Prohibit questionable authorized/expiry combinations

0xProject · Jan 12, 2024 · 116b3a1 · 116b3a1
1 parent 9695016
commit 116b3a1
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/src/deployer/Deployer.sol b/src/deployer/Deployer.sol
@@ -94,6 +94,7 @@ contract Deployer is TwoStepOwnable, IERC721ViewMetadata {
     error FeatureNotInitialized(uint128);
 
     function authorize(uint128 feature, address who, uint96 expiry) public onlyOwner returns (bool) {
+        require((who == address(0)) == (expiry == 0));
         if (feature == 0) {
             Panic.panic(Panic.ARITHMETIC_OVERFLOW);
         }

diff --git a/test/deployer/Deployer.t.sol b/test/deployer/Deployer.t.sol
@@ -64,10 +64,10 @@ contract DeployerTest is Test {
         deployer.setDescription(1, "nothing to see here");
         deployer.authorize(1, auth, uint96(block.timestamp + 1 days));
         vm.expectEmit(true, true, false, true, address(deployer));
-        emit Authorized(1, auth, 0);
-        assertTrue(deployer.authorize(1, auth, 0));
+        emit Authorized(1, address(0), 0);
+        assertTrue(deployer.authorize(1, address(0), 0));
         (address who, uint96 expiry) = deployer.authorized(1);
-        assertEq(who, auth);
+        assertEq(who, address(0));
         assertEq(expiry, 0);
     }