📖 add comments on external code size checks

Signed-off-by: Pascal Marco Caversaccio <pascal.caversaccio@hotmail.ch>
pcaversaccio · pcaversaccio · Feb 27, 2023 · Feb 15, 2023 · Feb 16, 2023 · Feb 16, 2023
commit 896f110f089e2021a6dddf1193c051f073b90629
diff --git a/src/extensions/ERC4626.vy b/src/extensions/ERC4626.vy
@@ -803,7 +803,9 @@ def _try_get_underlying_decimals(underlying: ERC20) -> (bool, uint8):
     # 32 bytes for the return data in the return expression at the
     # end, we also return `False` for EOA wallets instead of reverting
     # (remember that the EVM always considers a call to an EOA as
-    # successful with return data `0x`).
+    # successful with return data `0x`). Furthermore, it is important
+    # to note that an external call via `raw_call` does not perform an
+    # external code size check on the target address.
     success, return_data = raw_call(underlying.address, method_id("decimals()"), max_outsize=32, is_static_call=True, revert_on_failure=False)
     if (success and (len(return_data) == 32) and (convert(return_data, uint256) <= convert(max_value(uint8), uint256))):
         return (True, convert(return_data, uint8))
@@ -863,6 +865,11 @@ def _deposit(sender: address, receiver: address, assets: uint256, shares: uint25
     # - https://github.com/vyperlang/vyper/pull/2839,
     # - https://github.com/vyperlang/vyper/issues/2812,
     # - https://medium.com/coinmonks/missing-return-value-bug-at-least-130-tokens-affected-d67bf08521ca.
+
+    # It is important to note that an external call via interface casting
+    # always performs an external code size check on the target address unless
+    # you add the kwarg `skip_contract_check=True`. If the check fails (i.e.
+    # the target address is an EOA), the call reverts.
     assert asset.transferFrom(sender, self, assets, default_return_value=True), "ERC4626: transferFrom operation did not succeed"
     self._mint(receiver, shares)
     log Deposit(sender, receiver, assets, shares)
@@ -885,18 +892,24 @@ def _withdraw(sender: address, receiver: address, owner: address, assets: uint25
     # If `asset` is an ERC-777, `transfer` can trigger a reentrancy
     # after the transfer happens through the `tokensReceived` hook.
     # On the other hand, the `tokensToSend` hook, that is triggered
-    # before the transfer, calls the vault, which is assumed not to
+    # before the transfer, calls the vault which is assumed not to
     # be malicious. Thus, we need to do the transfer after the burn
     # so that any reentrancy would happen after the shares are burned
     # and after the assets are transferred, which is a valid state.
     self._burn(owner, shares)
+
     # To deal with (potentially) non-compliant ERC-20 tokens that do have
     # no return value, we use the kwarg `default_return_value` for external
     # calls. This function was introduced in Vyper version 0.3.4. For more
     # details see:
     # - https://github.com/vyperlang/vyper/pull/2839,
     # - https://github.com/vyperlang/vyper/issues/2812,
     # - https://medium.com/coinmonks/missing-return-value-bug-at-least-130-tokens-affected-d67bf08521ca.
+
+    # It is important to note that an external call via interface casting
+    # always performs an external code size check on the target address unless
+    # you add the kwarg `skip_contract_check=True`. If the check fails (i.e.
+    # the target address is an EOA), the call reverts.
     assert asset.transfer(receiver, assets, default_return_value=True), "ERC4626: transfer operation did not succeed"
     log Withdraw(sender, receiver, owner, assets, shares)
 

diff --git a/src/utils/BatchDistributor.vy b/src/utils/BatchDistributor.vy
@@ -47,6 +47,10 @@ def distribute_ether(data: Batch):
     @notice In the event that excessive ether is sent,
             the residual amount is returned back to the
             `msg.sender`.
+
+            Furthermore, it is important to note that an
+            external call via `raw_call` does not perform
+            an external code size check on the target address.
     @param data Nested struct object that contains an array
            of tuples that contain each a recipient address &
            ether amount in wei.
@@ -88,6 +92,10 @@ def distribute_token(token: ERC20, data: Batch):
     for txn in data.txns:
         total += txn.amount
 
