
             uint256 preChargeNative = requiredPreFund + (tokenPaymasterConfig.refundPostopCost * userOp.maxFeePerGas);
-        // note: as price is in ether-per-token and we want more tokens increasing it means dividing it by markup
+        // note: as price is in native-asset-per-token and we want more tokens increasing it means dividing it by markup
             uint256 cachedPriceWithMarkup = cachedPrice * PRICE_DENOMINATOR / priceMarkup;
             if (paymasterAndDataLength == 32) {
                 uint256 clientSuppliedPrice = uint256(bytes32(userOp.paymasterAndData[PAYMASTER_DATA_OFFSET : PAYMASTER_DATA_OFFSET + 32]));
                 if (clientSuppliedPrice < cachedPriceWithMarkup) {
-                    // note: smaller number means 'more ether per token'
+                    // note: smaller number means 'more native asset per token'
                     cachedPriceWithMarkup = clientSuppliedPrice;
                 }
             }
@@ -161,7 +161,7 @@ contract TokenPaymaster is BasePaymaster, UniswapHelper, OracleHelper {
                 address userOpSender
             ) = abi.decode(context, (uint256, address));
             uint256 _cachedPrice = updateCachedPrice(false);
-        // note: as price is in ether-per-token and we want more tokens increasing it means dividing it by markup
+        // note: as price is in native-asset-per-token and we want more tokens increasing it means dividing it by markup
             uint256 cachedPriceWithMarkup = _cachedPrice * PRICE_DENOMINATOR / priceMarkup;
         // Refund tokens based on actual gas cost
             uint256 actualChargeNative = actualGasCost + tokenPaymasterConfig.refundPostopCost * actualUserOpFeePerGas;

contracts/samples/utils/OracleHelper.sol

@@ -29,25 +29,25 @@ abstract contract OracleHelper {
         /// @notice The Oracle contract used to fetch the latest token prices
         IOracle tokenOracle;
 
-        /// @notice The Oracle contract used to fetch the latest ETH prices. Only needed if tokenToNativeOracle flag is not set.
+        /// @notice The Oracle contract used to fetch the latest native asset prices. Only needed if tokenToNativeOracle flag is not set.
         IOracle nativeOracle;
 
         /// @notice If 'true' we will fetch price directly from tokenOracle
         /// @notice If 'false' we will use nativeOracle to establish a token price through a shared third currency
         bool tokenToNativeOracle;
 
-        /// @notice 'false' if price is dollars-per-token (or ether-per-token), 'true' if price is tokens-per-dollar
+        /// @notice 'false' if price is bridging-asset-per-token (or native-asset-per-token), 'true' if price is tokens-per-bridging-asset
         bool tokenOracleReverse;
 
-        /// @notice 'false' if price is dollars-per-ether, 'true' if price is ether-per-dollar
+        /// @notice 'false' if price is bridging-asset-per-native-asset, 'true' if price is native-asset-per-bridging-asset
         bool nativeOracleReverse;
 
         /// @notice The price update threshold percentage from PRICE_DENOMINATOR that triggers a price update (1e26 = 100%)
         uint256 priceUpdateThreshold;
 
     }
 
-    /// @notice The cached token price from the Oracle, always in (ether-per-token) * PRICE_DENOMINATOR format
+    /// @notice The cached token price from the Oracle, always in (native-asset-per-token) * PRICE_DENOMINATOR format
     uint256 public cachedPrice;
 
     /// @notice The timestamp of a block when the cached price was updated
@@ -130,30 +130,30 @@ abstract contract OracleHelper {
      * @param nativeAssetPrice - the price of the native asset relative to a bridging asset or 1 if no bridging needed.
      * @param tokenOracleReverse - flag indicating direction of the "tokenPrice".
      * @param nativeOracleReverse - flag indicating direction of the "nativeAssetPrice".
-     * @return the ether-per-token price multiplied by the PRICE_DENOMINATOR constant.
+     * @return the native-asset-per-token price multiplied by the PRICE_DENOMINATOR constant.
      */
     function calculatePrice(
         uint256 tokenPrice,
         uint256 nativeAssetPrice,
         bool tokenOracleReverse,
         bool nativeOracleReverse
     ) private view returns (uint256){
-        // tokenPrice is normalized as dollars-per-token
+        // tokenPrice is normalized as bridging-asset-per-token
         if (tokenOracleReverse) {
-            // inverting tokenPrice that was tokens-per-dollar (or tokens-per-ether)
+            // inverting tokenPrice that was tokens-per-bridging-asset (or tokens-per-native-asset)
             tokenPrice = PRICE_DENOMINATOR * tokenOracleDecimalPower / tokenPrice;
         } else {
-            // tokenPrice already dollars-per-token (or ethers-per-token)
+            // tokenPrice already bridging-asset-per-token (or native-asset-per-token)
             tokenPrice = PRICE_DENOMINATOR * tokenPrice / tokenOracleDecimalPower;
         }
 
         if (nativeOracleReverse) {
-            // multiplying by nativeAssetPrice that is  ethers-per-dollar
-            // => result = (dollar / token) * (ether / dollar) = ether / token
+            // multiplying by nativeAssetPrice that is native-asset-per-bridging-asset
+            // => result = (bridging-asset / token) * (native-asset / bridging-asset) = native-asset / token
             return nativeAssetPrice * tokenPrice / nativeOracleDecimalPower;
         } else {
-            // dividing by nativeAssetPrice that is dollars-per-ether
-            // => result = (dollar / token) / (dollar / ether) = ether / token
+            // dividing by nativeAssetPrice that is bridging-asset-per-native-asset
+            // => result = (bridging-asset / token) / (bridging-asset / native-asset) = native-asset / token
             return tokenPrice * nativeOracleDecimalPower / nativeAssetPrice;
         }
     }

reports/gas-checker.txt

@@ -48,8 +48,8 @@
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
 ║ token paymaster with diff      │     2 │               │          66133 │               37154 ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ token paymaster                │    10 │        723875 │                │                     ║
+║ token paymaster                │    10 │        723899 │                │                     ║
 ╟────────────────────────────────┼───────┼───────────────┼────────────────┼─────────────────────╢
-║ token paymaster with diff      │    11 │               │          66252 │               37273 ║
+║ token paymaster with diff      │    11 │               │          66216 │               37237 ║
 ╚════════════════════════════════╧═══════╧═══════════════╧════════════════╧═════════════════════╝