Conversation
contracts/FlowServiceAccount.cdc
Outdated
| } | ||
| } | ||
|
|
||
| access(all) |
There was a problem hiding this comment.
This should not be access all in my view, should be only callable by the service account
There was a problem hiding this comment.
Moved it in the Administrator resource.
m-Peter
force-pushed
the
mpeter/add-governance-direct-call
branch
from
f8e8962 to
9631f2c
Compare
|
|
||
| access(all) | ||
| fun governanceDirectCall(from: String, to: String, amount: UInt): EVM.Result { | ||
| return EVM.reclaimFundsFromAttackerEOAs(from: from, to: to, amount: amount) |
There was a problem hiding this comment.
Can this only reclaim FLOW? Don't we need to do this for other token types too?
There was a problem hiding this comment.
There's only FLOW sitting on the 2 EOA addresses. No other token type.
There was a problem hiding this comment.
Okay, can you tag me in the PR for the EVM contract as well?
There was a problem hiding this comment.
So if I am calling this from a transaction signed from the service account, it would look like this?
serviceAccountAdmin.governanceDirectCall(from: accountToRetrieveFrom, to: serviceAccountCOA.address().toString(), amount: amount)
accountToRetrieveFrom being in this format: "0x9D9247F5C3F3B78F7EE2C480B9CDaB91393Bf4D6"
and amount being in this format: 100000000000000000 for 10 FLOW
There was a problem hiding this comment.
For reference, the transaction I tried this with on a forked mainnet emulator, is this:
import EVM from 0xe467b9dd11fa00df
import FlowServiceAccount from 0xe467b9dd11fa00df
transaction(from: String, to: String, amount: UInt) {
let flowServiceAccountAdmin: &FlowServiceAccount.Administrator
prepare(signer: auth(BorrowValue) &Account) {
self.flowServiceAccountAdmin = signer.storage.borrow<&FlowServiceAccount.Administrator>(
from: /storage/flowServiceAdmin
) ?? panic("Unable to borrow reference to administrator resource")
}
execute {
let txResult = self.flowServiceAccountAdmin.governanceDirectCall(
from: from,
to: to,
amount: amount
)
assert(
txResult.status == EVM.Status.successful,
message: "evm_error=\(txResult.errorMessage);evm_error_code=\(txResult.errorCode)"
)
}
}There was a problem hiding this comment.
And the flow cli command:
flow transactions send transactions/reclaim_EOA_tokens.cdc --network=mainnet-fork --signer=mainnet-fork-service "0x9D9247F5C3F3B78F7EE2C480B9CDaB91393Bf4D6" "0x00000000000000000000000235aE95896583818d" 2_030_023_297_036_000_000_000_000
joshuahannan
left a comment
joshuahannan
left a comment
There was a problem hiding this comment.
Can you add a comment to the contract saying that it is temporary and will be removed immediately after the remediation is complete?
|
|
||
| access(all) | ||
| fun governanceDirectCall(from: String, to: String, amount: UInt): EVM.Result { | ||
| return EVM.reclaimFundsFromAttackerEOAs(from: from, to: to, amount: amount) |
There was a problem hiding this comment.
reclaimFundsFromAttackerEOAs is access(account) (onflow/flow-go@dde3be6#diff-02837edc597afad5bd8f7d1962c129bded25adcc21a9889382c7aaad9a0e5b34R1035). Are the EVM contract and the FlowServiceAccount contract deployed to the same account?
There was a problem hiding this comment.
yes, they are both deployed to the service account: https://www.flowview.app/account/0xe467b9dd11fa00df/contract
m-Peter
force-pushed
the
mpeter/add-governance-direct-call
branch
from
9631f2c to
a0ee978
Compare
@joshuahannan Added the following comment: https://github.com/onflow/flow-core-contracts/pull/573/files#diff-9e8f0a44281b8c7ef9a6c3678b452264575deba3f18c0de447a26a9b652c7cf8R190-R191, as well as https://github.com/onflow/flow-go/pull/8280/files#diff-02837edc597afad5bd8f7d1962c129bded25adcc21a9889382c7aaad9a0e5b34R1031-R1034 on |
|
Closing this as the reclamation has been concluded. |
4 participants
No description provided.