From cc8d206607fe2399d8bfba9d63ca1c0862619fa5 Mon Sep 17 00:00:00 2001 From: Lawyered Date: Thu, 15 Feb 2024 21:42:18 -0500 Subject: [PATCH] Improve Signer Removal Validation This update enhances the security and robustness of the removeSigner function in our smart contract. Previously, the function allowed for the removal of any address as a signer, without checking if the address was indeed a signer. This could lead to unnecessary state changes and events being emitted for non-signer addresses, potentially causing confusion. To address this, we've introduced a requirement check to ensure that an address is an existing signer before it can be removed. This change prevents state modifications and event emissions for addresses that are not signers, thus tightening the contract's logic and ensuring actions reflect actual state changes. Key Benefits: Enhanced Security: By verifying that an address is a current signer before removal, we prevent unnecessary or accidental modifications to the signer list. Improved Clarity: The contract's logic is now more straightforward, with actions closely reflecting the actual state of signers. Reduced Confusion: Emitting events only for actual state changes makes the contract's behavior more predictable and easier to follow. This minor yet impactful enhancement aligns with best practices in smart contract development, contributing to the overall security and maintainability of our protocol. --- src/FnameResolver.sol | 1 + 1 file changed, 1 insertion(+) diff --git a/src/FnameResolver.sol b/src/FnameResolver.sol index d9b6b039..3a7f4f07 100644 --- a/src/FnameResolver.sol +++ b/src/FnameResolver.sol @@ -194,6 +194,7 @@ contract FnameResolver is IExtendedResolver, EIP712, ERC165, Ownable2Step { * @param signer The signer address. */ function removeSigner(address signer) external onlyOwner { + require(signers[signer], "Signer does not exist"); signers[signer] = false; emit RemoveSigner(signer); }