+    # It is important to note that an external call via interface casting
+    # always performs an external code size check on the target address unless
+    # you add the kwarg `skip_contract_check=True`. If the check fails (i.e.
+    # the target address is an EOA), the call reverts.
     assert token.transferFrom(msg.sender, self, total, default_return_value=True), "BatchDistributor: transferFrom operation did not succeed"
 
     for txn in data.txns:

diff --git a/src/utils/Multicall.vy b/src/utils/Multicall.vy
@@ -69,6 +69,9 @@ def multicall(data: DynArray[Batch, max_value(uint8)]) -> DynArray[Result, max_v
          function returns successfully if required.
          Since this function uses `CALL`, the `msg.sender`
          will be the multicall contract itself.
+    @notice It is important to note that an external call
+            via `raw_call` does not perform an external code
+            size check on the target address.
     @param data The array of `Batch` structs.
     @return DynArray The array of `Result` structs.
     """
@@ -96,6 +99,9 @@ def multicall_value(data: DynArray[BatchValue, max_value(uint8)]) -> DynArray[Re
          if required. Since this function uses `CALL`,
          the `msg.sender` will be the multicall contract
          itself.
+    @notice It is important to note that an external call
+            via `raw_call` does not perform an external code
+            size check on the target address.
     @param data The array of `BatchValue` structs.
     @return DynArray The array of `Result` structs.
     """
@@ -131,6 +137,10 @@ def multicall_self(data: DynArray[BatchSelf, max_value(uint8)]) -> DynArray[Resu
             calls in one transaction. Since the `msg.sender` is
             preserved, it's equivalent to sending multiple transactions
             from an EOA (externally-owned account, i.e. non-contract account).
+
+            Furthermore, it is important to note that an external
+            call via `raw_call` does not perform an external code
+            size check on the target address.
     @param data The array of `BatchSelf` structs.
     @return DynArray The array of `Result` structs.
     """
@@ -164,6 +174,10 @@ def multicall_value_self(data: DynArray[BatchValueSelf, max_value(uint8)]) -> Dy
             calls in one transaction. Since the `msg.sender` is
             preserved, it's equivalent to sending multiple transactions
             from an EOA (externally-owned account, i.e. non-contract account).
+
+            Furthermore, it is important to note that an external
+            call via `raw_call` does not perform an external code
+            size check on the target address.
     @param data The array of `BatchValueSelf` structs.
     @return DynArray The array of `Result` structs.
     """
@@ -192,6 +206,9 @@ def multistaticcall(data: DynArray[Batch, max_value(uint8)]) -> DynArray[Result,
     """
     @dev Aggregates static function calls, ensuring that each
          function returns successfully if required.
+    @notice It is important to note that an external call
+            via `raw_call` does not perform an external code
+            size check on the target address.
     @param data The array of `Batch` structs.
     @return DynArray The array of `Result` structs.
     """

diff --git a/src/utils/SignatureChecker.vy b/src/utils/SignatureChecker.vy
@@ -104,7 +104,10 @@ def _is_valid_ERC1271_signature_now(signer: address, hash: bytes32, signature: B
     # check of 32 bytes for the return data in the return expression
     # at the end, we also return `False` for EOA wallets instead
     # of reverting (remember that the EVM always considers a call
-    # to an EOA as successful with return data `0x`).
+    # to an EOA as successful with return data `0x`). Furthermore,
+    # it is important to note that an external call via `raw_call`
+    # does not perform an external code size check on the target
+    # address.
     success, return_data = \
         raw_call(signer, _abi_encode(hash, signature, method_id=IERC1271_ISVALIDSIGNATURE_SELECTOR), max_outsize=32, is_static_call=True, revert_on_failure=False)
     return (success and (len(return_data) == 32) and (convert(return_data, bytes32) == convert(IERC1271_ISVALIDSIGNATURE_SELECTOR, bytes32)))